🟢Nuestra tecnología
Intro
Onboarding has always been one of the main challenges for web3 and cryptocurrency. Tasks such as storing private keys, keeping secrets, and managing backups are not something that users are particularly good at. SukuPay solves this problem.
SukuPay is a non-custodial, phone-number based smart account wallet that leverages counterfactual addresses and MPC signing. SukuPay is based on well-established, audited cryptographic standards in combination with audited smart contracts (EIP4337). With Suku's zero-onboarding philosophy, you can send crypto to any phone number, creating a non-custodial wallet for those who haven't been onboarded yet.
How does it work?
Suku combines Account Abstraction, as defined in EIP4337, with zero-onboarding by deterministically creating smart-contract-based Account Abstraction wallets. This is accomplished through an address prediction mechanism powered by Ethereum's CREATE2 function. Using this method, Suku can deterministically calculate an address for any phone number.
Authentication Providers
The security of SukuPay's Account Abstraction wallet is based on the signer of the Smart Contract account. Suku uses a 2-of-3 MPC signer based on Shamir's Secret Sharing, powered by privy.io. This signer uses three key shares: the device, auth, and recovery share.
The device share stays on the user's device and never leaves its security enclave.
The auth share, managed by privy, is only ever released if the user can provide a valid login, such as confirming an OTP sent to their phone number.
The recovery share is stored and encrypted in the cloud with a randomly generated key. It is managed by Privy and only ever used in wallet recovery scenarios.
The signer's private key is only ever compiled in the isolated security enclave on the user's device. By adhering to this method, we ensure that the private key is never stored anywhere. Neither Suku nor any of its partners possess the cryptographic information needed to compute the private key at any given moment.
Eliminating gas
Besides the onboarding challenge, the second most significant obstacle to web3 adoption occurs after wallet creation: users need gas to use the blockchain. While the concept of gas is important, it can also lower conversion rates and be a nightmare for new users. Fortunately, EIP4337 provides flexible ways to pay for transactions, which helps overcome the gas challenge. As a general courtesy, all transactions on SukuPay are currently sponsored.
Security
At Suku, we recognize that our primary responsibility is the security of user assets. As a wallet provider, we go above and beyond to ensure our wallets are secure.
Suku's internal architecture and infrastructure undergo regular security audits, reviews, and penetration testing. We see security as a continuous process. Hence, we consistently perform these audits and reviews to identify and address any emerging issues. All SukuPay operations have been audited by Highland Security. Learn more about the audit in the Audit section.
Última actualización