10 Unbelievable Facts of Gluon — a Decentralized Crypto Wallet

Originally published at https://github.com. Click for free reading.

Your private keys are not stored anywhere.

Nothing is impossible. If you continue reading, I’ll tell you how.

Your private key is split into N smaller pieces with K as the threshold using a cryptographic algorithm called Shamir Secret Sharing Schema (SSSS for short). No one can rebuild the original private key unless he collects K of N SSSS pieces. All those SSSS pieces are stored and distributed all over the TEA network by many TEA Nodes. Our TEA Consensus prevents any TEA node to host more than 1 (or another user-defined number far less than K) SSSS pieces. Anyone outside of the hardware protected enclosure has zero knowledge about which pieces belong to which private key and which TEA node hosts which SSSS piece. The mapping information and SSSS pieces are encrypted and stored in the TEA node’s hardware protected secure RAM, never stored to any persistent storage (eg. hard disk or SSD), even after encryption.

When you want to sign a blockchain transaction using this private key, it is required to pass 2 levels of authentication (not your grandpa’s 2FA). One of the two factors is a regular web extension used by Polkadot blockchain. Another factor is mobile phone authentication, which protected by either face-lock or fingerprint lock.

When Gluon layer 1 (a Substrate based blockchain) verifies your access, TEA Nodes will run a consensus to get K (K is the threshold number) pieces of SSSS to one randomly selected TEA Node (This node is called Executor). Inside this Executor, your original private key is reconstructed and used to sign your transaction. After that, the transaction is sent to your blockchain while the private key is wiped from the RAM as if nothing happened.

TEA Remote Attestation Consensus randomly selects Verifier TEA nodes to monitor the whole process and ensure the good behavior of all involved nodes. Suppose these verifiers cannot get a consensus on the security of the whole workflow. Not only will the signature not be sent, but all of the digital assets protected by this private key will also be transferred to other secure locations.

We don’t have your private key and neither do you.

Because we are decentralized, it is common to say that we don’t have your private key, but neither do you. Forgive us when we say that we don’t believe you can protect your private key better than our decentralized trusted computing platform. If you have a copy of your private key or the mnemonic phrases to rebuild your private key, you’re at risk. The best solution is that no one has it.

Your next question is probably: What if something happens which causes the private key to get lost?

Replicas everywhere and nowhere.

Since the replicas of the SSSS pieces are zero-knowledge to the outside world, no one will ever know which node stores which pieces of which private keys, so it is “nowhere.”

Your assets are protected by 3 master keys hosted by you, Gluon, and your friends.

Two of these three private keys can move your assets. In most cases, we use P1 and P2. P3 is only used for disaster recoveries which I will explain later.

Gluon will not access P1 because it is generated and stored in your Gluon mobile app which will never expose private keys to anyone. When I say “anyone” I mean everyone, including you and Gluon. Yes, you read that right! You don’t have the private key nor the mnemonic phrases of P1. Now, you may be asking: wait, what if I upgrade my phone? If I don’t have the mnemonic phrase, how can I restore my private key to my new phone?

Got a new phone? Restore your private key even without the mnemonic phrase!

Gluon redesigns the workflow so that you can restore the private key to a new phone without using mnemonic phrases. Here’s what you need to do:

  • Install the Gluon app on your new phone.
  • Generate a new private key (New P1).
  • Use your web browser (with Polkadot Extension) to login to the Gluon web portal.
  • Create a transfer key request in the Gluon web portal; a new QR code should show up on the web page.
  • Scan this QR code on your new phone and confirm with your fingerprint. When you’re done, a new QR code will be displayed on your new phone.
  • Use your old phone’s Gluon app to scan this QR code.
  • Go through another fingerprint confirmation on your old phone.

You’re all set! Your old phone will no longer control your assets.

It’s so easy! No more writing down your secret on a piece of paper, or typing it down on a phone or keyboard. You may already know this, but typing on keyboards is one of the main sources of secrets leaking!

I lost both my computer and phone, you can still recover my assets?

Remember the P3 owned by your friends? This is the time for you to get your friends’ help.

When you create your Gluon asset, you can select some of your friends to be your recovery contacts. You don’t have to tell them you chose them, but make sure you know them and can contact them in case of a disaster. You will need to create a new account on your new computer and phone and submit a “Recovery Request.” This is almost the same process as transfering to a new phone, the only difference is that you have to find some (the number is K) of your friends to scan the QR code on your new phone. As I mentioned in the K and N story, you don’t have to have all of your friends to scan, only K friends will do. But of course, you will need to be with them in person to run this recovery process and prevent any scams. GPS plays an important role here!

Phishing your friends won’t work.

Phishing is the oldest and easiest low-tech scam, although it is still popular today. If a scammer knows who your recovery friends are, he could impersonate you to get your friends to sign the recovery request. To prevent this, we carefully designed our system.

We use zero-knowledge almost everywhere in our TEA project. To any outsiders, there is no way to know who all your recovery friends are. And even if they do, running a brutal hack of all the combinations won’t work. The signing sequence matters and only you know the sequences! We also have GPS to enforce a face-to-face scan, not to mention,k commonly used nonce and cryptographic algorithms are all built-in.

Gluon is a TEA Project built on the T-rust framework; hacking TEA is expensive.

In the beginning, TEA has fewer TEA Nodes running resulting in less security, but there are less valuable assets protected by TEA. When the assets protected by TEA grow, the TEA becomes larger, and more TEA nodes will be running consensus to protect each other. It is also much harder and expensive to attack. As long as we keep the successful hacking profit lower than the cost from the attacker’s point of view, you’re safe. TEA has many careful designs that address this financial balance. You can read my previous blogs for more information.

Gluon is not a hardware wallet, it is many hardware wallets that can serve as a crypto wallet like Trust-as-a-Service

Gluon is not only a crypto wallet, it is also a portal of dApps and more.

We are still working on our GluonWallet website. In meantime, you can visit Teaproject.org (although it is also under construction) for more fundamental information on TeaProject, the T-rust framework, and Gluon Wallet. Please join us in the Discussions and be the first to share your ideas!

Originally published at https://github.com.

Bear with me as English is not my programming language