DESC:FIELD OF INVENTION
[001] The field of invention generally relates to a system and method for secure management of crypto wallet private key. More specifically, it relates to secure management of the entire lifecycle of crypto wallets' private key using artificial intelligence with zero human involvement to minimize cybersecurity risks and prevent financial loss.

BACKGROUND
[002] The cryptocurrency wallet is a digital wallet used to store, send, and receive cryptocurrencies like Bitcoin, Ethereum, and others. The cryptocurrency wallet interacts with various blockchain networks to enable users to manage their cryptocurrency assets. A cryptography private key is a long string of numbers and letters that is used to access and manage the cryptocurrency stored in a wallet. It is a secret code that only the wallet owner knows and must be kept confidential to prevent unauthorized access to the cryptocurrency. Without the private key, the wallet owner cannot access their cryptocurrency holdings, so it is crucial to keep it secure.
[003] Further, the rise of cryptocurrency trading has prompted crypto exchanges to develop and build platforms that provide a seamless experience for users. However, one significant challenge that remains unsolved is the secure management of private keys. Private keys are essential to accessing and managing cryptocurrency assets stored in wallets. Depending on the type of wallet used, the overhead and risk of managing the private keys can either lie with the exchange or with the wallet owner themselves.
[004] Currently, the existing systems are encountering cybersecurity risk associated with securely managing private encryption keys. Firstly, private keys are highly susceptible to cyber-attacks in both user wallets and exchanges. Any unauthorized access to a private key or theft of the private key could lead to significant financial loss to the exchange or user. In fact, 99% of attack vectors on a digital asset can be attributed to the compromise of private keys. Secondly, studies have shown that approximately 20% of all Bitcoin has been lost and can never be recovered due to users forgetting or misplacing their private keys, resulting in the entire wallet access being lost forever.
[005] Other existing systems have tried to address this problem. However, their scope was limited to managing and handling highly sensitive private keys by humans, whether it is the wallet owner or an administrator working in the exchange. Human dependency is present from the key creation to destruction, and any errors or misconfigurations in the entire lifecycle could lead to significant security failures.
[006] Thus, in light of the above discussion, it is implied that there is a need for an approach that securely manages the entire key lifecycle with zero human involvement to minimize cybersecurity risks and prevent financial loss, which is reliable and does not suffer from the problems discussed above.

OBJECT OF INVENTION
[007] The principal object of this invention is to provide a system and method for secure management of crypto wallet private key.
[008] A further object of the invention is to provide an approach that securely manages the entire lifecycle of crypto wallet private key with zero human involvement to minimize cybersecurity risks and prevent financial loss.
[009] Another object of the invention is to provide the user with a simple, secure, self-implicit interface to perform transactions and view their assets.
[0010] A further object of the invention is to provide continuous monitoring by AI cognitive intelligence so that no attack can reveal the user’s private key with high confidence.
[0011] Another object of the invention is to create a risk profile and risk score for the user device and user by using a key birth service in a cognitive engine.
[0012] A further object of the invention is to create keys based on the risk score and risk profile by using a key generation unit in the key birth service.
[0013] Another object of the invention is to generate an optimal key distribution approach using the risk score by using risk matrix of a key distribution unit in the key birth service.
[0014] A further object of the invention is to provide intelligent and smart storage options based on the user device, user, and location context by using a key storage unit in the key birth service.
[0015] Another object of the invention is to evaluate a secure and optimal option for backing up the keys by using a key backup unit in the key birth service.
[0016] A further object of the invention is to analyze the key usage during the cryptocurrency transaction in a blockchain network by using a key usage service in the cognitive engine.
[0017] Another object of the invention is to perform remedial action comprising at least one of a pause and reset, a rotation and a recovery, upon detection of any abnormal or suspicious pattern in transaction by using a remediation controller in the key usage service.
[0018] A further object of the invention is to monitor the transactions and send alerts to the security operations center (SOC) on high critical risks thereby sending threat feeds to a data intelligence module by using a key monitoring service in the cognitive engine.
[0019] Another object of the invention is to provide security signals to the monitoring service to enrich data for faster and optimal decision-making by using the data intelligence module.

