Coder Social home page Coder Social logo

mikalv / subzero Goto Github PK

View Code? Open in Web Editor NEW

This project forked from square/subzero

0.0 3.0 0.0 1.05 MB

Square's Bitcoin Cold Storage solution.

License: Apache License 2.0

CMake 1.85% Dockerfile 0.32% C 33.60% Shell 3.24% Go 0.43% Ruby 1.15% Python 0.27% Java 59.15%

subzero's Introduction

HSM Cold Storage

For security purpose, Square stores a reserve of Bitcoins in an offline setting. By having these funds offline, we reduce attack surface and hence risk of theft.

Square's solution is unique, specifically, we leverage FIPS certified Hardware Security Modules (HSMs) to protect the private key material. We decided to use such HSMs because we already own, operate and trust these devices for other payments-related needs.

Funds can be sent from online systems to the cold storage at any time. Moving funds out of cold storage requires a multi-party signing ceremony. In addition, the offline HSMs are able to enforce business logic rules, for instance we only allow sending funds to Square-owned addresses. Such a scheme is usually called defense in depth or an onion model. We maintain the online/offline isolation by importing transaction metadata and exporting signatures using QR codes.

HSMs have the ability to share key material. This enables us the ability to store our backups in encrypted form and restore a wallet at any location.

This repo contains our design documents as well as specific technical information. We are sharing our source code, with the caveat that the code is currently only useful if you have the exact same hardware setup. We are willing to make the code more modular over time, as long as the broader community shows interest to implement support for additional hardware vendors.

See also Open Sourcing Subzero (blog post)

Documentation

https://subzero.readthedocs.io

License

Copyright 2018 Square, Inc.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

   http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

subzero's People

Contributors

alokmenghrajani avatar mbyczkowski avatar nealharris avatar worldwise001 avatar

Watchers

avatar avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.