Recap of HyperMate AMA Co-hosted by HyperPay
Hey everyone, welcome to watch the live of AMA co-hosted by HyperPay . Welcome to join it and be free to ask questions if you have something unclear. We will sum up and answer them in the recap of AMA. Let’s start now!
Host : Maya, Community Partner of HyperPay
Guest: Eric, COO of HyperPay
Maya：Hello everyone, and welcome to watch tonight’s AMA. I’m Maya, the hyperPay community partner and the host tonight.The theme of tonight is my assets. I am in charge. Let us welcome the guests tonight.
Eric：It is a great honor to be here tonight, and I’m very glad I can share something about the asset security with you. First, let me briefly introduce HyperPay wallet for you.
HyperPay is the world’s leading multi-ecological cryptocurrency wallet. It has been operating stably for 3 years, never ever occurring any security incidents. Its ecosystem includes off-chain wallet, on-chain wallet, shared wallet and hardware wallet; HyperPay is the first in the industry that combine TSS (threshold signature scheme) and HSM (hardware security module) to create the products with the highest level of security; to date, HyperPay has served more than 1 million users, stored assets over one billion US dollars, and completed transfers more than 310 million times. HyperMate, the hardware wallet, has passed the double audit of KNOWNSEC and SlowMist.
Recently, the industry has been blew hard by the constant incident storms, and the worry of assets depositing in centralized institutions being not safe is growing.
We know that the private key is the entrance to the digital wallet. Only the private key which no one else knows except you can prove that you are the owner of the assets in the wallet; this is the biggest difference between encrypted digital currency and bank accounts. Your digital assets are under your control, without a centralized institution intervening.
Therefore, in the case of frequent problems with centralized institutions, it is recommended that you have a certain understanding of decentralization and hardware wallets.
Today I will mainly talk about how to keep your personal crypto assets safer.
Maya Q1：Speaking of private keys, maybe it is still quite a vague concept to people, so could you please (Eric) briefly introduce the concept of private keys?
Eric: The private key is a 32-byte random number generated by an encryption algorithm, composed of 64 hexadecimal characters. A wallet has only one private key, and it cannot be modified.
Normally, users’ assets are stored in wallets. There are kinds of cryptocurrency wallets on the market, and they are divided into hot wallet and cold wallet in essence.
A hot wallet can be connected to the Internet while the cold wallet is not. In cold wallet, although receiving funds is available at any time, transfer can only be performed through private key verification.
Hot wallets include all online cloud wallets, most mobile wallets, software wallets and exchanges. Cold wallets can be hardware wallets, paper wallets stored offline, USB and similar data storage devices, or even physical items.
We think it is the best that cryptocurrency holders use cold wallets and hot wallets together, hot wallets for frequently traded assets, cold wallets for long-term held cryptocurrency assets.
Maya Q2:How are the wallets classified? And can you tell us what are the advantages and disadvantages of them?
Eric: There are many classification methods for digital currency wallets. The commonly used ones are as follows:
According to whether the wallet is connected to the Internet, it is divided into cold wallet and hot wallet. A hot wallet is connected to the Internet, and a cold wallet is not. We usually use hot wallets, such as desktop wallets, mobile wallets, and web wallets. Hot wallets are also divided into centralized hot wallets and decentralized hot wallets.
Cold wallets can be divided into paper wallets, brain wallets and hardware wallets, which are usually not connected or unable to connect to the Internet.
According to the ownership of the private key, it is divided into a centralized wallet and a decentralized wallet. A centralized wallet has the private key controlled by the service provider, and a decentralized wallet has it controlled by the user self.
Single-chain wallets and multi-chain wallets. As the name implies, single-chain wallets only support one main chain, and multi-chain wallets support multiple main chains and main chain tokens.
According to the completeness of data storage, it is divided into full node wallet and light node wallet. The full-node wallet saves all the blockchain data, so it occupies a large space. All block data needs to be synchronized before each use, and it does not support multiple digital assets, which is not convenient for ordinary users. Light nodes do not store all the data of the network, so they are small in size. It is currently the most widely used wallet.
There are single-signature wallets and multi-signature wallets. In single-signature wallets, sending transactions is controlled by one person. In multi-signature wallets, it needs to be authorized and signed by multiple people to send transactions.
There are also some other wallets, such as information wallet, web wallet, browser plug-in wallet. Information wallet is connected to the Internet, and you can use it to view the changes in assets in the cold wallet address. Web wallet refers to the wallet created and used on web pages, which can be used across platforms and have a relatively low threshold for use.
