Introduction

Enterprise self-custody secured by TMPC

Not your keys, not your crypto.

Welcome to io.vault, a paradigm shift in how organizations and individuals secure their digital assets. We blend cutting-edge cryptographic technologies (TSS & MPC) with p2p like networking to bring you the first trustless MPC self-custody wallet. Unlike other MPC wallets, our technology allows you to distribute your key shares across your team, instead of centralizing risk on a single individual or entity.

Key Concepts

  • Vault: A digital safe (also known as a wallet) that stores digital assets. Its controlled by a threshold of distributed secret shares.
  • Secret Shares: Sensitive cryptographic data allocated to a user, granting a level of signing authority for a vault.
  • Threshold: The minimum number of secret shares required to participate in the signing ceremony of the vault.
  • Signing Power: The amount of control a user wields in the signing process, represented by the number of secret shares they posses for a given vault.
  • Reshare Request: A mechanism to modify the vault threshold or signing party, or to create a new vault. The threshold needs to be met to begin the reshare ceremony.
  • Deposit Address: The public address for a digital asset on its respective blockchain/network, controlled by the vault's secret shares.

Core Features of io.vault

Multi-Party Computation (MPC) and Threshold Signature Schemes (TSS)

io.vault leverages MPC, state-of-the-art cryptographic techniques, ensuring enhanced security in the digital asset transaction process. With our threshold-signature (TSS) implementation, you are able to determine the number of key shares to be distributed across your team and also the required threshold of key shares that need to participate in the signing process in order for a transaction to be signed.

Trustless MPC

Key material is distributed across team members of your choice and stored in the 'secure enclave' on their mobile device or virtual signer. No key material is ever stored on IO's servers. This means that you don't need to trust us, and you dont need to depend on us in a disaster recovery situation. Simply collect the encrypted 'key exports' from your team memebers and use our offline disaster recovery tool to access your funds.

Transaction Policies Enforced by Math

Unlike other custody solutions, which enforce transaction policies using software, io.finnet allows you to enforce your policies using its unique MPC cryptography. Simply run a virtual signer, allocate your virtual signer key shares, and deploy your transaction policy onto your virtual signer. Either give your virtual signer full control of your vault, or run multiple virtual signers in a setup where all virtual signers need to pass the policy in order to meet the threshold.

Transaction Request and Status

  • Request Process: Initiated by users, requiring approval and signatures from the signing party meeting the vault threshold.

  • Transaction Request Statuses:

    • PENDING: Awaiting approval and signature.

    • EXPIRED: Transaction request has lapsed.

    • REJECTED: Insufficient approval within the signing party.

    • SIGNING & PRESIGNING: Approved and undergoing the signature ceremony.

    • FAILED: Either rejected by the blockchain, or an issue in the signing ceremony.

    • COMPLETED: Signed and sent to the network. Once the transaction is mined and witness by our indexer, it will become a 'Transaction'.

    • Transaction Statuses:

    • PENDING: Witnessed in the mempool.

    • COMPLETED: Witnessed in a valid block within the blockchain.

    • CONTRACT_FAILED: Smart contract execution reverted.