We are excited to announce the Lock-Keeper Toolkit, an innovative suite of components designed to simplify integration with Lock-Keeper and streamline transaction approval and signing. Lock-Keeper was built with developer accessibility in mind, which makes it easier to integrate into various systems. The toolkit represents a significant advancement in our mission to provide secure, scalable, and compliant digital asset management solutions, helping organizations navigate the evolving world of Web3 securely and efficiently.
The Growing Challenge of Digital Asset Security
In 2024 alone, over $1.4 billion in digital assets were stolen due to private key theft, highlighting the pressing need for more multi-layered security solutions. Private key compromise continues to be a significant issue in the crypto industry, with a 42% increase in private key leaks compared to the previous year. Traditional custodial and user-controlled wallets present substantial challenges, offering complete control without compliance or lacking meaningful user control.
Lock-Keeper directly addresses these challenges by utilizing advanced cryptographic techniques like Shamir Secret Sharing (SSS) to ensure the safety of digital assets. Bolt utilizes a secure enclave (e.g., AWS Nitro) to split sensitive private keys via SSS into separate shards, encrypts those shards, and stores them on separate key servers. This provides robust security through geographic diversity and ensures that the whole private key is never exposed outside of the enclave, which significantly reduces the risk of key compromise. In addition, we are actively working on integrating Multi-Party Computation (MPC) to further future-proof and enhance security. Because of Lock-Keeper’s underlying cryptographic features, our toolkit empowers any organization managing digital assets, enabling them to address security threats and safeguard their infrastructure proactively.
What’s Inside The Lock-Keeper Toolkit?
The Lock-Keeper toolkit offers a suite of powerful web-based tools designed to streamline integration with our Lock-Keeper infrastructure. Each tool in the toolkit serves the ultimate purpose of simplifying the lifecycle of transaction approvals while enabling faster, more secure workflows. Here’s what you’ll find:
- Lock-Keeper Admin Console: A web console that allows customers to easily manage all objects within the system, including users, authorizing entities, domains, policies, and branding. The Admin Console simplifies complex configurations, providing administrators with complete visibility and control over the system. The intuitive, multi-tenant interface, customizable for each tenant, reduces configuration time and allows administrators to focus on optimizing security protocols and policies for their specific needs.
-
Policy Builder: A versatile web-based tool that allows for creating, editing, and managing policies within Lock-Keeper. You can customize policies to include authorizing entities, transaction amounts, domains, and transaction types. The tool supports three distinct approaches:
- Manual Approach: Define and sign policies externally, then import them into the system.
- Graphical Approach: Define, sign, and submit policies using an intuitive user interface.
- Hybrid Approach: Graphically define policies, export them for external signing, and then re-import them for submission.
This flexibility allows organizations to choose how policies are created and enforced, providing powerful tools for managing compliance and governance.
- AE Dashboard (Authorizing Entity Dashboard): The AE Dashboard is designed to simplify transaction approval workflows. Authorizing entities can review, approve, or reject transactions, add comments, and sign responses using private keys. Once approved, the signing call is automatically executed. The AE Dashboard can be deployed in either Bolt’s environment or a customer’s infrastructure and features a RESTful interface for managing transaction signing. This dashboard provides a comprehensive audit trail for each transaction, ensuring verifiability and security.
-
Setup Wizard: A standalone web-based tool that guides integrators through the initial configuration of Lock-Keeper, helping them get from zero to signing in under 60 minutes. Users are prompted to enter essential information, and after the configuration, an execution log provides feedback on the APIs used. This wizard ensures that even users without deep technical knowledge can configure Lock-Keeper.
-
Sample Apps: A set of Rust-based sample applications to help developers integrate Lock-Keeper efficiently:
- Attestation Sample: Demonstrates how to verify attestation documents retrieved from Lock-Keeper.
- Signing Sample: Shows how to sign standard and EIP-712 Ethereum transactions, including encoding and hashing transactions.
Future-Proof Security with Advanced Cryptography
The Lock-Keeper architecture is built on innovative techniques like MPC and SSS and is designed to easily adapt to future security needs. It seamlessly integrates with blockchain technologies and supports multi-region, high-availability deployments capable of instantly managing millions of keys and transactions. Our use of secure enclave technology (e.g., AWS Nitro) ensures that sensitive information is never exposed, even during transaction approvals. This future-proof security architecture provides peace of mind to businesses and users in the fast-paced world of digital assets.
Why Use Lock-Keeper’s Toolkit?
With the increasing risk of private key theft and security needs for an evolving Web3 world, the Lock-Keeper Toolkit offers a comprehensive suite of tools to ease the burden of securing digital assets and flexible policy management to address rising security challenges. Our use of Shamir Secret Sharing (SSS) ensures that sensitive keys are split and never exposed as a whole private key outside of a secure enclave. In the future, Multi-Party Computation (MPC) will add another layer of robustness, making digital asset management even more secure.
Lock-Keeper’s unique combination of Shamir Secret Sharing and upcoming Multi-Party Computation ensures flexibility, reliability, and privacy while maintaining high-security standards. Our toolkit is perfect for startups and enterprises seeking to scale their digital asset management securely.
Ready to Experience Lock-Keeper Toolkit?
If you’re ready to transform your digital asset management, we’re here to help. Our toolkit empowers your organization to enhance security, streamline workflows, and stay compliant. Contact us today to schedule a personalized demo and see how our toolkit can empower your transaction management experience: info@boltlabs.io.