Wallets
Security
Key management
go back

Cubist partners with Ava Labs to power Core seedless wallet

A simple Web2-like wallet experience without trading off security

December 15, 2023
written by
Deian Stefan
Co-Founder & Chief Scientist
Fraser Brown
Co-Founder & CTO
Riad Wahby
Co-Founder & CEO
tags
Wallets
Security
Key management
We’re thrilled to announce that we’ve partnered with Ava Labs to power their new Core seedless wallet—launching today across Bitcoin, Avalanche C/X/P chains, Avalanche Subnets, Ethereum, and every other EVM chain! We’re incredibly proud that our key management infrastructure, <a href="/cubesigner-hardware-backed-wallet-as-a-service-for-non-custodial-end-user-wallets" target="_blank">CubeSigner</a>, has transformed Core into a truly first-of-its-kind Web3 wallet: a familiar, Web2-like experience (think social logins and no seed phrases!) across all of a user’s devices, without trading off security.<br> <br> ## How’s that possible?<br> <br> - **Make it impossible for anyone to see (or steal) private keys:** Keys are never stored on any user’s personal device and are never exposed in memory, because CubeSigner creates wallets and signs transactions inside remote secure hardware.<br> - **Make sure users can access their wallet across devices:** CubeSigner’s secure remote signing allows users to safely access their wallet across multiple devices. Even if users lose their password or device, they can recover their accounts using existing social logins and authentication factors like Passkeys, TOTP (e.g., Google Authenticator), and YubiKeys.<br> - **Make sure that only the user can log into their account:** By offering simple integration with reputable social login providers and authentication factors, CubeSigner helps Core protect users from phishing: in order to gain access to someone’s account, an attacker must compromise a user’s login credentials as well as their other factors.<br> - **Make sure the user (and only the user!) can export their keys:** Recent SIM swapping hacks have shown how exports, if implemented unsafely, can expose keys to attackers. To make sure that exports are only possible for a key’s real owner, we designed CubeSigner’s export protocol to involve waiting periods and extra authentication factors.<br> <br> Cubist is committed to raising the bar for Web3 security, and Core's launch is just the start of proving that security doesn’t have to cost convenience.<br> <br> Read more about the security model that CubeSigner is enabling for Core in <a href="https://medium.com/@CoreApp/core-seed-abstraction-technical-overview-3d56887d4a00" target="_blank">Core's Technical Overview</a>. <br>

Read more

Cubist + Really and the future of movie fan engagement

Cubist + Really and the future of movie fan engagement

Our newest partner, Really, is re-imagining moviegoing. Really wallets, powered by CubeSigner, allow movie fans to use NFTs access exclusive rewards, content, and events.

December 21, 2023
Introducing the Secure Staking Alliance

Introducing the Secure Staking Alliance

Cubist is excited to announce the Secure Staking Alliance, a new cross-industry partnership with the mission of making staking—from traditional staging to liquid staking and restaking—more secure.

November 9, 2023
Why you should NEVER handle private keys in the browser

Why you should NEVER handle private keys in the browser

Writing secure cryptographic code in JavaScript is basically impossible, so it’s safe to assume that browser-based wallets are…unsafe.

November 1, 2023