BRIEF DESCRIPTION OF FIGURES
[0020] This invention is illustrated in the accompanying drawings, throughout which, like reference letters indicate corresponding parts in the various figures.
[0021] The embodiments herein will be better understood from the following description with reference to the drawings, in which:
[0022] Figure 1 depicts/illustrates a general block diagram of system for secure management of crypto wallet private key, in accordance with an embodiment of the present disclosure;
[0023] Figure 2 depicts/illustrates a detailed block diagram of system for secure management of crypto wallet private key, in accordance with an embodiment of the present disclosure;
[0024] Figure 3 depicts/illustrates a block diagram of key birth service, in accordance with an embodiment of the present disclosure;
[0025] Figure 4 depicts/illustrates a block diagram of key usage service, in accordance with an embodiment of the present disclosure;
[0026] Figure 5 depicts/illustrates a block diagram of key monitoring service, in accordance with an embodiment of the present disclosure; and
[0027] Figure 6 depicts/illustrates a method for secure management of crypto wallet private key, in accordance with an embodiment of the present disclosure.

STATEMENT OF INVENTION
[0028] The present invention describes a system and method for secure management of crypto wallet private key. The aim is to provide an approach that securely manages the entire lifecycle of crypto wallet private key with zero human involvement to minimize cybersecurity risks and prevent financial loss.
[0029] The system comprises at least one user, at least one user device, a processing unit, at least one server and a communication network. The user device comprises at least one crypto wallet. The processing unit comprises at least one cognitive engine. The server comprises at least one data intelligence module. The system is connected to the user, the user device, the processing unit and the server via the communication network. The crypto wallet in cryptocurrency trading refers to a digital storage space used to hold and manage cryptocurrencies. The crypto wallet comprises a user and a user device. The cognitive engine is configured to manage the crypto wallet by facilitating the private key creation and destruction using artificial intelligence. The cognitive engine comprises a secure trust platform.
[0030] The secure trust platform initiates multiple actions for secure management of crypto wallet key either sequentially or in-parallel. The secure trust platform comprises a key birth service, a key usage service, and a key monitoring service. The key birth service is configured to generate, distribute, store and backup the crypto wallet key. The key birth service comprises a key generation unit, a key distribution unit, a key storage unit, and a key backup unit. The key usage service is configured to analyze the crypto wallet key usage during the cryptocurrency transaction in a blockchain network. The key usage service comprises a transaction module, and a remediation controller. The key monitoring service configured to monitor the cryptocurrency transactions and send alerts to the security operations center on high critical risks thereby sending threat feeds to the data intelligence module. The data intelligence module is configured to drive the cognitive engine by artificial intelligence-based decision-making to manage the crypto wallet. The data intelligence module comprises a monitoring module and an alert module.

