Wealth Security Protocol
Go to Casa Home
  • 🗺️Overview
  • 💜Casa vs. Alternatives
    • Introduction
    • Option #1: Do-it-yourself
    • Option #2: Custodial Storage
    • Option #3: Commercial Systems
  • 🔑System Design Principles
    • Introduction
    • Minimal Knowledge
    • High Security
    • Usability is Security
    • Expert Support
    • Redundancy
    • Sovereignty
    • Incentive Alignment
  • 🚨Threat Overview
    • Introduction
    • Data and Credential Loss
    • Phishing
    • SIM Hijacking
    • Network Attacks
    • Malware
    • Supply Chain Attack
    • Physical Coercion
    • Child/Pet Attack
    • Internal Service Provider Attack
    • Platform / Hosting Provider Attack
    • Code Dependency Attack
    • Official Seizure
    • Inheritance Failure
  • 🔐Chosen Features
    • Introduction
    • Hardware Wallet Signing
    • Multi-signature
    • Multi-location
    • Heterogeneous Hardware and Software
    • Seedless Hardware Wallets
    • Emergency Recovery Key
    • PIN or Biometrics for Mobile Key only
    • PIN for every device
    • Sovereign Recovery Instructions
    • Emergency Lockdown Button
    • Health Check
    • Identity Verification for Account Recovery
    • Inheritance
  • ✅Chosen Key Schemes
    • 5-Key Vault
    • 3-Key Vault
    • Pay Wallet
  • ❌Rejected Key Schemes
    • Shamir's Secret Sharing
    • 2-of-2
    • 1-of-2
  • ❌Rejected Features
    • Biometrics General Usage
    • Brain Wallet -- Memory Based Solutions
  • 🔧Remaining Attack Vectors
    • Address Spoofing
    • Malicious Insider Key Theft
    • Extreme disaster scenarios
    • Extortion
  • 👨‍🚀Future Improvements
    • Taproot/MAST
    • Schnorr Signatures
Powered by GitBook
On this page

Was this helpful?

  1. 🔑System Design Principles

Sovereignty

Many popular key storage systems attempt to bypass the user-experience problems involved with managing keys directly by relying on a trusted third-party organization to hold keys.

It’s easier to make a custodial product. Development costs are lower and timelines are shorter. Centralized key storage also makes it much easier to add features that mimic the existing financial system, which makes it easier to onboard new users.

At Casa, we don't do this for several reasons.

First, as Nick Szabo once said, “trusted third parties are security holes.” There is a long and dark record of exchange hacks and scams. Even sophisticated and well-funded entities have found themselves victims of malicious actors, both internal and external. Customers of custodial services are also frequent targets of social engineering attacks designed to gain access to their accounts.

A certain big tech company famously had the slogan of “don’t be evil.” For the crypto-asset space, this motto should be “can’t be evil.” The only way to ensure this is by maintaining user sovereignty. The user should be the only one who has control over their funds. It should be impossible for the service provider, through malice or negligence, to unilaterally create transactions or block the creation of transactions.

For Casa, this is a matter of principle. Bitcoin was created to give people control over their money. Individual sovereignty is the idea that brought us into the cryptocurrency space. This is in Casa's DNA.

PreviousRedundancyNextIncentive Alignment

Last updated 1 year ago

Was this helpful?