Detailed explanation of HyperMate hardware multi-signature: the era of hardware wallet "safety" and "ease of use" is coming

BTC0.0₂₀

ETH0.0₂₀

HTX0.0₂₀

SOL0.0₂₀

BNB0.0₂₀

BTC0.0₂₀

ETH0.0₂₀

HTX0.0₂₀

SOL0.0₂₀

BNB0.0₂₀

Detailed explanation of HyperMate hardware multi-signature: the era of hardware wallet "safety" and "ease of use" is coming

丹尼小哥

2020-01-02 09:15

本文约2806字，阅读全文需要约11分钟

What is multisig? How does multi-signature ensure the security of user assets?

In early 2019, the founder of QuadrigaCX, Canada's largest cryptocurrency exchange, died mysteriously. But when the founder passed away, people were surprised to find that its security measures were useless. According to the statement on the official website, after the founder passed away, since only the founder himself has the private key of the cold wallet, the company has been unable to access the cold wallet. funds. After several weeks of searching, it still failed to obtain accurate access to its cryptocurrency, and nearly 200 million US dollars of digital currency stored in its exchange wallet could not be withdrawn, which directly caused QuadrigaCX to declare bankruptcy.

The tragedy of QuadrigaCX sounded the security alarm for the security of the industry: corporate funds cannot be controlled by one person, and the exchange must use a multi-signature scheme to protect the security of user assets. Many blockchain users have heard the concept of "multi-signature", but most of them don't know what multi-signature is, let alone what usage scenarios it has. So, what exactly does multisig mean?

1. What is multi-signature?

Multisig is a specific type of digital signature that allows more than two users to sign a document as a group. Therefore, multi-signatures are generated through the combination of multiple single signatures. As an example, imagine a safe with two locks and two keys. One key is held by Alice and the other by Bob. The only way to open the safe is that the two people provide the keys at the same time, and when there is only one of the keys, the safe cannot be opened. This means that the multi-signature address where the funds are stored can only be accessed by using 2 or more multi-signatures. Therefore, the use of multi-signature wallets can create an additional layer of security for users' funds.

Multi-signature addresses can set the combination of keys they need: the most common is two-thirds (2/3), which means that only 2 signatures are required to access the funds in the 3-signature address. In fact, there are many other types, such as 2/2 (two-half), 3/3 (three-thirds), 3/4 (three-quarters), and so on. So, what are the application scenarios of multi-signature?

2. In what scenarios are multi-signatures used?

Scenario 1: Testing Money Management

In a blockchain team, due to the verification test of the production system on the chain, the currency used for the test is provided by the company. The traditional method is that everyone copies a private key, which has many hidden dangers. Using a multi-signature wallet can solve this requirement well.

Scenario 2: On-chain wallet security

Exchanges, public chains, payment service providers, etc. all need to store funds on the chain, and it is impossible to put them all in offline wallets. The traditional method is to ensure the safety of funds through security reinforcement methods such as network isolation and multiple identity verification. The signature wallet can realize that after a single point is compromised, the funds are still safe.

Scenario 3: Enterprise digital asset security management

For many blockchain teams, the funds for financing are digital assets such as BTC, USDT, and USDT-ERC20. How to take into account the needs of security and convenience when managing digital assets? Multi-signature hardware wallets are the choice of many teams. For example, if the project fundraising wallet is set to 2/3 multi-signature mode, and the project CEO, COO, and CMO each hold a private key, then the fund transfer requires the consent of two or more people to pass. If an executive wants to embezzle fundraising funds, he needs at least another executive to join the team. If the private key of an executive is stolen, as long as the other two private keys are safe, the hacker cannot steal the assets in the wallet.

Scenario 4: Third-party escrow transactions

Creating a 2/3 multi-signature wallet allows third-party escrow transactions between the two parties (Alice and Bob), and there is a third party (Charlie) between the two parties as an arbiter of mutual trust to prevent a crisis of trust . In this case, Alice first needs to deposit funds in the wallet, after which the funds will be locked and cannot be individually accessed by any user. Then, if Bob provides the corresponding product or service as agreed, the two of them can use their keys to sign and complete the transaction.

Only when disagreements arise does Charlie, the arbiter, step in. At that point, Charlie will use his key to create a signature, and deliver this signature to the correct party (Alice or Bob) based on his verdict.

3. Multi-signature and hardware multi-signature

At present, there are two main ways to implement multi-signature in the industry: non-hardware multi-signature and hardware multi-signature. Non-hardware multi-signature refers to the way of realizing multi-signature through network code, including the multi-signature mechanism of traditional financial institutions and the chain multi-signature based on blockchain system. The familiar Bitcoin and Ethereum can realize multi-signature function. However, both of these two multi-signature methods have a hidden danger, that is, the security of the private key is difficult to guarantee.

The multi-signature of traditional financial institutions is generally realized through client wallets or web services, and both client wallets and web services need to rely on a centralized server. Once the server is hacked or the server owner has other purposes, then multi-sig will become meaningless, let alone asset protection.

Multi-signature on the chain requires the user to use the private key to complete the signing process, and if the user's mobile phone or computer is hacked, the private key will be completely exposed, and the protective effect of multi-signature will no longer exist.

The emergence of hardware multi-signature has solved this problem very well. Hardware multi-signature, as the name implies, is to complete the private key signature operation on a separate hardware wallet. The hardware wallet is connected to the mobile phone/computer through Bluetooth or NFC, and then broadcasts the signature result to relevant users through the network. Compared with non-hardware multi-sig, hardware multi-sig has two main advantages.

First of all, the private key of the multi-signature wallet is completely owned by the user. Except for the user, no third party or centralized organization has the right to view the user's private key. Naturally, there is no hidden danger of private key loss caused by the server being hacked. Second, the entire signing process is completed in the hardware wallet, which completely isolates the network connection, eliminates the security problem of the private key caused by the intrusion of the signing device, and the security of the private key has been protected to the extreme.

At present, there are very few wallets in the industry that can realize the hardware multi-signature function, among which the HyperMate wallet has the best user experience. In addition to realizing the basic hardware multi-signature function, HyperMate even kills other hardware wallets in terms of ease of use. Take the Trazor wallet as an example. If users want to take out the assets in the hardware wallet, they first need to connect Trazor to the computer through a data cable. In the computer client, the user does not have any other functions except for the transfer operation. Not only is it inconvenient to operate (requires a data cable and a computer), but it also has a single function.

In contrast, HyperMate has greatly improved in terms of ease of use and richness of functions. HyperMate is deeply bound to HyperPay, and users only need to turn on Bluetooth to realize the connection between the hardware wallet and the mobile phone, which is more convenient and faster than the connection method of the data cable. When users need to trade, they only need to transfer the assets in the hardware wallet to the HyperPay account with one click, and realize fast transactions through the built-in "lightning exchange" function, eliminating the cumbersome operation of first recharging to the exchange and then trading. At the same time, HyperPay has built-in functions such as digital currency financing, PoS mining, and lending, which greatly enriches the range of options for users.

To sum up, HyperMate is both safe and easy to use, and it can be called a "revolutionary work" of hardware wallets!

4. HyperMate hardware multi-signature tutorial

1. Initiate an application: One person initiates the creation of a multi-signature wallet, setting the number of members and the number of confirmations.

2. Generate a multi-signature wallet and wait for other members to join.

3. Member joining: other members scan the code or fill in the invitation code to join the multi-signature wallet, fill in the personal nickname, and join the multi-signature wallet.

4. Generate a multi-signature address: When the number of joining members reaches the set number of members, the system will automatically complete the creation of a multi-signature address and notify the wallet members.