[ANN]Cypherock X1 Wallet-Removing Single Point of Failure in Seed Phrase Storage

[rohanagarwal94]

Over $4 billion dollars worth of crypto assets have been stolen or hacked in 2019 alone. And this has happened despite the current generation of hardware wallets. On one hand we use hardware wallets to store private keys securely offline in tamper resistant hardware, but on the other hand, we expose the same set of private keys through seed phrase which we have to write down on a piece of paper. It opens up to problems such as trust issues, single point of failure, hacks, thefts, environmental damages like fire, earthquake, eternal fear of loss, and so on.



Introducing Cypherock X1 Wallet

Cypherock X1 brings in a first of its kind solution where a single point of failure with seed phrase storage is avoided by decoupling the storage and computation aspect of a hardware wallet into two parts -
X1 Wallet
cyCards.

The Cypherock X1 uses 2 of 4 Shamir Secret Sharing (with the option to change the threshold in future) along with tamper-resistant hardware to secure the user’s private keys. Simply put, it is like Multi-sig but for the wallet recovery phrase.The seed phrase gets divided into 4 shards using the 2 of 4 SSS scheme and each of those shards gets stored in a unique cyCards. The cyCards can store upto 3 Wallets (read: Seed Phrase), each of which will be able to support multiple coins.


More on Cypherock X1:
- The code for the X1 wallet will be open source
- Each shard will be stored in a EAL6+ tamper resistant secure element chips. As comparison, an iPhone has the same level of security chip for securing fingerprints.
- Nothing will be stored in the X1 Wallet on which the computation will be done.
- Keys can be recovered by tapping any 2 out of the 4 cyCards on the X1 Wallet. Each cyCard can also be protected by a PIN just like any other hardware wallet. The recovered keys are stored in a volatile memory on the X1 Wallet which gets wiped out as soon as the operation is done.
- The user can store 3 wallet recovery phrases in a single product.
- The cyCards can be distributed around different places to increase security of the funds and protect against $5 wrench attacks.

An example on how it works?

1) The user enters/generates the mnemonic phrase on the device or adds any other sensitive information like passwords.
2) The user then, taps four cyCards on the device to make 4 shards of the seed phrase.Any 2 of 4 will be needed to recover keys or perform a transaction.
3) The cyCards can be stored at different locations or kept with different people for security.
4) It can solve the issue with inheritance too with proper management of keys. (Comment to know more on this).
5) To conduct a transaction, tap 2 cards on the device. The keys will be generated on the X1 Wallet for the transaction in a volatile memory which will be wiped off once the transaction is done (no current generation wallet has this). This allows for the hardware to have similar security as of multi-sig with the possible support of every asset.

Device Videos

Securing Seed Phrases with Cypherock X1: https://youtu.be/eD3CZMPumCk
Trezor Hack and Transaction Using Cypherock X1: https://youtu.be/19u2mKaHRoM

Specifications:

X1 Wallet:
Dimensions: 52mm * 26mm *12mm
Weight:  50g
0.96-inch OLED screen   
Core wallet chip: Nordic nRF52840
NFC chip: PN5321

cyCards:
EAL 6+ Secure Element

Supported blockchain assets:
1)Bitcoin (BTC)                              
2)Ethereum (ETH)
3)Bitcoin SV (BSV)
4)Bitcoin Cash (BCH)
5)Vechain (VET)
6)Cardano (ADA)
7)XRP
8)Tron (TRX)
9)EOS
10)Dash (DASH)
11)Stellar (XLM)
12)Litecoin (LTC)
13)Ethereum Classic (ETC)
14)Dogecoin (DOGE)
15)Tether (ERC20)
16)Chainlink (LINK)
17)0X (ZRX)
18)Maker (MKR)
19)Basic Attention Token (BAT)
20)ERC20 Tokens


Important Links

Website: https://cypherock.com
Pre-Order: https://shop.cypherock.com
Telegram: https://t.me/cypherock
Twitter: https://twitter.com/cypherockwallet
Facebook: https://www.facebook.com/cypherock
YouTube: https://www.youtube.com/channel/UCw9Z7JbcoJKZ4GYf82QWRIw

We are confident that the user will be satisfied with the product and  that’s why we are offering a full refund, no questions asked, if you Pre-order the device at more than 50% off.

TLDR
Problems
1. Every wallet is physically hackable. The hack by Kraken on both the Trezor hardware
wallets is a recent example. And hence it is not advisable to store the private keys in a
single place.
2. Seed phrases or crypto wallet backups are written on a piece of paper which are prone
to loss and theft. Your seed phrases on the paper expose your crypto to trust issues,
hacks, thefts, fire, earthquake, eternal fear of loss and others.
3. Crypto inherently has an inheritance problem. You have to safeguard your keys while
you are alive and only transfer them after you are dead which is impossible if you are the
only one knowing your keys.

