Security

As with any disruptive technology, blockchain software has been targeted by the media and government in various countries. For example, as the government in Venezuela inflates their fiat currency and utterly destroys a once-proud country, they arrest Bitcoin miners and throw them in jail to rot.

Our goal is to make operating a blockchain node as safe, secure, and private as possible. You shouldn't need or want to connect to centralized third-party services to interact with the blockchain. iCryptoNode makes it easy and safe to run your own node.

We are committed to every iCryptoNode purchaser by providing free software updates for life, customer support, and open source software.

Security Model

We assume that iCryptoNode is connected to a private network such as WiFi in your home. The network should be behind a firewall such as an internet router. You should not forward iCryptoNode ports to the wider internet - iCryptoNode should be connected to only within the private network.

Traffic between your wallet or application software and the iCryptoNode is encrypted by WiFi network security. Ensure your WiFi network is using a strong password and preferably on an SSID only accessible to yourself and other trusted people.

Updates to the blockchain daemon and iCryptoNode software are protected as follows:

  • iCryptoNode software checks for updates against this file: https://updates.icryptonode.com/latest.json.asc
  • latest.json.asc file is delivered over SSL and signed with the iCryptoNode PGP key to prevent tampering
  • iCryptoNode software verifies the PGP signature before accepting the latest.json update file
  • New updates to blockchain and iCryptoNode software have their SHA256 checksum compared against latest.json to ensure the file was delivered without modification.

Additionally, we recommend using the anonymous VPN while interacting with the network. The VPN security model:

  • Uses industry leader Private Internet Access as the VPN provider. They have a history of being aggressively pro-privacy in the public eye. At $40 USD per year, accepting gift cards and cryptocurrencies as payment, plus their status as industry leader and the number of years operating, makes them our preferred VPN provider.
  • We use open-source OpenVPN client configured with the strongest possible security, using RSA 4096 key exchange and AES 256 traffic encryption.
  • When the VPN client is up, all device traffic goes through it, and our software ensures that if the client disconnects it auto-reconnects.

Open Source

iCryptoNode software is open source, and you can build an iCryptoNode yourself if you choose. This allows independent security audits to patch and update issues. Learn how to build your own iCryptoNode

The hardware and software we use, including Raspberry Pi, Raspbian (Linux), PHP, Javascript, GPG, lighttpd, UCI, and OpenVPN - is all open source, auditable, and hackable.

We are not using proprietary software or mining cryptocurrency in the background. Everything is open source, transparent, and verifiable.