Royen Security

Royen Security is a lightweight, open-source software solution designed to safeguard Bitcoin wallets and portfolios from hacking. It combines cold storage principles, multi-signature (multisig) wallets, hardware wallet integration, and advanced key management to provide robust protection for high-value BTC holders. The software operates primarily offline to minimize attack surfaces, with optional online monitoring for portfolio tracking. Its simplicity ensures accessibility for non-technical users, while its security features meet the needs of whale-level investors (e.g., holding 5,000 BTC).

Download Windows / macOS

Documentation

Key Objectives

• Prevent Unauthorized Access: Protect private keys and seed phrases from theft via phishing, malware, or physical compromise.
• Ensure Recovery: Enable secure backup and restoration of wallets without exposing sensitive data.
• Minimize Attack Surface: Operate offline by default, with strict controls for online interactions.
• User-Friendly Design: Simplify complex security processes for ease of use without compromising safety.
• Scalability: Support portfolios of any size, including high-value holdings like >5,000 BTC (~$465M at $93,000/BTC).

Core Features

1. Offline Cold Storage with Multisig Wallets

Royen Security generates and manages Bitcoin multisig wallets (e.g., 2-of-3 or 3-of-5) to ensure no single point of failure. Private keys are created and stored offline on air-gapped devices. Requires multiple keys to authorize transactions, reducing risk from a single compromised key.

• Uses Bitcoin Core’s BIP-32 (HD wallets) and BIP-67 (multisig) standards.
• Keys are generated on a dedicated, air-gapped device (e.g., a Raspberry Pi Zero with no internet capability).
• Supports integration with hardware wallets (e.g., Ledger, Trezor) for one or more keys.

2. Encrypted Key Management

Private keys and seed phrases are encrypted using AES-256-GCM (military-grade encryption) with user-defined passphrases. Encrypted backups can be split into shards using Shamir’s Secret Sharing for distributed storage. Even if a backup is stolen, it remains inaccessible without the passphrase or all required shards.

• Shamir’s Secret Sharing splits keys into N parts (e.g., 5), requiring M (e.g., 3) to reconstruct.
• Passphrase strength enforced (minimum 20 characters, checked against common patterns).
• Backups stored on user-provided USB drives or etched onto durable materials (e.g., titanium).

3. Air-Gapped Transaction Signing

Transactions are signed offline using QR codes or USB drives to transfer data between the air-gapped device and an online device (e.g., a smartphone or PC). Eliminates network exposure during transaction signing, preventing malware or remote hacks.

• Online device generates an unsigned transaction (PSBT - Partially Signed Bitcoin Transaction) and displays it as a QR code.
• Air-gapped device scans the QR code, signs the transaction with the required keys, and outputs a signed PSBT via QR code or USB.
• Online device broadcasts the signed transaction to the Bitcoin network.

4. Phishing and Malware Protection

Royen Security includes a verification layer to detect tampered software or phishing attempts. It also educates users on common attack vectors. Prevents users from falling for fake wallet interfaces or malicious updates. Prevents users from falling for fake wallet interfaces or malicious updates.

• Software integrity verified via cryptographic signatures (PGP-signed releases) checked during installation.
• Built-in phishing detection: Warns users if inputs (e.g., addresses) resemble known scam patterns.
• Offline operation avoids clipboard hijacking or keyloggers.

5. Portfolio Monitoring (Optional Online Component)

An optional, read-only online module allows users to track portfolio value and market trends without exposing private keys. Separates sensitive operations (signing) from non-sensitive ones (monitoring), reducing risk during online use.

• Connects to public Bitcoin nodes or trusted APIs (e.g., Blockstream) to fetch balance and transaction history using public keys.
• Runs in a sandboxed environment (e.g., browser-based with no access to local storage).
• Supports price feeds from exchanges (e.g., Kraken, Coinbase) for real-time valuation.

6. Recovery and Inheritance Planning

Royen Security provides tools for secure wallet recovery and inheritance, ensuring funds are accessible to trusted parties (e.g., heirs) without compromising security. Prevents loss of funds due to forgotten passphrases or user incapacitation.

