2 research outputs found
SoK: Design, Vulnerabilities and Defense of Cryptocurrency Wallets
The rapid growth of decentralized digital currencies, enabled by blockchain
technology, has ushered in a new era of peer-to-peer transactions,
revolutionizing the global economy. Cryptocurrency wallets, serving as crucial
endpoints for these transactions, have become increasingly prevalent. However,
the escalating value and usage of these wallets also expose them to significant
security risks and challenges. This research aims to comprehensively explore
the security aspects of cryptocurrency wallets. It provides a taxonomy of
wallet types, analyzes their design and implementation, identifies common
vulnerabilities and attacks, and discusses defense mechanisms and mitigation
strategies. The taxonomy covers custodial, non-custodial, hot, and cold
wallets, highlighting their unique characteristics and associated security
considerations. The security analysis scrutinizes the theoretical and practical
aspects of wallet design, while assessing the efficacy of existing security
measures and protocols. Notable wallet attacks, such as Binance, Mt. Gox are
examined to understand their causes and consequences. Furthermore, the paper
surveys defense mechanisms, transaction monitoring, evaluating their
effectiveness in mitigating threats
Reinforcing Security and Usability of Crypto-Wallet with Post-Quantum Cryptography and Zero-Knowledge Proof
Crypto-wallets or digital asset wallets are a crucial aspect of managing
cryptocurrencies and other digital assets such as NFTs. However, these wallets
are not immune to security threats, particularly from the growing risk of
quantum computing. The use of traditional public-key cryptography systems in
digital asset wallets makes them vulnerable to attacks from quantum computers,
which may increase in the future. Moreover, current digital wallets require
users to keep track of seed-phrases, which can be challenging and lead to
additional security risks. To overcome these challenges, a new algorithm is
proposed that uses post-quantum cryptography (PQC) and zero-knowledge proof
(ZKP) to enhance the security of digital asset wallets. The research focuses on
the use of the Lattice-based Threshold Secret Sharing Scheme (LTSSS), Kyber
Algorithm for key generation and ZKP for wallet unlocking, providing a more
secure and user-friendly alternative to seed-phrase, brain and multi-sig
protocol wallets. This algorithm also includes several innovative security
features such as recovery of wallets in case of downtime of the server, and the
ability to rekey the private key associated with a specific username-password
combination, offering improved security and usability. The incorporation of PQC
and ZKP provides a robust and comprehensive framework for securing digital
assets in the present and future. This research aims to address the security
challenges faced by digital asset wallets and proposes practical solutions to
ensure their safety in the era of quantum computing