How Does Safeheron Connect Ensure Transaction Security?
What is Connect?
Connect is a new secure transfer application launched by Safeheron based on Trusted Execution Environment (TEE). By creating team profiles and connecting with other team profiles, users can conduct transfers securely and efficiently. Connect has the following features:
- Address-free transactions
- Incoming funds pre-approval
- Flexible address change
This article focuses on Connect’s security. For more details on Connect’s features and usage, please click here to learn more.
How Does Connect Ensure Security?
The features of Connect, such as address-free transactions and the ability to flexibly change receiving addresses at any time, greatly enhance transaction convenience. However, you might wonder whether the receiving address could be tampered with by Safeheron or other malicious third parties during the transfer process using Safeheron Connect. How does Connect ensure the accuracy and security of transaction data?
Let’s explore how Safeheron addresses these security issues through TEE and cryptographic technology, combined with a zero-trust security architecture, to guarantee trusted Connect profiles, trusted connections, and trusted transaction singing.
Trusted Connect Profiles
Connect profiles are used to receive funds, each bound to a team wallet. Multiple team administrators must collaboratively approve a new profile through the Safeheron mobile app to activate it. All approval actions undergo authentication within a trusted execution environment (TEE). The detailed authentication process is as follows
- Profile Approval: When a team administrator reviews and approves a new profile, they use an authorization private key to digitally sign the profile data, including the team information and the BIP44 path of the wallet address.
- TEE Verification: All administrators’ digital signatures and profile data must undergo validity verification within the trusted execution environment (TEE).
Once the profile is successfully verified, it is encrypted and stored within the trusted execution environment (TEE). This process ensures the confidentiality and integrity of the profile data, preventing any tampering by malicious third parties.
What is an Authorization Private Key?
When a new member joins the team, their device automatically generates a pair of asymmetric keys. The private key serves as the authorization key, while the public key is registered and authenticated within the TEE. In various approval scenarios, the private key is employed to sign the data under review. These approval scenarios include transaction signatures, team policy updates, whitelists, and Connect profiles.
Trusted Connection
Connecting is the process of establishing a link between profiles, which can help you and multiple partners create secure transaction channels. Similar to adding new profiles, when connecting with profiles from other teams, administrators from both teams need to approve the connection request.
During the approval process, the TEE verifies the validity of data related to the connection, including the initiating team’s information, the profile information, and the counterparty’s profile information. Only the connection data that passes verification will be encrypted and stored within the TEE. The related authentication methods and security measures are identical to those described in the "Trusted Connect Profiles" section.
Trusted Connect Transaction Signature
When initiating a transaction, you can select a connected profile as the receiving address without worrying about the actual address behind the profile. This makes Connect transactions simpler and more efficient compared to manually entering receiving addresses and managing whitelists. On the Safeheron platform, all transactions are protected by the TEE Policy Engine.
For Connect transactions, the TEE Policy Engine verifies the following data:
- The validity of the connection between both parties.
- The consistency between the address bound to the recipient profile and the actual receiving address of the transaction.
- Whether the approval meets the preset policies and approval workflows of the initiating party’s team.
- Whether the approval meets the receiving approval workflow if the recipient has preset one.
After all data has been verified, the TEE Policy Engine will generate a TEE report for the Connect transaction. This report will include both the transaction data and the profile data. Subsequently, the report will be distributed to all MPC nodes involved in the multi-party computation for signing the transaction (such as the mobile app, API Co-Signer, and Safeheron’s TEE Co-Signer). The nodes will then proceed with distributed verification. The transaction signature can only proceed if all MPC nodes verify that the transaction data and Connect profile data match the TEE report perfectly.
Conclusion
When using Connect for transactions, although the destination address remains invisible throughout, Safeheron employs TEE and cryptographic technologies to ensure the trustworthiness of both the Connect profiles and the connections. Additionally, a zero-trust security architecture with distributed verification is introduced during the transaction signing phase to constantly ensure transaction security. This design not only prevents malicious actions from both internal and external sources but also provides users with a convenient and efficient transfer experience.
With Connect, you can maintain high security in business operations while conducting business transfers more efficiently, thus facilitating your business expansion.
