Commonly Asked Questions
- Secrets Vault is a backup and recovery solution for seed phrases, private keys, and more. Current release supports BIP-39 based seed phrases but this vault can support any digital input.
- Secrets Vault harnesses co’s patent-pending service that uniquely combines the power of multiple proven cryptographic algorithms that include Shamir’s Secret Sharing algorithm, Elliptical Curve (ECDH), AES-256, and MPC to split “secrets” in a distributed recoverable way and ensures no single person or service holds any of the secret splits.
- Toughbox is a key management system that splits any type of key or SECRET without storing it or any of its secret shares anywhere. They call this provably secure because it is proven mathematically to be secure. Lokblok combines several provably secure cryptographic techniques in a novel way to make the claim that Toughbox as is provably secure key management system.
- We don’t encrypt or wrap secret splits that can be lost or stolen. Lokblok’s patent-pending ****process enables your trusted Recovery Agents to help you with the recovery process.
The Lokblok team has worked at the forefront of hardware-based security engineering for more that two decades and offers ‘Security as a Service’ platform to offer the latest in private key generation and management to secure blockchain applications such as digital asset self-custody.
- Lokblok’s Toughbox is a key management system that splits any type of key or SECRET without storing it or any of its secret shares anywhere. They call this provably secure because it is proven mathematically to be secure. Lokblok combines several provably secure cryptographic techniques in a novel way to make the claim that Toughbox as is provably secure key management system.
- Shamir’s Secret Sharing algorithm
- Public Private Key Cryptography
- Elliptic-curve Diffie-Hellman algorithm
- AES-256 algorithm
- Multi-party Computation (MPC)
- Lokblok Soft-Attestation LiveID Token
- Live ID Validation if configured by the user
- We combine the power of proven cryptographic algorithms and technologies that include Shamir’s Secret Sharing algorithm MPC, AES-256, and ECDH to create our revolutionary secret backup and recovery service.
- We don’t wrap secret splits that can be lost or stolen. Our patent-pending ****process enables your trusted Recovery Agents to help you with the recovery process.
A Recovery Agent is someone or something trusted by the digital asset owner (you) and invited to participate to assist you in the sSecrets recovery process. Each Recovery Agent goes through the KYC and LIve ID verification process during onboarding and for each Recovery request.
No, Never. Recovery Agents are never asked to safeguard a key share or any part of the Secret so you don’t have to worry about losing anything. The Recovery Agent holds no piece of the Secret in any form. Literally, only the digital asset owner can recover and reconstitute the Secret on their device.
No. Recovery Agents do not have access to any information related to the digital asset owner’s Secret and can never make any Recovery requests. Only the digital asset owner can make recovery requests for Secrets enrolled. Recovery Agent can only receive notifications about the recovery request and they can either approve or deny the request.
- Recovery Agents do not know who the other Recovery Agents are, how many Recovery Agents are in the Recovery pool and what the minimum threshold is to recover the Secret. In addition, the Recovery Agent holds no piece of the Secret in any form. Literally, only the digital asset owner can recover and reconstitute the Secret on their device.
- We do not store any keys or seed phrases. The secret enrollment service creates a secure session on your personal device. The key never leaves that secure session. This means, we don’t SEE, TOUCH or STORE your keys in any shape or form.
- We don’t store secrets anywhere. Not on your device, not in the cloud, not with Recovery Agents
- During the Secrets enrollment, the secure-shell service takes your key and split it into the number of key shares (equal to the number of approved Recovery Agents).
- We currently support BIP 39 based secrets. In the future we will be able to support more types of secrets.
- Secrets Owner
- Once you get your new device, you will log into Crypto Legacy application and install the secure client application. That generates a new set of public and private keys. At this point, you can simply re-enroll all the secrets.
- Recovery Agent
- Once you get your new device, you will log into Crypto Legacy application and install the secure client application. That generates a new set of public and private keys. AT this point, ???????
- The secrets owner is in control of their secrets. Even the Owner can’t view the secrets once they are encrypted and sharded. The needs to go through the recovery process to view the secret.
- The secrets owner is in control of their secrets.
KYC stands for “Know Your Customer,” which is a process used by businesses and financial institutions to verify the identity of their customers. The importance of KYC lies in its ability to help prevent fraudulent activities such as money laundering, terrorist financing, and other illegal activities that can harm the reputation of the institution and the wider financial system.
Here are some reasons why KYC is important:
- Compliance: KYC is a legal requirement in many countries and industries. Failing to comply with KYC regulations can lead to fines and legal consequences.
- Preventing fraud: KYC helps businesses verify the identity of their customers and detect potential fraudsters before they can cause harm. This helps protect both the business and the customers.
- Reducing risk: By conducting KYC checks, businesses can identify and mitigate potential risks associated with their customers. This can include risks related to money laundering, terrorism financing, and other illegal activities.
- Protecting reputation: KYC helps businesses maintain their reputation by demonstrating that they are taking proactive steps to prevent fraud and illegal activities.
Overall, KYC is an important process that helps businesses verify the identity of their customers, comply with regulations, and prevent fraudulent activities.
CryptoLegacy uses https://www.hyperverge.co/ as our KYC provider. < Details Pending>
HyperVerge Live ID is an AI-powered solution that helps prevent fraud by verifying the identity of individuals in real-time using biometric authentication. Here are some ways in which HyperVerge Live ID can protect against fraud:
- Face Recognition: HyperVerge Live ID uses advanced facial recognition technology to match the individual’s face with the photo on their government-issued ID card, such as a driver’s license or passport. This ensures that the person presenting the ID is indeed the same person whose photo appears on the document.
- Liveness Detection: HyperVerge Live ID uses liveness detection technology to ensure that the person presenting the ID is physically present and not using a photo or video of someone else. The system prompts the user to perform a series of actions, such as blinking or nodding their head, to prove that they are physically present.
- ID Verification: HyperVerge Live ID can also verify the authenticity of the ID document by checking its security features, such as holograms and watermarks. This helps prevent the use of fraudulent or counterfeit documents.
- Real-time Verification: HyperVerge Live ID performs the verification process in real-time, which means that it can prevent fraudsters from using stolen or fake IDs to gain access to sensitive information or carry out illegal activities.
Overall, HyperVerge Live ID is an effective solution for protecting against fraud by verifying the identity of individuals in real-time using biometric authentication and advanced security features.