Linen’s non-custodial wallet is powered by Gnosis Safe multi-signature architecture to provide you with top-level security, previously available to big players only. This document describes our security model and discusses our goal of creating the most secure wallet for DeFi and Web3.
The key element of any crypto-based system is a private key that provides access to accounts on a blockchain. One of the main struggles people face when they receive their first crypto is how to easily and securely store their private keys.
In this document:
- What’s wrong with existing security models
- The rationale behind Linen’s security model
- Linen security model
- Linen Recovery Kit
- Future research and developments
What’s wrong with existing security models:
The key element of any crypto-based system is a private key that must be securely stored and managed to recover crypto assets if the wallet app or device is stolen or lost. This is easier said than done, and for many novice crypto users, the most reasonable choice might be trusting a centralized exchange with their private keys and assets. We won’t discuss how this approach goes against the entire premise of cryptocurrency and blockchain technology because that is not the focus of this document.
Any ideological beliefs aside, many unpleasant episodes have shown that centralized institutions holding massive amounts of users’ digital assets is not an optimal solution. A total of nearly USD $2.58 billion has been stolen from crypto exchanges since 2012, with 46 exchanges compromised. A full list is available here.
Legacy self-custody wallets
An alternative to trusting a centralized exchange with your private key is to store private keys from your wallet as a mnemonic seed phrase, a list of 12 or 24 common English words that cryptocurrency wallet software can decode into a set of private keys to restore access to your funds.
Although this is probably the most popular option among tech-savvy crypto users, it unfortunately bears its own set of significant risks. The truth is, the majority of us are simply unable to securely manage a mnemonic seed phrase, as it’s outside of our zone of proximal development.
Indeed, even advanced crypto community members like Farokh lost close to a million dollars worth of crypto assets using a wallet like Ledger or MetaMask because their seed phrase was compromised or lost.
Unlike private keys in “hot” wallets (wallets that are connected to the internet), private keys in hardware wallets, or “cold” wallets, aren’t stored on devices connected to the internet. Storing private keys offline protects wallets from hacks.
However, this solution still has one single point of failure — if your seed phrase is compromised or lost, you won’t be able to recover your assets. Additionally, hardware wallets are much less user-friendly, and thus they are not a viable option for the mainstream adoption of crypto applications.
What We Need Instead
The rationale behind Linen’s security model
When developing Linen Wallet, our main priority was building a wallet that doesn’t make any compromises between security and ease of use — a wallet that must:
- Be more secure and reliable than any existing solutions on the market;
- Be simple and easy to use for everyone. That means that all users, no matter how well-versed in crypto they are, can enjoy and appreciate the ease of use our wallet provides;
- Be easily adaptable to new crypto asset types and use cases that are yet to emerge.
Let’s look at each principle in more detail.
1. Security objectives
The cornerstone of any self-custody wallet should be a backup mechanism that ensures the wallet is accessible to the owner and, at the same time, secures the wallet from potential theft.
That’s why we set very strict, non-negotiable requirements for our backup mechanism design:
- It should be impractical for an attacker to gain unauthorized access to the owner’s funds, so there should be no single private key (no single point of failure) that can grant access to the wallet.
- It should be practically impossible for the wallet owner to lose access to their wallet, so if one of the private keys is lost or damaged, the wallet owner can recover access with the remaining private keys.
So instead of using only one private key like most wallets are doing, Linen has adopted a multi-signature architecture powered by Gnosis Safe, the gold standard in crypto security.
We eliminate the single point of failure. The best part? We did that without compromising the ease of use in any way.
2. Usability objectives
Designing a secure system for wallets shouldn’t lead to any compromises on usability. More specifically, the backup and recovery process of the multi-signature wallet must be simple, transparent, and user-friendly.
After analyzing the UX hurdles of multiple mainstream crypto wallets, we came to the conclusion that there should be no seed phrases that a user needs to write down or copy because that is neither secure nor user-friendly.
Making it simple for users to recover their wallets while maintaining the highest security standards was probably the most significant challenge for us.
3. Future-proof objectives
Every year, more and more use cases for crypto assets, and DeFi in particular, are emerging and gaining adoption. Because it’s hard to predict which features will be integrated into Linen Wallet in the coming years, it’s crucial to build a foundation that is future-proof and easily adaptable to new use cases. That’s why we adopted a smart contract wallet architecture.
The concept of smart contract wallets was first introduced, to the best of our knowledge, in late 2016 by the DappHub ds-proxy project. The main idea behind this concept is to segregate smart contracts that store crypto assets on blockchains from the logic that users want to apply to their crypto assets.
With externally owned accounts (EOA) in Ethereum, the only option to secure funds is to manage a single private key. For this reason, EOAs are not flexible at all and can’t be easily adapted to future use cases that crypto brings, in particular, those that require greater security. Smart contract wallets give users and developers much more flexibility, making them the preferred solution for the many future use cases of crypto that we cannot even imagine today.
