A Crypto Wallet Powered by AzureSphere: Zengo Does the Microsoft Hackathon

On last July, we had the privilege to participate in Microsoft’s annual Global Hackathon. In fact, Zengo was the only Israeli startup company in the Hackathon along with much bigger and established Israeli companies and organizations, such as Israel’s national airline company and a big Israeli hospital. We partnered with a team of programmers from Microsoft Israel Development Center (ILDC) to create a proof of concept cryptocurrency wallet based on Zengo’s cryptographic technology and Microsoft’s secure IoT hardware, Azure Sphere.

The Hackathon project presentation

Zengo in a nutshell

In Zengo, we build a “keyless wallet.” It’s a radically new approach to cryptoasset management that requires no passwords, no special hardware, and no complicated backup schemes. In addition to the convenience, we’ve completely removed the single point of failure that plagues the industry today — with Zengo, there is no private key to worry about.

Using threshold signatures, we’ve replaced the traditional private key with two independently created “mathematical secret shares”. One share is stored on the customer’s mobile device and the other on the Zengo’s server. With no single point of failure, even if something happens to one of the shares, your assets are always safe.

Unlike with exchanges, only the customer can initiate a transaction. Zengo cannot access the customers’ funds. To send funds, a customer initiates a process in which the server and device shares communicate to sign the transaction without ever revealing their secrets to each other.

Signing a transaction using threshold signatures with Zengo Wallet

Zengo’s cryptographic technology

In our app, we are currently using the two-party version of Threshold Signatures, as shares are created on Zengo’s server and the customer’s mobile device and both are required to sign, making it a “2 out of 2” scheme. However, our Threshold Signature implementation already supports the general multiple parties case of “t out of n” scheme, that enables a quorum of signers to sign, e.g. three signers out of five parties that created the shares, as shown below:

3 out of 5 parties ECDSA signing  (source: Zengo’s GitHub)

We are openly sharing our Threshold Signature cryptographic code on our public GitHub account, to increase the security and trustworthiness of our code and to collaborate with the developer community. Zengo’s open attitude was well received by the community and, to our satisfaction, we have quite a few avid contributors.

One of them, Vitalik Hnatyk, has started working on exporting our Rust code to the Azure Sphere and sparked the process that led to this Hackathon project.

Azure Sphere in a nutshell

Azure Sphere is Microsoft’s end-to-end solution for securing IoT devices and equipment.

It delivers security to existing and new IoT devices through three components: Azure Sphere certified chips with built in Microsoft security technology, a defense in depth four-layer operating system, and a cloud security service that secures device to cloud communications, detects emerging threats, and renews security automatically through software updates.

Azure Sphere security (source: Microsoft)

Therefore, Azure Sphere is an ideal candidate to take part in Zengo’s Multi-party Threshold Signature Scheme (TSS), create a share and participate in the signing process.

The wallet

We discussed this innovative idea of using Azure Sphere in Zengo’s Multi-party Threshold Signature Scheme with Microsoft Garage group and they were so thrilled by the idea, that they invited us to collaborate together on this project at the Microsoft Hackathon.

A few of Microsoft engineers volunteered to implement the proof-of-concept with Zengo; additionally, Microsoft connected the team with the Azure Sphere team.

The Wallet hackathon mixed (Microsoft + Zengo + dog) team

In a matter of a few days, the team was able to build a cloud server that connects to the Bitcoin blockchain and to Azure Sphere in order to send valid Bitcoin transactions from the IoT to the block chain.

One of the technical achievements that deserves some special attention is the ability to run Rust code on the Azure Sphere hardware. Rust is a popular secure coding language that’s receiving a lot of attention and accolades. Recently it was reported that “Microsoft plans to explore using the Rust programming language as an alternative to C, C++, and others, as a way to improve the security posture of its and everyone else’s apps.” Officially Azure Sphere only supports code written in C. However, Zengo’s aforementioned open source contributor Vitalik, had helped the team run Rust code on the Azure Sphere!

We made great progress for four days at the Hackathon and plan to continue to develop the project with the help of Microsoft and the open source community.

Parting notes

Adding more secure devices as threshold signatures signing parties is a very interesting concept for us at Zengo and we plan to continue the research and experimentation in this area. We are thankful for Microsoft for supporting us on the endeavor and we are looking forward to continuing this collaboration.