The option of cryptocurrencies or electronic currencies for websites is increasingly stronger as a mechanism for the purchase of products and services, not only on the Internet but also in some businesses that have begun to accept this means of payment. If you’re working on a crypto-related project or a client who accepts cryptocurrency payments, then you should know how to create a secure platform.
During the last edition of the ekoparty, Federico Cardoso gave a workshop on some tools to protect bitcoins and keep them safe. They were divided into three categories: cold storage, hardware wallets, and the multiuser option.
Each of these categories has a particular characteristic, which serves to increase security for the user. In the case of cold storage, it refers to keeping a copy of the bitcoins offline to prevent it from being stolen if someone manages to access the device where the wallet is housed over the Internet.
On the other hand, hardware wallets are devices designed to store user codes in encrypted form. These two options have in common the fact that they are most of the time in offline environments, while the multiuser option implements the need for multiple keys to authorize a transaction, the cryptotrader.software is one of the best tools used in cryptocurrencies.
We can find different tools that classify in one of the previous categories; here we tell you about some.
Armory: secure bitcoin management
Armory is an implementation in Python open-source which allows users to manage their wallets bitcoins safely. It is available to be implemented in the three most used operating systems: Windows, Mac OS X, and Linux.
Among the features that can be implemented is the option of making fragmented backups and also the possibility of keeping the wallet encrypted and out of the cloud, to reduce the risks of online attacks.
Armory developers are one of the pioneers in the cold storage model, where sensitive information is stored in a machine that remains without Internet access and transactions made through it only allows information on the status of a bill. This model manages to reduce the attack surface usable by an attacker to try to steal the information.
Electrum: speed-based model
Electrum is a thin client of Bitcoin that is based on a client-server protocol, in which the file containing the bitcoins is encrypted and the transactions were signed locally, that is, the private keys are not shared with the server. This GNU GPL v3 licensed model allows anyone to audit the code, reducing the chances of failure points.
But perhaps, Electrum’s main feature is speed, as it works in tandem with high-performance, redundant, decentralized servers that take care of the more complicated parts of the Bitcoin transaction system. It also allows the implementation of a multiuser model to divide the authorization of transactions between different actors.
blockchain.info: a secure online account
Blockchain.info offers the My Wallet service, which provides the facility to make payments around the world anonymously and free of charge, in a simple and secure way using a computer or a mobile device. This service uses AES encryption algorithms to protect the wallet from possible theft. Before being stored on the servers, the bitcoin information encrypts in 256-bit AES. In addition, the user can encrypt the account with a second password optionally, needing the primary one for the login and the secondary one to withdraw funds.
This model does not differ much from the operation of PayPal, that is, once the user starts a session, they have access to the balance and a list of recent transactions. This free service also allows you to implement a second authentication factor and make backup copies of the most sensitive information.
xapo.com: hybrid security model
Xapo combines the best of both worlds: the convenience of a wallet with the security of an offline storage vault. Bitcoins can be managed from a mobile application via email or even a debit card.
In addition to these facilities for use, bitcoins are stored encrypted on offline servers that will never be connected to the internet. Perhaps one of the features of this service is that Xapo’s servers are located behind reinforced concrete walls, a steel armored door, and a Faraday cage for blocking radio waves.