NGRAVE AMA - Key Takeaways

NGRAVE AMA - Key Takeaways
Njani Ruetsch
0
0

Before the session, we asked Coin.fyi, community followers to pre-submit their questions via Twitter. During the one-hour AMA, Ruben the Co-founder and CEO of Ngrave answered two pre-selected questions from both the community and Coin.fyi. At the end of the session, we asked live participants to submit their questions, of which Ruben chose 2 to answer. 

Below are the key takeaways from the AMA and the questions that were asked. 

Coin.fyi Questions
 

Q1: To start our AMA, please tell us more about NGRAVE. What is the main aim of the brand?

Ruben: Sure thing. NGRAVE is a security company in the crypto space that focuses on building maximum security and super easy to use solutions. More specifically, our mission is to empower you to have the tools to fully safeguard your wealth. In that way, you can actually live the life you want, without worry. In one word, you could call it freedom.

Today, this of course mostly refers to your crypto. In the future, this will mean protection of all the digital assets you own. Your digital twin you could call it 😉

Coin.fyi: Thank you Ruben, let's move onto the next question.

Q2: Can you please identify the main benefits of all three products, NGRAVE ZERO, GRAPHENE and LIQUID? Which product is aimed at which type of user?

Ruben: Certainly. We have built from scratch your most true security solution. And that means it can't just be a wallet. It can't just be a piece of paper for your seed. It needs to cover your full journey as a user. So we created first and foremost, a new and ultimate backup. Instead of paper, our GRAPHENE is made out of stainless steel, almost indestructible (you never want to destroy your own backup). it's also "unfindable", meaning it is encrypted for any user that is not you. So no one can find and use your seed phrase. And finally, it is unloseable. So if you lose your GRAPHENE, NGRAVE can help you recover it (but will never know your key). That's pretty solid for a backup, no?

But of course, you still need a hardware wallet, so we created ZERO, a 100% air gapped (offline) device, that cannot be attacked by online hackers. It's a beautifully designed 4inch touch screen wallet. And it is to date, the only financial product in the world with the highest security certification: EAL7. For comparison, Apple Pay, your credit cards, your bank security dongles, are all EAL5. That is how seriously we take your security.

Liquid is our mobile application, you use it in conjunction with your ZERO. So you can view in real time the value of your portfolio, check all your assets, share your accounts with friends to send you crypto. And ZERO will be there to sign any transactions you want to send yourself. All air gapped, using QR codes only, which are transparent for you so that you see what you sign 🙂

Find more of course on our website, and we actually have a promo running: www.ngrave.io/spring ! 🙂

And to your last question, it is basically a full package. So you can of course buy ZERO stand alone and use our unshreddable waterproof paper wallet. Or you can do like 80%+ of all our users, and buy the full combo ZERO + GRAPHENE (and LIQUID is free)

(promo is exclusive, will start today at 17:00 CET (don't miss it) - sorry my marketing team told me to say it 😉

Coin.fyi: Very interesting how ZERO GRAPHENE and LIQUID all work with one another. Thank you, let’s move forward!

Q3: What inspired you to create the NGRAVE wallet, and what sets it apart from other hardware wallets on the market? What makes the NGRAVE wallets so secure?

Ruben: So, me (Ruben), Edouard, and Xavier founded NGRAVE in 2018. Xavier had just experienced an insane hack with his previous project, for which he did an ICO in 2016. They lost 40,000ETH+ in this hack. It was mind blowing. Eventually, it became one of the largest rescue missions in the sense that Xavier partnered up with a few other people in the space, found the vulnerabilities, and wiped over 208M dollars in ETH from other projects, fixed the vulnerability, and sent it all back....

For us, it was the moment of the light bulb going on in our heads. Security was not where it should be. So, we decided to build the ultimate security product for ourselves and for our children. One where you could have all your crypto on and be able to sleep at night.