Solution
1. A first of its kind hardware wallet that never stores your private keys in a single place and
has similar security to that of a multisig wallets for all Cryptocurrencies.
2. A first of its kind seed phrase backup solution that allows you to store your seed phrases
offline in tamper-resistant hardware without a single point of failure.
3. The users should have a way to transfer their crypto assets to their loved ones without having to trust a single entity to avoid any single point of failure. The method should be safe and easy enough as the beneficiary might not understand the basics of using Bitcoin and other cryptocurrencies.

[Zicadis]

We are confident that the user will be satisfied with the product and  that’s why we are offering a full refund, no questions asked, if you Pre-order the device at more than 50% off.

This seems like it could be an issue.

You do realize you're going to get people that are going to try and exploit this policy right? Since they can pretty much grab a freebie out of it if they're dishonest.

Looks like a solid product though, when do the first preorders start going out?

[rohanagarwal94]

This seems like it could be an issue.

Yes, we do realize that and this is just an incentive added for the first 100 pre-orders.

Looks like a solid product though, when do the first preorders start going out?

Thank you!
The plan is to ship out the first pre-orders in the beginning of April.

[o_e_l_e_o]

So every time you want to use your wallet to send coins you have to go and collect two of your four cards from their secret locations? That seems like a massive pain, especially if you are storing the four cards in truly secure locations and not just hiding them in various places around your house.

You are also recommending for users not to write down their recovery phrase at all. Can a user still extract their seed in plain text from a combination of the cards? What happens if the wallet itself breaks? How can a user then extract their seed from the cards without buying another wallet?

Lots of people already use Shamir's Secret Sharing to split their seeds. Why does using your electronic cards protect against "hacks, thefts, environmental damages like fire, earthquake, eternal fear of loss" any more than paper, card, engraved metal, etc.? I'd argue the opposite: you are now adding hardware failure in to the list of potential things which could go wrong.

[rohanagarwal94]

So every time you want to use your wallet to send coins you have to go and collect two of your four cards from their secret locations? That seems like a massive pain, especially if you are storing the four cards in truly secure locations and not just hiding them in various places around your house.

So there will always be a compromise between the security and accessibility , no matter which solution you are using. Here the user has the option to choose what they want from their device. If they want to HODL and opt for true security, they could keep their cards in secure locations far away. Or the user can use two set of cards, one set for frequent transactions and another for distributed storage.

You are also recommending for users not to write down their recovery phrase at all. Can a user still extract their seed in plain text from a combination of the cards? What happens if the wallet itself breaks? How can a user then extract their seed from the cards without buying another wallet?

Yes the user will still be able to extract their seed in plain text from a combination of cards, even if the wallet breaks or the user loses the wallet as nothing is stored on the wallet itself. We have decoupled the storage and computation aspect of a hardware wallet. The code for the hardware wallet will be open source when we launch, so any user can compile it and use any NFC enabled endpoint to interact with the cyCards.

Lots of people already use Shamir's Secret Sharing to split their seeds. Why does using your electronic cards protect against "hacks, thefts, environmental damages like fire, earthquake, eternal fear of loss" any more than paper, card, engraved metal, etc.? I'd argue the opposite: you are now adding hardware failure in to the list of potential things which could go wrong.

I agree that your concerns are valid but we have considered all the possibilities that you have stated in your response. Let's assume a person uses one of their cards 100 times every day for ten years. That comes out be around 365000. We tested several sample cards for over a million read-write operations and haven't observed a single card failure. Also, the data retention on the cards are minimum 25 years in the right conditions. Thus it is extremely extremely unlikely that 3 of your cards fail, much less that they all do so simultaneously. Speaking of unlikely events, there is a non-zero chance that two people end up generating exactly the same seed phrase. But we can count on the math that it'll (probably) never happen. Similar is the case with more than the threshold number of your cyCards failing. The probability of something bad happening to 3 different pieces of paper or metal is more. Metal storage solutions also have their share of downfalls. ( See the stress test series by Jameson Lopp: https://blog.lopp.net/metal-bitcoin-seed-storage-stress-test/ ).

Secondly, traditional methods doesn't let you have guardians whom you can trust with your shares as they can collude against you. And if someone manages to compromise your shares, your funds are as good as gone which is not the case here since the brute forcing is hardware enforced like your hardware wallets. The plus point here is even a non tech savvy person can be a guardian here and if you want to plan a beneficiary for your funds, it makes the whole process a lot easier on both ends.

[o_e_l_e_o]

Thanks for taking the time to respond.