DETAILED DESCRIPTION
[0031] The embodiments herein and the various features and advantageous details thereof are explained more fully with reference to the non-limiting embodiments that are illustrated in the accompanying drawings and/or detailed in the following description. Descriptions of well-known components and processing techniques are omitted so as to not unnecessarily obscure the embodiments herein. The examples used herein are intended merely to facilitate an understanding of ways in which the embodiments herein may be practiced and to further enable those of skill in the art to practice the embodiments herein. Accordingly, the examples should not be construed as limiting the scope of the embodiments herein.
[0032] The present invention describes a system and method for secure management of crypto wallet private key. The aim is to provide an approach that securely manages the entire lifecycle of crypto wallet private key with zero human involvement to minimize cybersecurity risks and prevent financial loss.
[0033] Figure 1 depicts/illustrates a general block diagram of system for secure management of crypto wallet private key, in accordance with an embodiment of the present disclosure.
[0034] In an embodiment, the system 100 comprises at least one user 202, at least one user device 204, at least one processing unit 110, at least one server 112 and a communication network 108.
[0035] The user 202 opens a trading account on a cryptocurrency exchange by using the user device 204. The user device 204 comprises at least one crypto wallet 102 that enables them to store and manage their cryptocurrencies. The crypto wallet 102 may be integrated into the trading platform, or it may be provided as a separate application in the user device 204.
[0036] The crypto wallet 102 in cryptocurrency trading refers to a digital storage space used to hold and manage cryptocurrencies. It is a crucial component of any cryptocurrency trading platform, as it enables users to securely store and access their digital assets.
[0037] The processing unit 110 may be configured with the cognitive engine 104 and such processing unit 110 may be contained in a backend server that may be a standard on premise server/cloud server. The cognitive engine 104 is configured to manage the crypto wallet 102 by facilitating the private key creation and destruction using artificial intelligence (AI).
[0038] The server 116 comprising at least one data intelligence module 106, wherein the data intelligence module 106 that is in communication with the cognitive engine 104 is configured to drive the cognitive engine 104 by artificial intelligence-based decision-making to manage the crypto wallet 102.
[0039] Typically, the system 100 is connected to the user 202, the user device 204, the processing unit 110, and the server 112 via the communication network 108. One skilled in the art may recognize that the communication network 108 may be a wired network or wireless network.
[0040] Furthermore, the wired communication may be carried out by any one of the network configurations such as LAN, WAN, etc. and the wireless communication may be carried out through Mobile Service Provider (MSP) and Internet Service Provider (ISP) having internet connection provided by an ISP provider, 2G/3G/4G/5G internet connection provided by the mobile service provider. The standard protocols such as TCP/IP, HTTP, FTP, UDP, IPV4, IPV6 etc. as known in the art, may be used for wireless communication.
[0041] Figure 2 depicts/illustrates a detailed block diagram of system for secure management of crypto wallet private key, in accordance with an embodiment of the present disclosure.
[0042] In an embodiment, the crypto wallet 102 may be configured on as many user devices 204 as required. The user devices 204 may comprise one or more wearable devices, mobile phones, PDAs, smartphones, smart bands, smart watches, laptops, computers, etc.
[0043] The cognitive engine 104 is the central system that will be orchestrating the private key creation to destruction using artificial intelligence (AI). The cognitive engine 104 comprises a secure trust platform (STP) 206.
[0044] The STP 206 is an overall encompassing platform, which gets alerts and triggers from the cognitive engine 104 for real-time response to cyber threats. The STP 206 comprises a key birth service 208, a key usage service 210, and a key monitoring service 212. The STP 206 initiate multiple actions for secure management of crypto wallet key either sequentially or in-parallel.
[0045] The key birth service 208 is configured to learn and share information related to signals and attributes of the user 202 and the user device 204. From the context, situation, and environmental signals gathered from the user 202 and the user device 204, the cognitive engine 104 will create a risk profile and risk score for the user 202 and the user device 204 by using the artificial intelligence.
[0046] The key usage service 210 is configured to analyze the key usage during the cryptocurrency transaction in a blockchain network.
[0047] The key monitoring service 212 is configured to monitor the transactions and send alerts to the security operations center (SOC) on high critical risks thereby sending threat feeds to the data intelligence module 106.
[0048] The data intelligence module 106 comprises different sources of intelligence such as a cyber threat module 214, a blockchain module 216 and an Anti-Money Laundering (AML) module 218.
[0049] The cyber threat module 214 is designed to detect and respond to cyber threats targeting blockchain networks. The cyber threat module 214 is configured to get information on malicious IP addresses, and subnets that are used by threat actors in attacking blockchain networks.
[0050] The blockchain module 216 is configured to blacklist malicious fund transfers.
[0051] The AML module 218 is configured to get intelligence on blacklisted wallet addresses which are involved in AML.
[0052] Figure 3 depicts/illustrates a block diagram of key birth service, in accordance with an embodiment of the present disclosure.
[0053] When the user 202 installs the crypto wallet 102 and submits the details for registration with the exchange, the cognitive engine 104 will initiate the process of creating the private key for the user 202.
[0054] In an embodiment, the key birth service 208 provides the attributes gathered from the user device 204. Further, the attributes gathered from the user device 204 comprises an operating system, a hardware, a fingerprint / retina scanner / HD camera and a rooted / jailbroken.