This became...the combination of ZERO and GRAPHENE. We spent years on building our product suite from scratch, hacking existing devices from banks, other hardware wallets and more, to find out how best to build an EAL7-certification featuring product. Our first principle was "never compromise on our users' security". Our second was to build a 21st century worthy product, touch screen, swipe and tap. ZERO was born. And what sets it apart is...

Whereas other hardware wallets rely on one single component to create keys and keep them safe and sound, called a secure element, NGRAVE built a fortress. At the deepest layer, we also have a secure element. But we built many layers of anti-tampering around it. And on top of it all, a rocket shield: our secure OS. This OS bares the EAL7 certification, the highest achievable. So rest assured, we went all the way. The future needs it. (your kids too! 😉 )

Furthermore, we looked at security from a systemic view, meaning we also have solved supply chain attacks, bad key generation, backdoors in the chips themselves, the list goes on and on. You can check our Trustpilot, our customers are happy! 

So in a nutshell...our passion for making sure the world can be a more secure digital and physical place, is what drove us to jump out of our beds every day. We love working on this. And we hope you'll love it too!

Coin.fyi: Fantastic inspiration Ruben, thank you for explaining the aspect of security which is extremely important.

Q4: It is essential for users to own a cold wallet. What is your view of holding funds on Centralized Exchanges?

Ruben: Centralized exchanges have been an incredible way of attracting more users in an easy way into crypto. What we from an NGRAVE (security) point of view like to stress is to have a look at which ones you are using that these have at least good reputation and are objectively audited. A great list you can check is https://cer.live/exchanges-rating/security. But of course, read up on multiple sources and also see how exchanges have behaved over time.

So we definitely see the use of exchanges, but it's important that you maintain a strong security hygiene (eg whitelisting addresses, always doing test transactions, making sure you have 2FA and ideally MFA set up so that you cant get hacked too easily out of your account). Unfortunately, the likes of FTX have proven that even all of that is not enough.

So the moment you start having a bit more of your net worth in digital assets, the more the time has come to start considering self-custody. This sounds scary, but it really isn't. You just have to look for players with a good reputation, solid security skills, and of course easy to use products.

In the end, you can see it a bit as having a bank account: you have 10-20% of your funds on your current account for daily spending. And 80-90% will be in illiquid savings and investments, that's the perfect part of your wealth to store safely on a hardware wallet like ZERO.

We also do an annual state of crypto security, which involves a security self check questionnaire, you can find the results of last year here, see how you compare to thousands of other users: https://www.ngrave.io/en/blog/post/crypto-security-self-audit-2022-insight

Coin.fyi: Let's remain on this topic and move on to the next.

Q5: Can you explain the tamper-evident design of the NGRAVE wallet, and how it helps to prevent unauthorized access to user funds? How does the NGRAVE wallet use its proprietary Secure Element chip to enhance the security of user funds?

Ruben: Certainly. NGRAVE ZERO actually has 4 different dimensions of anti-tampering:

1) the first level is called tamper proof, it basically means that the device is hard to tamper with in the first place. For example, the housing of ZERO is made out of a special metal alloy, which also makes it a cage of Faraday (meaning there are no signals leaving the device ever, those signals could be used to "shazam" your private key when you are using them, a possible hack with other hw wallets)

2) second there is tamper evidence: example : if you take off the screen of ZERO, it will likely break and it will be clear to a user that something happened. Even better is our "cryptographic attestation" step, so when you receive your ZERO, it will ask you to go to our website and do a "challenge response" kind of action. You type in the code on the ZERO and our website will tell you if it is safe to use or compromised (through cryptography)

3) tamper responsive: if you take the screen of, our device will automatically wipe all keys. SO ZERO is actually smart: it knows when it is under attack, and will always wipe your keys before a third party can get into it.

