RAFP - Further Decoding the Enterprise Asset Custody in MPC Wallet

Joe, as the Product Director of CipherBC, recently shared further insights into the journey of designing the latest release, CipherBC Flexify, during an interview on Ctalks. In particular, he delved into the exclusive product framework of RAFP, revealing the behind-the-scenes stories and anecdotes. Let’s take a look at how RAFP plays a crucial role in Flexify, addressing various asset custody challenges that enterprises of all sizes face.

What is RAFP?

In the interview, Joe explained: “CipherBC Flexify is a crypto wallet based on core MPC technology, designed to serve enterprise-grade users.” The MPC (Multi-Party Computation) wallet employs collaborative computation, dispersing private key shards among multiple participants to effectively thwart hackers from stealing the entire key. The method of key shards storage makes MPC wallets more secure than traditional single or multi-signature wallets, as even if hackers obtain one of the key shards, they cannot access the complete key. Joe highlighted another standout feature, the newly developed Role Based Approval Flow Protocol (RAFP).

RAFP is a customized workflow configuration for authorization approval and encrypted transaction-related processes. “Unlike traditional workflow setups, it is approval based on predefined roles within the organization.” Joe emphasized that when using RAFP, once the workflow is set, critical sensitive data is stored in a Trusted Execution Environment (TEE). Therefore, even if hackers breach the operating system, they cannot tamper with the information within the TEE.

A TEE can be understood as a highly secure encrypted storage that is inaccessible without authorization. Even if hackers miraculously gain access to the operating system, they cannot effectively access or modify information within the environment. For various crypto asset management teams, especially when the team generates numerous transaction audits, Joe recommends utilizing the CipherBC Flexify wallet. It defends against external hacker attacks through cryptographic mechanisms and addresses internal malicious activities through RAFP, ensuring the security of funds.

The Inspiration of RAFP Design

Joe also shared his stories as an experienced Product Director, with the origins of RAFP being crucial. “While the setting of the MPC wallet can prevent external attacks, it is still challenging to prevent the theft of encrypted assets due to internal malice or mistakes. In response to this situation, we designed the RAFP framework.” He had previously operated the workflow settings in the similar system and found that the rules were highly complex, with high communication costs.

Joe shared, “I remember studying a system once, and even with my strong self-learning abilities, I was surprised that it took me three days to learn from the user manual. Even setting a rule required a long learning process and back-and-forth communication with colleagues. And during the process, there were some minor mistakes that led to possible leaking issues. Later, I was determined that if I were to create an enterprise-level approval product, I would design it to solve three pain points mainly.”

Easy Learning Process

Make it extremely user-friendly, allowing administrators to configure clear, logical rules.

Avoid Internal Operational Mistakes or Malice

Avoid losses caused by errors when an auditor’s responsibilities change, or rules must be modified due to business requirements. In the Blockchain industry, especially for high-frequency traders and quantitative teams, intricate product design can pave the way for internal misconduct, resulting in substantial financial setbacks.

Top-tier Security

Configure an AI workflow for approval rule settings. In CipherBC Flexify, in addition to standard approvals, various Dapps are integrated, such as APPs of lending, swaps, synthetic assets, etc. For example, sometimes quantitative teams may use high-frequency trading and integrate third-party DeFi platforms with approval flow configurations to achieve risk management in enterprise-grade operations.

Why is RAFP Indispensable in CipherBC Flexify?

First, CipherBC’s priority is to build crypto custody asset security under strict regulation. While the security aspects of MPC technology used in it are impeccable against external threats, it does not mean that our blockchain-based data assets are entirely secure. Crypto asset theft is rampant. The incidents are becoming increasingly severe with the development of the blockchain industry. CipherBC strives to combine cryptographic security and operational rationality in product design.

The wallet primarily faces two significant threats: external and internal threats. One can use cold wallets (hardware wallets) or the MPC wallet provided by CipherBC to ensure security for external threats. However, internal threats require a robust internal control mechanism — RAFP. The system automatically executes internal control information by digitizing this internal control system.

