--- robots: noindex, nofollow --- # Corporate Wallet For-Profit Business Plan Summary * Self-Sovereign Corporate Wallet * Sign POs * Multisigs * Dual Control **Company Name:** Charter Wallet **Mission Statement:** To enable companies to deploy a fully digital wallet system that enables the safe storage of digital keys for usage in signatures and for the control of digital assets such as cryptocurrency and digital identities. ## The Problem The digital age allows for the vast simplification of paperwork, decision making, and money transfers thanks to cryptographic technology. However, most companies take poor advantages of these technologies due to insufficient key-management support, and may even endanger their businesses by trying to adopt these new technologies without superior key-management solutions. The biggest problems are: 1. **Key Usage is Balkanized.** Though it's appropriate for different usages to have different keys, at present there's no unity at all in keys that might be used for contract signatures, PO signatures, software signatures, proof of identity, consensus agreement, and cryptocurrency management. 2. **Key Storage is Balkanized.** Because of the lack of unity in key usage, key storage is badly balkanized as well. A user might have some keys on their desktop computer and some in a software or hardware wallet. By multiplying the number of keys in a chaotic manner, the possibility of key loss is also multiplied. Still other company systems might not even use digital signatures, but just poor man's substitutes such as typing in initials or click on an email, giving up the actual advantages of digital signatures. 4. **Key Are Single Points of Failure.** Most keys are used for single signatures and most backup methods are poorly thought out (if they exist at all). This makes it easy for keys to be lost or keys to be stolen, entirely compromising the whole system and creating serious dangers of asset or identity theft or misappropriation. 5. **Dual Control & Threshold Control are Poorly Supported.** Dual-control systems that require two signatures are important for fidicuary control of assets. Threshold control is important to show quorums of agreement when unanimity is not required, whether it be for a signature or an asset transfer. Wallet UIs are mostly deficient for these multisig systems and almost no one supports the newest systems of FROST and MuSig2 multisigs, which have considerable advantages for cost, scalability, and privacy. 6. **Backups Are Poorly Supported.** Finally, key backups are poorly supported, even though they're critical for single-key systems. Something's needed that's better than just writing words down on a piece of paper. In short, companies need a system that unifies their digital signature usage and digital-asset control, that provides the ability to verify quorum consent, and that guards against key loss. ## The Solution: Self-Sovereign Corporate Wallet The Self-Sovereign Corporate Wallet solves these problems by offering a unified software wallet system that runs on mobile devices and that can be white-labeled for individual companies. - **Unified Key Management**: One or more seeds are stored in the wallet then used to generate a whole sequence of private keys. Specific paths are used for specific tasks (e.g., PO sign-off, contract sign-off, software signing) to ensure easy recovery. - **Integrated Signing**: Integrated systems support the signing of documents and of transactions for common blockchains. Resilience, security, and accountability are all improved by ensuring that these keys never leave the wallet. - **Remote Support**: When integrated support doesn't exist, private keys can be exported for signing and public keys can be exported for monitoring, with export methods including QRs, NFC tags, and other secure sharing methods. - **Multisig Support**: Multisigs are fully supported, including FROST and MuSig signing. - **Dual & Threshold Support**: Multisigs mean support for dual keys and threshold signing. The UX ensures that these are easy to use. - **Automated Key Creation**: Part of that ease of use comes through an automated key creation system. Using Gordian Sealed Transaction Protocol (GSTP), the setup and usage of multisigs is simple and obvious, even for the multi-round MuSig and FROST signatures. - **PKI Server**: An internal web server provides the company with a full Public Key Infrastructure, verifying the identities associated with keys. Using elided Gordian Envelopes, some keys and related information about an identity can be public and others private, to be revealed through inclusion proofs as needed. - **Decision Provenance**: The full provenance of any key, including decisions and other uses, is also logged in the PKI in an elided form, also to be revealed as needed. - **Sharded Seed Backups**: All seeds are backed up with Sharded Secret Key Reconstruction (SSKR), with shards backed up on other wallets or on Collaborative Seed