NOAH Wallet’s Cryptography
In this blog, we'll dive into the cryptography that underpins NOAH's wallet and Digital Asset Management Platform.
In the previous post in this series, we introduced all the actors involved in authorizing and signing transactions using NOAH's Non-Custodial Wallet. We described their roles and responsibilities and how these align to ensure only the NOAH account owner can transfer the assets they own and how, in the event of a disaster, their assets are returned to self-custody.
In this blog, we'll dive into the cryptography that underpins NOAH's wallet and Digital Asset Management Platform. We'll also review some of the additional security controls we have implemented and explain why these are necessary.
Ephemeral Key Cryptography
Some modern Multi-Sig wallets allow users to encrypt and password-protect their private mnemonic phrases and download them to their chosen location, often with the option to store these files on the cloud. For some MPC wallets, users can elect to encrypt and store private key shards directly on their devices. And in the event of a disaster, users can provide a recovery kit containing the encrypted files required to restore on a new device.
Ultimately, there are myriad ways in which self-custodial and non-custodial wallets try to make it simpler for consumers to secure their assets. However, internally, the more sovereign a wallet is, that is, the more it relies on the user to maintain control over their cryptographic keys and seed phrases, the more complex it becomes. This is not a bug, it's a feature of sovereignty, and it is up to individuals to choose how much sovereignty they are willing to exchange for utility.
Wallet constructions vary from company to company, but at NOAH, we choose Ephemeral Key Cryptography (EKC) for our wallet and server-side MPC. We believe it provides the right balance between sovereignty and utility for the broadest use cases. First and foremost, we chose EKC because no cryptographic material is stored on a device. Rather, this method dynamically generates the required information for a transaction and removes it as soon as it's completed.
EKC eliminates the burden on users to manage the cryptographic material's security (private keys or private key shards) stored on their devices or in the cloud; however, in combination with server-side MPC, we believe it still affords a high degree of sovereignty over your assets. Think of it like this: with EKC, you never have to worry about losing your private keys or seed phrases because they are never stored anywhere.
As we discussed in the previous blog post, under ordinary operational circumstances, only you can authorize the transfer of your assets to external wallet addresses.
How it works
We need a long random number to create a private/public key pair. For NOAH's Customer Signing Key, we generate three separate random numbers and combined on the customer's device. These random numbers come from NOAH and the customers separately in the form of the six-digit transaction PIN.
First, a random number generator creates a value on the customer's device.
Next, the customer's six-digit PIN is hashed to a longer number and combined with the other random numbers in a secure manner, maintaining the overall entropy.
When the random number is available on the customer's device, a private/public key pair is created. The private key is used to sign an asset transfer authorization message which is then sent to Noah along with the public key. The private key is removed from the device's memory immediately after it has been used to sign the asset transfer authorization message.
The diagram below depicts this process:
Suppose a customer loses their device or is stolen. In that case, there is no risk of cryptographic material that can fall into the wrong hands, as there is no cryptographic material on the device. An attacker would not only need to defeat the device's intrinsic authentication methods but would then need to log into the NOAH wallet successfully. Finally, they would need to know the owner's six-digit transaction PIN.
As is customary in all financial applications, the six-digit transaction PIN is protected by an exponential backoff algorithm with a limited number of attempts before the account is locked.
Even if all of these layers of security could be compromised, the moment the owner of the NOAH account uses another device to log into their account, they could change the six-digit pin (along with their password), denying attackers the ability to authorize the transfer of assets.
Once NOAH receives the asset transfer authorization messages, they authenticate the message using the public Customer Signing Key and other information provided in the message payload. Finally, the MPC on-chain signing transaction process is initiated if all security checks pass.
Securing any wallet requires more than cryptography — and NOAH non-custodial wallet is no exception.
As with any financial institution, NOAH implements a broad range of security controls that govern, monitor, and notify authorized parties about all activity related to the NOAH system. No individual operator at NOAH can authorize the internal transfer of assets required for on and off-chain liquidity operations — only you as NOAH customer has that control.
At NOAH, we will continue to evolve our security posture to adapt successfully to a changing threat landscape. In the future, we'll work with certified security professionals and auditors to maintain our robust security posture.
In this blog, we described why we chose to use Ephemeral Key Cryptography over the use of recovery kits that store cryptographic material on end-user devices. We described our implementation of EKC and why we believe it offers our community the right balance between sovereignty and utility. But really, at NOAH, we like to think of it as a balance between security and simplicity.
In the future, we plan to offer our customers the option of installing a private key shard on their devices. In the next post in this series, we'll look at NOAH's server-side Multi-Party Computation implementation.
About the author: Hussein Badakhchani is a Distinguished Technologist and CTO of Noah. Hussein has 30 years of professional experience in financial services technology. Having worked for institutions such as the Bankers Automated Clearing System (BACS), Deutsche Bank, VocaLink - MasterCard, YouTrip, Wave Money, and Ziglu; Hussein has a proven track record of delivering innovative banking and financial services platforms in some of the most competitive markets in the world.