The most commonly used browser plug-in wallet is the Metamask wallet. Basically, current mainstream public chains all have plug-in wallets developed by community developers. Plug-in wallets can directly use Dapp in the browser, and the threshold for use is also very low. However, the security level of web wallets and plug-in wallets is not very high.
Maya Q3: Recently, black swan incidents have popped up in the industry. We think there’s a big problem with centralized storage, and why’s that?
Eric: As I mentioned earlier, users storing assets in a centralized organization is to hand over their private keys to a third party for management, and thus they lose the control of the assets. Whether it is okex or Huobi, as long as the private key controller is unable to sign, user’s funds in there can’t be withdrawn.
It exposes the bully side of the platform. They can make users bear the risk of principal loss to keep their own interests. Therefore, keeping the private key in your own hands is the best way to avoid industrial black swag, and decentralized wallets and hardware wallets are great choices.
Maya Q4: Can you give us the reasons for choosing hardware wallets?
I’ve heard many people say that they don’t have much assets in the hands, and putting them in the exchange is relatively safe because even if something goes wrong, the exchange will take the responsibility. The fact is just the opposite. The behavior of the industry’s leading exchanges has sounded the alarm for us. Centralized institutions may shut down for many reasons.
With the rise of DEX, decentralized exchanges are gradually being accepted by people, and the trading volume of Uniswap, the representative project, has revealed its unpredictable possibility.
As DEXs like Uniswap gradually squeeze CEX market share, users can totally withdraw their assets from CEX and experience similar services in DEX. Users can fully connect with DEX through wallets, and the assets are kept in their own hardware wallets or other media.
The hardware wallet stores your private key securely in the device, and no hacker can disclose it.
Hardware wallets are not affected by computer viruses, which means you don’t need to worry about infected computers used with hardware wallets.
Before sending funds from the device, users need to make physical access on the hardware wallet device for confirmation. These all ensure that the hardware wallet can guarantee the safety of user funds to the greatest extent.
Protecting the safety of users’ funds is our eternal mission. This is why we are deeply involved in the wallet field and gradually iterate our hardware wallet products.
Maya Q5:Compared with other hardware wallets, what are the advantages of HyperMate?
Some hardware wallets currently use webs or desktops to work with the hardware wallet, such as Ledger Live or Trezor, but compared to the mobile app, web or desktop essentially carry a greater risk exposure. Mobile apps run in a sandbox environment. Data is not allowed to be read between apps. Products on the mobile side turn on system global area encryption by default, which is often not the case on the web or desktop. User permissions on the mobile are strongly restricted, unlike on the computer, where users can even bypass some security settings through the command tools.
Also, ordinary users are not good at discerning phishing links. When downloading a desktop, users are likely to download to the wrong companion software, resulting in a coin loss.
At present, there are two types of hardware wallets on the market. One is chip-based hardware wallets, which store private keys, PIN codes and other private information in the security chip, such as Trezor, Ledger, HyperMate, etc.; the other is a mobile wallet based on the Android system, like Kushen Wallet.
This kind of wallet puts the keystore in the memory, and there is no security protection in the memory, so it leaves an opportunity for hackers. If such wallets are lost, they will be physically cracked.
There are also differences between chip wallets. For example, Trezor uses ordinary chips. If hackers conduct electronic attacks, ordinary chip is helpless. In 2017, at the World Hacker Conference held in Las Vegas, USA, a foreign security team demonstrated on the spot how to hack Trezor wallet. It only takes 15 seconds to transfer Bitcoin by loopholes after removing the wallet shell.
Ledger uses the security chip with the security level of CC EAL5+. The International Organization for Standardization divides the CC evaluation level into EAL 1–7 from low to high. Generally speaking, the safety requirements of commercial products are within CC EAL 5. The bank chip debit card used requires CC EAL5+ security certification, and higher encryption levels such as CC EAL6 and CC EAL7 belong to the military level.
Ledger uses two chips, one is secure and the other is non-secure, so it exists security risks in the process of transmitting information between these two chips. Ledger has also exposed security vulnerabilities. Hackers can obtain the PIN code of the wallet step by step without removing the outer shell by forcibly upgrading the non-secure chip. The PIN code is equivalent to the password of the wallet. With it, you can open the wallet and transfer money away.
Back to our product HyperMate. Let me first show you the photos of the HyperMate hardware wallet.
HyperMate is a hardware wallet of HyperPay. HyperMate G, for HyperMate Genesis is the first generation product.
HyperMate G is an ultra-thin, easy-to-operate, and extremely secure cryptocurrency hardware wallet. It has been authorized by the US FCC and has been audited by a world-renowned security company. It has a built-in CC EAL6+ security chip and supports BTC, ETH, BCH, EOS, and tens of thousands of digital currencies. It supports BTC, HC, ETH, BCH, LTC and ERC20 multi-signature functions, and supports firmware upgrades. Conneting to HyperPay wallet via Bluetooth, it can ensure the security of users’ digital assets anytime and anywhere.