Recovery (CSR) servers, as preferred by the company. Metadata is also stored to record the precise usage of keys. This allows their reconstruction even in cases of catastropic loss. The seed storage and recovery is automated to make it easy to use. - **Legacy Inheritance**: Corporate private keys are associated with individuals to ensure accountability, but they still need to beholden to the organization when an employee leaves. A Legacy Inheritance structure allows the recovery of seeds, metadata, keys, and provenance by a supervisor, administrator, or quorum. - **Member-Managed Organization Support**: The self-sovereign corporate wallet is built to generally support any traditional company, but its features may offer additional advantages to a member-managed organization thanks to the ability for the entire organization to vote using their keys, verifying consensus and ensuring responsibility for that decision. ## Market Opportunity Key loss is one of the greatest threats to digital-asset holdings. - Most stories are [anecdotal](https://www.ccn.com/education/crypto/lost-keys-lost-crypto-blockchain-horror/), but estimates say about [3.7 million Bitcoins have been lost](https://www.computer.org/csdl/magazine/co/2021/07/09473212/1uUtBgAq6UE), which is worth more than $300 billion dollars. - Through its Backup and Legacy Inheritance systems, the self-sovereign corporate wallet makes sure that loss of keys is a thing of the past for companies. - Thanks to strong protection of private keys, including use of multisigs, the self-sovereign corporate wallet also protects against key compromise, which was estimated to cost $2.1 billion just for [the first three quarters of 2024](https://cointelegraph.com/news/cryptocurrency-hacks-2024-cefi-defi-losses) Corporate malfeasance can also be a serious issue - Companies lose [5% of revenue to employee fraud each year](https://acfepublic.s3.us-west-2.amazonaws.com/2022+Report+to+the+Nations.pdf). This includes asset misappropriation, corruption, and financial statement fraud. That loss can reach trillions in costs if compared to GDP. - Add another [$20 billion a year for other sorts of workplace misconduct](https://vaultplatform.com/press/news/workplace-misconduct-cost-u-s-businesses-20-billion-in-past-year-new-study/). - Finally, [Corporate Fraud](https://www.law.nyu.edu/sites/default/files/upload_documents/Adair%20Morse%20How%20Pervasive%20is%20Corporate%20Fraud.pdf) can cost hundreds of billions more and only a third of it is detected! - The self-sovereign corporate wallet offers strong protections against employee fraud, but its strong accountability and provenance for all decisions and its simple integration of dual-key and threshold systems may also offer protections against other sources of loss. Provenance of decision making alone ensures responsibility in decision making that will foil many fraud attempts, without feeling like a big-brother regime, as it's only explicit uses of keys that are recorded. More generally, companies just aren't set up to assess consensus because it was too difficult in the classic business world. That's now changed. The self-sovereign corporate wallet is therefore directed to companies that want to maintain tight control over their signing ability, to improve their security and the resilience of their digital assets, to enable the assessment of consensus, and to ensure the accountability of their entire decision making structure. ## Business Model (These business model components are ordered by priority, based on the planned implementation timeline, with earlier entries reflecting initial focus areas.) 1. **White-Label Services and Applications** - **Pre-Built Solutions**: One-time fees for deploying turnkey wallet services. - **Consulting Fees**: Hourly rates for integrating the wallet into existing corporate structures for signing, for voting, and for digital-asset control. - **Maintenance**: Annual subscription fees for ongoing support, updates, and customization. - **White-Label Applications**: Customizable applications branded for organizations, offering features such as purchase approval, public-facing PKI bridges, - and sophisticated legacy inheritance structures. - secure key recovery, family asset management, and social recovery options tailored to their user base. 2. **Personal Wallets** - **Spinoff Designs:** Less fully featured versions of the corporate wallet focusing on cryptocurrencies, identity control, and signing will be made available to individual users. - **Token/Passkey Integration:** Personal walls will additionally integrate 2FA and passkey functionality - **Accessible Interoperability:** --- ## Business Model (These business model components are ordered by priority, based on the planned implementation timeline, with earlier entries reflecting initial focus areas.) 