Frequently Asked Questions

The following sections contain answers to some of the frequently asked questions about CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions..

System

What are the components of the CASP platform?

CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. consists of the components shown in the following diagram:

The CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. Orchestrator is the heart of the CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. system. It communicates with all parts of the system, initiates creation of the key shares for the vault, manages the different distributed procedures, and acts as the external entry point for the relevant applications, such as the crypto assetDigital information that needs to be securely stored. applications.

The CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. Orchestrator is backed by the powerful key management capabilities of Unbound CORE Information Security (CORE). CORE works together with the Participants to provide the complete approval signature for transactions, where Participants can be mobile devices, desktops, servers, bots or offline participants. CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. creates an ECDSAElliptic Curve Digital Signature Algorithm - A variant of the Digital Signature Algorithm (DSA) which uses elliptic curve cryptography. key, EdDSAEdwards-curve Digital Signature Algorithm key, or a key with BIP derivation, which is used for all transactions.

CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions.’s open architecture enables communication with different types of crypto assetDigital information that needs to be securely stored. ledgers. For example, the BTC wallet enables communication with a Bitcoin ledger. It prepares a transaction from the available ledger data and sends it to CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions.. CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. then signs the transaction and returns it, which then transmits the signed transaction to the ledger. CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. seamlessly works with many different types of ledgers.

Which wallets are currently supported?

All wallets that use ECDSAElliptic Curve Digital Signature Algorithm - A variant of the Digital Signature Algorithm (DSA) which uses elliptic curve cryptography. or EdDSAEdwards-curve Digital Signature Algorithm (Ed25519) algorithms to sign transactions can be supported by CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. using CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. API.

How does the CASP solution compare to other service provider solutions?

How complicated is the deployment of CASP?

Where can I deploy CASP?

Security

How does the CASP Multi-party signature differ from Multisig?

What is the different between Shamir’s Secret Sharing and what Unbound does?

In general, Shamir's Secret Sharing provides a solution for sharing a key between many participants and enforcing some or all of them (quorumOne or more groups, comprised of participants) to participate in key usage. Combining this technique with MPCMultiparty computation - A methodology for parties to jointly compute a function of their inputs while keeping those inputs private., which is what Unbound does, allows using the key (for signing, encryption, etc), without ever assembling the key. This benefit is the result of MPCMultiparty computation - A methodology for parties to jointly compute a function of their inputs while keeping those inputs private., which allows a set of parties to compute a function without revealing the secret data, which in this case are the Shamir Secret Shares. See the Unbound website for more information.

Wallets

Which ledgers are supported?

CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. supports two types of implementations for handling different types of ledgers. CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. provides built-in support for some types of ledgers, as described Built-in Wallets.

CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. also provides the necessary APIs so that you can bring your own wallet (BYOWBring Your Own Wallet - support any coin or crypto asset type using the CASP APIs to control the vault and key operations.), meaning that you can use whatever ledger you have, and control the vault and key operations with CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions.. Using BYOWBring Your Own Wallet - support any coin or crypto asset type using the CASP APIs to control the vault and key operations., you can create an implementation that can handle any coin type, as well as any special operations that you use to communicate with your ledger and for ledger processing.

You may want to use BYOWBring Your Own Wallet - support any coin or crypto asset type using the CASP APIs to control the vault and key operations. when using one of the built-in chain adaptors, but need other features, such as using your own nodes and address caching. You may already have management in your application for one of the built-in chain adaptors and want to use CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. for key management and protection. BYOWBring Your Own Wallet - support any coin or crypto asset type using the CASP APIs to control the vault and key operations. provides the flexibility to be used with any blockchain application.

Integration/Operation

What are some common use cases for CASP?

Does CASP support HD wallets?

Yes, CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. provides support for hierarchical deterministicCalculation that each time results in the same value (HDHierarchical Deterministic - a type of deterministic Bitcoin wallet derived from a known seed, that allows for the creation of child keys from the parent key. Because the child key is generated from a known seed there is a relationship between the child and parent keys that is invisible to anyone without that seed.) wallets using the BIP32 and BIP44 HDHierarchical Deterministic - a type of deterministic Bitcoin wallet derived from a known seed, that allows for the creation of child keys from the parent key. Because the child key is generated from a known seed there is a relationship between the child and parent keys that is invisible to anyone without that seed. wallet standards.

How do I connect AML and a customer ID?

It is recommended to use an AMLAnti-Money Laundering and customerThe entity that initially holds the crypto asset and requests storage in the crypto asset vault. ID approver server/person as one of the participants in the approval process (within a separated group) as a bot approver. By doing so, the AMLAnti-Money Laundering participantA member of any of the quorum groups. denies a transaction when a suspicious person is trying to transact money.

An additional benefit of this strategy is the ability to produce AMLAnti-Money Laundering-based reports to a regulator, proving that each transaction went through an AMLAnti-Money Laundering check.

How is backup approval handled?

The platform creates a secure backup of the key parts without ever bringing the parts together. The process is supported both for standard keys as well as BIP seeds. The key/seed is encrypted with an RSA key, which can be kept in cold backup, HSMHardware Security Module - a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing, or any other secured component.

It is important to note that the platform provides a zero-knowledgeA method by which one party can prove to another party that it knows a value x, without conveying any information apart from the fact that it knows the value x. proof that the content of the encrypted backup matches the public key. Meaning that when backing up the key, no party can cheat and cause key loss. The platform verifies backup content (without decrypting it, only using the RSA public key) and secured storage of it before the first deposit of money into the vault.

Is there an integration with a NaaS provider?

CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. provides integration with the nodes of BRD using their Blockset product. Blockset by BRD is designed for blockchain data with wallets, blockchain explorers, and data aggregators in mind - and (unlike raw full nodes) is designed to handle unlimited scale. Blockset by BRD handles the full nodes, pipes the data into a straightforward schema, and makes it publicly accessible via the blockset API.

Does CASP support completely offline participants?

Yes. CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. supports bots that do not have any network connection and only send and receive information by manually transferring the data using hard media, such as a USB drive. See Offline Bots for more information.

Does CASP integrate with HSM's and/or secured key stores?

The CASP bot can be integrated with an HSMHardware Security Module - a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing. Integration is accomplished using the CASP Java SDK to extend the CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. bot capabilities, allowing it to store data and create keys in an HSMHardware Security Module - a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing. The integration is shown in the following figure.

Is CASP easy to demo and test?

Yes. CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. can quickly be installed and used for demos, POCs, and development using CASP Express Deploy. This solution is a complete CASPUnbound’s Crypto Asset Security Platform (“CASP”) provides the advanced technology and the architecture to secure crypto asset transactions. system that is deployed and configured using Docker or Terraform.