THEBLOCKCRYPTO.

COM

The Block Presents:

Security and Scalability Issues within Enterprise Blockchain
Featuring Unbound Tech and Blockset by BRD

June 11th, 2020

Blockchain Security
Ecosystem Analysis
Solution Based
Trusted by the world’s leading organizations
•Deployed by multiple Fortune 500 companies Investors
•9 granted patents, over 10 pending v
•Independently reviewed by scientists

• Listed in 5 Gartner Hype Cycles: data security,

cloud security, digital privacy, IAM and blockchain
• Selected as “Cool Vendor” by Gartner for the Certifications & Recognition
blockchain product line.

Levels 1, 2
 Your hosted blockchain infrastructure.

CONFIDENTIAL 4
Unbound Tech
 MPC - How does it work?
Enterprise Grade MPC • Multiple machines jointly compute a
function while keeping their inputs
private
• Security guarantee –
mathematically proven

Unbound MPC
• Multi-Party (# the common two
party)
• Shares are refreshed continuously
• Flexible policies
 Robust Cryptographic Platform
• Approvers hold only key shares.
• Crypto agile 
Nodes
MPC based • Distributed policy validation

Secure Integrations Service Bus

KYC Key Signature • Hot and cold vaults in one platform
AML and Policy Management
Platform Institutional-grade policy controls
HSMs
• Cryptographically validated
Market Data • Multiple approvers enforce policies
Analytics • A group of admins
3rd Party • Whitelists
Pricing

Tax Investor Built in Integrations streamline your

business
• Node management
• KYC and AML
• Analytics and Reporting
• HSM L4
Ecosystem of
Security Solutions
Blockchain Use Cases

OTC Secure
Custody Trading Public
Transfers
Blockchain
Secure Clearing Enterprise Identity
and Settlement Blockchain Management
Private /
Consortium
Axoni R3 Corda Quorum Hyperledger Blockchain

9
Securing Digital Assets - Technologies
HSM
A hardware security module (HSM) is a
physical computing device that (1)
safeguards and (2) manages digital
keys for strong authentication and
provides crypto-processing.
TEE (Mostly SGX)
A TEE as an isolated execution environment
on the main processor. Since these are
vulnerable to key extraction via software
side-channel attacks, we will not cover this
option today.
Multi-sig
Multi-signature refers to more than one key
to authorize a digital asset transaction.
• Usually 2of3.
• Ledger Specific.
MPC
Machines jointly working while keeping
inputs private (Zero Knowledge Proof)
The key never exists as one entity. It is
created and maintained as N random shares
Securing Digital Assets - Buy-Build-Partner
Home Grown / DIY SaaS Security Platform

Client Client Client

Accounts Accounts Accounts
Hot Wallets
Client
Accounts SaaS On-prem / Cloud
IaaS
Cold Wallets

• Usually built with the • Cloud-hosted secure systems • Security software.

assistance of a consulting
company.
• HSM & multi-sig may be
used for added security.
• Liability split between the
vendor and the customer.
• Dependency on the SaaS
provider to add assets and
features.
• Integrate with the institution’s
infrastructure and systems
• Full control over security and
key management
 Effort Associated with Satisfying Enterprise Grade Customers

Need DIY SaaS

Open API
Ledger agnostic
Platform agnostic
Multi layer security architecture:
- Credentials based segregation
- Software Stack segregation
- Device based segregation
You need 2 parties at least to restore the backup
key
× ×
× ×
× ×
× ✓
× ✓
HSMs keep keys in their full format. One can The backup key is either held by the user or a key
steal / misuse the backup key to restore data. recovery service.

Role based Access ✓ ✓

Flexibility and scalability × ×
Tamper proof audit log × ✓ on-chain multi-sig

Regulator-ready reporting × ✓
Low TCO × ✓
 Effort Associated with Cryptographically-enforced policy controls

Need HSM Multi-Sig

Multi-party approval workflows × × (2of3)
• Multiple approvers (MofN)
• Proactive compliance checkups
Risk based cryptographically validated policies × ×
Distributed policy validation × ×
Asynchronous approval processes × ✓
1 click to replace approvers × ×
1 click to suspend / revoke approvers × ×
Refreshing keys / key shares of approvers × ×
 Effort Associated with Reaching Use Case Versatility

Need HSM Multi-Sig

Securing key usage × ✓
Full custody ✓ ✓
Vendor controls the key

Co-Managed custody ✓ ✓
Majority / Minority of the keys at the vendor's control

Noncustodial × ✓
Investor holds the signing key and the backup key

PoS assets × ×
Tokenization of assets Requires customization Requires customization
 Scaling Blockchain Applications
Samuel Sutch
CTO @ BRD
sam@brd.com

CONFIDENTIAL 15
 Scaling Blockchain Applications

The art of responding • Decentralized Finance (Wallets,

to changing demand Exchanges, Smart Contracts, etc.)
for your product. • Gaming & social network economies
• Enterprise collaboration
(consortiums, etc.)
• Auditing, compliance, forensics

CONFIDENTIAL 16
 Scaling Blockchain Applications:
Workloads
Writes (Creating Transactions)
10% of overall workload
Handled at the protocol layer
Active protocol development
Choose the protocol that matches your use
case (VM, TPS)
CONFIDENTIAL
Reads (Everything else)
90% of overall workload
Handled at “Layer 2”
Some commercial development
Choose the Layer 2 vendor that matches your
use case
17
 Common Existing Solutions

CONFIDENTIAL 18
Scaling Blockchain Applications:
Existing Solutions
Node Hosting
✔ Broad protocol support
✔ High write capacity potential
Most expensive option
Difficult operations
Low read capacity potential
Hard to scale

CONFIDENTIAL 19
Scaling Blockchain Applications:
Existing Solutions
Block Explorers
✔ Cost effective
✔ High read and write capacity potential
Most solutions not ready for scale
Limited protocol support
Reliability + data integrity issues
Vendor lock-in

CONFIDENTIAL 20
 Common Requirements

CONFIDENTIAL 21
Scaling Blockchain Applications:
Requirements & Tools
Requirement Node Hosting Block Explorers

Demand elasticity No Possible

Protocol choice Yes No
Cost effectiveness No Yes
Data integrity Yes Possible
High availability Possible Possible

Performance optimized No No
Client/server integration No No

CONFIDENTIAL 22
 Scaling Blockchain Applications:

Requirement Blockset

Demand elasticity Yes

Protocol choice Yes
Cost effectiveness Yes
Data integrity Yes
High availability Yes

Performance optimized Yes

Client/server integration Yes

CONFIDENTIAL 23
 blockset.com

CONFIDENTIAL 24