Plutux features best-in-practice security protocols designed to protect client assets, safely store sensitive user information and continuously vet our website, application and back end systems through penetration tests run on our testnet by Red Teams. Because Plutux is one of few exchanges to emphasize proper licensing and regulatory compliance, our regulators and auditors offer additional promise that our security claims are implemented. Furthermore, in the extremely unlikely event of a hacking event or security breach, Plutux has implemented a PLTX tokenbuyback program to generate a Client Protection Fund, which acts as insurance for clients that have incurred losses due to extraordinary situations.
Of course, any exchange can claim to offer industry leading security protocols. What follows is a description of the extraordinary steps Plutux has taken to protect our client assets. It may get a little technical, but we promise to keep it readable for those of you without a background in tech and blockchain.
Plutux generates a unique Deposit Address (DA) for each registered user on each blockchain we support. After identifying deposits to any of our DAs on the chain, we will wait until we have reached a sufficient number of confirmation blocks and automatically credit the corresponding accounts. Plutux alerts users through send email and push notifications to alert the users that the cryptos have been deposited and are ready for trading.
Plutux regularly consolidates deposits from DAs to our Central Deposit Address (“CDA”). The CDA is an offline cold wallet of the highest security standards with multi signature features and arrangements. It will hold the majority of the cryptocurrencies managed by the exchange. This ensures any deposits a user receives are quickly protected from potential threats. In addition, Plutux is currently working towards offering 3rd party insurance on client assets held in our CDA.
Withdrawal Addresses (“WA”) is the location from which users withdraw their funds. Plutux will regularly send funds from CDA to WA to maintain liquidity and create for users an immediate withdrawal experience, allowing users to protect their funds until the very moment they desire to withdraw their funds.
HDW’s layered wallet design allows for what is known as Separation of Security Concerns (if a part of the system is compromised, the other parts remain safe) and Security Breach Isolation. The Hierarchical Deterministic algorithm generates all DAs and WAs with one master key, meaning Plutux must only maintain security for this single master key instead of the public and private key pairs of all DAs and WAs. Additionally, HDWs separate the security concern by generating extended public keys and extended private keys of a hardened child. The extended public key is a public key capable of generating a vast amount of additional public keys if given additional information, such as a user ID. The extended private key of a hardened child works in a similar way, which allows us to generate the private key of the DAs of any user, which users keep themselves for future withdrawal purpose. This allows us to generate private keys for users without anyone at Plutux ever seeing the private key his or herself. Several different microservices will access the extended public and private keys:
Deposit Service (“DS”) — The extended public key will be accessed by the DS, which is responsible for monitoring all deposit transactions from the blockchain and DA generation. DS cannot move funds from DAs to CDA.
Deposit Consolidation Service (“DCS”) — DCS will periodically scan through all the DAs to move their funds to the CDA using the extended private key corresponding to the extended public key of DS.
Withdrawal Service (“WS”) — WS will need to access a derived specific private key from the extended private key to transfer cryptocurrencies from WA to the Targeted Addresses. WS cannot move funds out of the CDA.
As such, we isolated each service to only access the exact piece of confidential information required by the service to minimize risks. This protects our clients’ valauable personal information and keeps their assets secure.
Plutux uses a highly secured persistent storage system, Hashicorp Vault, to protect the extended public and private master key pairs. To access information encrypted and stored in the vault, a certain number of unseal keys, need to be accessed simultaneously. Hashicorp Vault uses AppRole to make it impossible for different services in Plutux’s infrastructure to reach information that each service is not designed to access, achieving Separation of Security Concern, asdescribed above. The information acquired from the Vault will only reside in each service’s memory space, which is resilient from hacking. Sealing the vault only requires a single operator to perform, so it can be locked down in an emergency without others’ presence or consent.
Plutux CDA Bitcoin Wallet has a multi-signature address with a certain number of keys required to perform any transaction. To move cryptocurrencies from the CDA Bitcoin Wallet to the WA Bitcoin Wallet, a certain number of authenticated persons carrying the private keys, \stored in offline hardware devices to prevent external malicious attacks, must jointly submit the signatures to the Bitcoin blockchain.
Plutux CDA Ethereum Wallet also has multi-signature functionalities provided by a smart contract. Similarly, the system requires a certain number of authenticated persons carrying the private keys, stored in offline hardware devices, to submit signatures authorizing transfer cryptocurrencies from the CDA Ethereum Wallet to the WA Ethereum Wallet.
While we believe that our internal security system is among the best in the business, we understand that our customers want the highest assurance of protection when deciding which exchange on which to trade. That is why we will employ multiple professional audit firms with cyber security experience to conduct a security audit prior to the launch of Plutux. Each component in our system will undergo a series of penetration tests including:
1. Obtaining information without obtaining session and login credentials
2. Emulating user’s credentials
3. Performing denial of service through user lockout
4. Bypassing authorization controls to update restricted data
5. Eavesdropping system communication channel and obtaining sensitive information
6. Impersonating user to gain unauthorized access
To ensure the highest level of protection, we will continue conduct these tests on a regular basis after the launch of the exchange.
Beyond these internal initiatives, Plutux’s Bug Bounty Program rewards hackers who find vulnerabilities in our platform. We will encourage white hat hackers to probe our defenses and report any issues they find, after which we will work closely with such hackers to reproduce the bug, generate reports and fix it.
In addition, Plutux plans to employ threat detection programs offered by cloud service providers that continuously monitor our systems. These programs detect malicious attacks and anomalies using threat intelligence and machine learning engines that analyze our data sets.
We will continuously monitor our domain address in the Certificate Transparency Logs to check if there are any suspicious SSL certificates with similar domain addresses issued by external parties. This will reduce attackers’ ability to trick Plutux users into disclosing confidential credentials.
While some of the above may seem a bit technical, our goal is to demonstrate that Plutux will offer industry leading security protocols without compromising the vision, values, or functionality of the exchange. Plutux promises to protect our clients valuable assets and personal information, and will draw upon every possible resource to do so.