23 November 2017
The Certification Authority CertEurope, an Oodrive subsidiary, is now providing Public Key Infrastructure (PKI) services on Blockchain to improve transparency and impartiality in the processing of orders on the Legolas Exchange marketplace. The exceptional partnership between two French players, to offer an alternative to conventional ICOs , marks Oodrive’s entry into the cryptocurrency market. Legolas Exchange is an innovative company/project offering a unique hybrid blockchain model: a “fair and secure by design” trading environment in which any type of transaction is executable, whether intra-chain, cross-chain or crypto/fiat. Legolas Exchange has created a new decentralized blockchain protocol that ensures total transparency and prevents front running and market manipulation.
A challenge for transparency and security on marketplaces
The latest news reports show an increase in investigations of possible manipulation during exchanges . It is difficult for a person placing an order to be sure of neutral treatment. Front running, favoritism and insider trading are often technically possible and hard to prove.
Aware of these issues ever since its creation, Legolas has made the radical choice of refusing to work on orders “available to all” unless they absolutely need to. “On our platform, our clients’ orders and trading positions are encrypted before they reach Legolas. The Blockchain creates a non-modifiable and non-falsifiable public queue for a group of orders without verifying their contents beforehand. The orders are decrypted one by one as they are being executed. The trading positions are also encrypted when stored to prevent any advantage, whether for Legolas or one of its clients,” explains Ouziel Slama, Legolas Exchange’s CTO.
Legolas was considering various data encryption mechanisms and finally chose an independent digital certificate supplier who would allow Legolas’ clients to openly ask for public keys (to encrypt the data) while Legolas could publicly ask for the corresponding private keys (for decryption) only if needed. This led Legolas Exchange to choose CertEurope and its PKI services.
Legolas and its clients can now rely on CertEurope’s infrastructure to obtain, through a public Blockchain, the keys to ensure confidentiality of order processing and trading positions. The orders become public once they are decrypted. The Blockchain also ensures complete transparency during request and transmission of the key. Everything is strictly traced and verified. Legolas provides highly secure storage, access and use of its clients’ assets, as well as the transparency capabilities provided by CertEurope. Through banking partnerships such as the one recently announced with Makor Capital, the Legolas marketplace can provide a higher level of service and fairness, to both individual and institutional investors.
As a Certification Authority that manages trust services using procedures that comply with European eIDAS Regulation, CertEurope considers decentralized architectures to be a potential opportunity for “traditional” PKI service providers. While the realms of PKI and Blockchain might seem antagonistic at first, Oodrive believes they complement each other. The technical and organizational constraints enforced by regulation on trust services raises the level of security, transparency and confidentiality of Blockchain architectures and/or cryptocurrency exchange platforms.
”We are enthusiastic about Legolas Exchange’s approach because we share the same objective: greater transparency to build trust in online transactions. Eventually, we want to provide a simple and transparent protocol for key escrow and sealing of critical information in public certificates. The new protection profile will serve as a security target for other stakeholders and will make “oracle” a widespread role in decentralized architectures. We would like our service to be certified by the French Information Networks Security Agency (ANSSI),” explains Frédéric Fouyet, Chief Innovation and Security Officer at Oodrive.
Once the new confidentiality service is set up, it will be audited annually and run by a qualified provider. In case of litigation, it will allow for virtual transactions and the real world to connect. A Certification Authority playing the role of oracle standing in as a clear-sighted entity would provide very good protection against manipulation on stock markets and on cryptocurrency exchange platforms.
A hybrid and decentralized model to fight opacity while being flexible
Legolas’ new exchange marketplace intends to put an end to the opacity and insecurity that plague the business and to demonstrate that cryptocurrencies can comply with the legal framework without losing their effectiveness or flexibility. Frédéric Montagnon, Legolas Exchange’s CEO affirms: “Everything is possible, technical solutions can put a stop to manipulation suspicions and risky practices during exchanges. We want to provide service for both enthusiastic self-taught traders – who may agree to use [our services] with slightly less supervision – and fund managers, who are currently skeptical and refuse to trade without solid safety barriers. Legolas provides guarantees of equal treatment and security for all.”
As a new player in the “Security by design” movement, Legolas favors highly secure authentication mechanisms that have proven their worth (FIDO U2F, client certificates, etc.), to secondary techniques known to be vulnerable to phishing (OTP, SMS, etc.) and is making storage on dedicated HSMs (Hardware Security Modules) or cold wallet “hardware” a widespread practice. These types of hardware ensure orders are placed on secure terminals (advanced Hardware Wallets / End to End Secure Elements).
“I recommended CertEurope to Legolas based on our long-standing relationship of personal trust with this major Certification Authority, which has a very good relationship with ANSSI. CertEurope is a major player in the field of PKIs; in the future, Legolas will also be interested in other infrastructures and services they offer, such as the KYC process,” adds Frédéric Martin, Security Architect.