WO2020026038A1 - A computer-implemented method, a computer system and a cryptocurrency depository for enabling secure escrow and safekeeping of a cryptocurrency - Google Patents
A computer-implemented method, a computer system and a cryptocurrency depository for enabling secure escrow and safekeeping of a cryptocurrency Download PDFInfo
- Publication number
- WO2020026038A1 WO2020026038A1 PCT/IB2019/051937 IB2019051937W WO2020026038A1 WO 2020026038 A1 WO2020026038 A1 WO 2020026038A1 IB 2019051937 W IB2019051937 W IB 2019051937W WO 2020026038 A1 WO2020026038 A1 WO 2020026038A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- party device
- party
- cryptocurrency
- provisional
- provisional transaction
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/06—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
- G06Q20/065—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/06—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
- G06Q20/065—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
- G06Q20/0655—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash e-cash managed centrally
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q2220/00—Business processing using cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
Definitions
- Embodiments of the present invention generally relate to a digital currency management system and more particularly to a computer-implemented method, a computer system and a cryptocurrency depository for enabling secure escrow and safekeeping of a cryptocurrency.
- a digital currency/cryptocurrency is a digital asset designed for currency exchange/transactions.
- the cryptocurrency utilizes strong cryptography to execute secure financial transactions.
- a cryptocurrency is acquired and/or traded on an electronic exchange which lists different types of cryptocurrencies/crypto-assets. Such exchanges often enable trading between digital currencies and conventional fiat currencies such as US Dollar, Euro, Great Britain Pound, etc.
- the cryptocurrency exchange is custodial in nature and acts as an Escrow (Trusted Third Party) to minimize counter-party risk wherein the trading parties transfer both cryptocurrencies and other assets which are in their control/possession to the exchange-controlled addresses/accounts and get notional limits on the exchange to trade. All this works well as long as there are no security lapses on the exchange.
- a custodial cryptocurrency wallet service or cryptocurrency wallet also stores the funds/tokens for its users and settles transactions between transacting parties.
- the cryptocurrency wallet allows its users to perform transactions in a same manner as performed in a conventional bank.
- most of the security problems discussed above in the context of cryptocurrency exchanges are equally relevant to cryptocurrency wallets.
- many cryptocurrency exchanges also double up as cryptocurrency wallets for their users allowing transacting parties to pay/accept in cryptocurrency/assets of their choice and manage the conversion for them when necessary.
- a computer-implemented method for enabling secure escrow and safekeeping of a cryptocurrency.
- the computer-implemented method comprises the steps of establishing a secure communication between a first party device associated with a depositor of the cryptocurrency and a second party device associated with a secure cryptocurrency depository, in a cryptocurrency network, creating and signing a deposit transaction by the first party device transferring all available funds/tokens or part thereof to a multi- signature address, creating a provisional transaction template by the first party device spending either all of the funds/tokens or a part thereof sent to the multi signature address in the deposit transaction, transmitting an unsigned copy of the provisional transaction template to the second party device, adding a signature generated using first party private key and a signature generated by a first party hardware token by the first party device to the provisional transaction template thereby generating a first partially signed provisional transaction template and transmitting the first partially signed provisional transaction template to the second party device, adding a signature generated using second party private key corresponding to
- the first party device and/or the second party device is enabled to transfer the available funds/tokens away from the multi-signature address using the second partially signed provisional transaction template and/or the first partially signed provisional transaction template in possession of the first party device and second party device respectively using the various options provided by the corresponding Provisional Transaction output, in case the first party and/or second party private-keys/secrets and/or the hardware tokens are lost/stolen, thereby preventing theft.
- the secure cryptocurrency depository associated with the second party device is a secure cryptocurrency escrow and/or a secure cryptocurrency vault.
- the computer-implemented method further comprises the step of creating the provisional transaction template by the second party device in case a transaction ID and a corresponding transaction output index of the deposit transaction is transmitted to the second party device by the first party device.
- signing the deposit transaction and the provisional transaction template prevents the corresponding inputs and outputs of the deposit transaction and the provisional transaction template from modification once the signature generated using respective private-keys and/or the signature generated by respective hardware tokens are added to the deposit transaction and the provisional transaction template.
- the first party device and the second party device are computing devices selected from a group comprising a server, a microcontroller, a laptop, a desktop and a portable handheld device having computing capabilities and comprising at least a processor, a memory unit, a display module, an input module and a user interface.
- the computer-implemented method further comprises the step of monitoring the transactions on the cryptocurrency network by the first party device, the second party device and/or a third-party device on behalf of the first and/or second party device.
- the computer-implemented method further comprises the step of enforcing a settlement albeit with a predefined delay and does not require exclusive custody of the funds/tokens beforehand to guarantee settlement.
