Goldilock is a new security service launching on the NEO blockchain, which aims to provide individuals and institutions with an alternative to conventional data storage solutions such as online/cloud storage, personal hardware or digital wallets.
Goldilock aims to invent a “new class” of secure digital asset storage and private crypto key management services, and revolutionize the way digital assets are handled over the internet. The group has a patent-pending on remote automated airgap security (RAAS) for cryptocurrency custody and sensitive digital asset storage, which is a method of keeping data physically disconnected from the internet until it needs to be used for its intended purpose.
Goldilock points to over 3 billion online account breaches over the last five years and more than $700m in cryptocurrency stolen this year as evidence of a need to “make data safe again”.
Goldilock combines the concept of cold storage, the offline storage of data, with hot storage, which is always online and available. Goldilock leverages the positive aspects of these approaches by allowing users to keep their assets remotely disconnected offline, then bring them immediately online to act as hot storage for brief periods. The goal is to keep data inaccessible and invisible from hackers during the time in which it is not being used for its intended purpose.
The initial use cases are focused on private key management and the storage of cryptocurrencies for individuals, exchanges, and blockchain identity providers. According to the Goldilock team, they are already in discussions with commercial clients who want to apply the technology beyond the world of blockchain.
Each Goldilock user will have access to a segregated, encrypted storage device that is stored within a vault in a secure data center. The device will remain offline and physically disconnected from the Internet at all times, until a client wishes to access it. This initial access can only be performed over the analog Public Switch Telephony Network, which in combination with other secure offline gateways is used to remotely mount the storage device to its own, segmented internet connection.
After the device is brought online, the user must pass a range of verification steps before gaining access through a secure web login over an encrypted channel. After the client has finished accessing their data, the device is once again physically disconnected from the Internet with an air gap.
The goal of this process is to provide a highly secure alternative to online storage, hardware wallets, paper wallets and exchange wallets, as the device cannot be lost or stolen. The Goldilock team believes this will also help a lot of institutions who wish to enter the blockchain industry but have no suitable crypto asset custody solutions. The team has lined up partnerships with some cryptocurrency exchanges and crypto funds, as they can potentially allow centralized exchanges to protect themselves from theft by isolating their users’ funds. These partnerships are expected to be announced over the next few weeks.
The LOCK Token
Goldilock will register its own NEP-5 LOCK token on the NEO blockchain. Users will be required to use LOCK tokens to pay for subscriptions to the service to store private keys and other digital assets. The LOCK token also functions as a secure gateway, writing indelible information to a private audit blockchain whenever a user is granted access, ensuring that any access to a Goldilock wallet is immutably tracked. Initially only NEO, GAS and NEP-5 tokens will be supported for storage, with the intention of transforming the NEO blockchain into the most secure cryptocurrency currently available.
The use of an isolated, air gapped digital vault allows for the storage of sensitive information beyond cryptocurrency assets. The on-demand nature of the storage could allow personal information such as health records, bank transfers, credit information or other sensitive data to only be accessible when it is required. As the data on these devices is disconnected and thus invisible from the internet, this service would reduce the risk of data theft, something that affects millions of users every year.
Goldilock CEO, Jarrod Epps, also claimed that the team has received interest from companies that require a method for securely transferring data and digital assets without them leaking, such as banks, credit institutions, healthcare providers and digital video/software rights management studios. Many of these organisations are sending files via physical hard drives daily, such as films, to prevent unauthorised leaks. With the files stored on an segmented node with an isolated network connection, the chance of a file being stolen through a hack is substantially reduced. The use of the LOCK token audit functionality provides information on when and where the data is being accessed from, which could allow clients to trace the source of a leak.
According to Goldilock’s roadmap, the LOCK token private pre-sale is due to begin in August. 1 billion LOCK tokens will be minted, allocated as follows:
- 50% – Public Sale
- 20% – Team, Investors, Advisors, Early Adopters
- 20% – Business Development, Partnerships, Future Services
- 10% – Promotional Services
The majority of public sale funds will be used for platform development, but 20% will be dedicated to marketing or PR, and another 20% is set aside for financial structuring and acquisitions. The public token sale has a hard-cap of $30M, and can be participated in using NEO, BTC, ETH and USD. All founders and advisors will undergo a mandatory 6 months lockout before they can sell LOCK tokens, which is designed to preserve the project and protect token sale contributors.
More information on Goldilock can be found at the links below.