Overview
At Levain, we are on a mission to empower institutions with rapid access to Web3 products, services, and global blockchain development infrastructure on the dynamic and fast-moving landscape of Web3.
Our platform, engineered on the foundation of emergence, ensures our users are always at the forefront to capture the infinity of blockchain innovation.
Therefore, we believe that security is paramount when it comes to managing digital assets on the blockchain, and it is at the core of everything we do. Let's delve into the heart of our self-custody wallets and explore how we design our self-custody wallet that ensures the highest level of security for your digital assets.
How are keys used in Levain's self-custody wallets
Levain's wallets are built using multi-signature technology in a 2-of-3 signing quorum on-chain. When you create a wallet on Levain, three private keys are generated in different ways:
Key 1: User signing key. This key is generated entirely on your browser, during wallet creation, and is kept by you. Levain keeps an encrypted version of this using your wallet password, and Levain has no access to your actual private key.
Key 2: User backup key. This key is also generated entirely on your browser, during wallet creation, and is kept by you. This key is meant for you to backup safely, and only used in situations when you need to perform wallet recovery. Levain never keeps this key at all, except for the public key.
Key 3: Levain key. This key is used by Levain for co-signing transactions initiated by the user, and fuelling transactions to be broadcasted to the blockchain. This key is protected by Levain with institutional-grade security.
Your User signing key and User backup key are generated entirely through your browser, and crypto.randomBytes is the most secure
With a 2-of-3 signing quorum, it means that Levain cannot move your digital assets independently on our own.
All transactions have to be initiated and co-signed by your approval quorum controlling the User signing key, while Levain co-signs the other part of the transaction with you using the Levain key.
How does wallet recovery look like
During the wallet creation process, you will receive a key card in PDF form containing the encrypted versions of your private keys 1 and 2, along with the encrypted wallet password. This key card is meant for you to recover your wallet in various recovery scenarios.
We recommend that you print out your key card and keep it safely according to your own key ceremony procedures.
Here is what's being backed up in each of the QR codes in your key card:
Box 1: Encrypted user signing key. Your User signing key is encrypted with the wallet password you used during the wallet creation process. If you've forgotten your wallet password, see Box 4.
Box 2: Encrypted user backup key. Your User backup key is encrypted with the wallet password you used during the wallet creation process. If you've forgotten your wallet password, see Box 4.
Box 3: Levain key (public key only). This is the public key of the Levain-held keypair used to co-sign transactions with you via our Levain platform. This is given to you as a reference. We can also assist you to co-sign transactions should you lose one of your keys in your own backup.
Box 4: Encrypted wallet password. This is the encrypted version of your wallet password provided by you during the wallet creation process. Typically, you do not need to decrypt this unless you forgot your wallet password. As Levain encrypts your wallet password with an RSA key that we use, we're able to assist in the recovery of your wallet password should you forget it.
How is signing done via the Levain platform
Every transaction performed via the Levain platform goes through our Policy Engine. The Policy Engine allows you to configure several controls that might best fit your organisation's internal policies.
Wallet-level users. Users within your organisation are not automatically added to every wallet, unless permission is explicitly granted by the wallet's Wallet Approvers. Users can be added to the wallet-level to three different roles: Wallet Approvers, Wallet Initiators and Wallet Viewers.
Approval quorum. The approval quorum allows you to configure an off-chain approval threshold required so that you can use the User signing key to perform the actual signing of transactions. In order for you to configure your approval quorum, you'll first need to have multiple Wallet Approvers in a wallet. Only Wallet Approvers will be counted towards the n in the m-of-n approval quorum.
Whitelisted addresses. Blockchain addresses have to be first whitelisted at the wallet-level before you can initiate a transaction to these addresses.
When an initiated transaction passes all policies configured by you, you'll then be presented with the encrypted user signing key to perform the actual transaction signing with your wallet password.