[0055] The user device's 204 operating system must support strong encryption algorithms and cryptographic libraries to enable the creation of a strong cryptographic key and to ensure that the data being transmitted or stored is hyper-secure.
[0056] The user device's 204 hardware may comprise a cryptographic chip, such as the secure enclave on iOS or the extended secure element on android, can be utilized for key generation and storage to further enhance the security of the wallet.
[0057] The secure enclave is a dedicated secure subsystem that is separate from the main processor, which provides an extra layer of security to keep sensitive user data secure. Even if the application processor kernel becomes compromised, the secure enclave is designed to keep the user's sensitive data safe.
[0058] Another important feature for secure data storage is the secure element (SE) chip, which is specifically designed to protect against unauthorized access. The SE is used to run a limited set of applications and store confidential and cryptographic data. It is widely used in various devices, such as smartphones and tablets, hardware crypto wallets, and other devices that require secure data storage.
[0059] Further, the features such as fingerprint / retina scanner / HD camera can be used for key seeding, authentication, authorization, and transaction signing, providing an additional layer of security, and ensuring that only authorized users have access to the wallet.
[0060] Furthermore, checking for a rooted or jailbroken device can prevent unauthorized access and usage of the wallet by applications or users with elevated access to system files by blocking the phone which are rooted/jailbroken.
[0061] In an embodiment, the attributes gathered from the user 202 comprise a GPS, a security preference, and a gyroscope.
[0062] The GPS attribute can be used to locate the user's 202 location coordinates and build a secure profile for multi-location key distribution.
[0063] The user's 202 security preferences, such as their chosen pattern, PIN, or password, can be used to configure the security settings on the wallet to the highest standards, based on the current phone.
[0064] The gyroscope can be used to learn the user's 202 phone holding style and pattern, allowing the app to build a profile of the user's 202 style of holding the phone and detect any anomalies in the usage of the wallet, potentially indicating unauthorized access or usage.
[0065] From the context, situation, and environmental signals gathered from the user device 204 and the user 202, the cognitive engine 104 will create a risk profile and a risk score for user device 204 and the user 202 by using artificial intelligence. The risk score may be in the range of 0 to 3. Based on the risk score and the risk profile the cognitive engine 104 will initiate a key generation unit 302.
[0066] The cognitive engine 104 uses a risk matrix to assess the likelihood and potential impact of various risks related to key generation, distribution, storage, and backup. Based on this assessment, the cognitive engine 104 assigns the risk score to each risk, and then uses this score to determine the appropriate key management measures needed to minimize cybersecurity risks and prevent financial loss.
[0067] A risk score of 0 is considered critical, indicating that the user device 204 being used does not have the necessary capabilities, such as old firmware/hardware, low-resolution camera, or no fingerprint scanner etc., to support a strong cryptographic process. The user 202 is also categorized as a "novice" in securing mobile and applications and has performed no user security settings. Moreover, the location is categorized as a high-risk geography known for financial frauds.
[0068] A high-risk profile is indicated by a risk score of 1, where less than 20% of the user device's 204 capabilities exist to support a strong cryptographic process. The user 202 is categorized as a "beginner" in mobile security and has limited basic security settings. The location is also considered a high-risk geography known for financial frauds.
[0069] A medium-risk profile is indicated by a risk score of 2, where 50% of the user device's 204 capabilities exist to support a strong cryptographic process. The user 202 is categorized as “proficient" in securing mobile and applications but has enabled most of the security settings. The location is categorized as a medium-risk geography known for financial frauds.
[0070] Finally, a low-risk profile is indicated by a risk score of 3, where greater than 90% of the user device's 204 capabilities exist to support a strong cryptographic process. The user 202 is categorized as an "expert" in securing mobile and applications and has enabled all security settings. The location is categorized as a low-risk geography known for financial frauds.
[0071] In an embodiment, the key birth service 208 comprises the key generation unit 302, a key distribution unit 304, a key storage unit 306, and a key backup unit 308.
[0072] The key generation unit 302 is the first operation of the key birth service 208, and it is responsible for generating the keys based on the risk score and risk profile. The cognitive engine 104 uses artificial intelligence to decide on key elements for creating a strong process.
[0073] Further, the key elements include a key generation protocol, a software/hardware-based key generation, a key seed, a digital signing, a cryptoperiods, and a multifactor authentication. Each of these elements will have multiple options from moderate to strongest, and the cognitive engine 104 will be tasked to select the best combination of elements to give the highest standard of cryptography and user 202 experience with key management.
[0074] The key generation protocol is a set of instructions or rules that specify how the keys will be generated.
[0075] The software/hardware-based key generation is the process of creating a cryptographic key using either software or hardware.
[0076] The key seed is a unique value that's used as an input to generate a cryptographic key.
[0077] The digital signing is the process of adding a digital signature to a document or message to verify its authenticity and integrity.
[0078] The cryptoperiods is the length of time a cryptographic key can be used before it needs to be replaced.
