Page 40 - FIGI: Security Aspects of Distributed Ledger Technologies
P. 40
Wallets and exchanges are the most popular targets drive kept in a safety deposit box. Hot storage is
for hacks and attacks since there is the potential for used for convenient, regular and immediate access
reaching large volumes of digital money, in a central- to Internet connected services and merchants. Cold
ized location and many have tried to use standard storage refers to offline storage, potentially long
security solutions which don’t fit well within a cryp- term, and inaccessible directly from the Internet.
to-currency context. 262
Risks:
Vulnerabilities: Theft of user funds; use of user keys for non-autho-
Keys can be stolen/compromised in Exchanges rized applications
Crypto-wallets are similar to the keys to access
online bank accounts in that information may be Mitigation and Recommendations:
stored in the wallet which contains a crypto address On the user side, hot storage/online wallets are direct-
(link an account number) and private and public ly exposed to the Internet and susceptible to cyber-
keys for transfers (such as a special PIN numbers.) crime including hacking, malware attacks and any
An exchange is where crypto-currency can be malicious attack within reach online resources. The
exchanged into other currencies, such as forex device holding the address and keys must be safely
services, and may also offer a wallet service. backed up with alternate access in the event access
‘Hot wallets’ mean that secured information is to the device is lost or it is stolen or destroyed. Cold
stored in a medium accessible to the Internet, which Storage/Offline Wallets have a variety of different
includes both merchants and hackers. Examples risks and vulnerabilities. Paper wallets are susceptible
include internet accessible desktop and laptop com- to damage, destruction, theft, loss, can be difficult
puters, mobile phones and software applications to read if handwritten, print can become smudged
which may serve as clients to access funds (‘software and illegible. MPC-based custodians may however, as
wallets’), including ‘cloud wallets’ (which can be user noted above, provide some utility in securing wallet
accounts on wallets and crypto-currency exchange value through distributing keys.
services.) ‘Cold wallets’ refer offline stored records
264
such as ‘paper wallets’ (which can be on paper, met- 8�6 General Concern: Data Protection and Privacy
al or other medium and may also be converted into
a different format, e.g. from alphanumeric form into 8.6.1 Issue: Tension between Sharing and
a QR code ) and ‘hardware wallets’ (specialized Control of Data on DLTs
265
devices such as secured and protected miniature
storage devices able to be connected to a comput- Dimension affected: Application
er via USB. ) Deep cold storage refers to long term With the distributed node motif embedded in the
266
safety access methods such as via an encrypted USB DNA of most DLTs, there is a different perspective
Box 3:
Authentication
The Start Network Delivers humanitarian and financial assistance. Accounts were secured by two-fac-
tor authentication.
Developmental Program: The Start Network comprises national and international NGOs. Working
to address systemic challenges in delivering humanitarian and financial assistance, it began piloting
a blockchain for humanitarian financing and in 2017, partnered with Disberse, a for-profit social
263
enterprise aimed at building a new type of financial institution for the aid industry that uses DLT. A
Start Network review found that the main benefits centered on the traceability of funds through the
creation of a record of transactions and some direct cost savings were reported.
Security Aspects: To ensure security, pilots were carried out through participants’ web browsers,
using accounts secured by two-factor authentication. Wallet were identified as nodes on the Ethereum
blockchain, and all transactions were recorded on the Ethereum testnet.
38 Security Aspects of Distributed Ledger Technologies
