Wallet as a Service

Wallet as a Service

Using digital assets has never been easier. Crypto APIs’s Wallet as a Service is a scalable and flexible service which implements the most promising technology in private key security - MPC. Designed specifically for Enterprise companies who perform transaction operations on a daily basis. Our Wallet as a Service (WaaS) covers all the essential stress points of the modern Digital Wallet - the perfect balance between ease of use and security, successful and quick integration with multiple blockchains, key recovery system, and low-cost fees. Our WaaS is equipped with top security measures such as prevention against spoofing and man-in-the-middle attacks, rotation of addresses in a settlement layer, and much more. Be your own bank and stay flexible and secure at the same time.

Wallet as a Service

Problems

  • Users cannot easily navigate through a Wallet as most are not user-friendly
  • Threat of hacks, system failure, malicious scheming, human errors, etc.
  • Unnecessarily high costs of network fees.
  • Issues with node self-hosting and maintenance.
  • Limitations with transaction signing.
  • Blockchain support limitations.

Solutions

  • A user-friendly software with an easily usable UI.
  • Secured with MPC technology, TSS, third-party escrow and governance layer.
  • Up to 90% off transaction fees.
  • Wallet and transaction operations with no development costs for the customer.
  • Custom rules for nodes and transaction signing.
  • One blockchain-agnostic Wallet for any protocol.

Digital Wallets & Signatures

Single Signature

Single-sig is one of the most common methods of authorizing transactions in Digital Wallets. It involves only one signer who holds one private key. It is easy to execute and many commercial Crypto Wallets use it. Unfortunately it also possesses the lowest security for data breaches, thefts, man-in-the-middle attacks, etc.

Multi Signature

Multi-Sig involves multiple signers where each one holds their own separate private key. All the signing members sign each transaction as a group. Finally, the transaction log shows all signatures. This method is very common and adopted by many large platforms and exchanges. Multi-Sig still faces many issues - slower transaction speeds, privacy data breaches, it is not very flexible, and is blockchain specific.

MPC

MPC stands for Multi-Party Computation. Despite it being more than a 40-year old concept it is now a fact and many platforms and Digital Wallets are starting to utilize it. With MPC multiple parties can perform joint computation without any data being shared or threatened of being leaked. MPC includes the Threshold Signature Scheme (TSS) which distributes key shares to all involved signers. Finally the transaction report shows only one signature.

Digital Wallet Types

Custodial Wallet

Custodial Wallets, their assets and the private keys are managed and held by the provider. The user only needs to request a signing and the provider will execute it. Despite the funds not being held by their owner, custodial wallets offer backup and security for the entire Wallet.

Non-custodial Wallet

Non-custodial Wallets are entirely owned and managed by their owner (the user). The drawback is that in case of an issue or e.g. a lost private key the provider does not offer support or backup for the Wallet. Users of non-custodial wallets must keep their data secure and accessible to themselves.

Co-custodial Wallet

Co-custodial Wallets are a mix of custodial and non-custodial wallets. They offer the benefits of both types without any of their drawbacks. Users still own their money and assets, and manage their Wallet, but they also have backup and support from their provider

Wallet Features

Multi-Blockchain Support

The Blockchain technology is continuously advancing and new blockchain protocols emerge every day. Hosting and supporting all of them, and moreover - creating a trusted, secure and easy-to-use Wallet for all blockchains, can be a great challenge. Crypto APIs solves the problem by supporting top blockchain protocols and continuously adds new ones including all layers, standards and tokens.

Multi-Distributed MPC nodes

Crypto APIs uses Multi-Distributed nodes based on MPC to generate Digital Wallets. By default 2/2 nodes are set to sign transactions - one hosted by Crypto APIs and another hosted by the customer. The distribution of the nodes is done in such a way that both parties must always sign. Enhanced by our custom quorum system, our nodes can be modified to work as a total M/N machines, whether you would prefer 2 or 20, server or mobile. Last but not least, Crypto APIs provides a third party encrypted backup for emergencies.

Learn more about MPC

3rd Party Escrow service

MPC eliminates the need for private keys and distributes the Wallet processes and hence - the risks, among multiple nodes/signers. But what if one of those loses their key share? As a solution we have included the services of a 3rd party escrow provider. It serves as an additional layer of sustainable security and emergency service. As a backup, it can provide a public key to encrypt the recovery service. Moreover, in case a key share is lost from either side, the 3rd party escrow service can assist in restoring it. Most importantly, this provider will not have access in any way to the majority of keys which means the 3rd party provider can never sign a transaction alone.

Learn more about Security

Governance layer

We have equipped our Wallet as a Service with a Governance Layer functionality. It adds another security layer where clients can create as many custom rules and policies as they want. These policies can be applied for different situations - to request the minimum number of approvers as desired for specific amounts of transactions, to not request any approves for certain addresses at all, and so on. By setting up well defined rules the customers will make sure that there is not a single transaction that could be executed without the approval of the appointed and respective team members.

Quorum Modification

Modify, update or change transaction signing policies easily without fees or rotating addresses. Transactions can by default be submitted with the complete set of 2/2 keys signing. But with Crypto APIs' configurable quorum system customers can sign transactions custom with M/N nodes. Nodes can be set as servers and mobile devices, as well.

Disaster Recovery Open-Source Tool

Our WaaS is designed in such a way so that customers can be able to make transactions during any circumstances. To make it more efficient we have developed an open source tool which can be used in case of an emergency or disaster. Our Disaster Recovery Open-Source Tool is located in GitHub and provides an emergency transaction availability in case Crypto APIs for any reason is not online.

