Category Archives: security

On the Topic of Segwit2x VS Bitcoin Core and Replay Protection

On the Topic of Segwit2x VS Bitcoin Core and Replay Protection

Regardless of the outcome of the coming hard fork in November, your funds will be safe on both chains. Some websites claiming to be official have said that Jaxx will not be compatible with either of the chains. This is incorrect.

November’s Segwit2x hard fork is coming closer and the team here at Jaxx are monitoring developments in the conversations within both the Segwit2x and Bitcoin Core communities closely. There have been major developments in recent days that leave the question of how best to manage replay protection up in the air. Our intent is to implement a solution that ensures our users funds continue to be maximally secure. The specifics of how we accomplish this depend on the outcome of the fork.

Each user should understand: after the hard fork every transaction in both chains will be affected by replay attacks if neither chain implements replay protection. This is a concern for every individual in the entire community regardless of which wallet solution we each use.

There is good news for each of us. Regardless of the outcome of the Bitcoin Core VS Segwit2x fork there are steps Jaxx users may take to minimize the risk they’re exposed to:

After the hard fork – in both chains – the first transaction you do should be to transfer all your holdings from your current wallet to a  brand new wallet under your control.

Do see this link from Diogo Monica for more detail.

Jaxx mission is to continue to provide a secure and chain-agnostic platform that ensures you have complete control of your assets. Jaxx users are in complete control of their private keys through their masterseed; Jaxx never stores your keys server-side and never has access to your funds.

30 Days of Jaxx Day 14 – Security in Jaxx

30 Days of Jaxx, Day 14: Security in Jaxx

15th September, 2017 – Decentral – Toronto

On Day 4 of our #30DaysOfJaxx post we introduced you to Dr. Shu Wang, our new Chief Security Officer. Shu has taken the reigns of our security operations. He and his team are working every day to improve Jaxx’s security across all nine platforms we support.

Jaxx uses the 12-word masterseed to empower you with complete control of your wallets. Our work to build a highly secure platform will be ongoing – we will continue to toil daily to ensure Jaxx is both a beautiful & secure interface to your blockchain life.

Security however is not just up to us. You have a role in keeping your coins and tokens secure. Here’s how we recommend you maximize your own crypto-safety:

  • Beware. Understand your exposures and behave appropriately to your risk tolerance.
  • Update. We will continually work to improve Jaxx. You should always use most up-to-date version.
  • Secure your devices. Phones, desktops, browsers: secure the device that you access Jaxx through with passcodes. Remember, if your device has been compromised (such as a malware infection) a malicious user can potentially steal your funds. Use passcodes!  
  • Hot VS Cold. Understand the difference between hot wallets and cold storage. (We will write to you about this in a future #30DaysOfJaxx post).
  • Understand: there is no “absolute” security. Computer software/hardware systems are very complex and new ways of hacking coming out every day. For instance, a new vulnerability was in the news yesterday.

If you’d like to chat with us about security or about Jaxx in general do feel welcome to reach out to us on our general twitter at http://twitter.com/jaxx_io or in our Reddit community http://reddit.com/r/jaxx . For specific support issues find us on http://twitter.com/jaxx_support

Thank you for using Jaxx!

 

About Jaxx:

Jaxx is a multi-token blockchain wallet that provides a unified experience across 8 platforms and devices, including Windows, Apple and Linux desktops, Apple and Android mobile devices and tablets, as well as a Google Chrome extension. The Jaxx wallet enables crypto-to-crypto exchange with frictionless in-wallet conversion via Shapeshift. Users are always in control of their keys and Jaxx neither holds nor has access to customer funds. Design and user experience driven, and built with simplicity in mind, Jaxx’s mission is to become the interface to the blockchain world. Jaxx was founded by CEO Anthony Di Iorio and is headquartered in Toronto.

The Jaxx Team Is Growing!

30 Days of Jaxx, Day 4: Our New Chief Security Officer

Today, Jaxx is proud to welcome Dr. Shu Wang, (PhD. Computer Science) to its team. Shu comes with a wealth of experience in the Security, Infrastructure and Cloud Computing space, having held such positions as Advisory Software Engineer & Researcher for IBM’s Security AppScan Source product. He has contributed to IBM’s Team Blue, which won 3rd place in the DEFCON world network forensics contest, in addition to winning 2nd place in a cross-team Hackathon. Shu also published a paper titled “Static application security testing for crypto-currency ecosystems“ in 2014, which was met with wide acclaim in the ecosystem.