Or the user can use two set of cards, one set for frequent transactions and another for distributed storage.

Will it be possible just buy just another set of cards and not have to buy an additional wallet as well?

The code for the hardware wallet will be open source when we launch, so any user can compile it and use any NFC enabled endpoint to interact with the cyCards.

This is good to know.

Also, the data retention on the cards are minimum 25 years in the right conditions.

If I am distributing my cards among a number of geographical separate locations, then I may have little control over things like temperature and humidity, which is why I have always preferred non-electronic methods such as engraving on metal. Have you cards been tested under less-than-ideal conditions?

Speaking of unlikely events, there is a non-zero chance that two people end up generating exactly the same seed phrase.

This is true for all of bitcoin and so shouldn't be a concern, unless a wallet is using non-truly random methods to generate a seed. I assume your seed generation process will also be including in your open source?

which is not the case here since the brute forcing is hardware enforced like your hardware wallets.

Can you elaborate on what you mean here? If someone steals 2 of my cards, they can access my seed, no? What bruteforcing is required, unless you also offer passphrase functionality such as on Ledger or Trezor devices?

[rohanagarwal94]

Will it be possible just buy just another set of cards and not have to buy an additional wallet as well?

Yes, We are planning to make it available after the pre-order phase is over and the device is finally out.

If I am distributing my cards among a number of geographical separate locations, then I may have little control over things like temperature and humidity, which is why I have always preferred non-electronic methods such as engraving on metal. Have you cards been tested under less-than-ideal conditions?

We are planning to come up with sleeves for the cards for added protection if the users wish to opt for them, also the cards are passive devices highly resistant to environmental changes. Basically anywhere your credit cards can work, these cards can survive. The added protection of using threshold number of cards, kept at different location makes the card failure issue extremely improbable. Moreover, we believe keeping the shares encrypted is better than leaving them unencrypted on paper or metal sheets.

This is true for all of bitcoin and so shouldn't be a concern, unless a wallet is using non-truly random methods to generate a seed. I assume your seed generation process will also be including in your open source?

We will use entropy from different sources to ensure the seed is generated randomly, the code will be open source.

Can you elaborate on what you mean here? If someone steals 2 of my cards, they can access my seed, no? What bruteforcing is required, unless you also offer passphrase functionality such as on Ledger or Trezor devices?

Cards which hold the shared are PIN protected and cannot be brute forced unlike Passphrase which has a non Zero chance. Similar to how other wallets have PIN protection. The shares are encrypted and secured against brute forcing through an EAL 6+ secure element on the cyCards.

[Zicadis]

Definitely going to be keeping track of this, I like the fact that it counters the single point of failure issue seen by the recently compromised KeepKey and Trezor wallets.

Will the price immediately go up to $299 after pre-orders are through?

Also, are you going to have an option that is supplied with only 2 or 3 CyCards?

[rohanagarwal94]

Definitely going to be keeping track of this, I like the fact that it counters the single point of failure issue seen by the recently compromised KeepKey and Trezor wallets.

Will the price immediately go up to $299 after pre-orders are through?

Also, are you going to have an option that is supplied with only 2 or 3 CyCards?

2 or 3 cyCards are not an option currently, but we plan to make it happen in future.

The price is fixed at $299. It will definitely increase from $99 as we announce coin support and our first batch of 100 pre-orders gets done.

[Zicadis]

Definitely going to be keeping track of this, I like the fact that it counters the single point of failure issue seen by the recently compromised KeepKey and Trezor wallets.

Will the price immediately go up to $299 after pre-orders are through?

Also, are you going to have an option that is supplied with only 2 or 3 CyCards?

2 or 3 cyCards are not an option currently, but we plan to make it happen in future.

The price is fixed at $299. It will definitely increase from $99 as we announce coin support and our first batch of 100 pre-orders gets done.

Don't you think $299 is a bit expensive? That price could severely limit your customer-base since it's like the cost of several other hardware wallets combined?

When do you expect pre-orders to sell out? I'm thinking about ordering one later this week.

[rohanagarwal94]

Don't you think $299 is a bit expensive? That price could severely limit your customer-base since it's like the cost of several other hardware wallets combined?

Cypherock X1 is more than just a hardware wallet. Unlike other hardware wallets, a single device can support upto 3 seed phrases. That means you get 3 different wallets in a single device. Along with that the device can also be used a backup solution, so all in all you get more than multiple hardware wallets in a single device. You essentially get multi-sig like security but for your seed phrases.

When do you expect pre-orders to sell out? I'm thinking about ordering one later this week.

We can't tell you exactly when it will sell out but what we can tell you is we have some exciting coin partnerships and other announcements that we soon make public, so we expect it to happen soon. I am sure you wont be disappointed.