It turned out that storing a cryptocurrency in the cloud can come out safer than on your device.
Over the past year, about 30,000 Ethereum users alone were victims of fraud , losing an average of $ 7,500 per person. Most of the losses were caused by inattention of users, vulnerability in software wallets, problems with the blockchain cryptocurrency itself. Attackers are in constant search for vulnerabilities not only in local applications, but also in the code of the exchanges. And, of course, they are found, after which there are big problems, for example, users of the hacked Bitfinex exchange, from which they took about 120 thousand users of Bitcoins stored there.
All of these cases are united by the availability of aka vulnerability to network wallets.
The key difference between a local and a cloud wallet is who owns the private keys and whether the computer is permanently connected to the Internet. If you do not have control over your funds - you are a user of an online resource, if you are used to thinking about guarantees, then always choose a reliable and local one. But the size of the blockchain of the same Bitcoin is constantly growing and is approaching 200 GB, and it is already more difficult to put it on the Mac, and users of tablets and phones are generally forced to use only thin clients and cloud wallets.
')
But what to do if you need both security guarantees and usability? How to stay the master of your wallet without losing usability?
Paradoxically, one of the options to make a hot wallet safer is to go where it is even hotter: into the clouds. In a very well-protected cloud, on a remote server that has a hot wallet with access via the Remote Desktop Protocol (clients are for Windows, Linux, Mac OS, Android).
While this service can be ordered from CryptoVPS . This is a service created on the basis of the distributed data center Eggs DC. It all started when a small team of crypto traders needed a cloud computer with shared access to the computer and wallet, respectively. The solution for online wallets was dropped immediately as unsafe. I needed a local wallet, but in the cloud, because access to it was needed from different places on the planet. The problem was that standard VPSs do not have 300 GB of free storage space, non-standard offers are quite expensive. But the price is not the main issue. I was worried about the speed of deploying such a wallet in the cloud (170 GB of Bitcoin Core synchronization already takes 3-5 days) and the security of the cloud computer itself (the high density of machines in traditional DCs leads to frequent data leaks).
“CryptoVPS is fast, secure and convenient cloud computing. Using the power of a distributed data center, we can create full nodes with Bitcoin wallets in 60 minutes in any interesting location. Using virtualization, encryption and the Russian roulette mechanism in choosing a host, we increase the user's security from hacking, viruses and physical theft. Your cloud computer works like a regular desktop, but in the cloud, ”said Ed Kevbrin, the company's CEO.
Tariffs for cloud computers differ depending on the stored cryptocurrency and available space: at 1,500 rubles a month, the user will be charged with 1 cloud computer (server with an OS with remote access) with an ethernet wallet installed (Ethereum). A bag with a wallet for Bitcoin costs already 3,000 rubles a month.
After ordering the server, the CryptoVPS user receives a protected remote PC with the installed wallets of most popular cryptocurrencies, including BTC (Bitcoin Core), ETH (Mist), Zcash, Monero. The system works according to the "Koshchei principle", in which the needle with his life was kept in the egg, the egg in the duck, and so on. But, unlike the untimely Koschei who died, the user of CryptoVPS is much better protected.
Here are the basic principles of the CryptoVPS security system:
â—Ź Random selection of hosts for cloud computers in a given location,
â—Ź Link encryption (SSL certificate),
● LVM volume encryption (“cryptsetup”),
â—Ź Virtualization only. One user = one OS,
â—Ź Low density of computers on the host,
â—Ź Open-source components.
One of the first questions that arise when describing CryptoVPS features is how to trust its administration itself?
CryptoVPS operates at the facilities of a distributed data center, which has many differences from traditional data centers. Servers provide hosters - corporate data centers and ordinary people. The servers themselves are stand-alone machines with KVM virtualization, LVM encryption cryptsetup and protection of the communication channel using an SSL certificate. All hosts are geographically distributed. Behind one router there is always one host and no more than 5-6 users. This reduces the density and has a positive effect on the security of user data.
The administration manages only the system of virtualization and matching, and already in the OS itself the user sets up all the logins and passwords, as it has the necessary administrator rights. Access data is known only to the user or the authorized person of the user.
Host test1 (location Moscow), the administrative console of the virtualization system PROXMOX (KVM)
Even if the hoster turns out to be an intruder and physically gains access to the equipment, they will still not have access to the keys, since LVM volumes are encrypted and off-line are simply unavailable ...
Even the ability to store your wallet in this way not just remotely, but outside of the Russian Federation, can also become a feature, if the bill on the transfer of control over cryptocurrency wallets of citizens to "professional investors", trusted users who have passed the regulator's check in Russia, suddenly becomes something more than just another fantasy of people who are tired of the need to constantly invent pretexts for some reason to get into someone else's pocket.
