Goldilock - Is it truly the right kind of storage?

culgin (71)in #crypto • 6 years ago (edited)

Hello Steemians! Many of us read about Goldilocks and the three bears, some probably heard of the Goldilocks Principle. Today I am not going to talk about either of them, instead I am going to share about a project named Goldilock.

What is Goldilock?

As I was browsing through my feeds this morning, this post by @originalworks caught my eyes. As you guys might know, I am always looking out for the latest and most interesting crypto projects that I can find. After reading the contest post, I told myself that I need to write about Goldilock.

Goldilock is a offline storage solution, which allows users to remotely bring the storage online, on-demand and temporarily, without going through the internet. That is quite a mouthful, so let me try to explain it in layman terms. Imagine you have a book which contains the passwords that are able to unlock all your cryptocurrency wallets and bank accounts. So this is a very important book. If you copy the contents of the book into an digital file and store it online, the file will be susceptible to hacks. However, as it is cumbersome to bring the book everywhere you go, if you do not digitalise it and store it online, you will have trouble accessing your passwords when you need to. Goldilock offers to be your trusted secretary, who will safekeep your book and only share the passwords with you when you call him/her.

Of course the actual solution which Goldilock is bringing doesn't involve a human helping everyone load their data as and when he/she receives a call. This process is automated by Goldilock's patent-pending technology. In addition, Goldilock's solution is built on the following 3 premises:

Users need access to their personal data quickly, but only occasionally and for short periods of time. Otherwise, online data is more useful to hackers than rightful owners.
Personal data (including private keys) must be isolated, secured from physical contact and related human error, and fully backed-up.
Personal data and private keys must be quickly accessible when needed.

Security of an cold storage with convenience of an online storage

Goldilock is built around the idea that - if it's connected to the internet, it can be hacked. Being a cybersecurity professional, I share the same thought. Security is also the key reason why the Singapore government had implemented airgap measures to physically segregate internet access and intranet access. A system is unhackable when it is offline, that is why airgap measure is so effective.

Similarly, if you want to keep your data safe, the best way will be keep it offline. However, offline or cold storage can really be a pain in the neck when you want to access an information urgently. This is especially so if you just need that info for that transactions occasionally. Goldilock offers a solution by keeping the device which stores your sensitive data offline and physically disconnected from the Internet. When a user chooses to access it, through an authorized non-IP command by the user over the Public Switch Telephony Network (PSTN), the storage device will be remotely mounted and become accessible online through a secure web login. Users can then instantly access their data using encrypted channels to complete transactions. After the user finishes any and all desired transactions, the device which contains the sensitive data is then physically disconnected from the Internet. Goldilock has no access to keys or data stored on the user’s encrypted storage device.

Through this technology, Goldilock's solution is able to provide secure cold storage with hot storage's convenience. And that is why they have this slogan, "not hot storage, not cold storage, just right storage.".

Goldilock is able to ensure that sensitive data like private keys to cryptocurrencies are stored securely and at the same time making them accessible at a snap of a finger. This alleviates many concerns that people and organizations have when trying to adopt cryptocurrencies. To put it simply, this marriage of security and convenience may spark the mass adoption of cryptocurrencies.

Not just for consumers

Essentially, Goldilock is providing a brand new way of data storage. Everyone uses data, not just you and me, but also organizations. Governments, hospitals, banks and many other companies all hold on to humongous amount of data. Some of them less sensitive, but a good amount of them are very sensitive. In the recent hack related to SingHealth, the hackers managed to get hold of sensitive personally identifiable information (PII). Though that is bad, it is still somewhat fortunate that the hackers did not manage to get hold of even sensitive medical records and histories.

Goldilock's solution is therefore not just built for end users like us. It is also potentially an enterprise-grade solution which can be deployed by many organizations. These organizations can secure the most sensitive clients' information with Goldilock. Through APIs, applications can be developed such that the clients still ultimately own their personal data and the organizations are only custodians of the encrypted data secured by Goldilock. This is really huge when it comes to compliance to regulations like GDPR.

The LOCK token is a NEP-5 asset on NEO

Goldilock will register its digital token “LOCK” as an NEP-5 asset on the NEO Blockchain. The token is required to access the Goldilock wallet. Using the NEO blockchain adds another layer of security by allowing access logs to be written to the immutable Goldilock Private Audit Blockchain. These records will prove to be useful as users will be able to keep track of their activities and can potentially be warned in the event of potential attacks.

One may ask, why use the NEO blockchain? NEO plans to build a secure blockchain that is recognized by enterprises and governments, which is core to Goldilock's guiding principles. NEO is the first platform to offer a the following features:

Aims for Regulatory Compliance - NEO is committed to making use of PKI X.509 standard for identity. This means that NEO will have the ability to issue and confirm digital identities. This is a huge advantage for a project which aims to build enterprise-grade solutions.
Utilizes a superior consensus mechanism - NEO uses Delegated Byzantine Fault Tolerance (dBFT), which is a modified Proof of Stake protocol. Which does not rely on costly Proof of Work algorithms.
Processes transactions faster - NEO is able to process more than 10,000 transactions per second without transaction costs.

The above attributes make NEO the ideal platform for Goldilock's secure wallet utility token.

Conclusion

In conclusion, Goldilock offers an unique storage solution which I have personally not seen before. It combines the security of cold storage with the convenience of online storage. This may be a game changer which can potentially lead to mass adoption of cryptocurrencites. I am looking forward to what this project can bring and the day this solution materializes. Is it truly the right kind of storage? I think it is. Do comment below and let me know your thoughts. Thanks for reading!