- the computer-implemented method further comprises the step of taking exclusive custody of the respective funds/tokens to enforce the settlement, in case of disagreement between a first party device and a fourth party device during a trade/transaction, thereby functioning as a regular custodial escrow.
- a computer system for enabling secure escrow and safekeeping of a cryptocurrency.
- the computer system comprises a memory unit configured to store machine-readable instructions and a processor operably connected with the memory unit, the processor obtaining the machine-readable instructions from the memory unit, and being configured by the machine-readable instructions to establish a secure communication between a first party device associated with a depositor of the cryptocurrency and a second party device associated with a secure cryptocurrency depository, in a cryptocurrency network, create and sign a deposit transaction by the first party device transferring all available funds/tokens or part thereof to a multi- signature address, create a provisional transaction template by the first party device spending either all of the funds/tokens or a part thereof sent to the multi-signature address in the deposit transaction, transmit an unsigned copy of the provisional transaction template to the second party device, generate a first partially signed provisional transaction template by adding a signature generated using a first party private key and a signature generated by a first party hardware token by the first party
- the first party device and/or the second party device is enabled to transfer the available funds/token away from the multi-signature address using the second partially signed provisional transaction template and/or the first partially signed provisional transaction template in possession of the first party device and second party device respectively using the various options provided by the corresponding Provisional Transaction output, in case the first-party/second-party private- keys/secrets and/or hardware tokens are lost/stolen, thereby preventing theft.
- the secure cryptocurrency depository associated with the second party device is a secure cryptocurrency escrow and/or a secure cryptocurrency vault.
- the processor is further configured to create the provisional transaction template by the second party device in case a transaction ID and a corresponding transaction output index of the deposit transaction is transmitted to the second party device by the first party device.
- the processor is further configured to prevent the corresponding inputs and outputs of the deposit transaction and the provisional transaction template from modification once the signature generated using respective private keys and/or the signature generated by respective hardware tokens are added to the deposit transaction and the provisional transaction template.
- the first party device and the second party device are computing devices selected from a group comprising a server, a microcontroller, a laptop, a desktop and a portable handheld device, having computing capabilities and comprising at least a processor, a memory unit, a display module, an input module and a user interface.
- the processor is further configured to monitor the transactions on the cryptocurrency network by the first party device, the second party device and/or a third-party device on behalf of the first party device and/or second party device.
- the processor further configures the second party device to enforce a settlement albeit with a predefined delay and does not require exclusive custody of the funds/tokens beforehand to guaranteed settlement.
- the processor further configures the second party device to take exclusive custody of the respective funds/tokens to enforce the settlement, in case of disagreement between a first party device and a fourth party device during a trade/transaction, thereby functioning as a regular custodial escrow.
- a secure cryptocurrency depository having an associated second party device in communication with a first party device associated with a first party, in a cryptocurrency network. Further, the secure cryptocurrency depository is configured to store the cryptocurrency of the first party device associated with a depositor.
- the second party device is configured to take exclusive custody of the respective funds/tokens to enforce the settlement, in case of disagreement between a first party device and a trading party device during a trade, thereby functioning as a regular custodial escrow.
- an unrecoverable hardware token in possession of each of a first party and/or a second party having stored therein, private-keys/secrets, generated during initialization. Further, the unrecoverable hardware token is required to be physically accessed to sign transactions using them. Furthermore, the unrecoverable hardware token associated with each of the first party and/or the second party is configured to generate a signature using internally stored private -keys/secrets to authenticate transactions and the unrecoverable hardware token is configured to provide out-of-band authentication by preventing any backup or recovery of the private-keys/secrets stored therein.
- Figure 1 is an exemplary environment of computing devices to which the various embodiments described herein may be implemented;
- Figure 2 illustrates computer-implemented method for enabling secure escrow and safekeeping of a cryptocurrency, in accordance with an embodiment of the present invention
- Figure 3 illustrates an information flow diagram for establishing a communication between a first party device and a second party device as well as creating a deposit transaction and provisional transaction template, in accordance with an embodiment of the present invention
- Figure 4 illustrates an information flow diagram for signing and exchanging a first partially signed provisional transaction template and a second partially signed provisional transaction template by the first party device and the second party device, in accordance with an embodiment of the present invention
- Figure 5 illustrates an information flow diagram for facilitating and broadcasting the provisional transaction by the first party, in accordance with another embodiment of the present invention
- Figure 6 illustrates an information flow diagram for facilitating and broadcasting the provisional transaction by the second party, in accordance with an embodiment of the present invention
- Figure 7 illustrates an example of a Deposit Transaction created by a First Party (Alice), in accordance with the embodiment of the present invention
- Figure 8 illustrates an example of a provisional transaction template created by the First Party Alice, in accordance with the embodiment of the present invention
- Figure 9 illustrates an example of a computer system for enabling secure escrow and safekeeping of a cryptocurrency, in accordance with the embodiment of the present invention
- Figure 10 illustrates an example of enumerating the options available and outcomes of situations where the First Party and/or the Second Party (A Secure Cryptocurrency Escrow) lose their private-keys/secrets and/or Hardware Tokens, in accordance with the embodiment of the present invention
- FIG. 11 illustrates an example of a secure escrow system without the hardware tokens, in accordance with the embodiment of the present invention
- Figure 12 illustrates an example of a Deposit Transaction created by the First Party (Alice), in accordance with an embodiment of the present disclosure
- Figure 13 illustrates an example of a Provisional Transaction Template created by the First Party (Alice), in accordance with an embodiment of the present disclosure
- Figure 14 illustrates an exemplary secure cryptocurrency vault, in accordance with an embodiment of the present disclosure
- Figure 15 illustrates exemplary options available and outcomes of situations where the First Party and/or the Second Party lose their private-keys/secrets and/or Hardware Tokens, in accordance with an embodiment of the present disclosure.
