Square, the digital payments giant that last year rolled out bitcoin trading through Cash App, its peer-to-peer mobile finance service, has open-sourced the system that the firm uses to manage cold storage for these cryptocurrency assets. Announced in a blog post penned by Square security…
Square, the digital payments giant that last year rolled out bitcoin trading through Cash App, its peer-to-peer mobile finance service, has open-sourced the system that the firm uses to manage cold storage for these cryptocurrency assets.
Announced in a blog post penned by Square security engineer Alok Menghrajani, the company said that it chose to make the system open source to inspire further innovation in the cryptocurrency space and help companies in the fledgling industry fulfill their security needs.
“We hope that by sharing our work, we can make it easier for others to fulfill their security needs, enabling even more innovation — and better protection for all players — in the cryptocurrency space. In the long run, since we had to solve problems that other companies may face, we are interested in standardizing some of our work.”
Dubbed “Subzero,” Square describes the solution as an “enterprise offline Bitcoin wallet” that is ideal for “those who don’t want to use an off-the-shelf hardware wallet because they need to create unique customizations or implement business-related rules.”
Subzero relies on a Hardware Security Module (HSM), which is programmed to run a custom bitcoin wallet implementation called Subzero Core and supports both Segregated Witness (SegWit) and Hierarchical Deterministic (HD) Wallets. Menghrajani said that the development team leveraged cryptocurrency hardware wallet manufacturer Trezor’s open source projects “as much as possible.”
Menghrajani said that the benefit of using an HSM as opposed to an off-the-shelf wallet is the ability to create multiple security layers that tradeoff convenience based on the amount of funds stored in each layer. For example: to further secure its cold wallets, Square programmed the HSM so that bitcoins in cold storage could only be transferred to Square’s hot wallets, ensuring that attackers would have to compromise multiple systems to steal funds.
Notably, Menghrajani said that the HSM was programmable, giving the firm the “flexibility to implement other protocols in the future,” if it so chooses. In the past, Square CEO Jack Dorsey had suggested that the firm intends to expand its bitcoin services beyond buying and selling, but the company had not announced plans to add any new cryptocurrency assets to its offerings.
Square also open-sourced a tool called Beancounter, which the firm uses to audit its bitcoin wallet balances. One particularly useful feature of this tool is the ability to compute balances at any given date in the past.
Featured Image from Shutterstock
Last modified: January 24, 2020 10:57 PM UTC