SECURITY

Setting a new standard with MPC

Next generation wallets driven by secure key shards.

Ultimate control combined with zero trust security providing no single point of failure. The security of multi-sig without the risks, even for chains that don’t support it. Ask us about our security today.

No more keys.

Adversaries want your private keys. Let’s change the rules.

Key Shards

Not keys

Key shards provide superior security benefits to private keys. An MPC key is never in one place at the same time. There is no “bank vault” and no “gold bar” to steal. There is no longer any full key to leak, hack, steal, reveal or otherwise compromise.

Zero Trust

Architecture

Next generation systems architecture driven by Zero Trust principles assumes that modern adversaries will find vulnerabilities in network perimeters. Zero Trust requires verification at every stage, even inside the network.

Distributed

Redundancy

MPC technology combined with Zero Trust systems design is backed by distributed redundancy in multiple locations, ensuring no single point of failure for your wallets. End-to-end security and control.

Defence

in depth

Designed with experience, assessed by experts, validated by academics, assured by audit & certification, hardened to industry standards and monitored continuously, Atato’s systems provide multiple layers of security.

Atato Wallet Recovery System
(aWRS)

The Atato Wallet Recovery System (aWRS) uses zero-knowledge computational integrity proofs combined with MPC technology to securely generate and store wallet recovery information.

After any disaster, vital recovery information is securely gathered from multiple locations. MPC technology is at the heart of aWRS. Individual aWRS storage locations do not gain knowledge of the wallets that are recovered.

aWRS
Atato Wallet Recovery System

Key shards generated in multiple places

Recovery shards protected by HSMs

Our system assumes all wallets will eventually need recovery

Technical recovery is an important part of any disaster recovery and business continuity procedure. The aWRS system also provides administrative recovery controls. In traditional wallet providers, team members with privileged access to wallets can cause significant loss when compromised. MPC tech helps prevent loss of individual wallet keys. aWRS provides additional protections against loss caused by individual fraud, exploits, hacking, technical errors and accidents.

Loss or compromise of administrators or key team members in your organisation does not need to mean loss of your keys. Atato provides oversight of approvers in a distributed way, providing flexible secure sets of users to share with your organisation’s specific approval needs.

Atato is a security conscious organisation.

Atato manages cybersecurity and information security risk using international standards. Some of the globally recognised approaches that inform Atato’s Security posture include:

Vulnerability Disclosure Program

Atato’s Vulnerability Disclosure Program (aVDP) provides an open channel of communication between security researchers and our security operations team. We follow industry standards for handling the reporting of security issues and bugs. We offer researchers flexibility and professional respect in how issues are attributed and acknowledge contributions on a case by case basis.

Atato’s bug bounty program is currently active on HackerOne. To become a part of our official bug bounty program, please contact us at [email protected].

VDP Policy (coming soon)