III. Security

We don't compromise on security when building features. We use state-of-the-art technologies, and research new security methods and technologies to make strong security guarantees.

Information security

practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information. (Wikipedia)

Examples

• Private keys and transactions
• End to end encrypted chat
• Darkness (see who is talking to who)
• Cluster uptime

Compromised security?

• Trivial: Can't restore your account (private keys)
• Subtle: Forward secrecy, either you have or don't
• We are responsible for secure defaults

State-of-the-art technologies

• 'Obvious' choices for experts in field
• Chat: Double Ratchet and PFS
• Hardware wallet
• Reproducible builds

Basic security hygiene

• Ex: no password re-use
• Ex: 2FA (without phone recovery)
• Security and privacy week after Prague

Tool: Threat modeling 101

• Pretend to be attacker and follow logic
• Example: House with jewelry (high reward) and open back door (vulnerable) and thief (relevant attack).

Research new security methods

• Magic and crazy
• Be top 1-10% of tech orgs for attention
• Might seem unusual or crazy to some of you

Example research

• Zero knowledge proofs for private transactions
• Darkness, quantum secure, multiparty computation, formal methods…

Tool: Security guarantees

• This might seem hard (it is)
• But you can ask questions and learn!
• Explicit about guarantees
• Simple user stories

Example: E2EE chat

• As a user, I don't want anyone but the person I'm talking to to see my conversations.

• Forward secrecy: If my private key gets compromised another person can't read my historical conversations.

Example: Private transactions and darkness

• As a user, I don't want someone to know who I am talking to except the person I'm talking to.

• As a user, I don't want anyone but recipient to know that I transferred money to them.

(security, inclusivity)

• How do we ensure a secure user experience while being user friendly?

• How do we ensure we provide utility for people and aren't paralyzed by extreme threat models?
  E.g. lack of private tx !=> only focus on chat.

• How can we work iteratively on security and communicate clearly what guarantees we make and can't make right now?

Pairing and wall of shame

Up to you.

• Idea Generator 1: List pairings and think about positive and negative interactions.

• Idea Generator 2: Think like adversary - how can Status be attacked?

Thanks