[0079] The multifactor authentication is a security system that requires users 202 to provide multiple forms of authentication before they can access a system or application.
[0080] In an embodiment, the selection of key distribution is an important aspect of the key birth service 208. Once the key generation is completed, the cognitive engine 104 uses the risk matrix to generate an optimal key distribution approach using the risk score. The key distribution unit 304 comprises several key distribution approaches such as a centralized or decentralized key distribution, a single/multi/threshold key distribution, and a key sharding.
[0081] The centralized or decentralized key distribution refers to the method of distributing the keys. The centralized key distribution means that the keys are stored and managed in a central location, while decentralized key distribution means that the keys are distributed across multiple locations.
[0082] The single/multi/threshold key distribution refers to the number of keys that are distributed. The single key distribution means that only one key is distributed, while multi-key distribution means that multiple keys are distributed. Threshold key distribution means that the keys are distributed based on a threshold value, which means that a minimum number of keys are required to access the system or application.
[0083] The key sharding is the process of dividing a key into multiple pieces and distributing them across multiple locations to improve security.
[0084] In an embodiment, the key storage unit 306 is a critical aspect of the key birth service 208, as it could be a point of failure to cyber-attacks if the keys are stored insecurely. The cognitive engine 104 uses the user device 204, the user 202, and the location context to arrive at intelligent and smart storage options.
[0085] Further, in an embodiment, the key storage unit 306 may utilize a specific memory unit in the remote server where the cognitive engine 104 resides.
[0086] In an alternate embodiment, the key storage unit 306 may utilize an independent memory location. Further, the key storage options comprise a key abstraction, a key encryption and a centralized or decentralized key storage.
[0087] The key abstraction is the process of hiding the key or making it less accessible to unauthorized users.
[0088] The key encryption is the process of converting plain text to cipher text so that the encrypted key can only be read by authorized users.
[0089] The centralized or decentralized key storage refers to the method of storing the keys. The centralized key storage means that the keys are stored in a central location, while decentralized key storage means that the keys are stored across multiple locations.
[0090] In an embodiment, the key backup unit 308 is a crucial aspect of the key birth service 208 that ensures the protection and security of private keys. A private key is a long string of alphanumeric characters that provides users 202 access to their funds in the blockchain network. Losing a private key can lead to the inability to access funds or perform transactions, during the compromise of the private key can result in malicious actors gaining unauthorized access to the user's 202 account and funds.
[0091] To prevent such scenarios, the cognitive engine 104 uses its artificial intelligence to evaluate and select a secure and optimal option for backing up the private keys. The key backup options comprise a type of backup, a location of backup, and a third party recovery.
[0092] The cognitive engine 104 evaluates the best type of backup option for securing the private keys, comprising at least one of a hardware, a social, and a multi-sig backup.
[0093] The hardware backup involves storing the private keys on a physical device like a USB drive or a hardware wallet, ensuring the keys are offline and secure.
[0094] The social backup involves splitting the private key into several parts and distributing them among trusted individuals, friends, or family members.
[0095] The multi-sig backup involves distributing the private key among multiple individuals, requiring a certain number of them to sign off on transactions, thereby ensuring higher security.
[0096] Additionally, the cognitive engine 104 also evaluates the best location for storing the private key backups, comprising at least one of a mobile and a cloud-based backups.
[0097] The mobile backup involves storing the private keys on the user's device 204, ensuring access to the key anywhere and anytime. The cloud-based backup involves storing the private keys on a cloud-based service, ensuring remote access to the key and the ability to recover it in case of loss or theft.
[0098] Further, in case of loss or theft of private keys, the cognitive engine 104 evaluates third-party recovery options, including trusted recovery agents or key recovery services, ensuring the safe recovery of the private keys.
[0099] Figure 4 depicts/illustrates a block diagram of key usage service, in accordance with an embodiment of the present disclosure.
[00100] The key usage service 210 is the phase where the user 202 starts using the crypto wallet 102 and performs transactions on the blockchain network. In this phase, the key monitoring service 212 is responsible for monitoring the usage of the private key during the transaction process.
[00101] The key monitoring service 212 collects signals from individual wallets and builds a transaction history, which is used to baseline the user profile. The key monitoring service 212 uses AI behavior learning algorithms to identify anomalous or suspicious transactions, and the cognitive engine 104 takes real-time actions to prevent any malicious behavior of key usage.
[00102] In an embodiment, the key usage service 210 comprises a transaction module 402 and a remediation controller 404.
[00103] The transaction module 402 is a critical component of the key usage service 210 in managing and securing crypto wallets. In this phase, the cognitive engine 104 continuously collects signals from individual crypto wallets 102 and stores them for analysis.
[00104] Further, the collected data is used to build a transaction history that will be used to baseline the user profile, and the service includes various features such as a transaction notification, a two-factor authentication (2FA), a whitelisted action, an activity, a baseline threshold, and a transaction limit.
