Master Key
The key ceremony is the confidential creation of a master key in the key store. The master key is used to derive further addresses and to manage their assets.
The identity who has access to the master key owns the assets of the system!
Paradigms of a Key Ceremony
Secure way to create and store key material
Only the client has access to the key material inside the enclave of a Trusted Execution Environment (TEE) at any point in time
An audited solution that proves that the technology provider (Riddle & Code) cannot access the Trusted Execution Environment and the key material
The key material can be recovered by the client in case of a disaster
Process of creating the master key
User triggers the generation of a random number via the user interface
A random number is created inside the Hardware Secure Module (HSM)
The random number is used to generate a seed
A mnemonic phrase and master key generation is performed
The master key is stored in a Trusted Execution Environment to prevent anybody to access it
Backup of the master key
The mnemonic phrase is exposed via the user interface
The mnemonic phrase can be stored via steel plates
The mnemonic phrase and the option to back it up is only available once during the key ceremony. Hence, the mnemonic phrase cannot be retrieved at a later point.
Recovery option in case of disaster
If anything should happen to the system the keys and their assets can be restored using the backup of the master key.
the user enters the 24 words of the mnemonic phrase via the user interface
The master key is created and stored again in the Trusted Execution Environment
Last updated
