Wallet Security

Security is paramount within the Bonuz ecosystem, where safeguarding users’ digital identities and assets is our top priority. As a self-custodial wallet, Bonuz empowers users with full control over their private keys, ensuring that they remain the sole custodians of their digital assets. To achieve this level of security, Bonuz integrates with Web3Auth, a trusted provider of decentralized authentication solutions renowned for their robust security measures and comprehensive audits. This section outlines the security framework employed by Bonuz, detailing how Web3Auth’s infrastructure underpins our wallet management system.

Self-Custodial Wallet Model

Bonuz operates on a self-custodial wallet model, meaning users retain exclusive ownership and control over their private keys and digital assets. Unlike custodial wallets, where a third party holds the private keys, Bonuz ensures that users are the sole custodians of their funds and identities. This model enhances security and aligns with the decentralized ethos of blockchain technology, mitigating risks associated with centralized points of failure.

Integration with Web3Auth

To fortify wallet security, Bonuz integrates with Web3Auth, a leading provider of decentralized authentication solutions trusted by over 25 million users globally. Web3Auth facilitates the creation and management of the main controlling Externally Owned Account (EOA) wallet through a seamless and secure process. By leveraging Web3Auth's advanced infrastructure, Bonuz ensures that user wallets are protected by industry-standard security protocols, including Multi-Party Computation (MPC), Threshold Signature Scheme (TSS), and Multi-Factor Authentication (MFA).

High-Level Security Architecture of Bonuz leveraging Web3Auth.

Key Security Features

1. Multi-Party Computation (MPC)

Multi-Party Computation (MPC) is a cryptographic protocol employed by Web3Auth to enable the secure generation and management of private keys without ever exposing them to a single party. In the Bonuz ecosystem, MPC ensures that the private key is split into multiple parts and distributed across different servers. This distribution means that no single entity, including Bonuz, can reconstruct the private key, thereby eliminating the risk of key theft and enhancing overall security.

2. Threshold Signature Scheme (TSS)

Threshold Signature Scheme (TSS) complements MPC by requiring a minimum number of key parts to authorize a transaction. In practical terms, TSS ensures that multiple parties must collaborate to generate a valid signature for any transaction. This requirement prevents unauthorized access and adds an additional layer of security, as an attacker would need to compromise multiple key parts simultaneously to gain control over the wallet.

3. Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) is employed to verify user identity through multiple verification steps before granting access to the wallet. Bonuz integrates MFA by requiring users to provide additional authentication factors, such as biometric verification (e.g., fingerprint or facial recognition) or one-time passwords (OTPs), alongside their primary credentials. MFA significantly reduces the risk of unauthorized access, ensuring that only legitimate users can access their wallets.

4. Shamir Secret Sharing (SSS)

Shamir’s secret sharing scheme is a polynomial threshold [(t,n)][(t,n)] secret sharing scheme where a dealer divides a secret into n multiple shares and each participant is given a share by evaluating a polynomial of order tt . To reconstruct the secret, t+1t+1 shares are required.

Private Key Management

Bonuz employs a secure key management system via Web3Auth to handle private keys, leveraging the combined strengths of MPC, TSS, and MFA. The private key is never stored or transmitted in its entirety, minimizing exposure to potential breaches. Instead, the key is dynamically reconstructed only when needed, and even then, only within a secure environment. This approach ensures that private keys remain intact and uncompromised throughout their lifecycle. In order to meet these objectives, Web3Auth's Infra is designed to be a set of nodes.

User Education and Best Practices

Security is a shared responsibility between Bonuz and its users. Bonuz is committed to educating users about best practices in maintaining the security of their wallets and digital identities. This includes:

• Guides and Tutorials: Providing comprehensive resources on setting up and securing wallets.

• Regular Updates: Informing users about the latest security features and potential threats.

• Support Channels: Offering accessible support for users to address security concerns and incidents.

Conclusion

Bonuz prioritizes the security and privacy of its users by integrating advanced technologies and best practices in wallet management and digital identity verification. By leveraging Web3Auth's robust security infrastructure, including MPC, TSS, and MFA, Bonuz ensures that users' private keys and digital identities are safeguarded against unauthorized access and potential breaches. This protects user assets and fosters trust and confidence within the Bonuz ecosystem, positioning Bonuz as a secure and reliable solution.

For more detailed information on Web3Auth's security infrastructure, please refer to their official documentation.