Safeheron Exchange API: Higher Security in TEE

NOW, our customers can securely and smoothly manage your exchange assets on Safeheron.

At Safeheron, we’ve set up a Trusted Execution Environment (TEE) that all users’ private keys, critical private information and API keys are tamper-proof. Safeheron Exchange API is also under trustworthy protection through Intel SGX.

With Intel SGX chip-level hardware isolation, Safeheron achieves:

1. Storage of API keys in a hardware-based environment

2. Execution of critical business logic inside an isolated secure environment

Generally, lots of exchanges provide customers with a pair of credentials, an API secret and an API key, for API authentication. An API key is public that everyone can consider it as a public address while the corresponding API secret shall be stored securely as exchange customers need it for signing and authentication.

All the computing in TEE is trusted and isolated from outside, thus, customers’ exchange-related operations can be highly secured in an all-walled way — execute in an isolated trusted SGX environment.

What's Next for Safeheron

Bring HMAC-MPC into Trusted Execution Environment

HMAC-MPC is an advanced method leveraging key sharding that can break exchange API credentials into shares. It effectively distributes policy and approval logic enhancing security with increased number of defenses in on-prem environment.

With the commitment to be the trustworthy digital asset custody infrastructure, Safeheron plans to deploy HMAC-MPC technology with our current technology basis in the very near future, bringing higher security standards for our customers.