Tezos Israel and HUB Security partner to develop a physical security module that will protect the encryption keys of Tezos network bakers, currently validating more than USD $200 million a day in transfers.
A new improvement to the Tezos network security was introduced today thanks to a collaboration between Tezos Israel and HUB Security, a cybersecurity company. The improvement allows the Tezos network validators, also known as “bakers”, to store encryption keys on a secure cloud or in a separate physical box, preventing theft and abuse of the encryption keys and disruption of the Tezos network. This improvement gives bakers more options beyond simply keeping their encryption keys online and enables their disconnection and placement in a secure work environment, preventing breaches and abuse.
“Contrary to Bitcoin, the Tezos network security is not based on consuming electricity, but on proof of stake,” explains Eli Terdjman, CEO of Tezos Israel. “The bakers overseeing the registration of transactions in the network hold large sums of currency, which are used to validate transfer credibility. This is an economical approach, but it requires the bakers to validate their transactions with private keys, which often hold substantial amounts of currency. Many bakers use “cold wallets” – separate pieces of hardware that hold encryption keys and have to be physically connected to the computers running the network. Today, the collaboration between Tezos Israel and HUB Security allows us to distance the keys a step further from the computers running the network and place them in a secure environment, while allowing the network to keep running flawlessly.”
The new improvement is based on unique cybersecurity and HSM (Hardware Security Module) abilities developed by HUB Security, an Israel-based company. This new type of server, armed with physical and network security features, allows the safe use of encryption keys and secret information to operate sensitive applications while maintaining complete secrecy and privacy. The server is controlled by a Mini HSM – a piece of hardware serving as a “remote control” that is held by the user, and by dedicated software, enabling a bank-level two-factor authentication (2FA).
“The Tezos network is becoming a very significant player with cryptocurrency transfers amounting to more than US $200 million a day, “explains Eyal Moshe, CEO of HUB Security. “With such large digital assets, you can no longer use improvised solutions. Many bakers act like small-scale banks, enabling transfers and holding assets for other clients, and this approach requires rigorous security. The solution we developed is based on our HSM technology, while the private encryption keys are kept in an impenetrable physical box or a secure cloud storage. Encryption keys are only accessible with a unique device and a computer, both of which do not hold the keys and are only exposed to the network when strictly necessary. This introduces bank-level security to the Tezos network, enabling its continued growth and further scaling.”
HUB Security utilizes military-grade cybersecurity principles for its Vault HSM (Hardware Security Module), and handheld mini-HSM device with FIPS approved cryptographic algorithm validation as well as an architecture that is designed for FIPS140-2 Level 4 (pending) –– the highest protection level available on the cybersecurity market to date.
About HUB Security
HUB Security is a top-tier, military-grade provider of programmable HSM and key management solutions for fintech, cloud, and blockchain security. Leveraging military-grade cybersecurity tactics and utilizing cutting-edge innovations, HUB Security has developed a family of products that provide the highest level of enterprise security available on the market today.