With the mass adoption of cryptocurrencies on the rise, crypto enthusiasts and investors must team up and contribute to solutions aimed at safeguarding the industry. The crypto community is still not proactive with security measures, even after an array of malware and phishing attacks.
Unlike the common hacks experienced by centralized platforms, like crypto exchanges - through which almost $282.6 million was stolen in 2019 alone, according to Chainalysis - very little is known regarding the global amount of losses sustained as a result of successful attacks on other wallet owners, like users of third-party wallets that provide ownership of private keys.
But, with the social media uproar of these attacks, we can only assume that the total amount lost is more than that incurred from attacks on centralized exchanges. The good news is that the scheme behind these attacks is usually remarkably consistent from one case to another, and can be avoided using simple security measures, like a trusted user interface.
So, what is a Trusted User Interface?
A trusted user interface (TUI) provides a pathway between a user and an app, which is free from any form of manipulation. Generally, TUI allows users to:
- Show transaction summaries
- Confirm information, such as keys and addresses
- Validate actions using a PIN or password
To ensure that a user interface is genuinely trusted, you must use a secure execution environment (SEE). A SEE provides two essential security features: confidentiality and integrity.
Confidentiality is essential when dealing with cryptocurrencies, as it allows the system to protect the cryptographic data. At the same time, integrity ensures that the code running on the device is the one intended by the developer.
In this article, we have looked at the importance of a trusted display and discussed how it depends on a secure execution environment to offer the security assurances necessary to handle cryptographic keys safely.
In a future post, we will study secure execution environments in detail and address some of the shortcomings experienced in alternative implementations.
Stay safe and continue trading safely with our tips.