4) one additional dimension we are proud of: even if all else fails in the previous steps, it doesn't really matter; with other hw wallets, you can see supply chain hacks where new keys are preprogrammed; as you know, you always just get a key from other devices, so if you send money to them, they just steal it from your wallet that way. ZERO is different. It's key generation process is patented and involves you interacting with the actual key gen process. You will provide your biometrics, you will change parts of your key, basically you are making your keys truly yours. This is called "tamper resolution".

Re the secure element, unlike other devices that fully and solely rely on the chip, we do not. One reason is that secure elements have backdoors (you can look this up on google). We use the chip eg for the key generation but only to an extent: your biometrics and the light measurements around the device also become part of your key. That way, you resolve the backdoors in the chip for instance.

So for us, the secure element is important in the security architecture, but it's just a component, not the end all be all

Coin.fyi: Extremely interesting and unique. Let’s move on to user experience Ruben.

Q6: How easy is it to use the NGRAVE wallet, both for experienced cryptocurrency users and for those who are new to the space?

Ruben: Well, that's in my opinion the beauty about using ZERO and overall, our products. We made them together with users, and kept making steps easier and easier (even to this day). Whereas you used to interact with your wallet with a few buttons and a small screen, while feeling fully exposed through a USB or Bluetooth connection, ZERO has a high quality color LCD display, as responsive as your iPhone. You swipe and tap through your coins, you can move them around.

We made sure that it's all super easy, and just in case, we also have detailed tutorial videos for each step, there are leaflets in the box that help you with the set-up just in case you'd need it, and we have an amazing customer support that's always there to help you out, no matter what your question is. We'll jump on it to solve it.

Coin.fyi: Creating a product for all users within the crypto space is tough, congratulations for succeeding.

Q7: Can you explain how the NGRAVE wallet can be used to securely store and transfer non-fungible tokens (NFTs)?

Ruben: Yes, NGRAVE currently supports the two standards for ETH-based NFTs: ERC721 and ERC1155. That means that you can send your NFTs to your NGRAVE adresses, where they will be super safe as the private keys are kept fully offline. You can consult your NFTs right in the app and check out all the details. We all it "start truly owning your NFTs" https://www.ngrave.io/en/nft

More NFT support will come later for the other chains.

to give you a quick idea of what that could look like ;)

The more expensive your NFT, the more reason to secure them with ZERO.

Coin.fyi: NFTs are now becoming part of people’s identity, NGRAVE storing users NFTs is amazing, thank you for your clarification Ruben.

Q8: What kind of feedback have you received from users of the NGRAVE wallet, and how have you incorporated that feedback into future product development?

Ruben: We have a process in place that makes sure that any feedback that comes from customers gets backlogged in a separate roadmap. We go through it on a regular basis. Our customers are the best to tell us what we need to build next. Without going into too much detail, there are a few more coins and chains we will be supporting very soon, some other NFT chains, it's all available actually on our roadmap page for those interested: https://www.ngrave.io/en/roadmap

And as I mentioned, co-creation with users is part of our DNA.

Coin.fyi: Understanding user feedback is key for any company yet not many companies cater to their customers' recommendations. As per your response, NGRAVE values their customers, that’s great to see. Lets now move on to selected questions from Twitter.

Twitter Questions (Pre-Submitted)
 

Q9: What measures does NGRAVE take to ensure the physical security of the NGRAVE ZERO hardware wallet during production and distribution?

Ruben: Fantastic question. First of all, our full supply chain is set up in Belgium for maximum security, quality and proximity (we are based in Belgium as well), and mitigation of macroeconomic risks. It of course adheres to all security requirements. Example, our firmware flashing process is done in a very secure setting and there isn't really anyone in the factory who could bypass that. Of course, it's all being secured in parallel, meaning also physically speaking.

That said, the great thing about NGRAVE is that, even if somewhere along the way, someone is able to get into our impenetrable device, and pre programs their own keys, it doesn't matter: our device is designed to 1) tell you that it has been tampered with (since the challenge response step with our server will tell you something is wrong, it's the first step you do with the device!) and 2) even if you could circumvent that, you still make the key together with the device rather than just accepting it as it is, and in a fully offline setting. So your final key just can't have any backdoors.

