Goldilock: Crypto assets and data have never been safer

solcross (52)in #mspsteem • 6 years ago (edited)

1.0 INTRODUCTION

Security of funds and assets has always been one of the weak spots, and what critics point to, when talking about the blockchain, and its challenges.

According to this article, CoinCheck recently suffered a loss of more than $500m, and MtGox lost $340m in 2014, thanks to hacks via vulnerabilities exploited.

For anything to succeed, it needs to instill confidence and keep on improving as time goes on.

The blockchain/the cryptocurrency industry is no different. Infact, it actually needs to evolve at an even faster pace.

2.0 THE PROBLEM: FUNDS SECURITY AND ACCESSIBILITY WHEN NEEDED
Currently, users have two ways of storing funds: cold and hot storages. Both of these have merits and flaws. Online storages(cryptocurrency exchanges) are prone to hacks, leading to loss of funds, which is quite common in the industry. On the other hand cold storage(hardware devices: examples are Ledger Nano S, TREZOR, and Bitbox) stores your funds offline, ensuring that malware, phishers and keyloggers can’t get them. But what happens, when such devices get lost, stolen or damaged?
Your guess is as good as mine. Your funds evaporate into thin air!

2.1 CHALLENGES OF ONLINE (HOT) STORAGE

Prone to phishing scams.
Insecure, prone to hacks.
Slow transaction speeds.

2.2 CHALLENGES OF OFFLINE (COLD) STORAGE

Could get stolen, lost or damaged.
Once lost, all funds/data is gone.

3.0 GOLDILOCK: TAKING THE BEST OF BOTH WORLDS, AND IMPROVING ON THEIR FLAWS
Goldilock understands that users use their personal data and keys for a short period of time online, and the preferred option is for this data to be stored securely in isolated locations and backed up. But they also need their keys to be readily available when they are required.

Goldilock enables users funds to be associated with their public keys, without the need of the Goldilock wallet being online.
Being online is only required for initiating transfers and carrying out withdrawals.

Goldilock is based on the NEO blockchain. Neo is it’s preference, due to a sync in ideology, and how they wish to proceed into the future.
NEO looks to be complaint with government regulations/policies, have a focus on digital assets and identity. Also, their smart contracts provide a solid foundation, is beneficial to Goldilock's Security Suite, and its offering in general. NEO’s investment in communities and ecosystems also caught the eyes of Goldilock. We will give this more attention later in this paper.

Combining the benefits of hot and cold storage ensures that users are better protected and it leaves no room for vulnerabilities to be taken advantage of. Being online 24/7 is only of benefit to hackers. By being stored offline and being available only when the user needs it at anytime ensures that the user is fully in charge, not at risk anymore and is getting the best service available. This also ensures that such users do not need to look at the pro’s and cons of previous technologies. This is the benefit that Goldilock's airgap solution brings to the table.

4.0 WHO GODILOCK SOLUTION IS APPLICABLE TO
Goldilock has a solution for virtually everyone that deals with sensitive data.

Users that need the flexibility of hot storages, and the security of cold storages.
Users looking for better security for cryptocurrency private keys, than what is currently available.
Organisations looking for improved security solutions for their customers, who they want to have access to their digital assets when needed, but safe from prying eyes, when not in use.

5.0 BENEFITS
5.1 BENEFIT FOR INDIVIDUALS
Goldilock makes use of an encrypted storage device that is located entirely offline. It is also stored within a vault in a secure data center. It only goes online, when the user initiates an action that requires it to do so. This is facilitated via an autorised non-IP command by the user, over the Public Switch Telephony Network (PSTN). Only then is the storage device remotely connected for online access, through a secure web login. Using encrypted channels, users can then access their data. Once the user is done, private keys are securely managed, and the user is disconnected from having online access, physically. Only the user has access to data and keys on these encrypted storage devices.

5.2 BENEFIT FOR ORGANISATIONS
5.2.1 EXCHANGES
Exchanges can offer better security and improved transaction speeds by making use of Goldilock’s request on-demand solution, rather than holding on to users keys, which have been proven to be unsafe, over and over again.

In so doing, they are afforded the security of hardware wallets and the accesibility of online wallets.

5.2.2 ONLINE WALLET OPERATORS
They can make use of Goldilock's revolutionary airgap solution, which ensures that their users are more secure, and only them will have access to their keys and data, seeing encrypted data goes to route request, via individual users Goldilock devices.
Such operators can have an in-house propreitary license or an outsourced service option.

5.2.3 OFFLINE (HARDWARE) WALLET OPERATORS
Cold wallets can also be seamlessly integrated with Goldilock's solution. This will ensure that their offerings are more accessible, while remaining secure (if not more secure) via a remote solution as described above.

5.2.4 DATA STORAGE AND DIGITAL ASSET SECURITY
Goldilock will support PaaS and will also be able to deploy their solutions locally, on site. They ensure that government agencies, data center owners and warehouse owners can create a Goldilock instance for their users.

This solution is also applicable to organsiations in the health, financial, and legal sectors.

Improved security will ensure that more businesses adopt cryptocurrency solutions.
Insurance companies, banks and other institutions can benefit from this, seeing data/assets are only accessed when needed. The added level of security ensures that sensitive data is more secure, and cannot be accessed by just anyone, as it is a matter of privacy, safety, and diversification.

