Overview

What is a wallet?

Similarly to a physical wallet, a digital asset wallet stores your funds and digital assets.

When transacting with assets in your digital asset wallet, you need a public key and a private key. Keys are cryptographically generated strings of characters.

A public key is a public address that assets can be sent to. It is a way of identifying your wallet. In contrast, a private key is a personal code which is used to authorize transactions from your wallet.

It is essential that your private keys remain private to prevent malicious actors from accessing your wallets.

Palisade provides a secure platform for keeping these keys and wallets safe.

How does Palisade keep your wallets secure?

Palisade generates wallets and stores keys using one of two sophisticated storage types: Hardware Security Modules (HSMs) or Multi-Party Computation (MPC).

Hardware Security Modules (HSMs)

HSMs are secure, tamper-resistant hardware devices specifically designed to manage, process, and store cryptographic keys. Palisade leverages the key management functionalities of HSMs to manage the entire lifecycle of keys, from generation to retirement.

When wallets are generated and housed within HSMs in Palisade, private cryptographic keys are generated using hardware-based entropy sources for maximum randomness and unpredictability. These private keys are never exposed to external environments, mitigating the risks associated with exposure and unauthorized access. Transactions are then signed within the secure boundary of the HSM using the stored private key, ensuring the digital signature's authenticity and integrity without exposing the sensitive key material.

Multi-Party Computation (MPC)

Alternatively, wallets can be generated and protected using MPC, a cryptographic protocol that allows multiple parties to jointly compute a function over their inputs while keeping them private. Within Palisade, MPC is implemented via MPC quorums, which split wallet keys amongst multiple user devices. This is enabled through Palisade’s dedicated mobile application, Palisade Mobile, and CloudSign. Splitting wallet key shards using either type of device ensures that even if one device is compromised, the wallet remains secure as no single device or share of the key holds the complete key.

Which storage type is preferable?

In Palisade, users have the flexibility to opt for their desired wallet generation and key storage type, depending on their specific security requirements, operational needs, and risk assessments. For example, users could hold both MPC and HSM wallets in the same vault.

Regardless of the chosen method, Palisade maintains a high standard of security protocols and access controls to ensure the utmost protection and confidentiality of the wallets, reinforcing the robustness of the overall digital asset security infrastructure.