Coin.fyi: That is very assuring Ruben, thank you. Let's move on to the second question selected from Twitter.

Q10: How does the NGRAVE GRAPHENE backup service work, and what are the advantages of using a physical backup device rather than relying on digital storage solutions?

Ruben: 

So, for every GRAPHENE we ship, there will always be two plates: the bottom plate is a plain stainless steel plate. The upper plate is a unique configured plate with its own encoding, this will be used to punch holes into the lower plate, where you use the pen here on the right, put it in the hole next to the character and then punch into the lower plate. In the end, you will be able to see your "pattern" of your key when you put the two plates exactly on top of each other.

Each upper plate that we send out is unique, and on the plate, there is a final small recovery code. If you lose your upper plate, you just send us that last "ultimate recovery code" and we use cryptography to recreate it. Then we send it back to you.

For the lower plate, the easiest for you to do is just get a second one in the checkout and punch twice. In the future, we will also have a more advanced solution so you can never lose your NGRAVE key anymore. Stay tuned for that one ^^

Also, anything digitally stored is attackable, it can also be destroyed, so if you would use a hardware wallet as your backup, just remember, it's electronics and that doesn't last forever. Stainless teel, especially high quality stainless steel like the one of GRAPHENE, that lasts forever.

Also, best not to use paper, your morning coffee spill is enough to see your key and your crypto vanish forever.

Coin.fyi: Thank you Ruben. We will now open the chat for 1 min for all users to have the opportunity to ask their questions. The two selected questions will win a prize!

Live Telegram Questions
 

Q11 (@Crypto Investor): Can you tell me where NGRAVE project Team gets its funding from ? Is Project Ngrave financially strong to survive in any market?thanks NGRAVE 

Ruben: Here's the first one. So, NGRAVE is backed by amongst others Binance. Binance made an investment recently and is leading our Series A fundraise. As far as it gets in crypto, Binance is the largest and most focused player and partner to have in crypto. We are proud that out of all hardware wallets around, they decided to invest in us. You can find the press release and rationale on their website by the way: https://www.binance.com/en/blog/ecosystem/binance-labs-makes-a-strategic-investment-in-hardware-wallet-maker-ngrave-to-boost-crypto-selfcustody-1033706612109803490 . We also have traditional funds that are backing us, so we also go "beyond" crypto alone in the market.

Q12 (@Farhan Ejlali): Its Great to see someone Like " Jean-Jacques Quisquater",  author of more than 200 cryptography articles believes in NGRAVE,How do you see the growth of NGRAVE with these Kind of Experienced people with your team?

Ruben: Fantastic insight. So yes, Jean-Jacques Quisquater is a world renowned cryptographer AND hardware security specialist. He is one of 8 references in the Bitcoin paper as well, apart from around 30,000 other citations of his papers. He was there when the first bank smart cards were built, as well as with the first credit cards, hardware security modules for banks, and we can't express how humbled we are by him choosing to back us as an investor and advisor since 2019. His network has been an incredible help to us and through him we have access to some of the other amazing security experts in the world.

So it is definitely one of NGRAVE's unique assets, that we have access to the incredible brain capital of some amazing people, who are still with the company and who help us see into the future. For example, cryptography evolution doesn't stop, and with the rise of quantum computers, PQC or Post Quantum Cryptography is definitely a topic for the next years. We are looking forward to it.

Thank you to Ruben, the NGRAVE Team, and all community members who joined!

It was a pleasure hosting another AMA with NGRAVE. A big thank you to the 295 community members who participated and pre-submitted questions. During the live session we also received 57 questions within 30 seconds, which shows great enthusiasm and engagement.

Stay tuned and follow NGRAVE on Twitter and their website!

We are looking forward to our next AMA session, watch out for the announcement soon.