[00105] In transaction notification the users 202 are notified whenever a transaction occurs on their wallet. Notifications can be sent via email, SMS, or in-app notification, giving users an opportunity to review the transaction and ensure it was authorized.
[00106] The two-factor authentication is an additional layer of security that requires users 202 to provide two different forms of identification before a transaction can be authorized. This can be in the form of a password and a code sent to the user's 202 phone or email.
[00107] In whitelisted actions the users 202 can whitelist specific addresses or actions, meaning that any other transactions outside of the whitelist will be automatically blocked. This is a powerful tool in preventing unauthorized transactions.
[00108] The cognitive engine 104 monitors user activity and looks for anomalies. If it detects something unusual, such as a sudden increase in the number or size of transactions, it will initiate remedial action.
[00109] The baseline threshold is the level of transaction activity that is considered normal for a specific user profile. Any transaction activity above this threshold will trigger remedial action.
[00110] Additionally, the cognitive engine 104 can set transaction limits for specific users 202 or groups of users 202. This can help prevent large, unauthorized transactions.
[00111] The remediation controller 404 is a sub-module of the key usage service 210 that executes with the full context of the transaction and has access to the cognitive engine 104. The key usage service 210 performs action-based instructions from the STP 206 and continuously monitors the usage of the private key during the transaction process. If it detects any abnormal or suspicious pattern, the cognitive engine 104 triggers actions such as a pause & reset 406, a key rotation 408, and a key recovery 410.
[00112] If the cognitive engine 104 detects anomalous or suspicious key usage during the transaction process, the remediation controller 404 is instructed to pause the key usage and terminate all active transaction signing processes for the identified wallet and user.
[00113] If the cognitive engine 104 detects an instance of anomalous or suspicious key usage during the transaction process, the remediation controller 404 is instructed to pause the key usage and terminate all active transaction signing processes for the identified wallet and user. Additionally, the key rotation process is initiated for the impacted user(s). Another scenario for key rotation is when the user suspects account compromise; he/she can request key rotation.
[00114] If the user 202 loses his/her user device 204 or loses access to it, the user 202 can request for key recovery. After due validation of the user's authentication and authorization, the cognitive engine 104 initiates the key recovery process. The cognitive engine 104 selects an optimal recovery solution for the user 202 based on risk profile and scoring and initiates a recovery from the service to restore the key to the wallet. The key recovery services comprise a social recovery, a hardware key, and a key escrow and a recovery service organization (external organization).
[00115] In the social recovery method, the user 202 can select a few trusted friends or family members who can help the user recover their wallet in case of a loss. They will have to confirm their identity and then initiate the recovery process on behalf of the user.
[00116] The hardware key method involves using a separate physical device, like a USB drive or a hardware wallet, to store the user's 202 private keys. If the user loses their smartphone or the phone is damaged, they can still access their funds using the hardware key.
[00117] The key escrow and recovery service organization is an external organization that provides key recovery services to users 202. The user 202 can store their private keys with the organization and recover them in case of a loss. This method provides an additional layer of security as the organization is typically more secure than the user device 204.
[00118] Figure 5 depicts/illustrates a block diagram of key monitoring service, in accordance with an embodiment of the present disclosure.
[00119] The key monitoring service 212 is a crucial aspect of a cryptocurrency wallet's security infrastructure that continuously monitors the user's 202 activities and the wallet's behavior during transactions. The key monitoring service 212 will also have access to external signals to gather intelligence for enriching the monitoring service. The key monitoring service 212 comprises a monitoring module 502 and an alert module 504.
[00120] The key monitoring service 212 will collect the user device 204 and the user 202 telemetry data to fingerprint both the user device 204 and the user 202 behavior to analyze any suspicious activity. The signals that are collected for analysis comprise an authentication signal, a user interaction signal, an environmental signal, a phone usage signal, a social signal, and a location signal.
[00121] The authentication signal comprises at least one of a frequency of authentication and a biometric usage.
[00122] The user interaction signal comprises at least one of the user's 202 typing speed, a cursor movement, and a touch gesture.
[00123] The environmental signal comprises at least one an ambient noise, a lighting condition, and a temperature, to identify if the attack is from a phone farm.
[00124] The phone usage signal comprises at least one of the user's 202 application usage patterns.
[00125] The social signal deals with the user's 202 social interactions, comprising at least one of an email conversation, a social media activity, and a calendar event with adequate anonymization. The social signals can be used to infer the user's 202 social context and adjust the system accordingly.
[00126] The location signals comprise at least one of the user's GPS and a Wi-Fi signal.
[00127] Further, during the key birth service 208 phase, the monitoring module 502 reviews the entire cluster of activities happening under the key generation unit 302, the key distribution unit 304, the key storage unit 306, and the key backup unit 308. The monitoring is done on the individual user 202 and totality of the clusters of activities. This is to ensure the key monitoring service 212 gets visibility of anomalies in an individual crypto wallet 102 compromise and when an attack is observed on any of the services. For example: Key recovery requests from different IP addresses from risk geography and high volume of activity in key storage unit 306 from the single or a set of IP address(es) using a single user 202 account.