A significant advantage in adopting this framework is the ability to set various authentication mechanisms for the wallet. For example, it is possible to set a requirement that two of the three signatures be needed to move crypto assets.
Another benefit of smart contract wallets is meta transactions. With EOA, wallet owners must have some Ether (ETH) in their wallets to pay gas fees to miners for transaction processing. Thus, if a new user receives their first token in an EOA-based wallet, they can’t use it if there is no ETH in the wallet. This requirement creates a high barrier to entry for new crypto users.
However, this is not the case with smart contract wallets, with which users can transact from the get-go without the need to buy ETH. Thanks to meta transactions, users can pay a fee to a relayer in the token they already own.
Now that we have gone through the rationale behind our design, we can outline the actual security model adopted by Linen Wallet.
Linen security model
Enter Smart Contract Technology
Being a more versatile alternative, “smart wallets” like Linen are set to alleviate most of the problems of more conventional solutions. Indeed, they are:
- More secure;
- More flexible;
- Generally more convenient;
With that being said, let’s discuss Linen’s multi-signature wallet in a bit more detail.
Smart Contract Technology
We have chosen Gnosis Safe smart contracts, which are the gold standard in smart contract security. Having developed blockchain-based infrastructures since 2016, Gnosis Safe is the only multi-signature solution that has passed formal verification, the highest possible security standard in the crypto industry.
Besides being formally verified, its smart contracts have also passed three independent security audits. To this day, no major or critical issues have been found in the codebase, and that’s why Gnosis offers up to $1,000,000 to anyone who can find a bug in the code (that’s the richest bug bounty program in the industry!).
With all that being said, it’s no coincidence that the latest deployment of Gnosis Safe smart contracts secures more than $86 billion worth of crypto assets as of September 15th, 2021.
Considering all of this, we find it very unlikely that any other wallet operator could write smart contracts that can even come close to the level of security provided by Gnosis Safe. And that’s why choosing them instead of writing our own smart contracts from scratch was a no-brainer.
With a multi-signature wallet, more than one private key is required to approve a transaction. This allows users to finally eliminate the biggest security concern of conventional wallets — that they have one single point of failure.
Since all the keys are stored separately from one another, it is very unlikely that a hacker can gain access to all the keys, or even the majority of them, at the same time. This gives users enough time to react accordingly and protect their assets.
The current version of Linen Wallet has three private keys stored in different places:
- User operational key – stored on a mobile device in a Secure Enclave and never leaves the device. This key can’t be exported or accessed by any other app. The use of this key is reserved for everyday operations, such as exchanging assets and depositing and withdrawing them to and from DeFi liquidity pools;
- User recovery key – stored on the user’s cloud storage such as iCloud Drive. Users have the ability to password protect this key. This key, along with the user authentication, will be required if the user needs to recover the wallet;
- Linen agent key – resides on Linen’s secure software infrastructure and can be accessed only by a user authenticating using their email and SMS one-time passcode verifications.
To execute any transaction, such as depositing digital assets to the Compound protocol, a user needs access to at least 2 of those 3 keys. Currently, in Linen Wallet, signing a transaction with the user operational key and the user recovery key is not supported. However, in future releases, a variation of this will be supported.
Using cloud drives as recovery key storage
As mentioned above, the user recovery key of Linen Wallet is stored in the user’s cloud drive (iCloud Drive on iOS at the moment). Users have the option to encrypt the recovery key file with a password or store the recovery key file in the cloud drive without encrypting it. Access to the recovery file itself does not grant access to the wallet as access to the wallet requires a second key (user operational key or Linen agent key), hence the name multi-signature.
Users can also set up 2FA for Apple cloud storage, which significantly reduces the risk of the recovery key being compromised. Each user can decide whether to adopt this additional layer of security or not.
Linen Recovery Kit
So what happens if your phone is stolen, lost, or damaged beyond repair, or if you simply have to reinstall the Linen app? Regaining access to your wallet is easy thanks to the Linen Wallet Recovery Kit — it requires you to have access to:
- The email address you’ve provided and confirmed while signing up. Here are 7 tips on how to keep your email secure;
- The phone number you provided and confirmed while signing up;
- The recovery file saved to your iCloud or Google Drive associated with the Apple ID or Google Account you used when you set up your wallet. The recovery file on its own is not enough to regain access to your wallet.
To recover your Linen Wallet, please download the app from the Apple App Store, launch the app, and use the Recover Wallet option from the main screen.
Future research and developments
Linen’s security model described in this document is currently one of the most secure options available to crypto users worldwide. In future versions of Linen Wallet, users will have the ability to add trusted contacts and hardware wallets that can help them with wallet recovery.