And even if the probability of turning this bad idea into a nightmare is small, the trend tends to be that the farther sometimes your wallet is from you, the safer is really.
All of these cases are united by the availability of aka vulnerability to network wallets.
All cryptocurrency wallets are divided into local (official), cloud and hardware. The latter are not so common and 90% mostly use either the first or second option. According to statistics, users value convenience above security, so many people keep money online and on exchanges, which leads to permanent losses and theft.
The key difference between a local and a cloud wallet is who owns the private keys and whether the computer is permanently connected to the Internet. If you do not have control over your funds - you are a user of an online resource, if you are used to thinking about guarantees, then always choose a reliable and local one. But the size of the blockchain of the same Bitcoin is constantly growing and is approaching 200 GB, and it is already more difficult to put it on the Mac, and users of tablets and phones are generally forced to use only thin clients and cloud wallets.
')
But what to do if you need both security guarantees and usability? How to stay the master of your wallet without losing usability?
It's time to go deeper
Paradoxically, one of the options to make a hot wallet safer is to go where it is even hotter: into the clouds. In a very well-protected cloud, on a remote server that has a hot wallet with access via the Remote Desktop Protocol (clients are for Windows, Linux, Mac OS, Android).
While this service can be ordered from CryptoVPS . This is a service created on the basis of the distributed data center Eggs DC. It all started when a small team of crypto traders needed a cloud computer with shared access to the computer and wallet, respectively. The solution for online wallets was dropped immediately as unsafe. I needed a local wallet, but in the cloud, because access to it was needed from different places on the planet. The problem was that standard VPSs do not have 300 GB of free storage space, non-standard offers are quite expensive. But the price is not the main issue. I was worried about the speed of deploying such a wallet in the cloud (170 GB of Bitcoin Core synchronization already takes 3-5 days) and the security of the cloud computer itself (the high density of machines in traditional DCs leads to frequent data leaks).
“CryptoVPS is fast, secure and convenient cloud computing. Using the power of a distributed data center, we can create full nodes with Bitcoin wallets in 60 minutes in any interesting location. Using virtualization, encryption and the Russian roulette mechanism in choosing a host, we increase the user's security from hacking, viruses and physical theft. Your cloud computer works like a regular desktop, but in the cloud, ”said Ed Kevbrin, the company's CEO.
Tariffs for cloud computers differ depending on the stored cryptocurrency and available space: at 1,500 rubles a month, the user will be charged with 1 cloud computer (server with an OS with remote access) with an ethernet wallet installed (Ethereum). A bag with a wallet for Bitcoin costs already 3,000 rubles a month.
After ordering the server, the CryptoVPS user receives a protected remote PC with the installed wallets of most popular cryptocurrencies, including BTC (Bitcoin Core), ETH (Mist), Zcash, Monero. The system works according to the "Koshchei principle", in which the needle with his life was kept in the egg, the egg in the duck, and so on. But, unlike the untimely Koschei who died, the user of CryptoVPS is much better protected.
Here are the basic principles of the CryptoVPS security system:
â—Ź Random selection of hosts for cloud computers in a given location,
â—Ź Link encryption (SSL certificate),
● LVM volume encryption (“cryptsetup”),
â—Ź Virtualization only. One user = one OS,
â—Ź Low density of computers on the host,
â—Ź Open-source components.
Who watches the watchers?
One of the first questions that arise when describing CryptoVPS features is how to trust its administration itself?
CryptoVPS operates at the facilities of a distributed data center, which has many differences from traditional data centers. Servers provide hosters - corporate data centers and ordinary people. The servers themselves are stand-alone machines with KVM virtualization, LVM encryption cryptsetup and protection of the communication channel using an SSL certificate. All hosts are geographically distributed. Behind one router there is always one host and no more than 5-6 users. This reduces the density and has a positive effect on the security of user data.
The administration manages only the system of virtualization and matching, and already in the OS itself the user sets up all the logins and passwords, as it has the necessary administrator rights. Access data is known only to the user or the authorized person of the user.
Host test1 (location Moscow), the administrative console of the virtualization system PROXMOX (KVM)
Even if the hoster turns out to be an intruder and physically gains access to the equipment, they will still not have access to the keys, since LVM volumes are encrypted and off-line are simply unavailable ...
Anticipating the future
Even the ability to store your wallet in this way not just remotely, but outside of the Russian Federation, can also become a feature, if the bill on the transfer of control over cryptocurrency wallets of citizens to "professional investors", trusted users who have passed the regulator's check in Russia, suddenly becomes something more than just another fantasy of people who are tired of the need to constantly invent pretexts for some reason to get into someone else's pocket.
And even if the probability of turning this bad idea into a nightmare is small, the trend tends to be that the farther sometimes your wallet is from you, the safer is really.
Source: https://habr.com/ru/post/411025/
All Articles