Spatium: Redefining the hardware wallet
The Malta AI and Blockchain Summit reached out to the CEO of Spatium, Geray Yusif, who delineated the technical ins and outs of his firm’s hardware wallet and why crypto users ought to have one.
Those who are technically savvy with Blockchain products know exactly what to expect from your products and services. However, for those who don’t have the time to get into the technical details, could you explain what a hardware wallet is?
In most cases, it’s a USB stick with extra protection. It keeps your cryptocurrencies secure from hacking because the stick is disconnected from the Internet, except for when you’re making a transaction. All these extra measures of security make hardware wallets generally safer than software wallets.
Other wallets like Nano-ledger and Trezor have taken the limelight. How does Spatium intend to compete with these established products?
Those two were ground-breaking innovations at the time. However, they have both security and convenience issues. For security, when you need to make a transaction, you have to connect a Ledger or Trezor to your computer with a cable and risk that a thief will get access to your key during the transaction. You probably read the news stories about security vulnerabilities in those wallets. As long as there is a private key, it can be stolen. It’s that simple. On top of that, Spatium’s keyless protocol for signing transactions means that there is nothing to steal.
Convenience is an issue too. Consider this: Don’t you already have enough things in your pocket to also carry a USB stick with a cable? What if you have many different digital assets? Will you carry several hardware wallets with you all the time?
Spatium’s hard wallet, on the other hand, is shaped like a credit card, so you can put it in your wallet. And it already supports over 100 currencies. You don’t need a cable to make transactions since it has NFC and Bluetooth technology for wireless yet safe connection to another device. This means you can conduct the actual transaction without exposing your Spatium hardware wallet. It also has biometric identification so you can “log in” with your unique fingerprints. In addition, there are value-added services like Plausible Denial and Transfer by Inheritance that go far beyond standard security measures by understanding real-world issues that could be faced by owners of digital assets.
You mentioned that Spatium has 100 plus digital asset wallets on offer. Is there a process that coins go through before being listed on your hardware wallet?
Yes, of course. We make sure that there is enough demand for the coin to be added. This is why we have many from the Top 100 by market cap. Plus, we look at the project behind the coin. In future, we will also let our wallet users add the tokens they need themselves.
You mentioned a keyless solution earlier. How are you able to get rid of the private key when every other wallet relies on it?
We built our keyless Spatium Protocol on top of a lot of brilliant, tested technologies, including the Secure Multi-Party Computation and much of the research done by our advisor, Takashi Nishide. For it to work you need at least two devices running the Spatium wallet. They could be your desktop, tablet, phone, smartwatch, etc. Each device has what we call a “secret” — a piece of encrypted information derived from your password or fingerprint. The secret never leaves its device. Yet, when you need to sign a transaction, this first secret manipulates the transaction data in a very specific, mathematical way, after which it passes the result to the next secret, which is on another device. That secret performs the same mathematical manipulation and passes the result to a third secret and so on.
This happens several times in a very short time frame, which creates a one-time signature that is equivalent to a private key, but without creating anything permanent. The resulting key’s only purpose is for one transaction. So if your wallet gets lost or stolen, your funds are still safe. Similarly, if one of the secrets or devices is compromised, it doesn’t give the attacker access to your funds. This way, we can verify transactions and create public addresses without exposing user data or funds to hackers. This means that there is no single point of attack, which is why our wallet is unhackable.
It is estimated that up to 4 million Bitcoins are lost in hardware wallets with missing private keys or secret passwords. What happens if I lose these details?
That’s what scared our founders so much when looking at Ledger, Trezor, software wallets, etc. Unlike other solutions on the market, the Spatium hardware wallet makes recovery very easy. If you lose your Spatium hardware wallet, you can just get another one and use your fingerprints to access your funds in seconds. This is because the hardware device is an access portal and does not store your funds. It’s one of the advantages of our distributed storage of data model.
How does Spatium deal with a next-of-kin scenario given that hardware wallets put individuals directly in control of their funds?
This was a great concern of ours as we looked at other wallets on the market, which hide your private key but do little to protect you in the real world.
So we created a number of additional services on top of the protection offered by our keyless signing of transactions.
For example, our “Transfer by Inheritance” add-on allows you to ensure that your assets are never lost no matter what happens. You can program, for example, your daughter’s fingerprints and how long you need to be inactive with your wallet for her fingerprints to become a valid authorisation method to access the wallet. For instance, you could input two years as the required inactivity period, after which your daughter gains access to your wallet using her fingerprints as an authorisation method.
Another real-world protection add-on that we offer is “Plausible Denial.” Unfortunately, there have been a number of reports of criminals mugging cryptocurrency owners on the street, forcing them to give up their private keys or open access to their wallets at gunpoint. Current hardware wallets have no protection against that. In contrast, our Plausible Denial add-on allows you to enter an incorrect authorisation factor, sending a signal that you are being mugged. This will open a fake wallet account with only a trace amount of assets in it, locking your actual account. It will also send a distress signal with your location to your pre-programmed trusted contact. This is not only an immediate solution to being mugged on the street but is a longer-term solution to making mugging pointless. Once criminals know that hardware wallets have this mechanism built in, they will have far less incentive to mug cryptocurrency holders. The reward simply won’t be worth the risk.
Is your product targeted solely towards individuals or do you also offer enterprise solutions?
Both. Enterprise clients appreciate how the keyless Spatium Protocol protects their assets, but they need corporate-specific features. First and foremost, that means multi-signature. So, naturally, our wallets have multi-signature enabled as well as a multi-layered authorisation tree. By that I mean the ability to set a multi-step process for login if certain factors are used. For example, using your fingerprints could be enough to gain access. But if you use a password, you would need an additional step of 2FA and a third step of a specific .jpeg picture file. This is the kind of security enterprise clients need.
Specific to multi-signature on an enterprise level, we have a way for them to create a one-time key and select the people who hold the key and, once that’s done, they destroy the original tool used to create the key. So no other such key can be created. Also, our decision to support over 100 digital assets from the get-go was driven in part by enterprise clients, so they can easily trade between different assets.
This comes just ahead of the annual, January 3rd “proof of keys” celebration – a movement aimed at keeping crypto exchanges in check by demanding and taking direct control of all Bitcoins held by trusted third parties.
This is a sponsored article.