[00128] Furthermore, during the key usage service 210, the monitoring module 502 continuously monitors the transactional activities happening under the context of the single crypto wallet 102 and in the totality of the crypto exchange. This is to ensure the key monitoring service 212 gets viability when an attack is initiated against a single account or multiple accounts. The key usage service 210 will be initiated when an external threat feed identifies a malicious IP address used or wallet address. Immediately, the remediation controller 404 will be triggered for action.
[00129] The alert module 504 is configured to send alerts and notifications to the 24*7 security operations center (SOC) to get required security analysts' attention on high critical risks and send threat feeds to the data intelligence module 106.
[00130] Figure 6 depicts/illustrates a method for secure management of crypto wallet private key, in accordance with an embodiment of the present disclosure.
[00131] The method 600 begins with installing a crypto wallet in a user device and submitting the details for registration with the exchange by a user, as depicted at step 602. Subsequently, the method 600 discloses gathering the context, situation, and environmental signals from the device and user, thereby creating a risk profile and score for the user device and user by using at least one processing unit comprising a cognitive engine, as depicted at step 604.
[00132] Thereafter, the method 600 creating keys based on the risk score and risk profile by using a key generation unit in the key birth service, as depicted at step 606. Subsequently, the method 600 discloses generating an optimal key distribution approach using the risk score by using risk matrix of a key distribution unit in the key birth service, as depicted at step 608.
[00133] Thereafter, the method 600 discloses providing intelligent and smart storage options based on the user device, the user, and location context by using a key storage unit in the key birth service, as depicted at step 610. Subsequently, the method 600 discloses evaluating a secure and optimal option for backing up the keys by using a key backup unit in the key birth service, as depicted at step 612.
[00134] Thereafter, the method 600 discloses analyzing the key usage during the cryptocurrency transaction in a blockchain network by using a key usage service in the cognitive engine, as depicted at step 614. Subsequently, the method 600 discloses performing remedial action comprising at least one of a pause and reset, a key rotation and a key recovery, upon detection of any abnormal or suspicious pattern in transaction by using a remediation controller in the key usage service, as depicted at step 616.
[00135] Thereafter, the method 600 discloses monitoring the transactions and send alerts to the security operations center (SOC) on high critical risks thereby sending threat feeds to a server comprising at least one data intelligence module by using a key monitoring service in the cognitive engine, as depicted at step 618. Subsequently, the method 600 discloses providing security signals to the monitoring service to enrich data for faster and optimal decision-making by using the data intelligence module, as depicted at step 620.
[00136] The advantage of the present invention is to provide an approach that securely manages the entire lifecycle of crypto wallet private key with zero human involvement to minimize cybersecurity risks and prevent financial loss.
[00137] Further, the present invention provides the user with a simple, self-implicit interface to perform transactions and view their assets. Also, the present invention enables creation of keys based on the risk score and risk profile by using a key generation unit in the key birth service.
[00138] A further advantage of the invention is to monitor the transactions and send alerts to the security operations center (SOC) on high critical risks thereby sending threat feeds to the data intelligence module by using a key monitoring service in the cognitive engine.
[00139] Applications of the current invention include secure key management, and secure data storage.
[00140] The foregoing description of the specific embodiments will so fully reveal the general nature of the embodiments herein that others can, by applying current knowledge, readily modify and/or adapt for various applications such specific embodiments without departing from the generic concept, and, therefore, such adaptations and modifications should and are intended to be comprehended within the meaning and range of equivalents of the disclosed embodiments. It is to be understood that the phraseology or terminology employed herein is for the purpose of description and not of limitation. Therefore, while the embodiments herein have been described in terms of preferred embodiments, those skilled in the art will recognize that the embodiments herein can be practiced with modification within the scope of the embodiments as described here.
,CLAIMS:We claim:
1. A system (100) for secure management of crypto wallet private key, comprising:
at least one processing unit (110) configured with a cognitive engine (104), wherein the cognitive engine (104) manages at least one crypto wallet (102) by facilitating a private key creation and destruction using a secure trust platform (STP) (206) that is configured to initiate multiple actions for secure management of a crypto wallet key, and wherein the STP (206) comprises:
a key birth service (208) configured to generate, distribute, store and backup the crypto wallet key;
a key usage service (210) configured to analyze the crypto wallet key usage during the cryptocurrency transaction in a blockchain network; and
a key monitoring service (212) configured to monitor the cryptocurrency transactions and send alerts to the security operations center (SOC) on high critical risks thereby sending threat feeds to at least one data intelligence module (106); and
a server (112) comprising the data intelligence module (106), wherein the data intelligence module (106) that is in communication with the cognitive engine (104) is configured to drive the cognitive engine (104) by artificial intelligence-based decision-making to manage the crypto wallet (102) within a user device (204).