- Figure 16 illustrates an example of a secure cryptocurrency vault without Hardware Tokens, in accordance with an embodiment of the present disclosure.
- Figure 1 illustrates an exemplary environment 100 of computing devices to which the various embodiments described herein may be implemented.
- Figure 1 shows a first party device 106 connected with a second party device 108 participating in cryptocurrency network.
- the first party device 106 is associated with a first party or a depositor of a cryptocurrency.
- the depositor may be, but not limited to, an organization, an individual or the any owner of cryptocurrency.
- the cryptocurrency may be selected from, but not limited to, Bitcoin, Litecoin, Ethereum, Dash or any digital currency.
- the second party device 108 is associated with a secure cryptocurrency depository.
- the secure cryptocurrency depository may be a secure cryptocurrency escrow and/or a secure cryptocurrency vault.
- Provision of the cryptocurrency escrow in the cryptocurrency network reduces the probability of loss or theft of the first party’s funds/tokens during a trade/transaction from the depository associated with the second party device 108.
- the secure cryptocurrency vault of the secure cryptocurrency depository is configured to store the cryptocurrency of the first party device 106 associated with the depositor.
- the first party device 106 and the second party device 108 are computing devices selected from a group comprising a server, a microcontroller, a laptop, a desktop and a portable handheld device having computing capabilities and comprising at least a processor, a memory unit, a display module, an input module and a user interface.
- the first party device 106 and the second party device 108 are connected with a network 104.
- the network 104 may be one of, but not limited to, a Local Area Network (LAN) or a Wide Area Network (WAN).
- the network 104 may be implemented using a number of protocols, such as but not limited to, TCP/IP, 3GPP, 3GPP2, LTE, IEEE 802.x etc.
- the computer system 102 may be a portable computing device, a desktop computer or a server stack.
- the computer system 102 is envisaged to include computing capabilities such as a memory unit 1022 configured to store machine readable instructions.
- the machine-readable instructions may be loaded into the memory unit 1022 from a non-transitory machine-readable medium such as, but not limited to, CD-ROMs, DVD-ROMs and Flash Drives. Alternately, the machine-readable instructions may be loaded in a form of a computer software program into the memory unit 1022.
- the memory unit 1022 in that manner may be selected from a group comprising EPROM, EEPROM and Flash memory.
- the computer system 102 includes a processor 1024 operably connected with the memory unit 1022.
- the processor 1024 is one of, but not limited to, a general-purpose processor 1024, an application specific integrated circuit (ASIC) and a field-programmable gate array (FPGA).
- ASIC application specific integrated circuit
- FPGA field-programmable gate array
- FIG. 2 illustrates computer-implemented method for enabling secure exchange and safekeeping of a cryptocurrency, in accordance with an embodiment of the present invention.
- the method begins at step 202, by establishing the communication between the first party device 106 associated with the depositor of the cryptocurrency and the second party device 108 associated with the secure cryptocurrency depository.
- the processor is configured to securely connect the first party device 106 and the second party device 108 in a cryptocurrency network.
- a deposit transaction is created and signed by the first party device 106 transferring all available funds/tokens or part thereof to a multi-signature address.
- the first party device 106 may add the required security protocols, etc. to the respective inputs of the deposit transaction and stores it without broadcasting it to the cryptocurrency network.
- a multi- signature address in general, requires signatures or unique inputs associated with multiple parties to authenticate and allow a transfer of funds from the multi- signature address.
- a provisional transaction template is created by the first party device 106.
- the provisional transaction template herein signifies an electronic record/document indicative of the first party’s intent to spend either all of the funds/tokens or a part thereof, sent to the multi-signature address in the deposit transaction.
- an unsigned copy of the provisional transaction template is transmitted to the second party device 108.
- the unsigned copy means that the provisional transaction template is without any signed inputs or signatures (i.e. without any authentication).
