Enhancing Cold Wallet Security with Native Multi-Signature schemes in Centralized Exchanges
Currently, one of the most widely used protocols to secure cryptocurrency assets in centralized exchanges is categorizing wallets into cold and hot. While cold wallets hold user deposits, hot wallets are responsible for addressing withdrawal requests. However, this method has some shortcomings such as: 1) availability of private keys in at least one cold device, and 2) exposure of all private keys to one trusted cold wallet admin. To overcome such issues, we design a new protocol for managing cold wallet assets by employing native multi-signature schemes. The proposed cold wallet system, involves at least two distinct devices and their corresponding admins for both wallet creation and signature generation. The method ensures that no final private key is stored on any device. To this end, no individual authority can spend from exchange assets. Moreover, we provide details regarding practical implementation of the proposed method and compare it against state-of-the-art. Furthermore, we extend the application of the proposed method to an scalable scenario where users are directly involved in wallet generation and signing process of cold wallets in an MPC manner.
READ FULL TEXT