1. **White-Label Services and Applications** - **Pre-Built Solutions**: One-time fees for deploying turnkey depository services for organizations without existing authentication frameworks. - **Consulting Fees**: Hourly rates for integrating CSR into existing corporate authentication frameworks, enabling heterogeneous, secure implementations. - **Maintenance**: Annual subscription fees for ongoing support, updates, and customization. - **White-Label Applications**: Customizable applications branded for organizations, offering features such as secure key recovery, family asset management, and social recovery options tailored to their user base. 2. **Stand-Alone Applications** - **Reference Releases:** Reference applications (e.g., self-sovereign custody, family asset management) serve as ecosystem enablers and CSR demonstrations but are not a primary profit center. - **Freemium Model**: Basic functionality is free for individual users, with paid premium features such as advanced recovery options for families and small businesses. 3. **Pay-Per-Recovery Model** - Offer a pay-per-use recovery service for organizations or end-users, charging a fixed fee each time the recovery mechanism is utilized. - This approach provides flexibility for customers who prefer a low upfront investment. 4. **Training and Certification Program** - Provide training and certification for organizations or developers implementing CSR solutions. - Certified partners can display a "Gordian Seal" indicating compliance with CSR standards, enhancing their credibility and adoption. 5. **Gordian Seal Marketplace and Membership Program** - Develop a marketplace of vetted recovery service providers under the "Gordian Seal" certification program: - **Marketplace**: Enable users and businesses to choose depositories or recovery partners that meet their specific needs. CSR charges a platform fee or a percentage of transactions conducted through the marketplace. - **Membership Program**: Offer organizations the opportunity to join the Gordian Seal program, paying an annual fee to receive: - Certification of compliance with rigorous Gordian Seal standards. - Inclusion in the trusted Gordian Seal network, strengthening their credibility in the ecosystem. - Access to premium support, exclusive features, and discounts. 6. **Recovery Assurance Plans** - Partner with insurance providers to create specialized plans backed by CSR’s trustless architecture. - Provide recovery assurance plans or insurance services for organizations or end-users to guarantee recovery in case of catastrophic loss. ## Competitive Advantage - **Flexibility and Choice**: CSR offers diverse recovery options, including offline methods (e.g., NFC cards, safe-deposit boxes), recovery via trusted entities, and social recovery with family and friends. These meet varying user risks and requirements. This flexibility contrasts sharply with rigid proprietary systems, enabling tailored solutions for individuals and organizations. - **Privacy and Security**: CSR prioritizes user privacy by avoiding mandatory KYC and implementing a decentralized, trustless architecture. This ensures no single entity has full control over recovery, significantly reducing risks of compromise while bolstering resilience against regulatory overreach and centralized vulnerabilities. - **Open Standards and Interoperability**: Built on robust standards like Gordian Envelope and Sharded Secret Key Reconstruction (SSKR), CSR facilitates seamless integration across wallets, exchanges, and platforms. These open standards promote interoperability, trust, and broader ecosystem adoption, avoiding vendor lock-in. - **Diverse Authentication Methods**: CSR supports a wide array of authentication methods to ensure maximum flexibility and security for users. Advanced authentication could include biometrics, federated login, in-person verification, phone-based authentication, time-delays, and offline recovery mechanisms, catering to a variety of threat models and user preferences. - **Decentralized and Trustless Design**: By eliminating single points of failure or compromise, CSR ensures the integrity and reliability of recovery processes. This trustless design aligns with the principles of decentralization, appealing to privacy-conscious users and forward-thinking organizations. - **Regulatory Flexibility**: CSR’s non-custodial architecture and decentralized approach reduce exposure to strict regulatory requirements. Its adaptability to multi-jurisdictional compliance needs makes it an attractive option for global adoption, particularly for organizations operating across diverse legal environments. - **Scalability Across Industries**: While initially targeted at cryptocurrency and digital identity sectors, CSR’s architecture can scale to other industries, such as finance, healthcare, and intellectual property management, further expanding its market potential and use cases. - **Future-Ready Ecosystem**: CSR is not just a recovery solution—it is the foundation for a broader ecosystem of advanced cryptographic services. Positioned to lead in emerging areas like