Wallets

Coin & Token

Coins and tokens represent digital assets that CoKeeps wallets can securely store, facilitating their use as mediums of exchange due to their intrinsic value. However, they vary in several fundamental ways:

• Coins are generated through mining processes utilising various consensus mechanisms, while tokens are created or "minted" by the owner of the smart contract.
• Coins function as native assets on their dedicated blockchains, whereas tokens operate within a coin's blockchain framework via smart contracts.
• Tokens possess the ability to represent various assets, such as ownership rights, and can also function as assets themselves, as demonstrated by NFTs.

Tokens may exist across multiple blockchains. For instance, ERC-20 tokens like USDT are accessible on platforms such as Ethereum, Avalanche, and the Tron Blockchain. However, it's important to note that these tokens cannot be transferred directly between blockchains.

NOTE

Tokens are assets governed by smart contracts. In some cases, you may need to maintain a balance of utility coins to cover transaction fees. For instance, when transferring USDT on the Ethereum blockchain, you'll need to have a balance of ETH to pay for the transaction fee.

We are consistently expanding our support for new coins to the best of our ability. Here is a list of coins that you can utilise for both single and multi-signature accounts right now:

• Bitcoin
• Litecoin
• Ethereum
• Ripple
• Solana
• Optimism
• Polygon

Additionally, our wallet supports all ERC-20 and SPL-Token tokens.

Networks

During the testing or staging phase, you have the option to utilise coins or tokens on either the Testnet or Devnet network. The Mainnet network represents real value and is where official transactions are conducted.

Acquiring coins or tokens depends on the network. Testnet or Devnet coins can often be obtained from online faucet websites, whereas Mainnet coins typically require purchase from an individual or an exchange, followed by transfer to your single or multi-signature account address.

Smart Contracts

You have the option to create your own tokens using CoKeeps Wallet and decide to deploy them on either the Ethereum or Solana blockchain network.

Additionally, you have the capability to import any deployed Smart Contract from the Ethereum or Solana blockchain network and initiate direct communication with the Smart Contract using your single or multi-signature accounts that have been established. For instance, if the Smart Contract represents a Decentralised Exchange (DEX), you can access its methods and execute actions such as token swapping.

Tokenisation

All token standards (ERC-20 and SPL-Token) created or imported via CoKeeps Wallet automatically become a form of currency that can then be transferred directly, similar to other coins such as BTC or ETH.

NOTE

CoKeeps Smart Contract-based Multi-signature accounts possess the capability to own any tokens and interact with any smart contracts, effectively functioning as both checker and maker entities, even in cases where the Smart Contract does not inherently have that method available.

Private Keys

CoKeeps Wallet is specifically designed to manage organisational digital assets rather than for individuals. It serves as a tool to help you manage the private keys to your digital assets. CoKeeps neither controls nor stores your private keys on your behalf. Consequently, the accounts you create truly belong to you and your organisation.

During the creation of a transaction requiring signatures for authorisation, your device running the CoKeeps Wallet is responsible for key generation. This process is correlated with the passphrase and PIN provided during the action. Once used, the generated key is promptly removed from your device's memory.

Given the critical role of the passphrase and PIN in key generation, it's imperative to securely store the recovery shards. One shard is stored by the CoKeeps Wallet system, another by your designated signer, and the third by your organisation. This ensures that in the event of your signer's absence, access to the signer's accounts can still be recovered.

NOTE

Unless your signers are extremely cautious about what they install on their devices, we highly recommend that your organisation provide dedicated devices (e.g. laptops, PCs, or tablets) for your signers to perform their operations.

Accounts

Designated as "Personal" for single signature and "Shared" for multi-signature.

A custodial account refers to a multi-signature account that includes at least one CoKeeps signer among its owners. In certain scenarios, such as with the Hot Wallet, a CoKeeps signer may be represented by a machine signer.

There are three (3) types of accounts:

Managed Self Custody

These encompass single and multi-signature accounts created within CoKeeps Wallet. Multi-signature accounts may consist of only your own signers or a combination of signers from different organisations, not necessarily utilising CoKeeps Wallet to manage their keys.

Partial Custody

These denote multi-signature accounts created with CoKeeps signers, where CoKeeps signers constitute the minority of the account owners. This account type is typically utilised when CoKeeps' involvement is solely required for the recovery process and not for day-to-day operations.

Full Custody

These represent multi-signature accounts created with CoKeeps signers, where CoKeeps signers make up the majority of the account owners. This account type is typically utilised when regulatory compliance necessitates CoKeeps' involvement in overseeing transaction details and requirements.

Special Accounts

Deposit

These accounts are specifically designated for your end users' receiving addresses when utilising the CoKeeps Hot Wallet. Their primary function is to identify incoming transfers of particular coins, which then belong to your users. Each deposit address is unique to a user. Balances within deposit addresses are not intended to be permanent or held for extended periods and should be swept into a holding account.

NOTE

For Ethereum (or EVM compatible blockchains), CoKeeps provides a smart contract that can automatically forward incoming transfers, eliminating the need for sweeping from deposit addresses to a holding account.

Holding

This account is essentially a multi-signature account created via CoKeeps Wallet, dedicated to storing funds swept from deposit addresses. Typically, a portion of the balance from this account is transferred to withdrawal accounts to facilitate quick transfers from your custody to your end users' destination addresses.

Withdrawal

The sole purpose of this account is to enable swift withdrawals from your custody to addresses specified by your end users. There are currently two methods of setting up a withdrawal account: one utilises a single-signature CoKeeps machine signer, which is relatively cheaper but less secure; the other employs a 2-of-2 multi-signature account, with the owners being CoKeeps machine signers.

Omnibus

In cases where your end users do not directly manage digital assets, but instead responsibility lies with you and a custodian like CoKeeps, an omnibus setup is employed. This setup utilises an off-chain ledger to maintain a digital record of coins or tokens belonging to your users, while the actual coins or tokens are managed by your organisation (comprising the total of Deposits, Holdings, and Withdrawals).

This configuration is suitable for DAX (Digital Asset Exchange) and IEO (Initial Exchange Offering) operators in many scenarios where users prefer not to handle transaction fees or smart contract procedures directly.

The off-chain ledger is transparent to you and can be verified at any time. We strongly recommend maintaining a separate offline ledger if you wish to validate data integrity as part of your data compliance procedures.

Machine

A machine account is a single-signature account managed by a node held by CoKeeps. The address generated by a machine account is utilised in various implementations, such as being an owner of a multi-signature account, where it only participates during a recovery procedure, or as a withdrawal account, as mentioned previously.

Using a machine account in a multi-signature setup is significantly more secure than a single-signature account, a practice we strongly discourage unless there is a specific reason for it.

Risk Management

Multi-signatures

Accounts requiring more than one signature are theoretically designed to be more secure than those with a single signature. Employing a Shamir Secret Sharing of a single-signature private key is not a substitute for proper multi-signature account implementation. Always prioritise multi-signature accounts over single-signature ones.

Distribution

Avoid concentrating all assets in one account. Distribute your assets across multiple multi-signature accounts, each with different owners.

Higher Threshold

Opt for a 3-of-5 multi-signature account over a 2-of-3. The former can withstand the absence of two owners simultaneously. Additionally, requiring an additional signature reduces the risk of compromise.

Custodian

CoKeeps operates as a regulated entity overseen by the Securities Commission of Malaysia. Our responsibility extends beyond safeguarding your digital assets to adhering to all established security and policy guidelines.