San Francisco-based cryptocurrency exchange Coinbase recently filed a patent application that aims to protect a secure method of buying goods and services with Bitcoin (BTC).
Coinbase noted in its August 14 patent filing it found a way to create a payment channel that would let users make BTC payments directly from their crypto wallets, instead of having to use a third-party bitcoin payment processing service like BitPay.
Secure BTC Payments Via "Key Ceremony"
Coinbase’s crypto patent document stated that "It may be a security concern for users that the private keys of their bitcoin addresses may be stolen from their wallets. Existing systems do not provide a solution for maintaining security over private keys while still allowing the users to checkout on a merchant page and making payments using their wallets."
In order to make BTC payments more secure, Coinbase’s filing mentioned that a “key ceremony” application will be used to create “key shares”, which will then be “combined to store an operational master key.” The master key will be “encrypted with [users’] passphrases” so it can be shared publicly, and deleted after the transaction has been confirmed, the filing noted.
The checkout and payment process, as described in the filing, stated that users’ private keys will also be encrypted by using the operational master key. When a payment is processed, the operational key will be used for transaction signing as well.
Additionally, an administrator may suspend suspicious transactions through an automated process called “freeze logic”, which is also part of the payment system mentioned in Coinbase’s filing. Freeze logic, as explained in the patent application, works by allowing the system to be frozen only after the master key has been created. Moreover, the system may be unfrozen by using keys from the key ceremony, the filing stated.
To make transactions safer:
“The checkout process can be carried out when the system is frozen and when the system is unfrozen. The payment process can only be carried out when the system is unfrozen."
Coinbase’s payment software will also allow other websites to create similar crypto payment portals through an API key the exchange will provide. The API key will be designed to make payments safer by storing the key on the host’s server and on Coinbase’s system. Transactions can only be validated if both keys match.