Tomo's Key Management

OAuth

OAuth (Open Authorization) is a widely adopted standard for authorization that allows users to grant websites or applications access to their information without exposing their passwords. OAuth uses established social media platforms with robust security measures, such as two-factor authentication (2FA) and continuous monitoring for suspicious activities. As long as the social account is secure, you don't need to worry about losing your private key.

TEE

OAuth provides authentication to the wallet, and hardware wallets based on the Trusted Execution Environment (TEE) provide rock-solid security for your private key. TEE is a secure area within a device's main processor that ensures sensitive data is stored, processed, and protected in an isolated environment. Hardware wallets based on TEE leverage this technology to manage private keys and execute cryptographic operations securely. No matter who owns the device, a wallet in TEE is always owned and can only be operated by you. TEE protects against attacks, ensuring that private keys are securely stored and never exposed outside the secure environment. Hardware wallets with TEE are designed to resist physical tampering, adding an extra layer of security. Any access to the private key requires the user to use MFA to confirm the operation. Users can have greater confidence in the security of their wallets, knowing that hardware-level security measures protect their private keys.

Integration

Integrating social login with OAuth and hardware wallets based on TEE into a single social wallet combines the strengths of both approaches. Using social login with OAuth, users can quickly and easily connect their wallets through familiar social media accounts and enjoy wallet recovery if the old device is inaccessible. The TEE-based hardware wallet ensures that private keys and cryptographic operations are securely managed, providing robust protection against unauthorized access and attacks.

Control the key yourself.

We fully understand users may want to control their keys themselves. Therefore, Tomo allows users to export their private key to their social wallet anytime. The user needs to download a Tomo mobile wallet or Tomo Extension wallet to verify their identity and intention to export the key. With all confirmations accomplished, the client (mobile / extension wallet ) can directly access the hardware wallet, retrieve the private key to the local environment, and keep it safe. In summary, Tomo social wallet presents a powerful solution that addresses the dual challenges of security and user experience. This integrated approach between OAuth and TEE ensures that users can enjoy the convenience of social logins while benefiting from the robust security offered by edge hardware wallet technology, ultimately fostering broader adoption and trust in blockchain-based applications.