Project Description
Tookey - asset and access management protocol that intends to transform the enterprise private key management paradigm across Web3, DeFi, and Collectible platforms.
Problem scope
The problem scope is massive: more than $500 million was stolen from only 4 protocols in December 2021 due to a compromised secret key issue.
Cross-chain bridges remain a major target for hackers, with 3 bridges breached this month (October 2022) and nearly $600 million stolen.
Solution
Tookey detects risks to private key integrity and fraudulent transaction pushing, allowing developers to swiftly integrate and implement distributed private key management solutions.
Because of the introduction of Threshold signature schemes, this is now achievable. TSS enables several persons to sign transactions with a single public key.
Pluggable The TSS participation library and the Key Service API are the two main components of Tookey. Third-party applications like as DeFi protocol maintenance tools, end-user wallets, CEX depositaries, escrow services, and so on can be built using these components.
Project Impact
Cybersecurity is on many Web3 CEOs' minds as the need to protect their companies', investors', and consumers' assets.
GnosisSafe and other multisig systems add complexity and execution costs while being devoid of corporate asset management functionalities.
Current private key administration experience is completely inadequate:
- Access management is a complicated and unresolved topic in many Web3 applications.
- Automation of execution necessitates the exposure of private keys inside a semi-trusted environment, resulting in inadequate security.
- Smart contract access control is restricted by on-chain data, which adds complexity and execution costs.
We suspect the issue is identified in three aspects:
- Proper security against compromise of the private key severely restricts projects and reveals numerous business operations unfeasible.
- Standard approaches usually provide a low level of security. At their own risk, most projects distribute keys to high-ranking managers for sole control, which can lead to loss of funds or private key compromisation.
- Multisig is a terrific approach to boost security, but the complexity of gathering those signatures and the algorithms for interacting with multisig keys cause challenges and limitations that most projects and users cannot tolerate.
In our opinion, three characteristics must be included in a management solution:
- Allow third-party access to the wallet (partners, staff, and even servers), but explicitly limit the potential modes of engagement.
- Compatible with various execution contexts and should not be firmly bound to a certain blockchain or wallet.
- The solution must be non-custodial; the risk of compromise of control as a result of an unethical service provider is too terrific.
We solved the problem by meeting all three requirements, now keys can be exchanged with Tookey and are no longer secret, but remain secure and protected.
By making private keys divisible, sharable, and pluggable, we reframed the concept of private key access and security, also ensures that a single key can be utilized in multiple scenarios.
Signing process demonstration video and GitHub repositories:
We share a belief in the possibilities for decentralization and the development of a better web3 internet. Tookey resolves private key compromise threats while being a non-custody solution. Protocol supporting all Ethereum-like networks, the main focus on security and user privacy. We can enable improved private key access scenarios, enhance business asset management, and massively scale human coordination for web3 entrepreneurs building next-generation daps working together.
The team encountered various challenges while working on this project, including the requirement that MVP fulfill all existing asset management and protection criteria, be simple to implement in any given protocol, and be cost-effective.
By connecting more protocols, we will be able to adapt Tookey to a broader variety of demands while mastering functionality and introducing new from-the-box capabilities for enterprise clients such as DAO and escrow setup administration.
Keep in contact by following Tookey.io on the major social media platforms:
About the Creator
Tookey
TOOKEY - asset and access management protocol that intends to transform the enterprise private key management paradigm across Web3, DeFi, and Collectible platforms.
Enjoyed the story? Support the Creator.
Subscribe for free to receive all their stories in your feed. You could also pledge your support or give them a one-off tip, letting them know you appreciate their work.
The Art of Work: Valuing Time in the Age of AI
Artificial intelligence isn't going away. You might be excited about that. You might be anxious. Whatever you're feeling, though, AI has become a permanent fixture in our society. As long as there's profit to be made, advancements in AI will shape the next wave of technology.
By Addison Horner11 days ago in 01
What is Azure Security Center: Your Essential Guide
Every Company is quite concerned about cyber threats. Increasingly, more businesses are turning to cloud computing, so protecting their cloud servers has become critical. Here's when Azure Security Center gets useful. Microsoft offers a powerful security management solution that helps companies protect their Azure resources, detect and respond to threats, and maintain compliance with industry standards and regulations. Let's get an overview of what is Azure Security Center.
By Dhruvil Joshi6 days ago in 01
Dog Thirteen
Dog Thirteen June 4, 2023 Today was different. To be fair, all days are different now that I am a new dog. Every day I seem to be able to do something new- open my eyes, stand up, hobble around, wag my tail. Every day I get stronger and more comfortable in this body. It’s not bad, being a dog. Not so far, at least. I never have to go hungry, although we are feeding from our mother less and less and trying new foods that come out of a bag and a can. It’s a mixture. I wish I could tell the humans that I prefer the food from the can. I try to show them by picking out the kibble pieces and spitting them onto the ground, but they just laugh and think I am being cute. That feels frustrating, to not be understood. But I cannot stay mad for too long because the humans pick me up and pet my head and body and it makes me feel happy inside, and now that I know how to wag my tail, I try to do that a lot.
By Morgan Longford6 days ago in Chapters
Comments
There are no comments for this story
Be the first to respond and start the conversation.