Protecting cryptocurrency private keys in a corporate environment

  softwareengineering

Now that Tesla has bought a large amount of BitCoin, other companies may follow suit. If my company wanted to do that, I was thinking about how it could be done.

I’m familiar with the way private individuals store keys.

I could see two possibilities:

  1. The Chief Financial Officer or someone like that would be the only with the keys, with some type of backup. The data is done in a way very similar to how an individual would do it.
  2. The Information Technology (I.T.) may be called upon. For example, they might write a bot to buy the cryptos at certain prices or criteria.

If I.T. is involved, then one or more programmers or I.T. staff would have access to the keys. If they weren’t honest, or left the company, they could use the keys to transfer out all the cryptos. Even if I.T. created an application for the company, the “bad people” could simply do a transfer using the private key totally outside the company’s network.

I was thinking that one approach might be to have some automated software to keep moving the cryptos around to new accounts every x hours. To do this, the private/public key would have to be generated by software, but still stored in a data store of some type. Maybe that would have to be a separate database instance that only very key people had the access codes to.

The issue is similar to API Keys, but they often have more flexibility (Protecting API Keys).

  • security
  • passwords
  • cryptography

3

As Phillip mentions in his comment, the most solid approach to protecting secrets is a Hardware Security Module. I’m not qualified to get into the details of how that might work with various crypto-currencies but that’s where I would start, if given this problem.

I’m not too sure about your idea of moving the accounts around. You haven’t described your threat model here but I don’t think this solves much. If we are managing keys for a web-server certificate, the approach of creating new keys frequently can limit the damage when a private key is exposed. But in this situation, the attacker who has your keys will be long gone with the money-bits before x hours pass. In my humble opinion, the constant churn creates a larger attack surface. For example, an attacker might find a way to slip their account into your system right before your transfer.

2

LEAVE A COMMENT