Protecting a Hot Wallet Service

A person who needs to authorise digital financial transactions from time to time must hold a cryptographic private key. This key represents their digital identity and must be kept private – not divulged to anyone else, as doing so would allow others to impersonate them.
The cryptographic mechanism employed means the user can authorise transactions using their private key without divulging it. Devices are available that hold the private key and authorise transactions if a password is presented. These are specially designed to ensure the private key cannot be extracted from the device, even with unfettered physical access, and transactions can only be authorised if the password is known.
When a user first obtains a device, it contains no private key. When it is initialised, it generates a private key that it stores. It also produces a public key that is revealed, which can be used by anyone to prove that a transaction was authorised by the device.

