You might remember learning about the Indus Valley Civilization from when it made an appearance in our piece entitled Evolution of Journalism - some cities in this civilization decided to construct primitive walls to fend off equally primitive attacks. The Mycenaean culture was also keen on this strategy of defense. But, as time went on, combat style changed which modified attack frequency and effectiveness of attacks. Successful cities became metropolises which made them targets for more ruthless attacks from increasingly advanced outsiders. Wall technology, therefore, became crucial for metropolis growth.
Walls became so strategically important that there are a handful of world-famous examples that you've probably heard of. Ground was broken on the Great Wall of China in 600 B.C. along the northern border of the Chinese states, and continued to be renovated over the millenia. Hadrian built the Roman Wall, which spanned from the North Sea all the way to the Irish Sea, and protected Britannia in 122 A.D. The 35 mile stretch of Μακρὰ Τείχη τῆς Θράκης (Long Walls of Thrace) was renewed by Roman Emperor Anastasius I in 507 A.D. to protect Constantinople from northern barbarian attacks. More recently, WWII Axis forces built complex defensive fortifications based on wall concepts to deter Allied attacks on the northern coast of Europe.
In medieval times, central Europe saw a proliferation of a type of wall called a Letzimauer. These Letzinen protected the entrances to valleys, and can be found in Switzerland, Austria, and Germany. Letzinen were also sometimes combined with what we probably all think of when we hear "walls for defense": castles. You might be surprised to learn that there are subtle differences between a "castle", "palace", and "fortress".
After the 888 A.D. fall of the Carolingian Empire, there was a proliferation of nobility ... lords and princes and kings. The density of this new nobility class meant that they were in close geographic proximity to each other. Human nature takes over and one prince wants to take another lord's plot of land, so they fight. Naturally, nobles started building heavily walled buildings to protect themselves. Thus arose "castles". A "palace" is a noble's residence that isn't protected by walls, and a "fortress" is a walled defensive complex meant to protect the public rather than nobility. Castles grew into advanced compounds in their own right with eventual features like moats, mottes, keeps, curtain walls enclosing baileys, and even murder holes in the rooves of gatehouses. At their height, castles were as much a status symbol as they were a defensive mechanism.
Castles would quickly fall out of favor (in other words, become useless) when siege warfare was revolutionized by gunpowder propelled artillery in the 15th century, however castle architecture made a comeback in the 17th and 18th centuries due to its rich history and cultural importance.
In Latin, defensive structures were called fortis facere, which means "to make strong". That is translated to English as "stronghold", referring to the general class of defensive structures which includes the aforementioned castle and fortress.
The IOTA Foundation's decision to name their new security project "Stronghold" seems fitting. It's a tribute to the vibrant history of defensive structures, and evokes images of ancient cities surrounded by sturdy walls. Let's see what a stronghold looks like in today's digital realm.
At first blush, it appears that IOTA Stronghold aspires to be yet another password storage tool. There are already plenty of those on the market. Password vaults like KeepKey, YubiKey, Ledger and Trezor do a fine job of storing seeds for various open source technologies.
But upon a second look, you'll see that Stronghold has much higher aspirations than to merely be a seed security layer.
As Daniel Thompson-Yvetot describes it, Stronghold's primary task is to "isolate the activity of 'privileged' functions from other programs." This obviously traces to the use case of protecting private keys when signing a transaction, and he says that they "expect to move the Stronghold stack to Trusted Execution Environments and integrate it into custom hardware."
So far this is sounds very similar to other hardware wallets already out there, right?
Here's where it gets more interesting: Stronghold is actually a more generalizable security solution that can be extended for a bunch of different use cases. It's actually a "suite of low-level libraries known as Stronghold Engine that provide tooling and algorithms to build secure systems in Rust in a way that can be embedded and deployed to devices regardless of architecture and operating systems." The project is written in the currently mega-popular Rust programming language and includes both low-level libraries (which means that you can interact with the base layer of whatever piece of hardware you're using) as well as high-level libraries (which means that it's easy for programmers to write exciting software without having to delve into the tedious low-level code). They're hoping to have bindings to other popular high-level languages in the near future (things like C, Java, and Node.js, according to Daniel.