How can RAFP prevent that when the internal team is malicious and various operational errors occur? Through RAFP, users can be guided with clear logic. Using RAFP, team members can be designated admins, and detailed processes for approving fund transfers can be specified, such as time, transfer address, approval order, etc. With this set of rules, transactions can be automatically generated in the CipherBC Flexify system.

For example, if you want to apply to transfer 10,000 USDT from address a to address b. In a traditional crypto wallet, usually, the boss instructs the transfer from a to b, and the operator enters the information. Two scenarios may occur: 1. Incorrect information entry. 2. Phishing attacks. Suppose the hackers routinely transfer a minimal amount, like 0.00001 USDT, to your frequently used wallet address. In that case, you may inadvertently mistake the hacker’s wallet address for a familiar address and add a transfer, leading to financial loss.

However, the RAFP in CipherBC Flexify can prevent this situation based on the approval flow. For example, when an operator applies to transfer 10,000 USDT from address a to address b, it is not required to operate with a hardware wallet. Still, it is generated by the system through operations. After approval, this transaction will interact with the chain, be calculated with third-party nodes, and undergo multi-party computation, effectively monitoring and preventing internal errors.

Technical Dive: RAFP Architecture Design

Regarding the architecture design of RAFP, CipherBC adheres to a high cohesion and low coupling layered structure.

In terms of high cohesion, CipherBC aims to break down each task into a small module and then refine it internally, creating a high level of closeness. Coupling, conversely, refers to minimizing the relationship and dependency between two modules. This implies that modifying one module should not impact another, with simple and stable interfaces, allowing CipherBC to achieve extreme cohesion. It’s like compressing all pieces of physical stuff inside, similar to what a black hole does. This structure — RAFP makes the functionality powerful yet the design very concise.

Once the overarching framework is established, it allows us to configure the details of the lower layers. The benefit of high cohesion is that each module’s functionality is comprehensive enough to meet all requirements without affecting the upper-level rules with lower-level configuration details. “From an IT perspective, in cryptography,” as Joe shared, “we haven’t invented any new technologies; we are utilizing encryption, hash signatures, and distributed databases. But we can build something flawless, like assembling LEGOs. Anything added is redundant, and removing even a small component would cause the entire system to collapse instantly. Each block is essential and streamlined.”

Future Roadmap for CipherBC

Minimize the Learning Process

Optimize the user interface and user experience. Unless they work in risk management roles at larger companies before, many users are unfamiliar with MPC technology, especially approval rules in workflows.

Joe mentioned: “We strive for ultimate user-friendliness, with operations being extremely simple in the UI. Another key aspect is security. The main function of a wallet is to protect clients’ assets, and we will continue to enhance the security of the front and back end of the product system. Security is at the core of being an enterprise-grade wallet. Any vulnerability could be catastrophic for a wallet service provider.”

Enhance Product Features and Product Lines

Optimize features for quantitative trading features on existing products. In the future, compatibility with CipherBC cold wallets and external system interfaces will be added. Regular security audits are crucial. With every significant version upgrade, CipherBC will undergo third-party audits to ensure customer safety. The upcoming hardware wallet will adopt the air gap concept, meaning transactions will be offline, and flexible judgment will be ensured through threshold signature schemes.

The product will still incorporate RAFP. Only transactions audited by the RAFP workflow can be signed. This ensures the system will identify any forged transactions, preventing internal personnel from obtaining the hardware wallet’s PIN code and creating a wallet address for transfers. With RAFP, external hackers will find it challenging to attack while preventing internal malice. In other words, even in extreme scenarios, it will be impossible to forge a transaction and have it signed by the hardware wallet.

Ecosystem Establishment

By collaborating with traditional fintech companies and partner merchants, CipherBC utilizes the MPC wallets and explores broader applications such as offering more financial services like loans or integrating traditional finance services like insurance, and investment services. Overall, CipherBC aims to provide efficient, secure, convenient, and reliable digital asset management solutions for global users.

Website | X | Linkedin | Medium | Blogs