Shu joins Jaxx at a critical time in the blockchain industry as it continues to garner increased public interest. Security has always been a top priority for Jaxx, which has a history of innovation when it comes to blockchain privacy and security. For example, Jaxx was one of the first cryptocurrency wallets to transition towards a HD (Hierarchical Deterministic) format for its users. Shu’s addition to the team will directly contribute to the company’s overall mission of empowering individuals to take control of their digital lives by securing Jaxx’s core products and ensuring that user identities and assets are protected.

“Dr. Wang’s wealth of experience in IT security, coupled with his enthusiasm for the blockchain industry, signals to our users that we’re continuously focusing on maintaining our position as a privacy and security leader,” said Jaxx founder and CEO Anthony Di Iorio.

“I’ve personally witnessed Anthony and Decentral go from small meetups up to launching Ethereum, followed by Jaxx being introduced to the space,” said Dr. Shu Wang. “The growth has been tremendous. I’m excited to be part of the team because of how Jaxx strives to innovate in the industry. Introducing Shapeshift to the platform was one such innovation and I can’t wait to help with future integrations.”

With Di Iorio at the helm, Jaxx has grown substantially over the past three months by doubling the size of its team. Shu’s addition adds to a string of other corporate crossovers to the Jaxx team, a trend that has increased in the blockchain space as of late. Shu also joins a number of ex-IBMers, such as Warren Yen, our creative director.

What does a hard fork mean for Jaxx Users?

The ongoing debates surrounding consensus, scalability and governance of decentralized system have led many in the Bitcoin community to believe that there’s a possibility of an hard fork on the horizon. I want to take this opportunity to let Jaxx users know that you will never need to take any actions leading up to a hard fork. I’d like to also provide more information to our users and the community on how Jaxx handles events, such as hard forks, and how we make our business decisions regarding similar situations.

Let’s first start off by explaining what a hard fork is. Due to the governance structures of decentralized blockchains, there will always be a level of dissent between important participants of the networks. Under certain circumstances, due to dissent among these participants, a fork of the blockchain occurs resulting in two competing chains that move in different directions. Although these blockchains will share identical information up until the fork occurs, coin holders would end up with funds on both chains along with identical private and public keys.

At Jaxx, we don’t pretend to be oracles or speak on behalf of our users or entire communities. Although we attempt to predict where the space is moving and make business decisions accordingly, we’ve learned over the years that taking a “hard stance” tends to be counterproductive, especially when situations rarely end up playing out as many would expect.

Jaxx is a multi-currency wallet that supports many blockchains and technologies with plans to support many more. Think of us as a multi-platform interface (or browser) for blockchains that allows users the ability to view, control, manage, exchange, send, and receive many of the leading digital currencies available today. Given this multi-chain multi-technology approach that provide users choice and control, we believe competition to be invaluable and we will continue to support emerging blockchain technologies and projects that we believe have merit.

The most important thing to know when dealing with hard forks is that Jaxx users really need to do nothing on their end: You don’t need to move your funds before a fork, nor do you risk losing your funds after. Unlike an exchange that holds the keys to your funds, one critical feature of Jaxx is that users are in full control of their keys. Jaxx doesn’t have access to your funds (keys are created and stored client-side and never sent to our servers), nor are we custodians of your funds (blockchain holds the funds). No matter what decision we make once we’ve evaluated the results of a fork, users will always be able to export their private keys individually or altogether via a Backup Phrase, and import them into another service The difference with holding your funds on an exchange is that you are always at their mercy regarding decisions they make; you do not have control of the keys to your funds, they do.

I’ll reiterate that with Jaxx there is nothing you need to do leading up to a hard fork. Should a fork occur, know that we will monitor the situation and events following the fork. We will also provide guidance to our users and details of any actions we plan to undertake as a result of the fork. One suggestion I will make is to occasionally check our social media channels and our in-app bulletin messages (Menu -> Bulletin) for any alerts or messages that might impact our users.

Sincerely,

Anthony Diiorio

CEO & Founder, Jaxx