This topic was originally in an email thread. I post the thread here to continue the discussion here, so we can share the knowledge with a larger community.
Victor's Question:
Zengo - The Most Secure Crypto Wallet, https://spatium.net/, https://keyless.io/
I start seeing more than more such solutions for blockchain wallet. The UX is super.
Previously I asked some security experts, they all told me biometric is only for convenience, it is not secure, and it is dangerous to store your biometric in the cloud. (That's why both iOS and Andriod only store biometric locally and only for convenience.)
But I read Zengo's document, it seems they find out a way to get both convenience and security, and the biometric data they store in their server is not dangerous.
If this is the case, we should use biometric in our secret sharing solution.
Weiwu's reply:
Tore's reply:
I just had a look at the links.
In regards zengo.com, it seems like a very nice and secure solution they have. It is slightly different from what we want to do. It basically achieves the same we want to do, with the important exception that everything is stored at Zengo. So if they lose their server, the user loses his key! This is the case, even if the user is still in possession of his phone as the share of his key on Zengo’s servers is strictly needed to do a signature. Furthermore, their backup solution relies fully on storage on Zengo, so if they lose their data the user also loses his backup. It also seems like a user cannot move his key to another service if he wants!
Since the signing is also done distributedly, it requires Zengo to be online and working whenever the user wants to sign, which also affects reliability.
In regards to security they ensure a threshold setting by having the user’s share encrypted by Google or Apple, so an adversary must both corrupt a user’s Zengo and Google/Apple account to compromise his key.
That being said, I don’t understand their biometric approach to backup. I would really not like to share my biometric data directly with a company.
However, in general, their approach seems secure and by making some changes could be really nice. But anyway, their approach is distinct from what we want to do. It is not necessarily better or worse, but if I had to pick I would pick our approach
In regards to Keyless; as Weiwu says; it is authentication. This can, of course, be used along with SSS to allow backup of private keys in the same setting as us, but based on biometrics instead of password and 2FA. However, it is completely unclear how they actually achieve this. So until they publish a paper about their approach (or cite some papers) I would not trust it.
In regards to Spatium, it looks like they do the same as Zengo, but using a technology similar to Keyless. But again there is description of how they achieve this distributed biometric authentication (which is very far from trivial). Similar to Keyless they are a small company that does not seem to have a strong cryptography background, so unless there is some paper achieving this, which they piggyback on I would be concerned about the security of their solution.