Author

Topic: How to protect private keys easily and securely? (Read 852 times)

sr. member
Activity: 318
Merit: 260
Nobody will trust their private keys to some proprietary software with hidden code. You should create some OpenSource code and submit it on GitHub for scrutiny, before anyone will take it seriously.

I prefer to be in full control of my own private keys and never put it online, until I need to sweep them to my main wallets. You will have a tough time getting people to trust your APP. Good luck

with your project.  Roll Eyes

Those API calls in the public GIT repos are all binary without source code. The best possible key manager without additional hardware would use Keystore APIs which never even show you your keys. Encryption is worthless without hardware isolation and good key exchange algorithms.
legendary
Activity: 1904
Merit: 1074
Nobody will trust their private keys to some proprietary software with hidden code. You should create some OpenSource code and submit it on GitHub for scrutiny, before anyone will take it seriously.

I prefer to be in full control of my own private keys and never put it online, until I need to sweep them to my main wallets. You will have a tough time getting people to trust your APP. Good luck

with your project.  Roll Eyes
sr. member
Activity: 464
Merit: 250
I am working on an app and it will involve holding on to private keys, including Bitcoin private keys.. how can I make this secure and easy for users?

This is a mobile and desktop application.

Thank you!

that's good idea,i think private key should be protected not because it can be see or copied by other person,but if we use mobile online wallet it have potential to known by some application developer,and this is important to make applcation to protect private key,
sr. member
Activity: 318
Merit: 260
Android and IOS "keystore" APIs that keep private keys in TEE(hardware isolation even IOS or Android kernel can't touch) where you can send it a pointer/buffer and it decrypts or encrypts to another buffer/pointer.

Only services can read other apps storage and only when the app responds and allows it via API callbacks. The exemptions are jailbroken devices and only where there is a vulnerability known for the TEE kernel that's loaded by a signed bootrom before the OS in to ARM Trustzone, per-app sandbox defeated etc..

I'll tell you how secure Android and IOS TEE kernels are: The one in IOS world class famous hackers can't get around(KPP undefeated by all the dev teams despite efforts by their best) and the Android ones no malware to date have touched and all banking apps and POS devices use it for everything.. A professional researcher found something in one of the many TEE kernels years ago and it went nowhere..
hero member
Activity: 527
Merit: 503
I am working on an app and it will involve holding on to private keys, including Bitcoin private keys.. how can I make this secure and easy for users?

This is a mobile and desktop application.

Thank you!
Jump to: