How to Secure Cryptocurrency Exchange – From the Security Perspective

The gradual destruction of the Mt. Gox exchange hack is remembered among the crypto enthusiasts for its security breaches and thefts. The seismic wave of stolen data led by a gigantic hacking ended in the inevitable filing of bankruptcy by the exchange.

The root cause behind the hack was quite intricating; however such breaches could have been prevented with a right security approach. When we say best, we are signaling to what banking institutions and Governments have been putting their faith on for last decades and that is secure hardware. We are talking about…

Hardware Security Modules

A Hardware Security Module is a physical computing device which protects and manages cryptographic keys and gives a secure implementation of critical code. These modules come in the form of a PCI card which can be connected to the network directly.

Hardware Security Modules have built-in anti-tampering technology which destroys secrets in a physical breach case. They are constructed around secure crypto processor chips and active physical security measures such as meshes to alleviate side channel attacks. HSMs (Hardware Security Modules) have been actively used in the banking sector and in all industry verticals where secrets of criticality must be taken care of.

HSM Based Security Architecture for Exchanges

This section presents the Ledger recommended HSM based architecture in order to secure the exchange’s hot wallet. Cast a glance at these different modules/services in play:

• Exchange engine: It requests payment orders as customers ask for a withdraw.
• Exchange business logic: API with a view of all customer’s balances, soft/hard withdrawing limits and payment history.
• Hardware Security Module: PCI card connected to a server in the cryptocurrency exchange’s data center.
• Ledger Blue: A secure device protected by PIN code and kept in a safe.
• 2FA App: An external second-factor channel on the user’s phone.

The HSM (Hardware Security Module) is built around the below-mentioned units:

• BOLOS Core: This is the ledger Operating System, protecting the root seed from which all key pairs are derived and exposing API so internal business apps can function. Those apps are tested and signed offline which have no modification scope when the system is operating live.
• 2FA Channel: Each signature request should be validated by the internal plugin. It will need two challenge approvals, one from the cryptocurrency exchange business logic and the one from the user itself.
• Rate Limiter: This sets hard limits on the velocity of what all the HSM is authorized to sign. For example: 1000 BTC/hour, 15000 BTC/day. This is an important number because it will ultimately decide the maximum amount of loss in a case of total system compromise. The only important way to modify the rules of the limiter is all through an authorization signed by the Ledger Blue device.

These Hardware Security Modules are tested carefully and have been limited to misunderstandings of the administrative interfaces. One can say that nothing is unhackable and this would be true, however difficulty in achieving it is a few orders of magnitude higher than just taking control of a comprehensive IT architecture. Thus, the best of security technology is nothing without carefully audited internal processes.

In this post, we have explained about how Hardware Security Modules can revolutionize how blockchain technology works. So, if you are looking to integrate this security module architecture into your crypto exchange, leverage the best of our cryptocurrency exchange development services and enhance the exchange platform operations.