Even though cryptocurrency proponents have long been arguing that blockchain is far more secure than traditional digital storage used by banks and government institutions, the truth is a lot more nuanced than that. While the technology itself is secure and mostly even impenetrable, the responsibility of safeguarding digital assets is shifted to users. Instead of a trusted third-party entity to hold accountable, users are mostly.
In any cryptocurrency, for instance, losing one’s private key generally equals the loss of the entire wallet. This has been a problem for several people in the past, and has even led to combined losses worth .
However, these problems cannot be characterized as faults of blockchain itself. On the contrary, the transfer of responsibility over to the end-user is a design choice and an important step towards achieving full decentralization.
Unlike paper money though, users cannot simply disconnect their wealth and hide it under the metaphorical mattress. That is why, up until now, most hacks and exploits have involved users that traded their security for more accessibility. Unsurprisingly, the same is true even for large companies like cryptocurrency exchanges that have had millions of dollars siphoned from their wallets.
Aiming to fix this ever-expanding problem, a new fintech startup is building a solution that achieves maximum security while still being convenient to use. One of the company’s primary security principles involves keeping your assets “online when you need it, offline when you don’t.” Notably, unlike a similar concept that has been popularized by cryptocurrency hardware wallet manufacturers like Ledger, Goldilock does not come with convenience tradeoffs or potential security implications.
Nevertheless, Goldilock manages to clearly differentiate itself because its users are not burdened with carrying around a physical device around every time they need to initiate a transaction. Since security is the paramount concern, access to each user’s vault is only granted after they complete one or more authentication procedures. According to Goldilock, this will be achieved through a combination of multi-factor authentication, biometrics, regressive technology triggers and cryptography.
With Goldilock, private keys are stored on a physical device that is disconnected from the internet. When a user needs to access their assets, a non-IP, blockchain-based trigger will be sent to the device and verified remotely. Once the authentication process is completed, the user will be able to securely establish a connection with their wallet. The device will return to this dormant state once the user has completed their interaction with it, making it pretty much inaccessible once again.
Goldilock’s ultimate goal is to massively ease the burden of digital asset storage, while still allowing individual investors to own and control their holdings.
Implications for businesses
The Goldilock development team realizes that this form of digital storage technology is not only unprecedented, but also incredibly powerful for a future driven by blockchain-based assets. In line with this belief, the company is building more than just a cryptocurrency wallet. The Goldilock Security Suite is meant to be an all-encompassing solution that uses the same security standard to cater to a wide range of use cases.
For instance, in the near future, other companies and businesses will be able to use the Goldilock developer API to secure their digital assets and manage access on-demand. Since the technology is remotely-operated, institutions no longer have to place their trust in one or few high-ranking employees.
This means that companies that require more direct control over their data will also be able to use Goldilock’s colocation feature that offers private and physical vaults in its data centers. It is safe to say, this technology truly is the first of its kind and has the potential to become the de facto resource when thinking about digital asset and cryptocurrency security.