Back Custom print Link Text Only Rich Text Print

  • Password protection and encryption

    • CRA-5.4.4

      Both hot and cold wallets must be password protected and encrypted. The key storage file that is held on the online or offline device must be encrypted. The user is therefore protected against theft of the file (to the degree the password cannot be cracked). However, malware on the machine may still be able to gain access (e.g., a keystroke logger to capture the password).

      Amended: April 2023
      Added: April 2019

    • CRA-5.4.5

      Licensees must use multi-signature wallets (e.g., where multiple private keys are associated with a given public key and a subset of these private keys, held by different parties, are required to authorise transactions). Noting that there is no way to recover stolen or lost private keys unless a copy of that key has been made, multi-signature wallets offer more security because a user can still gain access to its crypto-assets when two or more Private Keys remain available. (see also CRA-4.1.2 and CRA-4.1.3).

      Amended: April 2023
      Added: April 2019