Thought Piece

Trust Your Key With a Trustless Bot


Blockchain is often touted as the most secure network ever created. It’s not unusual to hear people describe it as ‘Unhackable’, ‘Immutable’, ‘Tamper-proof’, ‘Trustless’. Whilst these are all powerful and aspirational qualities, anyone using any form of cryptocurrency today, knows that security is still an issue at the heart of the industry.

For something considered so secure, it seems quite contrary when confronted with reports such as, in 2018 $865 million was stolen from cryptocurrency exchanges.

Market Forecast

Source- https://www.ibm.com/downloads/cas/PPRR983X

There’s a saying in the crypto world: “not your keys, not your coins!” Meaning, the security of crypto is only maintained due to the strength of keys — hand those keys to anyone and you may well be handing them your crypto assets for good. While that places the burden of responsibility on you, it guarantees your crypto assets are safe.

Unfortunately, it also means that without your explicit involvement, or at the very least, your wallet being available online, you cannot interact with the blockchain. Which means your assets can’t be moved or traded. On the surface, it’s not that bad, except for when it becomes time-consuming, repetitive or time sensitive. Smart-contracts allow some automation but their limitations are significant, and so far don’t come close to replicating the functionality we’re accustomed to with centralized systems. The parameters of a smart contract must be predefined, which means an automated interaction can’t adapt to new circumstances. For example a specific fund amount must be locked into the contract for initiation. Perhaps more significant, is a smart contract’s inability to keep secrets or use a secret in an automated interaction. For example, a smart contract can’t hold a treasure map (or instructions) secret and revealed to only a particular party if they answered a riddle correctly. Neither the map nor the riddle answers can be stored in a smart-contract because of its inherent transparent, deterministic and immutable design.

Imagine if you could trust your wallet key to someone, with the assurance it’ll only be used per your explicit instructions? You could have your funds deployed when you’re not available. Trade variable amounts on different exchanges. Unlock a digitally-enabled door in your absence. Handle your estate if something happens to you. Allow for lawful backdoor access to your account if approved by an elected panel to enforce justice. That requires a lot of trust.

Trustful

In fact, similar automation already exists in the form of trading bots. Trading bots automate cryptocurrency trades based on predefined parameters. They allow users to make trades 24 hours a day and stay tuned in to the market even while asleep. Which is important as unlike traditional stock markets, the crypto market never closes. With the correct criteria, bots enable traders to stay in the game at all times and even execute faster, more efficient and precise trades.

Unfortunately, these bots require access to your private key or its equivalent API key, presenting a trust issue and security vulnerability. But what if it didn’t?

What if a bot was was trustless?

Tide is using crypto-tokens and crypto-wallets to manage access permissions to your personal data. Individuals use their crypto-keys to provide explicit consent to organizations seeking access to their details. The operation of granting access manually becomes quite tedious if you’re being asked several times a day. If you’re being generously compensated for it, you wouldn’t necessarily want to categorically deny those requests either.

Not having the time to respond to each individual request is going to result in missed opportunities, loss of income or skipping an awesome deal. It’s like hand signing all your Christmas cards: fine to do once a year but every day becomes impractical. If you know what data you’re comfortable sharing with particular types of organizations, shouldn’t you be able to give your on-going automatic consent?

Tide developed a technology that enables just such automation over their fully decentralized crypto-key management platform. Effectively giving rise to a trustless bot, or in other words an individual’s Delegated Automated Trustee on the blockchain (a DAT). In the Tide ecosystem, this means an individual simply provides parameters to the DAT to trade permission to access their personal data automatically on his or her behalf, as long as their criteria are met.

The magic ingredient to this decentralized solution is its ability to be a custodian of a crypto-key. In principle, this is achieved by splitting pieces of a key among a group of nodes. No single node (or subgroup) have any access or knowledge of the whole key, or the authority to act on its own, rendering malicious access to your key virtually impossible. Using secure multi-party computation, these nodes can act in a swarm to perform functions with the authority of the key on the user’s behalf. The technology is detailed in section 3.3.3 of the Tide Technical whitepaper.

Human Bot

Outside of managing automated access to personal data, this technology opens up a world of trustless opportunities, including decentralized authentication and password or key recovery. It enables businesses processes requiring ongoing access to your crypto-assets (monetary or otherwise) to operate without delay as long as the access is within your defined parameters as a customer, patient, citizen or subscriber.

The DAT can be used for many other wallet automation functions that weren’t feasible before, such as enabling automated trading bots access to your funds without ever having access to your key. Automated trading on decentralized exchanges can be achieved with a new tier of security. Trustlessness as it was intended.

While centralized solutions to these challenges are common (and vulnerable), fully trustless alternatives have so far proven unwieldy, complex or have significant limitations. These flaws hinder mainstream audience adoption.

Whether in a personal data ecosystem, crypto trading realm or elsewhere, it will be interesting to see whether this novel approach to trustless key management is the missing key to decentralization becoming a practical alternative to centralized systems.

Recent News

Press
11 Mar 2024

Infrastructure Magazine Feature

New approach to securing critical infrastructure.

Announcement
23 Nov 2023

RMIT, Tide, AWS Collab Unveiled

Tide's "Ineffable Cryptography" to secure critical infrastructure

Announcement
25 May 2023

New breakthrough in Zero-Trust

Deakin University researchers prove Tide's tech breakthrough in ZeroTrust cyber security

Announcement
26 May 2023

TideInside Dev Champion Crowned

Sean Nam Crowned Champion in the Prestigious TideInside Development Competition

media
5 Apr 2023

Interview with Dr Zero Trust

New Approach to Security Strategy with Decentralization

Blog
31 Mar 2023

Cybersecurity Predictions and Prescriptions

Cybersecurity in 2023 & Beyond: What to Expect and What Can Be Done

Video
10 Mar 2023

Tide guests on TechStrongTV

Co-Founder Michael Loewy explains need for a more decentralized approach to managing identity and cybersecurity to enable the promise of zero trust.

Video
14 Feb 2023

Tide guests on Zero Trust Podcast

This week we have a two-for-one special and feature our newest panel-style format.

Press
24 Oct 2022

Financial Review Interviews Tide

The spate of recent data breaches headlined by Optus and Medibank has reinforced the urgency to rethink cybersecurity.

Press
26 Aug 2022

Tide named world-changing startup

Revolutionary new technology to secure the future

Announcement
16 May 2022

RMIT validates Tide’s breakthrough cryptography

New multi-party cryptography enables true zero-trust

Announcement
16 Nov 2021

Tide win startup of the year

By AISA cybersec peak body

Contact

Thanks for getting in touch. We'll get back to you as soon as possible!

Send another message