Learn more about Security

Better fees

Multi-Signature wallets are secure but also have downsides. One example is how every signature is always added to the transaction making its size much bigger in bytes. Fees are always calculated per byte. This means that the bigger the transaction, the larger the fee. We at Crypto APIs solve this in our MPC-based Wallet as a Service. MPC signing is done off-chain and doesn't add any additional data to the transaction itself. Our WaaS consolidates funds much more efficiently and will enable you to save up to 90% of your transaction network fees. Sometimes fees can also change over time depending on the demands at hand, how much other users usually pay, how long the transaction has been pending for an approval, or the specifics of the Governance layer rule applied. For the purpose simply select Slow, Standard or Fast for your Fee and when the transaction is approved and ready to be broadcasted, we will make sure that we calculate the right fee for your transaction based on your specific choice.

Crypto to FIAT

Would you like to be able to switch Crypto to FIAT? You can use third party providers which will enable you to do that without the need of copy-pasting addresses, moving crypto around or waiting for confirmations. Or can now accomplish that more easily directly from your dashboard. With Crypto APIs WaaS you can immediately exchange crypto for FIAT. Moreover, any existing governance rules will in fact apply for such transactions as well, and set approvers will need to approve based on your rules, as usual.

Learn more about Security

Distributed Key Generation

In terms of key authentication - a widespread method of users validating themselves as authorized to make changes to a Digital Wallet and broadcast transactions, many variations exist. Single Sig uses a single key and Multi Sig applies multiple private keys. After the user/users use their key/keys to make a transaction it gets signed with the same number of signatures. Unlike private keys, infamous for their single point of failure, we use TSS which incorporates Distributed Key Generation. This method lacks Single Sig's and Multi Sig's issues and renders the potential theft of a key virtually inconsequential. TSS provides key shares to all signing parties involved.

Learn more about Security

Client is always first

Crypto APIs will never create a transaction or sign one on it's own. The process follows the customer making the initial request, Crypto APIs performing checks and then applying rules. After passing all prerequisites needed, the client initiates and co-signs the transaction with Crypto APIs. No actions can be made on the side of Crypto APIs or even the 3rd party escrow service without the Customer.

Webhooks & Notifications

Crypto APIs' Dashboard is equipped with many crypto and blockchain tools that can make the user's experience much better. One of those is our Webhooks system (a.k.a. Callbacks or Blockchain Events). The customer can set to be notified on specific events when they occur. These could include all transactions and actions made to and from the Wallet in question. No funds can be sent or received without the customer's knowledge.

Regular Security Audits

We perform regular security checkups on our WaaS in order to remain on top of things. Security checkups, audits and pen tests on the system and its performance ensure the latest information on everything that happens in your Wallet. Moreover, we can detect potential issues early enough in order to be effectively resolved.

Learn more about Security

Whitelisting

Whitelisting is a very useful feature to have as with it users can specify allowed addresses or entities access and privileges that otherwise others would not have. Easily whitelist addresses in Crypto APIs Wallet as a Service and have additional knowledge and control over transactions and their destinations.

Anti-spoofing functionalities

One of the easiest ways for your funds to be hacked is for the deposit address to be intercepted and modified through malware. This will effectively replace it with the hacker's address and funds will be redirected without the user's knowledge. One of the methods used to avoid such scenarios were test transfers through which a small amount of funds is sent to verify the receiving address. The downside is that it takes longer for a transaction to be completed a lot of communication between the two parties. Another option is address whitelisting where the receiver's deposit address is authenticated. But the whitelisting process could be compromised by internal fraud. To best prevent these scenarios Crypto APIs provides direct integration with third parties such as top crypto exchanges through which our system can safely get the deposit addresses directly.

Learn more about Security

Protocol-agnostic

MPC solutions are protocol-agnostic. Unlike Multi-Sig systems where there are limitations depending on the particular blockchain, MPC is not affected by such specificities and allows for an easy onboarding and seamless integration with new blockchains and cryptocurrencies.

Automatic Change Addresses

When HD wallets were invented as a concept one of their goals was to solve the privacy and security issues of using a single address for multiple transactions in UTXO-based protocols like Bitcoin. In contrast, we can derive deposit and change addresses much better from an xPub. Deposit addresses are used for new deposits while change addresses are designed to receive the change in transactions. This is a great practice, but unfortunately, many companies and wallets don't apply it. Crypto APIs Wallet as a Service uses a new change address automatically for every transaction.

Related Products

  • Blockchain Data

    Blockchain Data

    Get access to Unified and Raw blockchain data using REST APIs or WebSockets. The whole dat...

  • Blockchain Events

    Blockchain Events

    Subscribe for a certain event, that could happen on any Blockchain, and we will notify you...

  • Blockchain Automations

    Blockchain Automations

    You can use Automatic Coins Forwarding or Automatic Tokens Forwarding to automatically for...

  • Blockchain Tools

    Blockchain Tools

    Blockchain Tools is a set of prepared cryptographic APIs which save time and effort. This...

  • Market Data

    Market Data

    Get access to Unified market data using REST APIs. The data is collected from top crypto e...

Why customers choose Crypto APIs 2.0

Build at the fraction of time using our Open API 3.0 specifications and multiprogramming language SDKs.

With Crypto APIs 2.0, you can integrate in hours, go to market in days and save from your development and large infrastructure bills.

Save from your development and large monthly bills by using Crypto APIs 2.0 instead of running your own infrastructure, all without compromising security.

Multiregional, Auto Scaled, and Enterprise-grade security cloud-based solution.