Visit https://zengo.com/security/
Let me know in the comment what do you learn and like about ZenGo MPC security 🔐
⚡ I could zap some of the answer ⚡
Discussion
I watched one of your video . And i would like to understand how your wallet is safest vsCold Wallet ?
ZenGo use 3fa MPC security so you don't have to keep your seed phrase. For creating/recover your ZenGo wallet you only need a email address, a free cloud account, a face scan with your selfie camera on your phone. It's more secure because even if someone hack your email he still need a face scan of your face to recover the wallet.
Are you sur it s more secure?
Cause you re connecting the wallet to the internet so how it can be ?
yes, because it's almost impossible to hack a 3fa at the same time. The hacker have to hack your email + your cloud account + a face scan. it's possible to hack the email and cloud if they are not well secure with a strong password but not the face scan basically the hacker gonna have to be with you and force you to scan your face, because it doesn't works with a video or pictures. and the verification of the 3fa in the servers are using MPC so it's secure with high level cryptography, very hard and too expensive to hack
Sorry your reponse does not convince me
Email is not secure,
cloud less secure,
face scan (what about AI)
And i always understood, the more secure is not using Internet
if you are using 2fa for your email, the probability of remote attack are close to zero. The face scan is constantly battle tested and use AI for improving and updating.
check this post : https://zengo.com/how-zengo-guarantees-access-to-customers-funds/
All the best for your product...
It's not more secure, this guy doesn't know what he's talking about. It is way, way less secure to store keys in your cloud storage. I would never touch this kind of system.
They keys are not just like this in the cloud, it's an encrypted file and it's part of the 3fa secret for the recovery process, so even if a hacker access to the file it's not enough for recovering the funds. it need to match the 2 other authentications
because you didn't open and read the post about ZenGo security or misunderstood it let me post it here:
We’ve replaced the traditional private key with two independently created mathematical secret shares. One share is stored on your mobile device and the other on the ZenGo server. With no single point of failure, even if something happens to one of the shares, your crypto is always safe.
Unlike exchanges, ZenGo cannot access your funds. To send funds, you initiate a process in which the server and device shares communicate to sign the transaction without ever revealing their secrets to each other.
If you delete the app, lose your phone, or want to use ZenGo on a new device, simply scan your face which will match with the 3D biometric face map you created during setup. Now your wallet is restored!
Let me know if you need more information
It's not.
why ?
Because an "email, a cloud account, and a face scan" are not Bitcoin keys. The keys still need to exist. How are the keys stored in these three places? Do you think someone's email account password is more secure than a cryptographic key? Most people use the same email & cloud storage, and a picture of someone's face can pass a face scan. Not possible that it is more secure than keeping the keys yourself, especially if you do a multi-key (or split-key) approach and keep the keys in different physical locations.
keep the keys in different locations is more ways of losing it.
You can learn more here : https://zengo.com/how-zengo-guarantees-access-to-customers-funds/
The keys are stored and encrypted and never share to zengo or you, that's the magic and high security level of MPC.
In case of Zengo is out of business or the servers are down, they activate a emergency recovery mode with trustee, it needs to be confirm by humans, and the keys are send to the customer for withdrawing in any other wallet.
Ok, you can believe whatever you want. Sometimes people believe in bad ideas.
You can store encrypted keys from a COLDCARD yourself. You can also get a 2-of-2 multisig with a timeout through something like Blockstream Green. Or you can do a 2-of-3 with 1 counterparty through Casa or Unchained. There are a lot of options, and they all use standard formats (like BIP-39) and best security practices.
Google Cloud & face scans are not the way to do Bitcoin. Certainly not the safest.
here you can see videos of attempts of face scan with pictures
And with a high-quality 3D mask. The face scan is always improving using IA