- the first party device 106 adds a signature generated using a first party private key and a signature generated by a first party hardware token to the provisional transaction template, thereby generating a first partially signed provisional transaction template.
- the hardware tokens are unrecoverable hardware wallets (or rendered unrecoverable by not-recording / discarding the backup/seed-phrase) without any provision for recovery of the private-keys/secrets stored inside it and time-locks for transaction outputs are available for the crypto-currency system.
- the computer system 102 provides out-of-band authentication with hardware tokens, that are not knowledge-based and require physical access to complete the step.
- the hardware tokens are special kind of hardware wallets, that do not allow a backup or recovery of any sort providing true out-of-band authentication and device failure is already accounted for in the proposed method/system. Additionally, the hardware tokens are envisaged to be in possession of the first party and/or second party and are therefore referred to as first party and/or second party hardware token.
- the first partially signed provisional transaction template is transmitted to the second party device 108.
- the second party device 108 keeps this first partially signed provisional transaction template safe and stores for use in future.
- the second party device 108 adds a signature generated using a second party private key corresponding to the first party private key, to the unsigned copy of the provisional transaction template received in step 208. This generates a second partially signed provisional transaction template.
- the second partially signed provisional transaction template is then sent to the first party device 106.
- the first party device 106 has the second partially signed provisional transaction template signed with the second party private key
- the second party device 108 has the first partially signed provisional transaction template signed with the first party private key and the signature generated by the first party hardware token.
- the provisional transaction template can also be created by the second party device and shared with the first party device if a transaction ID and a corresponding transaction output index of the deposit transaction is transmitted to the second party device by the first party device. Then, the partially signed provisional transaction templates can be exchanged as above.
- the signatures utilized in this scheme sign the transaction similar to a SIGHASH_ALL or SIGHASH_S INGLE option in Bitcoin protocol where the corresponding inputs and outputs of the transaction cannot be modified once signatures are added to the transaction.
- the deposit transaction is broadcasted by the first party device 106. It is envisaged that the deposit transaction may only be broadcasted after the first party device 106 and the second party device 108 exchange the first partially signed provisional transaction template and the second partially signed provisional transaction template. This completes a setup process. Now the process of facilitation of transactions and recovery of funds in case of a security breach or compromise, by both the first party device 106 and the second party device 108 will be explained in detail.
- the first party device 106 facilitates the provisional transaction by adding the signature generated using the first party private key and the signature generated by the first party hardware token to the second partially signed provisional transaction template in its possession.
- the first party device 106 may now use the fully signed provisional transaction to execute the transfer of funds/token mentioned in the provisional transaction from the multi- signature address when necessary. The same has been illustrated in figure 5.
- Step 218 presents an alternate way of facilitating the provisional transaction.
- the second party device 108 may facilitate the provisional transaction by adding the signature generated using the second party private key to the first partially signed provisional transaction template in possession, forming the fully signed provisional transaction template.
- the second party device 108 may now use the fully signed provisional transaction to execute the transfer of funds/token mentioned in the provisional transaction from the multi signature address when necessary. The same has been illustrated in figure 6.
- the first party device 106 and/or the second party device 108 broadcast a fully signed provisional transaction template to the cryptocurrency network, when necessary to complete the provisional transaction and transfer of funds.
- the first party device 106 and/or the second party device 108 is enabled to transfer the available funds/token away from the multi-signature address, using the second partially signed provisional transaction template and the first partially signed provisional transaction template in possession of the first party device 106 and second party device 108 respectively, in case respective private-keys/secrets and/or the hardware tokens are lost/stolen, thereby preventing theft.
- the security of first party systems is breached and first party private key and/or other data is lost/stolen. The breach may result in potential loss of its funds/tokens.
- the present invention provides safeguard against the loss of funds/tokens by recovering the funds by adding the signature generated using second party private key to the first partially signed provisional transaction template (already signed with the signature generated using first party private key and signature generated by first party hardware token) in possession of the second party (depository).
- the fully signed provisional transaction template may then be broadcasted to the respective cryptocurrency network.
- the first party in coordination with second party may recover the funds/tokens by creating another transaction and moving the funds/tokens from provisional transaction to another secure address before 5000 blocks are created on the respective cryptocurrency network after the block confirming the broadcasted provisional transaction.
- the second party s private-key and/or other data is breached/stolen.
- the breach may result in potential loss of the funds/tokens.
- the present invention provides safeguard against the loss of funds by recovering the funds by adding the signature generated using the first party private-key and signature generated by the first party hardware token to the second partially signed provisional transaction template (already signed with the signature generated using the second party private key) in possession of the first party.
- the fully signed provisional transaction may then be broadcasted to the respective cryptocurrency network.
- the second party in coordination with first party may recover the funds/tokens by creating another transaction and moving the funds/tokens from provisional transaction to another secure address before 2000 blocks are created on the respective cryptocurrency network after the block confirming the broadcasted provisional transaction.
