Wallet Logo

Securosys

🔍 Last analysed 18th May 2022 . No source for current release found

Jump to verdict 

Help spread awareness for build reproducibility

Please help us spread the word discussing transparency with Securosys  via their Twitter!

Do your own research!

Try out searching for "lost bitcoins", "stole my money" or "scammers" together with the wallet's name, even if you think the wallet is generally trustworthy. For all the bigger wallets you will find accusations. Make sure you understand why they were made and if you are comfortable with the provider's reaction.

If you find something we should include, you can create an issue or edit this analysis yourself and create a merge request for your changes.

The Analysis 

Background

Securosys held an ITO (Initial Token Offering) in November 2, 2018 on Bitcointalk.org.

Securosys develops technically superior, security-wise most trusted, and financially competitive hardware and software for crypto assets and blockchain technologies. Its products enable Securosys to be the preferred partner not only for global enterprises, authorities, and industries but also new entrants to the blockchain space. Securosys’ products already protect the Swiss Banking System by securing € 100 Billion in daily transactions.

Product Information

A Hardware Security Module generates, stores, and manages digital identities (certificates), encryption keys, and digital assets. Rather than storing this critical information just somewhere on your network server or on a cloud server an HSM securely locks them away. So, even if your network is breached and your files are accessed, the most critical information, your digital identities and assets, your certificates, and your encryption keys are protected.

Securosys currently offers three different families of HSMs: The Primus X-Series and E-Series HSM, two general purpose network security appliances, and the Primus S500.

The Primus S500 is exclusively used by the Swiss Interbank Clearing System

The Primus E-Series is ideally suited to secure financial transactions such as EBICS, access to the cloud (CASB), key management in the PKI environment, or to protect blockchain systems.

The Primus X-Series

The Primus X-Series Hardware Security Modules (HSMs) are available in different performance classes (X200/X400/X700/X1000). In its most powerful implementation, the Primus X1000 HSM is capable to perform 1200 RSA-4096 operations (or about 4000 RSA-2048) per second. The Primus X-Series HSM can be managed with our remote access device Decanus.

  • Generates encryption keys
  • Stores these keys
  • Manages the distribution of these keys
  • Also performs authentication and encryption tasks
  • Primus supports symmetric (AES, 3DES), asymmetric (RSA, ECC, Diffie-Hellman), cryptographic hash algorithms (SHA-2, SHA-3), as well as advanced encryption standard-cipher message authentication code (AES-CMAC) for symmetric key diversification.
  • Multiple true random number generation (TRNG modules)
  • Ultra secure vault implemented inside a dedicated security chip.
  • CC EAL 5+ certified device offers offline storage for PKI root keys and other critical keys
  • Can support unlimited users
  • Can securely hold over one million keys or objects
  • Tamper prevention features
  • API integration by the HSM or via a software layer

Download the PDF factsheet

Analysis

These HSMs are not designed to offer personal wallets to an individual (although their PDF promotional material makes an exception):

Wallet provider maintains a dedicated crypto keystore based on a Hardware Security Module (HSM) for his customers. Large crypto investors should either possess their own HSM crypto key storage or use an HSM service to secure their crypto assets.

“Large crypto investors” could mean institutional investors, corporations, exchanges, wallet providers or individuals with significant sums of cryptocurrencies. These HSMs go beyond our criteria for “ordinary” hardware wallets since their function is in a myriad of ways, different from your Ledger Nano S .

It is hard to make a verdict for this device due to numerous possible iterations of the service. For instance, users can avail of Securosys’ CloudHSM service using these same HSMs:

The Securosys CloudsHSM service is located and operated in Switzerland. It offers operation services of shared or dedicated HSMs. CloudsHSM was built by the experts who designed and manufacture the HSM for the Swiss Interbank Clearing system.

The HSMs are located in two active data centers. Every location features double internet access, thus guaranteeing no downtime. Additionally, your data is kept safe from environmental dangers in an EMP/HMP protected bunker (BSI zone 3 / NATO zone 2).

As such, it is custodial.

Users could also opt for a self-custodial solution by having the HSMs in-house. We could not find public source code for such a solution.

(dg)

Verdict Explained

Without public source of the reviewed release available, this product cannot be verified!

As part of our Methodology, we ask:

Is the source code publicly available? If not, we tag it No Source!

A wallet that claims to not give the provider the means to steal the users’ funds might actually be lying. In the spirit of “Don’t trust - verify!” you don’t want to take the provider at his word, but trust that people hunting for fame and bug bounties could actually find flaws and back-doors in the wallet so the provider doesn’t dare to put these in.

Back-doors and flaws are frequently found in closed source products but some remain hidden for years. And even in open source security software there might be catastrophic flaws undiscovered for years.

An evil wallet provider would certainly prefer not to publish the code, as hiding it makes audits orders of magnitude harder.

For your security, you thus want the code to be available for review.

If the wallet provider doesn’t share up to date code, our analysis stops there as the wallet could steal your funds at any time, and there is no protection except the provider’s word.

“Up to date” strictly means that any instance of the product being updated without the source code being updated counts as closed source. This puts the burden on the provider to always first release the source code before releasing the product’s update. This paragraph is a clarification to our rules following a little poll.

We are not concerned about the license as long as it allows us to perform our analysis. For a security audit, it is not necessary that the provider allows others to use their code for a competing wallet. You should still prefer actual open source licenses as a competing wallet won’t use the code without giving it careful scrutiny.

The product cannot be independently verified. If the provider puts your funds at risk on purpose or by accident, you will probably not know about the issue before people start losing money. If the provider is more criminally inclined he might have collected all the backups of all the wallets, ready to be emptied at the press of a button. The product might have a formidable track record but out of distress or change in management turns out to be evil from some point on, with nobody outside ever knowing before it is too late.