IBM announced the December 5 launch of IBM Hyper Protect Offline Signing Orchestrator (OSO), an air-gapped cold storage solution for digital assets.
IBM has partnered with digital asset manager Metaco (an IBM partner and Ripple subsidiary) and Tier-1 banks to develop an end-to-end asset encryption service to address common vulnerabilities found in typical cold storage solutions.
According to the announcement:
“Offline or physically air-gapped cold storage has limitations including privileged administrator access, operational costs and errors, and the inability to truly scale. All of these limitations stem from one fundamental factor: human interaction.”
cold storage
IBM designed OSO to address these vulnerabilities by eliminating the manual function of initiating and performing transactions. Like a time-bound vault that cannot be opened on demand, OSO can be configured to send transactions from cold storage to the blockchain and vice versa only at specific times or with the approval of a multi-agency governance plan.
According to the blog post and related research, this prevents the most common forms of insider attacks, including physical access, administrative manipulation, and coercive attacks. If a malicious actor gains access to the system, either physically or remotely, they will only be able to initiate transactions during authorized times and must wait for transaction execution to be approved before receiving or stealing assets.
Further ensuring OSO’s resilience to attacks, digital assets can be placed in “air-gapped” storage containers. Storage is considered air-gapped when it is not connected to the Internet or any device that can connect to the Internet. This prevents remote attacks from accessing the asset while it is quiescent.
Blockchain transaction security
In a typical air gap paradigm, administrators managing cold storage solutions typically have to carry physical storage devices, such as laptops or USB drives, directly to offline hardware to sign transactions. These manual processes introduce human error, a non-malicious form of attack that can be just as costly as intentional exploitation.
OSO implements a policy engine that can broker communication between two different applications without having to connect to both applications simultaneously. It operates over virtual, partitioned servers powered by IBM’s Confidential Computing Services, so there are no direct external network connections. This prevents human errors due to manual processes as well as remote access (hacking) during transactions.
Related: Bitcoin custodian Nostr Assets suspends deposits after reaching maximum capacity‘