- the present invention accounts for many contingencies such as loss and/or breach of either party’s private-keys/secrets and malfunction, loss and/or possible theft of either party’s Hardware Tokens while reducing the probability of loss of First Party’s funds/tokens.
- the funds/tokens are recovered, thereby removing the incentive and consequently motive to steal First Party’s funds/tokens in the first place.
- the first Party and second party start monitoring the cryptocurrency network in order to keep track of transactions referencing the deposit transaction and the multi-signature address described above from the deposit transaction to detect any breach of security or foul play.
- the monitoring may be done by the First Party and/or the Second Party directly or by a Third Party on behalf of First Party and/or Second Party.
- the first party and the second party are prompted to initiate recovery if it is not broadcasted by either of them to begin with.
- the second party device 108 acts as custodial escrows for the first party and a fourth party during a transaction/trade to minimize counter party risk and guarantee settlement.
- a custodial escrow mechanism with respect to cryptocurrencies may encounter a new problem of keeping the first party funds/tokens in their custody safe and secure.
- a security breach on the respective cryptocurrency escrows’ systems can compromise the private-keys/secrets securing the funds/tokens in their custody and lead to loss/theft of respective funds/tokens.
- the present invention can enforce settlement albeit with a predefined delay and does not require exclusive custody of the said funds/tokens beforehand to guaranteed settlement. Moreover, in the event of the security breach on one or both sides, there are remedial steps that the cryptocurrency escrow and/or the first party can take to prevent loss or theft of the respective funds/tokens.
- the first party may cooperate with the second party in the settlement process and in situations where it disagrees or refuses to cooperate, the cryptocurrency escrow can get exclusive custody of the respective funds/tokens and enforce settlement.
- the first party is in disagreement with a proposed settlement for a trade/transaction with the fourth party
- the cryptocurrency escrow takes exclusive custody of the respective funds/tokens to enforce settlement.
- This option allows the cryptocurrency escrow to function as a regular custodial escrow between the first party and the fourth party during a trade/transaction, as is the case with most exchanges as of date.
- Figures 7-11 illustrate examples showing implementation for the secure cryptocurrency escrow.
- Figure 7 illustrates an example of a deposit transaction created by the First Party Alice in accordance with an embodiment of the present invention.
- FIG 8 illustrates an example of a provisional transaction template created by the first party Alice in accordance with an embodiment of the present invention.
- the cryptocurrency escrow suffers a security breach as its private -keys/secrets are compromised/stolen.
- the escrow uses option 1, 2, 3, 7 or 8 as depicted in Figure 8 to transfer the funds/tokens to another secure address or back to the First Party.
- the cryptocurrency escrow can even prevent loss/theft using option 7 depicted in Figure 8 and transfers the respective funds/tokens away from the compromised address even when its Hardware Tokens are lost/stolen in the above described situation.
- the cryptocurrency escrow uses option 2 as depicted in figure 8 and transfers the respective funds/tokens to a secure address when the first party’s private-key/secret and/or the hardware token are compromised/lost/stolen.
- Figure 9 illustrates an example of a secure cryptocurrency computer system 900 in accordance with an embodiment of the present invention.
- Figure 10 illustrates an example of enumerating the options available and outcomes of situations where the First Party loses its private -keys/secrets and where the First Party and/or the Second Party (A Secure Cryptocurrency escrow) lose their respective Hardware Tokens in accordance with an embodiment of the present disclosure.
- the confusion Matrix in Figure 10 also enumerates the options available and outcomes of situations where the private -keys/secrets and/or the Hardware Tokens of the First Party and/or the Second Party are compromised or stolen. It enumerates the situations where respective private -keys/secrets are lost by the First Party but not the Second Party.
- the Second Party is an organized entity that can employ data- safety measures such as multi- site replication, offline storage, etc. The method does not appear to explicitly specify the process and enumerate options available when the Second Party’s private-keys/secrets are lost for simplicity and brevity.
- the method and system can be analogously extended to aforementioned scenario or more scenarios not currently addressed if desired by reordering/adding/removing options in the Provisional Transaction Template and expanding the multi-signature scheme in the Deposit Transaction by requiring even more signatures using private/keys and/or hardware tokens.
- the timelocks mentioned in the Provisional Transaction Template are one of the many possible values for them exemplifying a particular order and can be adjusted as necessary to suit a particular arrangement.
- the Second Party (Escrow) always gets a first claim on the respective funds/tokens as it is accepting a liability on the First Party’s behalf and can steal the First Party’s funds/tokens but will not do so because such unilateral actions will result in loss of trust/business from the other parties as well as legal proceedings by the First Party as the Second Party cannot deny and deflect liability as is common today.
- the incentive and motive to cheat the First Party of its funds/tokens by the Second Party is non-existent.
