Security by Paranoids
But there's no such thing as ‘perfect security’
Correct software and specialized hardware security are essential to managing Bitcoin keys in offline environments. Knox built a truly air-gapped operational model minimizing the attack surface of the entire key lifecycle with geographic separation and redundancies.
Our Staff is Locked Out
No single employee or group of employees at Knox can arbitrarily move the funds we custody. We are locked out of our own custody system—ensuring the security of our employees and the holdings of our clients. All requests are authorized by clients and guaranteed by machines.
Cold Key Storage
The key lifecycle is entirely air-gapped to minimize the attack surface.
Customers must initialize all transactions to be processed.
Entropy & Client Account Segregation
Client accounts are segregated at the root entropy level. No shared omnibus.
Strict Process Isolation
All servers and customer terminals boot into a secure environment.
Partitioning & Physical Segregation
Each root key in a customer’s multisig scheme is handled by a distinct physical device in a distinct data center behind a distinct firewall.
Data Storage & Encryption
Most sensitive secrets are stored on Knox Secure Modules and cannot be retrieved.
Client Account Backups
Encrypted wallet key backups are using Shamir’s Secret Sharing Scheme.
Key Backup Storage & Retrieval
A security and logistics firm is responsible for storage and retrieval of backups.
All Knox clients are required to use three-factor authentication.
Additional Details Available
Extra information on wallet policy construction, validation, transaction flow, activity logs, API specs, whitelisting procedures and other security practices are available on demand. We would be happy to have a call to discuss further. Please email firstname.lastname@example.org.
If you want to learn more about our threat model and security, we’d be pleased to give you more details about Knox Custody accounts.