CivilAirspace

Secure Token Storage in the CivilScout App

The Secure Token Storage feature in the CivilScout App ensures that all CIVIL tokens earned or used by CivilScouts are stored securely using industry-standard encryption protocols. This feature is designed to protect user assets from unauthorized access, theft, or tampering by employing advanced security measures.

Key Security Features

1. End-to-End Encryption

All token-related transactions and storage are protected by end-to-end encryption:

• Encryption at Rest: CIVIL tokens stored in the app are encrypted using strong cryptographic algorithms (e.g., AES-256) to ensure that even if data is accessed without authorization, it cannot be read.
• Encryption in Transit: When CIVIL tokens are transferred between users (e.g., payments for data requests), they are encrypted during transmission using TLS (Transport Layer Security) to prevent interception or tampering.

2. Secure Wallet Integration

The CivilScout App integrates with secure wallet solutions to store and manage CIVIL tokens:

• Built-In Wallet: The app includes a built-in wallet that allows users to store their CIVIL tokens directly within the app. This wallet is protected by multi-layer encryption and access controls.
• External Wallet Support: Users can also link external wallets (e.g., MetaMask) to store their CIVIL tokens outside of the app if they prefer additional control over their assets.

3. Multi-Factor Authentication (MFA)

To enhance security, users can enable Multi-Factor Authentication (MFA) for their accounts:

• MFA requires users to provide two or more verification factors (e.g., password + one-time code sent to their phone) before accessing their wallet or making transactions.
• This ensures that even if a user’s password is compromised, unauthorized access to their CIVIL tokens is prevented.

4. Private Key Management

The app uses secure methods for managing private keys associated with CIVIL token wallets:

• Private Key Encryption: Private keys are encrypted and stored securely within the app’s encrypted storage system.
• Backup & Recovery: Users can generate backup phrases (seed phrases) to recover their wallets in case they lose access to their device. These backup phrases must be stored securely by the user and should never be shared.

5. Transaction Monitoring & Alerts

The app provides real-time monitoring of all token-related transactions:

• Transaction Logs: Users can view detailed logs of all incoming and outgoing transactions involving CIVIL tokens.
• Security Alerts: If any suspicious activity is detected (e.g., unusual login locations or unauthorized transaction attempts), users receive immediate alerts via email or push notifications.

6. Role of Smart Contracts

All token transactions within the CivilAirspace network are governed by smart contracts, which ensure that payments are only processed when specific conditions are met:

• Automatic Payments: Smart contracts automate payments for completed data requests, ensuring that tokens are only transferred when both parties fulfill their obligations.
• Immutable Records: All smart contract transactions are recorded on the blockchain, providing an immutable audit trail that enhances transparency and security.

Example Use Cases

Research Data Payments

A university researcher uses the CivilScout App to purchase aerial imagery from a drone operator. The payment is processed using CIVIL tokens, which are securely transferred from the researcher’s wallet to the operator’s wallet via a smart contract. The transaction is encrypted both at rest and in transit, ensuring that no unauthorized parties can intercept or alter it.

Ad-Hoc Data Collection Rewards

A CivilScout submits an ad-hoc request for wildlife footage in a national park. Another scout fulfills this request by capturing video footage of a bear sighting. Once the requester verifies the footage, the payment is automatically processed via a smart contract, transferring CIVIL tokens from the requester’s wallet to the scout’s wallet. Both parties can view detailed logs of this transaction in real-time.

Technical Requirements

Device Compatibility

The Secure Token Storage feature is available on devices running:

• iOS 14.0 or later.
• Android 10.0 or later.

Network Requirements

To ensure smooth operation:

• A stable internet connection is required for managing wallets, processing transactions, and receiving security alerts.

Best Practices for Users

To maximize security when storing and managing CIVIL tokens:

1. Enable MFA: Always enable Multi-Factor Authentication for your account to add an extra layer of protection.
2. Use Strong Passwords: Choose strong, unique passwords for your account and avoid reusing passwords from other services.
3. Secure Backup Phrases: If you generate a backup phrase (seed phrase) for your wallet, store it securely offline (e.g., in a password manager or physical vault). Never share your backup phrase with anyone.
4. Monitor Transactions Regularly: Regularly check your transaction logs for any suspicious activity and report any unauthorized transactions immediately.

This site is open source. Improve this page.