LogoLogo
  • overview
    • Introduction
    • Architecture and Roles
    • Fireblocks Embedded Wallet
    • Quick Start Guide
  • Features
    • Supported Networks and Tokens
    • Organization Account and Wallet
    • Passphrase and MPC Key
    • Withdrawal
  • DeFi Mode Overview
    • Borrowing and Lending
    • Settlement Mechanism
    • Transaction Fee
    • Adding and Removing Collateral
    • Repayment
    • Liquidation and Physical Delivery
  • Indication Mode Overview
    • Borrowing and Lending
    • Counterparty Management
    • Margin and Fee
    • Membrane Integration
  • Security
    • Security Overview
    • Account and MPC Key Share Security
    • Cloud Infrastructure Security
    • Full Key Recovery
    • Disaster Recovery for Fireblocks Key Share
  • Hypernative 24/7 On-Chain Security Analysis
  • Smart Contract Audit
  • Tutorials
    • MPC Key Generation
    • Wallet Creation and User Invitation
    • Joining Organization
    • Testnet Onboarding Guide
Powered by GitBook
On this page
Export as PDF
  1. overview

Fireblocks Embedded Wallet

PreviousArchitecture and RolesNextQuick Start Guide

Last updated 7 months ago

CtrlK

Fireblocks Embedded Wallets in TSI

TSI leverages Fireblocks Embedded Wallet (EW) to provide secure and user-controlled digital asset management. This technology empowers TSI users (borrowers, lenders, and liquidators) to maintain full control over their funds without relying on TSI as a custodian.

Key features of Fireblocks EW within TSI:

  • 2-of-2 MPC Key Management: TSI leverages Fireblocks' 2-of-2 Multi-Party Computation (MPC) signature scheme for enhanced security. This cryptographic technique requires two parties to collaborate on every transaction signature. One key share is stored on the user's device (web or mobile), and the other is secured within an Intel SGX-enabled server managed by Fireblocks. Intel SGX (Software Guard Extensions) provides a hardware-based trusted execution environment, isolating and protecting the key material from unauthorized access, even if the server itself is compromised. This 2-of-2 MPC approach eliminates the single point of failure, ensuring that neither TSI nor Fireblocks can unilaterally access user funds.

  • Simplified Key Management: Users create a simple passphrase for key recovery, eliminating the need to manage complex seed phrases or mnemonics. This significantly improves the user experience.

  • Secure Transactions: All transactions within TSI are secured by the MPC protocol, requiring both the user's and Fireblocks' signatures for execution. This prevents unauthorized access and enhances the overall security of the platform.

  • User Takeover Ability (full private key export): TSI provides clients with the ability to export their full cryptographic keys by utilizing Fireblocks' Full Key Takeover mechanism. This "User Takeover" feature gives users complete control over their assets, allowing them to move their funds to other wallets or services if they choose. While this feature emphasizes user autonomy, users should exercise caution and understand the potential security implications of managing their keys independently.

  • Enhanced Security and Trust: By using embedded wallets and the 2-of-2 MPC scheme, TSI addresses key concerns regarding regulation, business risk, and user trust. Users have greater confidence in the security of their assets because they control a key share. This also reduces business risk for TSI by not requiring them to act as a custodian.

In essence, the Fireblocks EW integration within TSI provides a secure, user-friendly, and non-custodial solution for managing digital assets, aligning with the highest security standards expected by institutional clients.

MPC Key Signature Flow

Reference: https://ncw-developers.fireblocks.com/docs/custodial-vs-non-custodial-wallet