- the First Party and/or the Second Party are compromised either by an internal or external adversary, they still have recourse and can reconcile the situation by taking remedial steps available.
- Figure 11 illustrates another example of a secure cryptocurrency computer system 1100 without hardware tokens in accordance with an embodiment of the present disclosure.
- the aforementioned method/system/scheme can be scaled down as depicted in Figure 11 and still offer better protection than currently practiced multi- signature arrangements.
- Figures 12-16 illustrate examples showing implementation for the secure cryptocurrency vault.
- Figure 12 illustrates an example of a Deposit Transaction created by the First Party in accordance with an embodiment of the present disclosure.
- FIG. 13 illustrates an example of a Provisional Transaction Template created by the First Party in accordance with an embodiment of the present disclosure.
- the cryptocurrency vault suffers a security breach as its private -keys/secrets are compromised/stolen.
- the vault uses option 1, 2, 3, 4, 5, 8 or 9 as depicted in Figure 13 to transfer the funds/tokens to another secure address or back to the First Party.
- the cryptocurrency escrow can even prevent loss/theft using option 2, 3 or 8 depicted in Figure 13 and transfers the respective funds/tokens away from the compromised address even when its Hardware Tokens are lost/stolen in the above described situation.
- the cryptocurrency vault uses option 4 as depicted in figure 13 and transfers the respective funds/tokens to a secure address when the first party’s private-key/secret and/or the hardware token are compromised/lost/stolen.
- FIG 14 illustrates an exemplary secure cryptocurrency vault in accordance with an embodiment of the present disclosure.
- the First Party has lost the private -key/secret and/or Hardware Token as in the confusion matrix, the Second Party will not steal the First Party’s funds/tokens because unilateral actions will result in loss of trust/business from other parties as well as legal proceedings by the First Party as the Second Party cannot deny and deflect liability as is common today. Hence, the incentive and motive to cheat the First Party by the Second Party does not exist.
- Figure 15 illustrates exemplary options available and outcomes of situations where the First Party loses its private -keys/secrets and where the First Party and/or the Second Party (A Secure Cryptocurrency Vault) lose their respective Hardware Tokens in accordance with an embodiment of the present disclosure.
- the confusion Matrix in Figure 10 also enumerates the options available and outcomes of situations where the private-keys/secrets and/or the Hardware Tokens of the First Party and/or the Second Party are compromised or stolen. It enumerates the situations where respective private -keys/secrets are lost by the First Party but not the Second Party.
- the Second Party is an organized entity that can employ data-safety measures such as multi-site replication, offline storage, etc. The method does not appear to explicitly specify the process and enumerate options available when the Second Party’s private-keys/secrets are lost for simplicity and brevity.
- this method can be analogously extended to this scenario and more or simplified if desired by reordering/adding/removing options in the Provisional Transaction Template accordingly and expanding the multi- signature scheme in the Deposit Transaction by requiring even more signatures using private keys/secrets and/or hardware tokens when planning and accounting for certain contingencies are deemed necessary/unnecessary.
- the timelocks mentioned in the Provisional Transaction are one of the many possible values for them exemplifying a particular order and can be adjusted as necessary to suit a particular arrangement.
- Figure 16 illustrates an example of a secure cryptocurrency vault without Hardware Tokens in accordance with an embodiment of the present disclosure.
- the Hardware Tokens are not available and relative/absolute timelocks are functional, the method and scheme described above can be scaled down as depicted in Figure 16 and still offer better protection than currently practiced multi- signature arrangements.
- the disclosed system and the method offer a number of advantages, such as:
- the present invention provides a digital currency escrow and a secure digital currency depository. Additionally, it provides a digital currency escrow which enforces settlement albeit with a predefined delay and the escrow does not need exclusive custody of the funds/tokens beforehand to guarantee settlement.
- the digital currency escrow also safeguards the funds/tokens of the participating parties as well as enhances the security.
- the present invention provides a digital currency escrow which enables the transfer of funds/tokens away from the multi- signature address by adding missing signatures to the partially signed Provisional Transaction Template in possession of the First Party Device and the Second Party Device, even when the respective private-keys/secrets and/or Hardware Tokens are lost and/or stolen.
- the present invention allows a security from unauthorized access to one’s private-keys/secrets through whatever means (Trojans, man-in-the-middle, cloud backdoors, etc.).
- the present invention also allows a data-safety by denying/destroying access to one’s private-keys/secrets (ransomware, computer-virus, etc.).
- a communication device is described that may be used in a communication system, unless the context otherwise requires, and should not be construed to limit the present disclosure to any particular communication device type.
- a communication device may include, without limitation, a bridge, router, bridge -router (router), switch, node, or other communication device, which may or may not be secure.
