Sigma Auth's key backup system is designed with security-first principles, ensuring that private keys remain protected even if servers are compromised.

Encryption Architecture

Client-Side Encryption

All encryption and decryption operations happen exclusively in the user's browser using the bitcoin-backup npm package:

npm install bitcoin-backup

import { encryptBackup, decryptBackup, detectBackupType } from 'bitcoin-backup';

// Encryption process (client-side only)
const encryptedBackup = await encryptBackup(privateKey, userPassword);
// Only the encrypted result is transmitted to servers

// Decryption process (also client-side only)
const privateKey = await decryptBackup(encryptedBackup, userPassword);

// Detect backup format
const backupType = detectBackupType(backupData);
// Returns: 'BapMaster' | 'BapMember' | 'OneSat' | 'WIF' | 'Unknown'

The bitcoin-backup package (GitHub) provides:

• AES-256-GCM encryption with PBKDF2 key derivation
• Support for multiple wallet formats (BAP, OneSat, WIF)
• Automatic format detection
• Zero server-side dependencies

Encryption Details

• Algorithm: AES-256-GCM for authenticated encryption
• Key Derivation: PBKDF2 with 300,000 iterations and random salt
• Initialization Vector: Randomly generated for each backup
• Authentication Tag: Prevents tampering with encrypted data

Never on Servers

The following data never touches the server:

• User backup passwords
• Unencrypted private keys
• Key derivation materials
• Decryption processes

Storage Security

Cloudflare KV Storage

Backups are stored using Cloudflare's KV system:

• Encryption at Rest: All data encrypted by Cloudflare
• Global Replication: Automatic geographic distribution
• Access Control: Restricted to authenticated Sigma Auth workers
• Automatic Expiration: 10-year TTL with automatic cleanup

Data Structure

Stored backup format (all encrypted):

{
  "version": 1,
  "algorithm": "aes-256-gcm",
  "ciphertext": "base64-encoded-encrypted-data",
  "iv": "base64-initialization-vector", 
  "tag": "base64-authentication-tag",
  "salt": "base64-pbkdf2-salt",
  "iterations": 300000
}

Access Patterns

• Keyed by: OAuth provider ID + hashed user identifier
• No personal data: Only encrypted blobs and OAuth mappings
• Rate limited: 5 attempts per hour per OAuth identity
• Audit logged: All access attempts recorded

Authentication Security

OAuth Provider Verification

Before allowing backup access:

1. Valid OAuth token required from Google/GitHub
2. Token verification against provider's public keys
3. Identity mapping to internal backup identifier
4. Rate limiting applied per OAuth identity

Multi-Factor Protection

The backup system requires multiple factors:

1. OAuth account access (something you have)
2. Backup password knowledge (something you know)
3. Browser capability (something you are - client-side decryption)

Session Security

• Short-lived sessions - 10 minute maximum
• No persistent tokens stored for backup access
• Fresh OAuth verification required for each restore
• Automatic logout after successful restore

Threat Model Analysis

Server Compromise

Scenario: Sigma Auth servers are completely compromised Impact: ✅ No private keys exposed

• Encrypted backups are useless without user passwords
• OAuth mappings reveal no personal information
• Attackers cannot decrypt existing backups

Database Breach

Scenario: Cloudflare KV storage is compromised Impact: ✅ No private keys exposed

• All stored data is encrypted with user passwords
• No password hints or recovery mechanisms stored
• Brute force attacks are computationally infeasible

OAuth Provider Compromise

Scenario: Google or GitHub is compromised Impact: ⚠️ Limited exposure

• Attackers could access encrypted backups
• Still requires backup password for decryption
• Users should rotate backup passwords if OAuth is compromised

Man-in-the-Middle Attacks

Scenario: Network traffic is intercepted Impact: ✅ No private keys exposed

• All communication over HTTPS/TLS
• Only encrypted backups transmitted
• No sensitive data in URLs or headers

Client-Side Attacks

Scenario: User's browser/device is compromised Impact: ⚠️ Potential exposure during active use

• Private keys exist in memory during decryption
• Malware could capture passwords during entry
• Mitigation: Use secure, updated browsers

Cryptographic Implementation

Key Derivation Function

// PBKDF2 parameters
const iterations = 300000;  // OWASP recommended minimum
const keyLength = 32;       // 256 bits for AES-256
const hashAlgorithm = 'SHA-256';
const salt = crypto.getRandomValues(new Uint8Array(16)); // 128-bit salt

Encryption Process

// Simplified encryption flow
async function encryptBackup(privateKey, password) {
  const salt = crypto.getRandomValues(new Uint8Array(16));
  const key = await crypto.subtle.importKey(/* PBKDF2 derivation */);
  const iv = crypto.getRandomValues(new Uint8Array(12));
  
  const encrypted = await crypto.subtle.encrypt(
    { name: 'AES-GCM', iv },
    key,
    new TextEncoder().encode(privateKey)
  );
  
  return { ciphertext, iv, tag, salt, iterations: 300000 };
}

Random Number Generation

• Browser crypto.getRandomValues() for all random data
• Cryptographically secure random number generation
• Unique values for each encryption operation
• No predictable patterns in generated data

Audit and Monitoring

Security Logging

All backup operations are logged:

• Backup creation: OAuth identity, timestamp, success/failure
• Restore attempts: OAuth identity, timestamp, success/failure
• Failed decryptions: Rate limiting triggers, timing
• No sensitive data: Passwords, keys, or personal info never logged

Monitoring Alerts

Automated monitoring for:

• Unusual access patterns: Multiple failed attempts
• Geographic anomalies: Access from unexpected locations
• Rate limit violations: Potential brute force attempts
• System errors: Encryption/decryption failures

Incident Response

In case of security incidents:

1. Immediate isolation of affected components
2. User notification if personal data potentially affected
3. Backup rotation recommendations for affected users
4. Security patch deployment and verification

Best Practices for Users

Password Security

• 12+ character passwords with mixed case, numbers, symbols
• Unique passwords not used for other services
• Password manager storage recommended
• Regular rotation if OAuth account compromised

Device Security

• Updated browsers with latest security patches
• Avoid public computers for backup operations
• Private browsing mode on shared devices
• Clear browser data after sensitive operations

Account Security

• Enable 2FA on OAuth provider accounts
• Monitor OAuth activity for suspicious logins
• Use strong OAuth passwords as they protect Bitcoin identity
• Regular security reviews of connected applications

Compliance Considerations

Privacy Regulations

• GDPR compliance: Users can delete all data instantly
• Data minimization: Only encrypted backups stored
• No personal profiling: No behavioral tracking
• Transparent processing: Clear documentation of data handling

Security Standards

• OWASP guidelines: Followed for web application security
• Cryptographic standards: NIST-recommended algorithms
• OAuth 2.0 security: RFC 6749 and security BCP compliance
• Transport security: TLS 1.3 minimum for all communications

Technical Verification

Security Audit Checklist

✅ Client-side encryption implementation
✅ Secure key derivation parameters
✅ Proper random number generation
✅ OAuth token verification
✅ Rate limiting and monitoring
✅ Secure storage configuration
✅ Incident response procedures
✅ Privacy compliance measures

Regular Reviews

• Quarterly security assessments of backup system
• Annual penetration testing by external security firms
• Continuous monitoring of security best practices
• Community security reviews through open source contributions

Next Steps

• Implementation Guide - Add secure backup to your app
• OAuth Restore Process - User-facing restore guide
• Security Documentation - General security practices