This article was first published on Agrello - Medium
In this update, as the elliptic keys version is being gradually rolled out to users, we wanted to elaborate on how elliptic keys contribute to the security and usability of Agrello Digital Identity. You wanted an effective and secure solution for managing and recovering digital keys and wallets in case of losing access to your mobile device. Our solution based on elliptic keys provides these capabilities, whilst reducing any possible exposure of private keys and working natively with public blockchains.
Elliptic keys have crucial advantages for Agrello ID
There are a number of advantages to using elliptic keys to secure Agrello Digital Identity. Compared to RSA, elliptic keys are smaller for the same level of security, and generating them requires less resources, which is particularly important when we generate and store keys on a range of mobile devices. As elliptic keys are the de-facto standard in blockchain space, they give Agrello ID capabilities to natively interact with Smart Contracts and sign blockchain transactions. These signatures are then directly verifiable on blockchain.
How they are generated and used
With the Agrello ID app, elliptic keys are generated on your mobile device. Both iOS and Android platforms are supported. Crucial to note that the Private key gets stored in the device’s protected keystore upon creation and is never transported anywhere, avoiding an unnecessary exposure.
The overall flow is as follows.
- Mobile app generates: a) mnemonic phrase; b) two keypairs — for Authentication and for Signature purposes.
- App encrypts the keys with user’s PIN codes and saves them in the device’s protected keystore.
- The public key is then registered in the Smart Contract linked with the Agrello ID.
- To sign or authenticate, user inputs the corresponding PIN and the App decrypts the Private key.
- The App signs transaction with the decrypted Private key.
- The signature is then registered on blockchain and ...
To keep reading, please go to the original article at:
Agrello - Medium