This is obviously an ideal sandbox to for securing IOTA wallets, but it goes well beyond that. Daniel lists a number of potential ideas:
- Exchanges: "Alice the daytrader and her exchanges can collaboratively use Stronghold distributed key generation and BLS threshold signatures for enhancing the auditability of high-volume IOTA token transfers."
- Multimedia Center: "Alice rents a movie using her Phone to playback on her Smart TV. The movie is sent to the TV as an encrypted stream and a decryption key is synced to her device’s Stronghold. After 48 hours the key is deleted from her Stronghold by the service and the video can no longer be played."
- GDPR Data Processors and Controllers: "Instead of storing personally identifiable information in a centralized database that can get stolen in one fell swoop, Alice can choose to share and revoke access to her data directly from her Stronghold-powered application."
- Travel Agency: "Alice securely shares her passport information with her travel agent, and because of the way that Strongholds sync with each other, when the travel agent no longer needs the passport data, she can remove his access to it."
Putting a movie onto an encrypted stream that's decrypted locally by your smart tv? Consensual exchange audits? Granular disclosure of personal data? Passport and ID encryption and access? All happening natively on whatever device is being used, programmed in at its lowest level? This is exactly in line with the overall vision of IOTA, and sounds like one of the first steps toward a truly integrated machine/digital economy.
Our engineering readership will be interested in watching this video by Stronghold's creator, Tensor:
The github sums up IOTA Stronghold's purpose succinctly:
IOTA Stronghold is a secure software implementation with the sole purpose of isolating digital secrets from exposure to hackers and accidental leaks. It uses versioned snapshots with double-encryption that can be easily backed up and securely shared between devices. Written in stable rust, it has strong guarantees of memory safety and process integrity. The high-level developer-friendly libraries will integrate the IOTA protocol and serve as a reference implementation for anyone looking for inspiration or best-in-class tooling.
Stronghold's roadmap is published on that github link, and it appears as though security auditing is expected to be done by early 2021!
The project lead was able to clear up some confusion by answering a few questions on this IOTA reddit thread:
Q: Where is this on the scale of "well-built password manager" to "dAPP"? A: We’re still in early days of the project, but the simple answer is that stronghold is a collection of libraries that securely manage important digital property, like passwords, private keys and eventually also identities. Strongholds will be able to communicate with each other, and there is indeed a persistent file backing. I would classify it as a type of secret management more than a dAPP.
Q: Isn't this a generic problem (implication is that it's a hard thing to solve)? A: We did a ton of research looking for something that met our requirements, but couldn’t find it.
Q: Is Stronghold more or less just an advanced VPN? A: Sometimes when I explain how the stronghold engine works, I say it’s a bit like git meets gpg meets P2P. The Applications that can be built on top of the system are unlimited.
Q: Is this decentralized, or am I storing the files locally? A: Stronghold’s snapshot engine exists only on the device where it is used. And we are investigating how to build the sync mechanism for inter-stronghold communications. The point is you get to decide where your data is stored and who can have access to it.
The IOTA Foundation explicitly says that they "seek to strengthen the working environment for developers, enhance the security of application, and give everyone better options for securely storing and safely using high-value digital secrets", and go as far as saying this fits into their mandated mission as a German foundation. When they looked around at available security options, they weren't able to find a ready-made solution that met their needs.
So here we are with the early version of a low-level security package that could blossom into making every device natively secure. Native hardware security in any device means that we'll be able to build out the actual exciting vision of a future with automated streams of payments for streams of data, identity control, and eventually elaborate machine economies. Give devices security and you can give them a wallet. Give them a wallet and they can transact with anything else that has a wallet!
In the era of technology, early defensive measures were taken in cybersecurity during the 90's. Security became an even bigger focus into the late 00's when smartphones took over, culminating in finger print scanners, face scanners, ... and typed passwords. Does the combination of IOTA as the value and data transfer layer, and Stronghold as the device-native security layer represent a technological breakthrough in the same way that city defense was revolutionized by castle building in the middle ages? Are we due for a new era of human flourishing? Is this our modern fortis facere? Time will tell. Fight on, and let's build the future.