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Engineering & Computer Science (AREA)
- Finance (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Description
Claims
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2021502967A JP2021532466A (en) | 2018-07-29 | 2019-03-11 | Computer-enhanced methods, computer systems, and cryptocurrency depository to enable secure escrowing and storage of cryptocurrencies. |
AU2019315764A AU2019315764B2 (en) | 2018-07-29 | 2019-03-11 | A computer-implemented method, a computer system and a cryptocurrency depository for enabling secure escrow and safekeeping of a cryptocurrency |
SG11202100266SA SG11202100266SA (en) | 2018-07-29 | 2019-03-11 | A computer-implemented method, a computer system and a cryptocurrency depository for enabling secure escrow and safekeeping of a cryptocurrency |
CA3107682A CA3107682C (en) | 2018-07-29 | 2019-03-11 | A computer-implemented method, a computer system and a cryptocurrency depository for enabling secure escrow and safekeeping of a cryptocurrency |
EP19845262.5A EP3830778A4 (en) | 2018-07-29 | 2019-03-11 | A computer-implemented method, a computer system and a cryptocurrency depository for enabling secure escrow and safekeeping of a cryptocurrency |
Applications Claiming Priority (6)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
IN201841028454 | 2018-07-29 | ||
IN201841028454 | 2018-07-29 | ||
IN201841028453 | 2018-07-29 | ||
IN201841028453 | 2018-07-29 | ||
IN201944009293 | 2019-03-11 | ||
IN201944009293 | 2019-03-11 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2020026038A1 true WO2020026038A1 (en) | 2020-02-06 |
Family
ID=67140924
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IB2019/051937 WO2020026038A1 (en) | 2018-07-29 | 2019-03-11 | A computer-implemented method, a computer system and a cryptocurrency depository for enabling secure escrow and safekeeping of a cryptocurrency |
Country Status (6)
Country | Link |
---|---|
US (3) | US11200568B2 (en) |
JP (1) | JP2021532466A (en) |
AU (1) | AU2019315764B2 (en) |
CA (1) | CA3107682C (en) |
SG (1) | SG11202100266SA (en) |
WO (1) | WO2020026038A1 (en) |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11100497B2 (en) * | 2019-08-20 | 2021-08-24 | Anchor Labs, Inc. | Risk mitigation for a cryptoasset custodial system using a hardware security key |
US11720692B2 (en) * | 2019-11-22 | 2023-08-08 | Pure Storage, Inc. | Hardware token based management of recovery datasets for a storage system |
US20210382992A1 (en) * | 2019-11-22 | 2021-12-09 | Pure Storage, Inc. | Remote Analysis of Potentially Corrupt Data Written to a Storage System |
US11238444B2 (en) * | 2019-11-26 | 2022-02-01 | Flexa Network Inc. | Secure and trusted cryptocurrency acceptance system |
JP6891943B2 (en) * | 2019-11-26 | 2021-06-18 | ダイキン工業株式会社 | Escrow system and trading method |
US11669812B2 (en) * | 2020-06-05 | 2023-06-06 | Serge M Krasnyansky | Contingent payments for virtual currencies |
WO2024039286A1 (en) * | 2022-08-15 | 2024-02-22 | Mvgx Tech Pte. Ltd. | A system and method for integrating a traditional financial exchange and an exchange on a blockchain |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150363770A1 (en) * | 2014-06-16 | 2015-12-17 | Bank Of America Corporation | Cryptocurrency Transaction Payment System |
WO2017145020A1 (en) * | 2016-02-23 | 2017-08-31 | nChain Holdings Limited | Methods and systems for efficient transfer of entities on a peer-to-peer distributed ledger using the blockchain |
US20180034642A1 (en) * | 2016-07-29 | 2018-02-01 | Magic Leap, Inc. | Secure exchange of cryptographically signed records |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150324789A1 (en) * | 2014-05-06 | 2015-11-12 | Case Wallet, Inc. | Cryptocurrency Virtual Wallet System and Method |
US20160140653A1 (en) * | 2014-11-14 | 2016-05-19 | Ryan McKenzie | Virtual currency bank |
EP3251046B1 (en) * | 2015-01-30 | 2021-03-24 | Enrico Maim | Systems and methods for managing networked commitments of secure entities |
JP5858506B1 (en) * | 2015-04-09 | 2016-02-10 | 株式会社Orb | Virtual currency management program and virtual currency management method |
CN109643420A (en) * | 2016-02-23 | 2019-04-16 | 区块链控股有限公司 | Method and system for efficient transfer of entities over a blockchain |
AU2017240796A1 (en) * | 2016-03-31 | 2018-10-25 | Clause, Inc. | System and method for creating and executing data-driven legal contracts |
US10445698B2 (en) * | 2016-06-30 | 2019-10-15 | Clause, Inc. | System and method for forming, storing, managing, and executing contracts |
GB201802148D0 (en) * | 2018-02-09 | 2018-03-28 | Nchain Holdings Ltd | Computer-implemented system and method |
