Curve Wallet is a multi-blockchain platform that provides
a frictionless experience, facilitating cross-chain transactions and smart contracts
in a simple and clean UI/UX. Curve Wallet simplifi es and accelerates adoption for
seasoned investors and the general public. Intuitive features in Investing, Trading and
Accounting allow for custom pooling, advanced asset tracking and management, securities-compliant
ICO investing, in-app trading via a decentralized exchange, and easy
transactions through fi at gateways.
Envisioned to be available via both a desktop site and a mobile application, Curve Wallet
is a turnkey product for all blockchain-consumer needs.
Curve Wallet will use CURV, a token with multiple
utilities. For example, by using CURV tokens,
investors will enjoy reduced trading fees and
unlock enhanced capabilities like the Nuke
function.
Invest and trade directly from inside Curve
Wallet, monitor their portfolios over time, and
fund accounts through a bank or credit card.
Easily participate in new ICOs as well as join
investing pools that require no manual admin
management.
Stake CURV tokens, receiving tokens from any
ICOs launched on Curve Wallet.
CryptoCurve has an end-to-end approach to security. Security considerations are made
from the application layer to infrastructure layer.
‹‹ LAYER 1: COMMUNICATION ››
This is architectured with end-to-end encryption in mind. To facilitate this, we implement
the following security protocols:
- All communication is HTTPS with a minimum of TLSv1.1_2016
- All payload transfers are random seed AES-cbc encrypted
- Mnemonic phrases are used for random seeds
- Time based payload signatures are implemented to prevent replay attacks
- Payloads are signature-signed to prevent tampering
- All passwords are random-seeded SALT
- All endpoints are secured via Basic Authentication
- All function calls are secured via endpoint Authentication
- Session management is controlled via JWT
- Web application firewalls are implemented to protect against vulnerabilities
- Sites and APIs are externally scanned for XSS, SQL injection, and other
released vulnerabilities - Content-Security-Policy header is used to prevent cross-site scripting
- Allow-Control-Allow-Origin only allows approved whitelisted domains
- Access-Control-Allow-Methods only allows the minimum set required
- Access-Control-Allow-Headers is strictly controlled
- X-Powered-By headers are stripped of content
- Public Key Pinning is implemented to prevent man-in-the-middle attacks
- Strict-Transport-Security enforces secure connections
- Cache-Control and Pragma headers are used to disable client-side caching
- X-Content-Type-Options are implemented to prevent MIME-sniffing
- X-Frame-Options are used to prevent clickjacking
- X-XSS-Protection to enable the CSS filter in browsers
- IP access is filtered and controlled to prevent DDoS
- Multi-location hosting to prevent single point of failure
‹‹ LAYER 2: PROCESSING ››
After transmission has occurred, the processing phase begins. The following protocols
are implemented to ensure security during processing: - One-off IAM accounts for ECS instances
- APIs are stateless and side effect free
- No data is stored locally
- Data is actively purged from memory after usage
- All clusters are VPC controlled and only available behind DMZ
- All access is IP- and port-controlled
- Microservices architecture for role encapsulation
- Minimum access user roles
- Processing occurs in single-boot instanced VMs
‹‹ LAYER 3: STORAGE ››
Storage is arguably the most critical single point for any security-centric system. To ensure
a secure protocol layer we implement the following security protocols: - All data stores are key encrypted
- Data stores are split into read-only and write-only systems
- Access control is meticulously audited and logged
- Sensitive data is dual-encrypted by user key and randomly-generated one-off keys
- Keys are stored in protected JSONv3 standard
- Passwords are random-seeded and SALTed
- Keys are sharded and stored in distributed key stores
- Keys are only made whole during creation and in-memory access
- Minimum-access user roles are used to ensure that only a single role has access to
its minimum feature set
cryptocurve is in ico stage atm https://cryptocurve.io/(www.cryptocurve.io)
Team
The team consists of 10 members including management, a blockchain developer, a web/mobile engineer, as well as specialists in finance, security (Sean McGurk, worked for Verizon, Intel, Amazon), and marketing. The team leader CEO Joshua Halferty previously worked for Hewlett Packard Enterprise, managed successful IT projects for the US Navy and Marine Corp. All in all, the team looks strong and trustworthy. Six advisors help the team with their experience in business management, cryptocurrency, ICO, technical questions, and analytics.
Summary
A project that sees its main goal in popularization of crypto world and making it available for everyone. Since crypto industry is still very young and people apprehend possible risks of investing into ICOs and crypto coins, projects like CryptoCurve are in high demand. The team and hype around the project are pluses. Absence of product is the biggest minus. As many other projects CryptoCurve has a good potential, but needs to accelerate its own product implementation.
FOR ICO PARTICIPATION https://cryptocurve.network/#add
Source 1
Source 2
Plagiarism is the copying & pasting of others work without giving credit to the original author or artist. Plagiarized posts are considered spam.
Spam is discouraged by the community, and may result in action from the cheetah bot.
More information and tips on sharing content.
If you believe this comment is in error, please contact us in #disputes on Discord