API key generation of a security system forming part of a host computer for cryptographic transactions
First Claim
Patent Images
1. A host computer system comprising:
- a processor;
the non-transitory computer-readable medium having stored thereon a service and a set of instructions that, when executed by the processor of a computer carries out a method performed by the service;
wherein the service comprises a data store;
a master key loader to store an operational master key in the data store of the service;
a checkout module to generate an address and a private key, encrypt the private key with the operational master key to generate an encrypted private key, and store the address and the encrypted private key in association with one another prior to receiving a request for payment;
an application programmable interface (API) key generator to receive a plurality of requests to create an API key,generate, upon a determination by the API key generator that the plurality of requests to create an API key is at least equal to a minimum number (M) requests, an API key,store the API key, andprovide an output of the API key; and
a payment modulea web application on the non-transitory computer-readable medium and executable by the processor to;
receive the API key,store the API key,receive a request for payment to a cryptographic currency address, the request for payment including an amount of cryptographic currency to be paid,generate an unsigned transaction in response to receiving the request for payment, the unsigned transaction including the amount of cryptographic currency to be paid in the request for payment, andcommunicate with the service in response to receiving the request for payment, including providing the API key stored by the web application to the service, wherein the web application is configured and to request a signing of the unsigned transaction to create a signed transaction,the payment module of the service to receive the API key from the web application, and execute a procedure only if the API key received from the web server matches the API key stored by the service, the payment module to receive the request for signing the transaction, determine the address corresponding to the cryptographic currency address in the unsigned transaction, determine the encrypted private key stored in association with the address, decrypt the encrypted private key with the operational master key to generate a decrypted private key, and sign the transaction with the decrypted private key to create the signed transaction, the web application configured to receive the signed transaction, and broadcast the signed transaction over a cryptographic currency network.
1 Assignment
0 Petitions
Accused Products
Abstract
A key ceremony application creates bundles for custodians encrypted with their passphrases. Each bundle includes master key share. The master key shares are combined to store an operational master key. The operational master key is used for private key encryption during a checkout process. The operational private key is used for private key decryption for transaction signing in a payment process. The bundles further include TLS keys for authenticated requests to create an API key for a web application to communicate with a service and to unfreeze the system after it has been frozen by an administrator.
31 Citations
9 Claims
-
1. A host computer system comprising:
-
a processor; the non-transitory computer-readable medium having stored thereon a service and a set of instructions that, when executed by the processor of a computer carries out a method performed by the service; wherein the service comprises a data store; a master key loader to store an operational master key in the data store of the service; a checkout module to generate an address and a private key, encrypt the private key with the operational master key to generate an encrypted private key, and store the address and the encrypted private key in association with one another prior to receiving a request for payment; an application programmable interface (API) key generator to receive a plurality of requests to create an API key, generate, upon a determination by the API key generator that the plurality of requests to create an API key is at least equal to a minimum number (M) requests, an API key, store the API key, and provide an output of the API key; and a payment module a web application on the non-transitory computer-readable medium and executable by the processor to; receive the API key, store the API key, receive a request for payment to a cryptographic currency address, the request for payment including an amount of cryptographic currency to be paid, generate an unsigned transaction in response to receiving the request for payment, the unsigned transaction including the amount of cryptographic currency to be paid in the request for payment, and communicate with the service in response to receiving the request for payment, including providing the API key stored by the web application to the service, wherein the web application is configured and to request a signing of the unsigned transaction to create a signed transaction, the payment module of the service to receive the API key from the web application, and execute a procedure only if the API key received from the web server matches the API key stored by the service, the payment module to receive the request for signing the transaction, determine the address corresponding to the cryptographic currency address in the unsigned transaction, determine the encrypted private key stored in association with the address, decrypt the encrypted private key with the operational master key to generate a decrypted private key, and sign the transaction with the decrypted private key to create the signed transaction, the web application configured to receive the signed transaction, and broadcast the signed transaction over a cryptographic currency network. - View Dependent Claims (2, 3, 4)
-
-
5. A method of transacting cryptographic currency comprising:
-
storing, by a master key loader, an operational master key in a data store of a service, wherein the service is stored on non-transitory computer readable medium and executable by a processor; generating, by the service, an address and a private key; encrypting, by the service, the private key with the operational master key to generate an encrypted private key; storing, by the service, the address and the encrypted private key in association with one another prior to receiving the request for payment; receiving, by the service, a plurality of requests to create an application programmable interface (API) key; generating, by the service, upon a determination by the service that the plurality of requests to create an API key is at least equal to a minimum number (M) requests, an API key; storing, by the service, the API key; providing, by the service, an output of the API key; receiving, by a web application on the non-transitory computer-readable medium and executable by the processor, the API key; storing, by the web application, the API key; receiving, by the web application, a request for payment to a cryptographic currency address, the request for payment including an amount of cryptographic currency to be paid; generating, by the web application, an unsigned transaction in response to receiving the request for payment, the unsigned transaction including the amount of cryptographic currency to be paid in the request from payment; communicating, by the web application, with the service in response to receiving the request, including providing the API key stored by the web application to the service and requesting, by the web application, a signing of the unsigned transaction to create a signed transaction; receiving, by the service, the API key and the request for signing the transaction from the web application; executing, by the service, a procedure only if the API key received from the web server matches the API key stored by the service, including; determining, by the service, the address corresponding to the cryptographic currency address in the unsigned transaction; determining, by the service, the encrypted private key stored in association with the address; decrypting, by the service, the encrypted private key with the operational master key to generate a decrypted private key; and signing, by the service, the transaction with the decrypted private key to create the signed transaction; receiving, by the web application, the signed transaction; and broadcasting, by the web application, the signed transaction over a cryptographic currency network. - View Dependent Claims (6, 7, 8)
-
-
9. A non-transitory computer-readable medium having stored thereon a set of instructions that, when executed by a processor of a computer carries out a method of transacting cryptographic currency comprising:
-
storing, by a master key loader, an operational master key in a data store of a service, wherein the service is stored the on non-transitory computer readable medium and executable by the processor; generating, by the service, an address and a private key; encrypting, by the service, the private key with the operational master key to generate an encrypted private key; storing, by the service, the address and the encrypted private key in association with one another prior to receiving the request for payment; receiving, by the service, a plurality of requests to create an application programmable interface (API) key; generating, by the service, upon a determination by the service that the plurality of requests to create an API key is at least equal to a minimum number (M) requests, an API key; storing, by the service, the API key; providing, by the service, an output of the API key; receiving, by a web application on the non-transitory computer-readable medium and executable by the processor, the API key; storing, by the web application, the API key; receiving, by the web application, a request for payment to a cryptographic currency address, the request for payment including an amount of cryptographic currency to be paid; generating, by the web application, an unsigned transaction in response to receiving the request for payment, the unsigned transaction including the amount of cryptographic currency to be paid in the request from payment; communicating, by the web application, with the service in response to receiving the request, including providing the API key stored by the web application to the service and requesting, by the web application, a signing of the unsigned transaction to create a signed transaction; receiving, by the service, the API key and the request for signing the transaction from the web application; executing, by the service, a procedure only if the API key received from the web server matches the API key stored by the service, including; determining, by the service, the address corresponding to the cryptographic currency address in the unsigned transaction; determining, by the service, the encrypted private key stored in association with the address; decrypting, by the service, the encrypted private key with the operational master key to generate a decrypted private key; and signing, by the service, the transaction with the decrypted private key to create the signed transaction; receiving, by the web application, the signed transaction; and broadcasting, by the web application, the signed transaction over a cryptographic currency network.
-
Specification