We Took a Deep Dive Into Cybersecurity & Crypto With Edge Wallet’s CEO
Paul Puey, Edge's CEO and the mind behind Airbitz, takes us on a journey where we venture through all the nuances of cybersecurity and cryptocurrency wallets.
At Blockshow Europe 2018, we had the chance to sit down with Paul Puey, the CEO of Edge—a multi-wallet platform that takes a unique approach to how it manages users’ private keys.
We caught him after a panel at which he spoke, called “Solution Session: Blockchain & Cybersecurity.” Sitting comfortably with a coffee in hand, Puey was ready to dive even deeper with us into the conversation surrounding cybersecurity and the cryptocurrency ecosystem.
CV: What would you say is the biggest selling point for people who may want to use Edge, aside from other wallets?
PP: Edge is a platform built to make securing private keys very simple and familiar to the end user, and solving probably the biggest problem in cryptocurrency loss, which is actually human error.
Edge was actually a re-brand and a re-factor of my original company, Airbitz, which was just simply a Bitcoin wallet that secured Bitcoin and allowed you to send and receive, buy, sell on a mobile device—iOS and Android—and it took that same fundamental principle of, “Let’s make keys very easy to manage.” And when we launched Edge, we turned that into both a multi-currency wallet that secures and sends and receives not just Bitcoin but many other currencies.
We also took that and made an SDK, a platform for other dApps to use to secure their keys in their app in a way that’s much more user-friendly for their end users.
CV: What would you say is the biggest selling point for people who may want to use Edge, aside from other wallets?
PP: The main differentiator… There are main differentiators and subtle differentiators. “What do we do that no one does?” versus, “What do we do that’s just subtly better than others?”
So, the main differentiator is what is the heart of Edge, which is the way we manage private keys. We make sure that a user’s private keys are always encrypted on the device, are automatically encrypted. They don’t even have to do any extra steps, and they’re automatically backed up. And that is probably the biggest cause of loss.
People don’t properly back up their keys or they back them up into insecure places. So, keys, in Edge, are automatically encrypted, automatically backed up, automatically synchronized, because we’re a multi-device world.
We want to be able to access our funds and our info from our phone, tablet, desktop and synchronize between the devices, very invisibly two-factored so that we are protected in case someone else gets our credentials. And even password-recoverable, which maybe we’re used to from centralized services like exchanges and forums and social media, but we’re not used to that for encrypted data.
For the most part, encrypted data has been non-recoverable. You lose the password, you cannot get access to it. You just have to guess what it is. So, we built all of that inside Airbitz, and we then turned it into a platform for other dApps to use and we now use that platform inside Edge wallet.
CV: Here’s the thing that I want to ask you, because as a person with cybersecurity experience, I have seen a lot of wallets implement things where they have this beautiful encryption… Wonderful encryption… And their keys are in a [vulnerable] SQL database or something. How does Edge wallet manage its keys?
PP: Keys, first of all, are encrypted client-side. For those of you out there listening to this and are somewhat technical, client-side encryption requires creating a key that encrypts the data. That key is a very strong hash of the username and password of the user.
And that hash is dynamically tuned to the strength of the device. So, as we know, there’s potential to brute-force human-generated keys. And that brute-force capability increases over time as computers get faster.
But as computers get faster, so do our devices. And so, as our devices get faster, we’re able to create passwords that are hashed with stronger hashing power and encryption and we use one that’s not just CPU-hard but also memory-hard. We use scrypt with parameters that far exceed what you would use for an scrypt miner.
So, the beauty of scrypt is that it takes not just the CPU but a tremendous amount of memory to be able to brute-force. We start with that.
Second, we then back up the keys. Now, that is backed up into a server. Admittedly, yes, an SQL database. One of the advantages, though, of what we do is that this database is not encrypted with one key. It’s encrypted with hundreds of thousands, or millions, of keys. Each is unique to the individual account.
So, each account that’s created is its own set of keys for encryption which is what the user generates.
And third is the fact that each account doesn’t just encrypt the private keys. It encrypts everything, meaning that there is no association between an end user and a blob of encrypted data in our database, meaning that if you wanted to attack the database, you’d have to go through every single line and try to brute-force an account.
And even if you’re able to brute-force one, you don’t even know if it has any money in it. You don’t have public addresses that are visible inside of our system. So, while nothing is 100-percent secure, really it’s about the risk-reward ratio, or how much effort to the reward you would get as an attacker.
In our system, that ratio is very much in the benefit of the user, not the attacker. There’s a tremendous amount of energy that they have to spend to brute-force while at the same time not a lot of reward to be gained.
CV: Earlier in a conversation that we had, if you don’t mind us talking about it, you were talking about hardware wallets and that you’re not a big fan of them. Can you re-iterate some of the things that you’ve said during that time?
PP: Yeah, correct. Hardware wallets. I think hardware wallets have a purpose in an industry. If you’re an enterprise and you’re securing funds for, potentially, hundreds of thousands if not millions of users, and you have multiple people in the company—a lot of funds at risk—then there’s a purpose for hardware wallets.
Because, for the most part, you have an IT department and people whose job it is to deal with the complexities of a hardware wallet. When you talk about mass adoption and end users who are just trying to use, store, or hold the money, they’re not accustomed to this.
They’re not accustomed to the concept of securing a private key. One of the challenges with hardware wallets is that it solves a problem that doesn’t exist and it creates a problem that does. The problem that does exist is that people don’t know how to manage keys and they lose them or they put them in an insecure place.
I agree, hardware wallets themselves—the actual electronics of that hardware wallet—are incredibly secure. What I fundamentally disagree with is that the entire holistic system of a hardware wallet is secure because there’s a major hole, which is that back up.
PP: It’s the human! It’s these 24 words that you just throw at a human and say, “Go deal with it.” And what they do with that is the massive hole in security, and when I say “security,” I mean everything that could cause a user to lose money.
That’s not just someone potentially finding that backup but also the user just potentially losing it. Or, in some cases, even the backup deteriorating because they don’t put it in a good place. Maybe they put it on a type of paper that rubs off very easily.
As a matter of fact, I was just talking to a guy yesterday at one of the parties who said that he was the one that notified—I won’t mention which, but it was either Trezor or Ledger—of a flaw in the card stock that was sent to the users with the hardware wallet that the