multi-party cryptographic signing, decentralized credential issuance, entitlement management, and secure data sharing, CSR ensures compatibility with evolving digital asset and identity use cases. ## Customer Traction - **Major Cryptocurrency Wallet Vendor**: Planning to implement CSR in 2025, with the potential to onboard with 50K to 250K users. - **Human Rights Foundation**: Evaluating a grant to host a CSR depository, demonstrating CSR’s appeal to a mission-driven organization. - **Active Pipeline**: Discussions with 12+ potential partners, representing a market opportunity of 1-2 million users. - **Ledger**: In response to user demand, Ledger has introduced our core SSKR standard as approved application directly on their Ledger device, enhancing security and redundancy. If Ledger were to integrate the more expansive Collaborative Seed Recovery (CSR) alongside their existing 2-of-3 Ledger Recover service, or update it to support CSR, it could significantly expand the addressable market by offering users more flexible and secure recovery options. Ledger's cumulative sales could reach around 7.2 million units by the end of 2025. ## Go-to-Market Strategy 1. **Core Depository Network**: Establish depositories representing diverse organization types (e.g., wallet vendors, cryptocurrency exchanges, mission-driven non-profits) and jurisdictions (e.g., US, EU, Canada, Switzerland, non-Five Eyes countries). 2. **Pilot Projects**: Launch pilots with high-profile partners to demonstrate CSR’s flexibility and security. 3. **Partnership Development**: Collaborate with DeFi platforms, Web3 projects, and advocacy organizations to drive CSR’s adoption. 4. **Marketing Outreach**: Publish thought leadership, host webinars, and sponsor industry events to position CSR as the industry standard. ## Funding Requirements We are seeking **$5 million** to accelerate growth: 1. **Development (33%)**: Expand the core technology team to complete the CSR platform. 2. **Enterprise Integration (33%)**: Build a team for seamless customer onboarding and support. 3. **Sales and Marketing (33%)**: Drive adoption through partnerships, pilots, and global outreach. ## Team - **Christopher Allen** (Board Chair, interim CTO): Christopher Allen is a seasoned technologist and entrepreneur with a distinguished career in internet security, cryptography, cryptocurrency, and digital identity. - Christopher founded Consensus Development, which licensed cryptographic toolkits and provided consulting to early internet security pioneers such as RSA Data Security, VeriSign, PGP, DigiCash, RedHat, Wells Fargo, and others. - As the co-author of the Transport Layer Security (TLS) 1.0 standard, he helped establish foundational protocols that secure online communications to this day. - In 1998, Certicom Corporation, a leader in cryptography, acquired Consensus Development in a cash-and-stock deal, strengthening its offerings to support secure communications using elliptic curve cryptography ([American Banker](https://www.americanbanker.com/news/tech-bytes-certicom-buys-security-tool-kit-firm)). - Allen served as Principal Architect at Blockstream, a pioneering Bitcoin technology company ([The Merkle](https://themerkle.com/cryptography-pioneer-christopher-allen-joins-blockstream/)). - He co-authored *#SmartCustody*, a guide to advanced cryptographic tools for secure digital asset management, and authored the "10 Principles of Self-Sovereign Identity," a framework for user-centric digital identity ([Coindesk](https://www.coindesk.com/markets/2016/04/27/the-path-to-self-sovereign-identity/)). - Allen's extensive leadership in cryptographic standards organizations and his work on decentralized technologies position him uniquely to lead initiatives focused on enhancing resilience and reliability in cryptographic key management ([LinkedIn](https://linkedin.com/in/ChristopherA)). [advisor to select block community, on dao subcommittee, have been enabling legislation for DAO-like organizations] - **Wolf McNally**: Team Lead for CSR technology, overseeing platform development and scalability. - **Enterprise Team Lead**: Recruitment in progress to ensure effective enterprise integration. - **CEO Search**: Actively seeking a CEO with financial industry experience to guide scaling and strategic growth. ## Vision CSR will evolve into the backbone of a collaborative cryptographic ecosystem: 1. **Advanced Services**: Enable multi-party cryptographic signing, credential issuance, entitlement management, and more. 2. **Global Adoption**: Build a trusted network of interoperable depositories that scale across jurisdictions and industries. 3. **Industry Leadership**: Establish CSR as the gold standard for secure, decentralized recovery solutions and cryptographic services. ## Call to Action Join us in building the future of resilient, user-controlled cryptographic systems. CSR is the foundation for a trustless, interoperable ecosystem that protects assets, identities, and lives.