• Recovery mode allows reconstruction of keys from Shamir shards, with multi-factor authentication (e.g., passphrase + hardware token).
• Inheritance protocol: Users predefine trusted parties and distribute encrypted key shards, with time-locked release (e.g., after 6 months of inactivity).
• Dead-man’s switch: Optional feature to alert trusted contacts if the user fails to check in periodically.

7. Integration with Existing Wallets

Royen Security integrates with popular Bitcoin wallets (Wasabi, Electrum, Bitcoin Core, and others) to enhance their security without replacing them. It acts as a secure key management and transaction signing layer. Adds offline multisig, air-gapped signing, and encrypted backups to existing wallets, reducing reliance on their native security.

Supported Wallets:

• Wasabi Wallet: Privacy-focused, supports CoinJoin and Tor. VaultShield imports Wasabi’s multisig setups for enhanced offline signing and key management.
• Electrum: Lightweight, widely used for large holdings. VaultShield supports Electrum’s seed phrases, multisig wallets, and PSBT workflows.
• Bitcoin Core: Full node wallet for advanced users. VaultShield integrates with Bitcoin Core’s wallet.dat files or exported keys for offline security.
• Others: Sparrow Wallet, BlueWallet, and hardware wallets (Ledger, Trezor) via PSBT and seed phrase compatibility.

Technical Architecture

Cross-platform (Windows, macOS) with a minimal OS image for air-gapped devices.

Python for core logic, with C++ for performance-critical cryptographic operations.

None (all data stored locally in encrypted files).

None for core operations; optional HTTPS for portfolio monitoring via trusted APIs.

• Air-gapped device: Raspberry Pi Zero (~$10) or equivalent with camera/USB support.
• Online device: Standard PC/smartphone with internet access.

Important: The software must be in the same environment with other wallets.

Dependencies

• Bitcoin Core (for wallet standards and PSBT handling).

• PyCryptodome (for AES-256-GCM encryption).

• ZBar (for QR code scanning).

• Minimal external libraries to reduce attack surface.

Security Measures

1. User Education: Built-in tutorials on avoiding phishing, securing backups, and recognizing scams.
2. Deterministic Builds: Ensures software binaries match source code, preventing supply-chain attacks.
3. Tamper-Evident Design: Air-gapped device wipes sensitive data if unauthorized access is detected (e.g., physical tampering).
4. Regular Updates: Patches for vulnerabilities, delivered via signed releases to maintain trust.

Threat Mitigation

Phishing - Signed software, phishing detection, user education.

Malware/Keyloggers - Offline signing, no network exposure, integrity checks.

Physical Theft - Multisig wallets, Shamir’s Secret Sharing, encrypted backups.

Key Loss - Recovery via Shamir shards, inheritance planning.

Exchange Hacks - No reliance on exchange custody; all keys managed locally.

Network Attacks (e.g., MITM) - Air-gapped operations, no network for sensitive tasks.

User Workflow

1. Setup:

• Install Royen Security on an air-gapped device.

• Generate a multisig wallet (e.g., 2-of-3) with keys stored on hardware wallets and encrypted backups.

• Split backups using Shamir’s Secret Sharing and store in secure locations (e.g., safe deposit boxes).

2. Transaction:

• Create transaction on an online device, export as QR code.

• Sign transaction on air-gapped device, export signed PSBT.

• Broadcast signed transaction from online device.

3. Monitoring:

• Use optional online module to check portfolio value and transaction history.

4. Recovery/Inheritance:

• Reconstruct keys from Shamir shards if needed.

• Execute inheritance plan for trusted parties.

Royen Security provides a simple yet powerful solution for protecting high-value BTC portfolios from hacking. By combining offline multisig wallets, encrypted key management, air-gapped signing, and user-friendly design, it addresses the critical security needs of whale-level holders (e.g., 5,000 BTC). Its open-source nature and low-cost hardware requirements make it accessible, while its robust security features ensure peace of mind for managing substantial crypto wealth.