US20190362340A1 (en) * | 2018-05-25 | 2019-11-28 | Bitfi, Inc. | Secure multiple cryptocurrency wallet and methods of use thereof |
US10790976B1 (en) * | 2018-08-01 | 2020-09-29 | Bloomio Ag | System and method of blockchain wallet recovery |
-
2019
- 2019-03-11 JP JP2021502967A patent/JP2021532466A/en active Pending
- 2019-03-11 CA CA3107682A patent/CA3107682C/en active Active
- 2019-03-11 WO PCT/IB2019/051937 patent/WO2020026038A1/en unknown
- 2019-03-11 SG SG11202100266SA patent/SG11202100266SA/en unknown
- 2019-03-11 AU AU2019315764A patent/AU2019315764B2/en active Active
- 2019-03-19 US US16/357,553 patent/US11200568B2/en active Active
-
2021
- 2021-11-10 US US17/522,960 patent/US20220138740A1/en not_active Abandoned
- 2021-11-10 US US17/522,952 patent/US20220067722A1/en not_active Abandoned
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150363770A1 (en) * | 2014-06-16 | 2015-12-17 | Bank Of America Corporation | Cryptocurrency Transaction Payment System |
WO2017145020A1 (en) * | 2016-02-23 | 2017-08-31 | nChain Holdings Limited | Methods and systems for efficient transfer of entities on a peer-to-peer distributed ledger using the blockchain |
US20180034642A1 (en) * | 2016-07-29 | 2018-02-01 | Magic Leap, Inc. | Secure exchange of cryptographically signed records |
Also Published As
Publication number | Publication date |
---|---|
JP2021532466A (en) | 2021-11-25 |
US20220138740A1 (en) | 2022-05-05 |
US20190213586A1 (en) | 2019-07-11 |
US11200568B2 (en) | 2021-12-14 |
CA3107682C (en) | 2023-10-31 |
CA3107682A1 (en) | 2020-02-06 |
US20220067722A1 (en) | 2022-03-03 |
AU2019315764B2 (en) | 2023-04-06 |
SG11202100266SA (en) | 2021-02-25 |
AU2019315764A1 (en) | 2021-02-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
AU2019315764B2 (en) | A computer-implemented method, a computer system and a cryptocurrency depository for enabling secure escrow and safekeeping of a cryptocurrency | |
US20220277307A1 (en) | Systems and methods for personal identification and verification | |
JP7121810B2 (en) | Systems, methods, devices and terminals for secure blockchain transactions and sub-networks | |
Lin et al. | A survey of blockchain security issues and challenges. | |
US11263605B2 (en) | Weighted multiple authorizations | |
Dilley et al. | Strong federations: An interoperable blockchain solution to centralized third-party risks | |
CN117640099A (en) | Systems and methods for avoiding or reducing encryption retention resources on blockchain networks | |
CN111480315A (en) | Computer-implemented system and method for authorizing blockchain transactions using low-entropy ciphers | |
US20130219481A1 (en) | Cyberspace Trusted Identity (CTI) Module | |
KR20210040078A (en) | Systems and methods for safe storage services | |
US20200204338A1 (en) | Securing public key cryptographic algorithms | |
Ingole et al. | Blockchain technology in cloud computing: A systematic review | |
Kim et al. | Intrusion detection and mitigation system using blockchain analysis for bitcoin exchange | |
EP3830778A1 (en) | A computer-implemented method, a computer system and a cryptocurrency depository for enabling secure escrow and safekeeping of a cryptocurrency | |
WO2021141929A1 (en) | Systems and methods for compliance checks | |
CN115023721A (en) | Method and apparatus for protecting and verifying recorded state transitions | |
CN114930372A (en) | Method and apparatus for facilitating split-note financing | |
CN110378708B (en) | Hidden credit worthiness certification method, device, system and storage medium | |
US20240046260A1 (en) | Device, system and method for managing cryptocurrency transactions | |
Roy et al. | Data modelling of a multifaceted electronic card-based secure E-Governance system | |
US20240062205A1 (en) | Device, system and method for managing cryptocurrency transactions | |
Robinson | Blockchain and a Digital Identity System: Simply another mislead application of a popular technology | |
Dhananjay et al. | Distributed Ledger Technology based data minimization of digital identities | |
Srivastava et al. | Blockchain Risk and Uncertainty in Automated Applications | |
Gupta et al. | Security, Privacy, and Trust Management and Performance Optimization of Blockchain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 19845262 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2021502967 Country of ref document: JP Kind code of ref document: A |
|
ENP | Entry into the national phase |
Ref document number: 3107682 Country of ref document: CA |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 2019315764 Country of ref document: AU Date of ref document: 20190311 Kind code of ref document: A |
|
ENP | Entry into the national phase |
Ref document number: 2019845262 Country of ref document: EP Effective date: 20210301 |