Building a single, secure location for financial & legacy planning.
Vaultbox contacted MISSION in early 2020. Critical to the success of this project, was understanding how to technically solve the concepts of
- Zero access by any third party
- Only allowing multiple deputies to unlock a user’s information in the event that they are unable to do so themselves
- External integrations such as fx rates for valuations not interacting with any client information
For the project we designed the technical road map to meet these challenges and assigned a team of 3 developers to work on the build. A UI/UX designer has been engaged at various stages and we have worked closely with Vaultbox into the launch and growth stages. As architecting a secure cloud based location was most challenging, we’ll summarise how it works here.
A fundamental security concept is that all operations are performed within the client browser. If someone were to get full administrative access to the vaultbox servers and AWS account, all the attacker would have are a series of encrypted objects and no ability to even determine how they relate to one another, or who they belong to. The user’s master encryption key that is used throughout vaultbox is itself protected by Amazon Cognito.
A fundamental purpose of vaultbox is for multiple deputies to come together to unlock a user’s information in the event that they are unable to do so themselves. When a deputy is created, their account is associated with a public and private key pair, with the private key securely stored against the deputies’ Cognito profile. The master encryption key (for the main user) is split into pieces and distributed to deputies using the Shamir's Secret approach. Each share is encrypted with the deputy’s public key and persisted on to Amazon DynamoDB.
Anonymising External Integrations
When valuing assets & liabilities in foreign currencies, vaultbox connects to the outside world to pull in the FX rates. In order to do this anonymously, the requests to our FX provider are made from a central back-end service that does not give away any identifying information that could be used to try to determine for whom the underlying request is being made. Once the relevant rates have been pulled in, they are persisted within a DynamoDB table, and then passed to the client to be used for valuations. The user’s vaultbox does not pass any information about the Registry outside of the client browser in order to do the calculation.
Creating a digital vaultbox as good as a bank safe deposit box, adapted to the 21st century.
Supporting a team of industry professionals with technical solutioning for challenging but important problems, is a key motivation for MISSION+ being part of the vaultbox project.