Having options such as PaaS and on-site deployment will also ensure that these organisations have a plethora of options, giving them that freedom, when managing data/assets, and also doing so with real peace of mind, thanks to Goldilock.

Opponents of the adoption of cryptocurrencies always highlight it’s security flaws. With Goldilock proferring a solution that solves this primary problem, it will ensure that individuals and institutions alike will be more open to getting on the cryptocurrency bandwagon, leading to the growth of the industry and taking it mainstream.

6.0 THE GOLDILOCK ADVANTAGE

More secure
Better flexibility
Available anywhere, and at anytime
Fear of damage or loss is done away with.

7.0 FEATURES OF GOLDILOCK

8.0 GOLDILOCK SECURITY SUITE COMPONENTS:
8.1 GOLDILOCK WALLET: Will be able to store NEO, GAS and NEP-5 tokens. Usage will be conducted within a web browser, with authentication carried out over SSL.
8.1.1FEATURES:

Keys for each wallet are securely stored offline, within unique, segmented and encrypted harware wallet devices.
Signed transactions will require two-factor authentication.
Unique personally assigned URL will be given to each wallet.
Once user is done with a transaction that requires internet access, the wallet device will be disconnected.
Wallets online access is via a non-IP command, along with PIN/voice verification over PSTN.

8.2 GOLDILOCK API SERVICES:This will be used by organisations to build related solutions that require better security for their users.
It will run locally, on the cloud, and in Goldilock’s colocation facilities. Goldilock's API’s can be used in creating solutions for centralised and decentralised businesses alike.

Due to the way its solution is built, solutons for other blockchains will be available in a few weeks, once the NEO based solution is live.

9.0 APPLICABLE CASES
9.1 GENERAL APPLICATION

Bank account related information
Credit Information Storage
Health Records
Digital Media
Personal Identity

9.2 SPECIFIC USE-CASES
Cross is a digitial normad who travels alot. Having to use different channels to get online opens him up to security risks in many cases.
As a digital nomad, he could lose his hardware device or have it stolen at any moment, and seeing he needs to be able to access his data whenever they are needed, he signs up on Goldilock which ensures that he has access to his data when he needs it in any corner of the world, and he can sleep easy, knowing his information and cryptocurrencies are securely and remotely safe from phishing and other vices.

Coinbus is a cryptocurrency exchange that has suffered numerous hacks and lost funds. The losses are so great that they are thinking of calling it a day. Coinbus decides to give Goldilock a shot, after hearing about their solution recently. They no longer have to act as a storage facility for users private keys, and they are able to improve their offerings to their users and have better transaction speeds. The risk of hacks is done away with, and their users data is now totally safe. By paying a token sum, they are now confident that an occurrence of what led to them loosing their users funds and confidence has been prevented from happening again.

HealthMix is a health organisation that stores users confidential information within its database, locally. They recently suffered a breach that ensured that personal/sensitive customers data was lost. The company is embarrassed, and the board has called an emergency meeting to mitigate against a reoccurnace. A board member directs them to Goldilock's website, after reading about it on Forbes, and they decide to give it a trial. They learn that Goldilock offers on-demand accesss to data, and only goes online when in use. This appeals to them, and they are pleased that they also have a plethora of options to choose from. The ideal solution for them is an on-premises deployment model, seeing their users only access their information, when within the premises, and they could also tweak their access mode, if the need arises in the future.

10.0 TOKENOMICS
As it is to be expected the fuel that powers the ecosystem, and through which value can be gotten is a token. LOCK is a NEP-5 asset on the NEO blockchain. It makes use of Byzantine Fault Tolerance to provide an immutable auditing mechanism for each individual node.

It wil also be used to effect subscription payment on the Security Suite.

Token Name: LOCK
Total Supply: 1 billion LOCK tokens.
Token Sale Hard Cap: $50m

11.0 WHY NEO SMART ECONOMY?
In continuation, Goldilock's preference for NEO boils down to these additional reasons below:
Regulatory compliance: NEO will be able to identify digital identities, thanks to its use of Public Key Infrastructure (PKI) X.509 standard for identity. This is in line with government regulations.

Use of a superior Consensus Mechanism: NEO uses an advanced version of the Proof of Work (PoW) and Proof of Stake (PoS) mechanism, called delegated Byzantine Fault Tolerance (dBFT). Here, NEO token holders vote for delegates, who then have to decide on transactions to be accepted.

Faster Transaction Speeds: NEO is able to carry out more than 10,000 tps, thanks to its consensus mechanism, at no cost.

Goldilock is committed to ensuring that its customers are able to transact in the most secure, and efficient environment just like NEO. This explains why the union was a no brainer.

12.0 SUMMARY

Image Source

Goldilock ensures the way data/assets are managed is extremely secure. It ensures that users that have had bad experiences are not turned off by the failure of stakeholders to have them better protected. It offers a new lease of life, and ensures that users have a new found freedom, are in charge, and can carry out actions from anywhere at anytime. The understanding that sensitive data should be treated as such is not lost on Goldilock, and this is to the benefit of users.

The price of security is a small price to pay, especially when compared to the losses an organisation will have to bear, when vulnerabilities are taken advantage of. Goldilock ensures that it isn’t just creating a solution that might create more problems, but it is actually creating a solution that is really needed. Everyday, new solutions come up that the blockchain/cryptocurrency industry needs. Goldilock is clearly at the top of that pile.

**TEAM**