Tag Archives: security

A Statement on Bitcoin Gold

At this time we do not plan to support Bitcoin Gold in Jaxx. We are, however, monitoring the situation closely and with great interest.

As of the writing of this post, October 23, Bitcoin Gold does not have  fully formed consensus code or a functional codebase, they have not Implemented replay protection, or have adequate code for testing and auditing, or have publicly known code developers. The Bitcoin Gold codebase does however contain a private premine of 8,000 blocks (100,000 BTG) owned and controlled by those anonymous developers.

Of the concerns with BTG by far the one weighing most on our minds is the lack of replay protection. If Bitcoin Gold does not implement strong two-way replay protection your BTG and BTC might be vulnerable to attack if you send BTG transactions. Do recall our previous post on replay protection, here.

We do not currently have plans to support BTG in Jaxx. However, we will continue to monitor the BTG situation and will notify you of decisions we make here on our blog.

Our priorities are, as always, the security of our users’ funds. You will always have control of your assets and private keys through your 12-word backup phrase.

If the BTG development team see this message we’d like to encourage them to reach out to us on [email protected]

For further information, visit these links:

Bitcoin Gold Replay protection status:

https://twitter.com/bitcoingold/status/920724127996104704

Bitcoin Gold website

Bitcoin Gold GitHub repository

On the Topic of Segwit2x VS Bitcoin Core and Replay Protection

On the Topic of Segwit2x VS Bitcoin Core and Replay Protection

Regardless of the outcome of the coming hard fork in November, your funds will be safe on both chains. Some websites claiming to be official have said that Jaxx will not be compatible with either of the chains. This is incorrect.

November’s Segwit2x hard fork is coming closer and the team here at Jaxx are monitoring developments in the conversations within both the Segwit2x and Bitcoin Core communities closely. There have been major developments in recent days that leave the question of how best to manage replay protection up in the air. Our intent is to implement a solution that ensures our users funds continue to be maximally secure. The specifics of how we accomplish this depend on the outcome of the fork.

Each user should understand: after the hard fork every transaction in both chains will be affected by replay attacks if neither chain implements replay protection. This is a concern for every individual in the entire community regardless of which wallet solution we each use.

There is good news for each of us. Regardless of the outcome of the Bitcoin Core VS Segwit2x fork there are steps Jaxx users may take to minimize the risk they’re exposed to:

After the hard fork – in both chains – the first transaction you do should be to transfer all your holdings from your current wallet to a  brand new wallet under your control.

Do see this link from Diogo Monica for more detail.

Jaxx mission is to continue to provide a secure and chain-agnostic platform that ensures you have complete control of your assets. Jaxx users are in complete control of their private keys through their masterseed; Jaxx never stores your keys server-side and never has access to your funds.

30 Days of Jaxx Day 14 – Security in Jaxx

30 Days of Jaxx, Day 14: Security in Jaxx

15th September, 2017 – Decentral – Toronto

On Day 4 of our #30DaysOfJaxx post we introduced you to Dr. Shu Wang, our new Chief Security Officer. Shu has taken the reigns of our security operations. He and his team are working every day to improve Jaxx’s security across all nine platforms we support.

Jaxx uses the 12-word masterseed to empower you with complete control of your wallets. Our work to build a highly secure platform will be ongoing – we will continue to toil daily to ensure Jaxx is both a beautiful & secure interface to your blockchain life.

Security however is not just up to us. You have a role in keeping your coins and tokens secure. Here’s how we recommend you maximize your own crypto-safety:

  • Beware. Understand your exposures and behave appropriately to your risk tolerance.
  • Update. We will continually work to improve Jaxx. You should always use most up-to-date version.
  • Secure your devices. Phones, desktops, browsers: secure the device that you access Jaxx through with passcodes. Remember, if your device has been compromised (such as a malware infection) a malicious user can potentially steal your funds. Use passcodes!  
  • Hot VS Cold. Understand the difference between hot wallets and cold storage. (We will write to you about this in a future #30DaysOfJaxx post).
  • Understand: there is no “absolute” security. Computer software/hardware systems are very complex and new ways of hacking coming out every day. For instance, a new vulnerability was in the news yesterday.

If you’d like to chat with us about security or about Jaxx in general do feel welcome to reach out to us on our general twitter at http://twitter.com/jaxx_io or in our Reddit community http://reddit.com/r/jaxx . For specific support issues find us on http://twitter.com/jaxx_support

Thank you for using Jaxx!

 

About Jaxx:

Jaxx is a multi-token blockchain wallet that provides a unified experience across 8 platforms and devices, including Windows, Apple and Linux desktops, Apple and Android mobile devices and tablets, as well as a Google Chrome extension. The Jaxx wallet enables crypto-to-crypto exchange with frictionless in-wallet conversion via Shapeshift. Users are always in control of their keys and Jaxx neither holds nor has access to customer funds. Design and user experience driven, and built with simplicity in mind, Jaxx’s mission is to become the interface to the blockchain world. Jaxx was founded by CEO Anthony Di Iorio and is headquartered in Toronto.

The Jaxx Team Is Growing!

30 Days of Jaxx, Day 4: Our New Chief Security Officer

Today, Jaxx is proud to welcome Dr. Shu Wang, (PhD. Computer Science) to its team. Shu comes with a wealth of experience in the Security, Infrastructure and Cloud Computing space, having held such positions as Advisory Software Engineer & Researcher for IBM’s Security AppScan Source product. He has contributed to IBM’s Team Blue, which won 3rd place in the DEFCON world network forensics contest, in addition to winning 2nd place in a cross-team Hackathon. Shu also published a paper titled “Static application security testing for crypto-currency ecosystems“ in 2014, which was met with wide acclaim in the ecosystem.

Shu joins Jaxx at a critical time in the blockchain industry as it continues to garner increased public interest. Security has always been a top priority for Jaxx, which has a history of innovation when it comes to blockchain privacy and security. For example, Jaxx was one of the first cryptocurrency wallets to transition towards a HD (Hierarchical Deterministic) format for its users. Shu’s addition to the team will directly contribute to the company’s overall mission of empowering individuals to take control of their digital lives by securing Jaxx’s core products and ensuring that user identities and assets are protected.

“Dr. Wang’s wealth of experience in IT security, coupled with his enthusiasm for the blockchain industry, signals to our users that we’re continuously focusing on maintaining our position as a privacy and security leader,” said Jaxx founder and CEO Anthony Di Iorio.

“I’ve personally witnessed Anthony and Decentral go from small meetups up to launching Ethereum, followed by Jaxx being introduced to the space,” said Dr. Shu Wang. “The growth has been tremendous. I’m excited to be part of the team because of how Jaxx strives to innovate in the industry. Introducing Shapeshift to the platform was one such innovation and I can’t wait to help with future integrations.”

With Di Iorio at the helm, Jaxx has grown substantially over the past three months by doubling the size of its team. Shu’s addition adds to a string of other corporate crossovers to the Jaxx team, a trend that has increased in the blockchain space as of late. Shu also joins a number of ex-IBMers, such as Warren Yen, our creative director.