In the Cryptocurrency world, there are two ways to store your keys - Hardware wallets, and Software wallets. Hardware wallets are physical devices or tokens that store your keys, and Software wallets are one of the many applications that you install on your Phone or PC to store your keys.
Note: When we talk about keys, we're talking about what cryptocurrency is underneath the hood - cryptographic keys. When you look at a Bitcoin address, that's actually just a shareable form of a key, and Bitcoin Wallets are just collections of keys.
Ultimately, the idea of any wallet is to put some sort of barrier in front of someone taking your cryptocurrency assets. Hardware wallets give you the assurance that you need to be physically holding the device to take them, and Software wallets give you the assurance that you need the password to take them.
Most people gravitate towards Hardware wallets once their cryptocurrency portfolio gets large enough, as they want that assurance that no-one can steal their keys. Software wallets have the added risk that someone could take a copy of your keys and try to break into them without you knowing.
Why even bother with Software wallets at all if they're much higher risk? Easy: it all comes down to cost. Hardware wallets are expensive, and you usually have to buy 2 so you have a backup in case one fails or is lost. And then they're just confusing to use, especially to non-technical people.
We built Signata with 2 goals in mind:
- To give you a Hardware wallet using cheaper devices, and
- To make Yubikeys easier to use.
YubiKeys are cheap. Not as cheap as something like an ordinary smart card, but we'll get into the added value of them later. They're still cheaper than other Hardware wallets, and you can see the difference in the following price comparison:
Easier to Use
There are a few features in Signata that make your life easier:
- You don't need big, complex passwords for your YubiKey. Your YubiKey will lock itself after 5 failed PIN attempts to use it, so you can just use a numeric PIN that's easier to remember (much like a credit card with a chip).
- Any time you want to transfer cryptocurrencies, you just need to insert your YubiKey and provide your PIN to authorise the transaction.
- We take care of setting up your YubiKey with everything we need and we lock it down to prevent other people breaking into it. All you need to remember is your PIN, and to write down or print a special Recovery Passphrase that you set when you first install Signata.
- You can add as many YubiKeys as you want, and backup and restore them at any time.
Blurring the Line
Signata isn't a Hardware wallet solution. And it isn't a Software wallet solution. It sits somewhere in the middle. To get the most out of YubiKeys we add a special encryption key on them, and then that encryption key encrypts all of your keys stored in the Signata application.
In this way, you get the best of both worlds. Easy and fast use of cryptocurrency keys, but that added security layer of still needing a physical device plugged in to authorise transactions.
A transaction is any event where you add an entry to a blockchain, such as sending one person a bitcoin.
The value-add with YubiKeys
YubiKeys are very versatile. Signata (for now) only utilises just one feature of them, and even then only utilises just one feature within that one feature. YubiKeys can have more keys installed in them to digitally sign documents and emails, as well as accessing physical building door readers, and authenticating to computers. They also have a FIDO U2F application, which lets you protect your Google Account, Facebook Account, and many other services. They can be set up with a PGP application for email security. And finally they have an OTP token generator, which can also be integrated for easy login to services that support it.
Signata is definitely not the limit of the usefulness of the YubiKey. If you already own a YubiKey then Signata will work with that straight away (as long as you haven't set up the CCID part with another service), and if you get a YubiKey for Signata, then you can extend it further towards protecting your online life.
Watch this space too - YubiKeys aren't going to be the only device we support - we're investigating more options now (such as the Nitrokey). Feel free to tell us your favourite device that you would like to see supported in the comments :)