Your private keys must be generated on your devices and can never be on our servers, even if encrypted. Access to your private keys enable what we call your Right to Exit: you can directly interact with the blockchain without using Chamber.
You shouldn’t rely upon a single piece of hardware - even your phone - to protect your digital assets. Drop your phone onto the subway tracks? Did a thief shoulder surf your phone’s passcode before they grabbed it? Life happens: we built failsafes to keep you safe.
Individuals have had to deal with a lot of nonsense when trying to secure their digital assets. We set out to build something different: a security product that is fully aligned to your interests, easy to set up, and accessible to everyone.
Chamber deploys a Safe smart contract for you with three keypairs: one from each of your devices and one generated and secured by us. Each of these keypairs is an externally-owned account (EOA) on Ethereum; this setup is sometimes referred to as a two-of-three multisig. Each of your devices independently generates their own keypair, the private key of which is then encrypted and secured by your account’s passkey using a methodology called envelope encryption.
Your passkey enables you to decrypt your device’s EOA private key and approve transferring your digital assets from your Chamber. Approvals from both of your devices are required for your digital assets to be released.