The application is built as a standalone web application that can be used both on and offline. All processing is conducted on the client-side; our remote servers never come in contact with the user’s secrets. The locally running code will be available for inspection and auditing to assure our user of its safety and correctness.
Xecret.io works with all wallets that generate a seed phrase, regardless of the digital assets or chains that they support. All wallets utilize private keys to authenticate transactions, employing Single Signature, Multi-Signature or Multi-Party Computation (MPC). Regardless of the type of authentication employed, Xecret.io is the most secure solution to protect the various wallets’ seed phrases.
The individual QR codes do not contain enough information to retrieve the wallet's seed phrase, rendering the QR code hack proof. This is achieved by leveraging Private.me XOR-based Information Dispersal Algorithm (XOR-IDA) to create a set of cryptographic QR codes. Please refer to our White Paper for more information.
The best approach to keep seed phrases secure from cybercriminals is to store them offline. When storing offline, it is critical to save multiple copies in the event that one is lost or destroyed by a natural disaster. However, keeping multiple copies increases the likelihood of one of them being stolen.
Xecret.io protects against theft by encoding the seed phrase into a set number of cryptography QR codes. The seed phrase cannot be retrieved if an individual QR code is compromised. A certain threshold of QR codes is required to retrieve the seed phrase. For example, at least two of the three QR codes must be scanned to retrieve the seed phrase.
The seed phrase is encoded in a decentralized framework within each QR code. Furthermore, within the framework, cryptography and redundancy are incorporated. Individuals who utilize QR codes will benefit from the offline security of a cold storage wallet with additional protection against physical loss, fire, and theft.
Instead of storing the QR codes at different locations, users may store them with different guardians. No entity or individual possessing an individual QR code can retrieve the confidential information. Due to the decentralized state of the seed phrase, the guardian, who has access to an individual QR code, will not have control or custody over the seed phrase from the wallet. This minimizes the owner's risk and reduces the guardian's responsibility. If one of the QR codes is lost or stolen, the owner can still recover that seed phrase from the other QR codes in its set.
Solution Types | Disaster/Loss Protection |
Theft Protection |
---|---|---|
Single Copy Stored in One Location | X | X |
Multiple Copies Stored in Different Locations | X | |
Online Digital Storage | X | |
QR Codes Distributed to Different Locations |