Wealth Security Protocol
Go to Casa Home
  • 🗺️Overview
  • 💜Casa vs. Alternatives
    • Introduction
    • Option #1: Do-it-yourself
    • Option #2: Custodial Storage
    • Option #3: Commercial Systems
  • 🔑System Design Principles
    • Introduction
    • Minimal Knowledge
    • High Security
    • Usability is Security
    • Expert Support
    • Redundancy
    • Sovereignty
    • Incentive Alignment
  • 🚨Threat Overview
    • Introduction
    • Data and Credential Loss
    • Phishing
    • SIM Hijacking
    • Network Attacks
    • Malware
    • Supply Chain Attack
    • Physical Coercion
    • Child/Pet Attack
    • Internal Service Provider Attack
    • Platform / Hosting Provider Attack
    • Code Dependency Attack
    • Official Seizure
    • Inheritance Failure
  • 🔐Chosen Features
    • Introduction
    • Hardware Wallet Signing
    • Multi-signature
    • Multi-location
    • Heterogeneous Hardware and Software
    • Seedless Hardware Wallets
    • Emergency Recovery Key
    • PIN or Biometrics for Mobile Key only
    • PIN for every device
    • Sovereign Recovery Instructions
    • Emergency Lockdown Button
    • Health Check
    • Identity Verification for Account Recovery
    • Inheritance
  • ✅Chosen Key Schemes
    • 5-Key Vault
    • 3-Key Vault
    • Pay Wallet
  • ❌Rejected Key Schemes
    • Shamir's Secret Sharing
    • 2-of-2
    • 1-of-2
  • ❌Rejected Features
    • Biometrics General Usage
    • Brain Wallet -- Memory Based Solutions
  • 🔧Remaining Attack Vectors
    • Address Spoofing
    • Malicious Insider Key Theft
    • Extreme disaster scenarios
    • Extortion
  • 👨‍🚀Future Improvements
    • Taproot/MAST
    • Schnorr Signatures
Powered by GitBook
On this page

Was this helpful?

  1. 🔑System Design Principles

Minimal Knowledge

PreviousIntroductionNextHigh Security

Last updated 1 year ago

Was this helpful?

For the most part, being a company offering a paid service lets us offer a superior user experience, with greater security and usability compared to do-it-yourself systems. But there is a major disadvantage to purchasing a key management service from a commercial entity: you give up personal identifying information. The customer database from a key management service is a valuable collection of data that is an appealing target for attackers.

To counteract this, we minimize data collection on our customers. For example, we collect shipping information, but then we delete it after we make the necessary shipments. And our customers can provide us whatever shipping information or email address they want, they are free to be pseudonymous.

We collect only data that is necessary to run the service, as specified in our . To the extent that we do collect customer data, we limit access to that data internally to those that need to know it. There is no reason for all engineers to have access to customer contact information, for example.

Privacy and Data Protection Policy