The question of who controls your private key has been central to determining risk for digital asset storage over the last 5 years.  Any comparison site looking at hot or cold wallets will focus almost entirely on whether it’s the user or the custody supplier who is responsible for the keys.  Why all the attention?

The perils of private keys

The public address of your wallet merely points to where the assets are recorded on the digital asset’s blockchain. It’s open-source, verifiable by the entire network, and transparent (to the extent all transactions registered against that wallet will be listed in plain site for any scrutiny). But to access the wallet, you need the private key. A string of characters that will grant access to move assets from the wallet to anywhere on the blockchain, irreversibly. So it’s understandable that if you have a large quantity of digital assets you will want to control the private key which unlocks them.

But therein lies the problem. Namely and famously, if you forget your private key and didn’t store the seed in a safe place ( ie. cold/offline storage), you are completely without recourse. Nothing short of divine intervention is going to gain entry into that wallet. Your funds will forever remain right in front of you, tauntingly inaccessible.

So how do you safely facilitate crypto custody?

Copper has developed a proprietary system that uses distributed keys to permit access and authorise transactions generated from a Copper Platform wallet.

Here’s how it works:

animated explainer of private key turning into distributed keyEvery account on the Copper Platform is set up with a Vault. This is where you leave the digital assets you don’t want to trade with in any of the multiple trading accounts you or your team may be operating to buy/sell crypto on the Platform.

In order to withdraw digital assets from the Vault to an external location on the blockchain (ie not one of your trading accounts in the Copper Platform) you will need to authorise the transaction using Copper Unlimited, our standalone secure custody application.

There is no additional cost to this. There are just some additional steps to take, which secure your account better than any other provider on the market. It gives us peace of mind to know your digital assets are secure, even if it means taking a few moments longer to process withdrawals (please note this doesn’t effect trading on the Copper Platform).

Read more about encryption and security in our post: Encrypting Crypto

The Copper Unlimited application is divided into two functions: wallet creation and transaction authorisations.

The first time a user interacts with the application, they will receive an activation code and download link from their account in the Copper Platform. From there:

  1. The Copper Unlimited application will prompt the user to either create a new wallet or authorise a pending transaction.
  2. If the user is creating a new or additional wallet, they will be prompted to generate a Seed and master password. The seed can be used to restore the wallet. The master password will be used for future access to the Copper Unlimited application.
  3. It’s important for the user to write the Seed down on paper and store it somewhere safe, like a bank’s safety deposit box, or get creative and stamp it into a piece of metal. Just put it somewhere permanent. We can suggest safe deposit banks we use in London, or physical vaults we use elsewhere in Europe as alternatives.
  4. The Copper Unlimited application will then create a private key and immediately break it using a polynomial sharding process. In its place Copper will create three unique distributed keys, which are encrypted using the same methodology the NSA uses to transfer classified documents. Sniffer and Brute force attacks need not apply.
  5. The user is then prompted to nominate three key holders and generate a password for each of them. The user then sends each key holder his/her distributed key, which will be a small file with a .copper extension.Copper Unlimited file icon image
  6. Best practice is to use a different means for sending the key file and password, eg. email the file and call to tell them their password, or physically hand them a USB with their key and tell them their password in person.

If the user already has a wallet set up, or if they are a key holder and have just received a notification, then the process for transaction authorisation is as follows:

  1. On the application home screen, the user selects the second option for Co-signing.
  2. The user will then be prompted to upload their distributed key file and enter the password for their distributed key. This password was set by the account owner and will have been sent to the user when the distributed key was created.
  3. The Copper Unlimited application will show the transaction details and ask for them to be verified as correct.  Once the key holder is satisfied that the details are correct they will click the confirmation button.
  4. Once the Copper Unlimited application has received transaction authorisations from two out of three key holders it will broadcast the transaction to the blockchain.

Copper now supports Optical Air-Gapping for signing transactions

Why is this better, it sounds harder?

Distributed keys mean that even if you lose yours, having nominated three key holders (your solicitor and two colleagues, for example), a transaction can still be authorised. This would enable you to set up a new wallet, transfer all assets out of the old one into the new one, and this time be a little more careful with the password, should it slip your mind the first time.

The Copper Unlimited application provides additional security, additional accountability through co-signing, and additional protection from human error in the form of distributed keys. It is also the only blockchain agnostic custody solution you will find.

For more information on how your organisation can benefit from Copper Unlimited, please send can enquiry to our sales team.

To learn more about how Optical Air-Gapping makes signing transactions offline even safer, read this article.