Compared with other hardware wallets on the market, HyperMate has obvious competitive advantages in four aspects.
For hardware wallets, 100% protection against physical attacks is impossible. The only thing hardware wallets can do is to be “cold” enough to freeze all the network doors that hackers can sneak in and stole away your coins.
The secure microcontroller chip used by HyperMate is produced by Infineon, the world’s leading semiconductor company. It is an advanced security encryption controller with features as follows:
a. Dual-core CPU, one for execution, and one for security detection
b. All CPU registers have mask protection
c. All NVM, RAM are encrypted and specially protected by integrity verification
d. Sensor with temperature, voltage, frequency, light and special protection network
e. DES, AES and coprocessors for PKI operations
f. True random number generator
g. CC EAL6 + certification
Therefore, HyperMate is able to resistant fault injection attacks on program execution and various types of memory, and physical attacks on chips heated, frozen, filtered, etc.
CC EAL6+ does not only mean that HyperMate security chip reaches the standard for military use, but also it has passed the necessary tests and evaluations of CC security certification.
Unlike Ledger, HyperMate adopts the single-chip design, without adding any chips for auxiliary calculation or information storage in the design circuit. All the components such as buttons, screens and Bluetooth are directly connected to the security chip to avoid data transmission between multiple chips, completely eliminating any possibility of tampering with data.
HyperMate adopts the randomly arranged keyboard for PIN code input, each at different position, and no real PIN number displayed, minimizing the probability of passers-by peeking at the PIN codes and stealing private keys. When the PIN code is entered incorrectly 10 times in a row, HyperMate will automatically destroy the stored data, which can effectively prevent the hardware wallet from being violently cracked by hackers.
At the same time, all transactions require a second checking and confirmation. The trading information can be fully displayed on the HyperMate’s display screen, and once the APP may suffer tampering, the information displayed on the screen not the same, the user can reject the transaction directly. Moreover, the information on the screen is produced by the chip internally through calculation and encryption.
The wallet private keys and mnemonics of HyperMate are generated purely by hardware, never leaving the security components, and never connecting to the network.
In addition to the US FCC authorization certification, we have also obtained the European CE safety certification. Our hardware wallet is very popular in overseas markets. We have a large number of orders from the American and Italian markets.
HyperMate meets the BIP32/BIP39/BIP44/BIP45 standard. The creation and recovery of the wallet are completely offline. Once the private key is generated, it is stored in the encrypted security chip, even the hardware wallet itself is unable to read it.
Second, Function. HyperMate supports both single-signature and multi-signature wallets. Single-signature wallet supports BTC ETH HC EOS LTC BCH QTUM and related Erc20\Qrc20\EOS tokens, and will soon support TRX, DOT, FIL.
Multi-signature wallet supports multi-signature of BTC/ETH (including ERC20) /HC/LTC/BCH. It also supports firmware upgrade via Bluetooth. Users only need to perform the corresponding firmware upgrade operations in the HyperPay App via Bluetooth linking, and then you can enjoy more currencies and experience new features without the need to buy a new device.
Third, Experience. By connecting HyperMate to HyperPay app via Bluetooth, it becomes possible to manage your assets anytime and anywhere safely.
Moreover, HyperMate device is ultra light and thin, with a thickness of only 2.3mm, which is easy to carry.
Fourth, Price. HyperMate is also very cost-effective. The price is only 899 yuan, but its performance is comparable to products sold 3–4000 yuan.
HyperMate is targeted at all digital currency players and corporate users, and we provide customized hardware wallet solutions for major currency holders, project parties, and exchanges.
We are currently out of stock for our first-generation products. Some news about Huobi a few days ago have brought our sales to a higher level. It shows that people are still very concerned about the issue of safe storage of assets. The most important thing is still the security of assets.
To meet the demand of the market, we are already stepping up stocking and we expect to ship normally next week. You can view more information on the official website: https://hyperpay.me/hardware?lang=zh-cn
Here, I’d like to show you the second-generation hardware wallet that we will launch soon. Let’s see.
For the second-generation product, we have made a lot of upgrades. We added the fingerprint recognition function, which is more user-friendly and convenient to use. The biggest change is that the appearance has been completely redesigned, and the electronic screen has also increased in size. The specific parameters will be seen as it officially launches.
If you are interested in that, you can follow our official news. We will open pre-sales this month and start shipping in December.
Finally, let’s end with a promotional video of HyperMate.
The above is all the content of this AMA, thanks for watching.