SoK: Cryptocurrency Wallets -- A Security Review and Classification based on Authentication Factors

Abstract

In this work, we review existing cryptocurrency wallet solutions with regard to authentication methods and factors from the user's point of view. In particular, we distinguish between authentication factors that are verified against the blockchain and the ones verified locally (or against a centralized party). With this in mind, we define notions for k-factor authentication against the blockchain and k-factor authentication against the authentication factors. Based on these notions, we propose a classification of authentication schemes. We extend our classification to accommodate the threshold signatures and signing transactions by centralized parties (such as exchanges or co-signing services). Finally, we apply our classification to existing wallet solutions, which we compare based on various security and key-management features.