2. The system as claimed in claim 1, wherein the data intelligence module (106) comprises:
a cyber threat module (214) configured to detect and respond to cyber threats targeting blockchain networks;
a blockchain module (216) configured to blacklist malicious fund transfers; and
an Anti-Money Laundering (AML) module (218) configured to get intelligence on blacklisted wallet addresses which are involved in AML.

3. The system as claimed in claim 1, wherein the cognitive engine (104) is configured to:
create a risk profile and risk score for the user (202) and the user device (204) based on the attributes gathered from the user (202) and the user device (204);
uses a risk matrix to assess the likelihood and potential impact of various risks related to key generation, distribution, storage, and backup; and
assigns the risk score to each risk, and then uses the risk score to determine the appropriate key management measures needed to minimize cybersecurity risks and prevent financial loss.

4. The system as claimed in claim 3, wherein the attributes gathered from the user (202) comprise a GPS, a security preference, and a gyroscope and, wherein the attributes gathered from the user device (204) comprises an operating system, a hardware, a fingerprint / retina scanner / HD camera and a rooted / jailbroken.

5. The system as claimed in claim 3, wherein the risk profile comprises a critical risk profile, a high-risk profile, a medium-risk profile, and a low-risk profile.

6. The system as claimed in claim 1, wherein the key birth service (208) comprises of a key generation unit (302) configured to generate keys based on the risk score and risk profile by using artificial intelligence to decide on key elements for creating a strong process for key generation, a key distribution unit (304) configured to generate an optimal key distribution approach using the risk score, a key storage unit (306) configured to provide intelligent and smart storage options for the private keys, and a key backup unit (308) configured to provide a secure and optimal option for backing up the private keys.
7. The system as claimed in claim 1, wherein the key usage service (210) is configured to enable the user (202) to initiate the usage of the crypto wallet key and performs transactions on the blockchain network, and wherein the key usage service (210) comprises a transaction module (402) and a remediation controller (404).

8. The system as claimed in claim 7, wherein the transaction module (402) is configured to use collected data to build a transaction history that will be used to baseline the user profile, and the service comprises at least one of transaction notification, a two-factor authentication (2FA), a whitelisted action, an activity, a baseline threshold, and a transaction limit.

9. The system as claimed in claim 7, wherein the remediation controller (404) is configured to be instructed by the cognitive engine (104) to triggers actions comprising at least one of a pause & reset (406), a key rotation (408), and a key recovery (410) upon detection of any abnormal and suspicious pattern.

10. The system as claimed in claim 1, wherein the key monitoring service (212) comprises a monitoring module (502) and an alert module (504).

11. The system as claimed in claim 10, wherein the monitoring module (502) is configured to:
monitors the user's (202) activities and the wallet's behavior continuously during transactions;
access the external signals to gather intelligence for enriching the monitoring service;
collect the user device (204) and the user (202) telemetry data to fingerprint both the user device (204) and the user (202) behavior to analyze any suspicious activity; and
reviews the entire cluster of activities happening under the key generation unit (302), the key distribution unit (304), the key storage unit (306), and the key backup unit (308).

12. The system as claimed in claim 10, wherein the alert module (504) is configured to send alerts and notifications to the 24*7 security operations center (SOC) to get required security analysts' attention on high critical risks and send threat feeds to the data intelligence module (106).

13. A method (600) for secure management of crypto wallet private key, comprising:
installing a crypto wallet (102) in a user device (204) and submitting the details for registration with the exchange by a user (202);
gathering the context, situation, and environmental signals from the user device (204) and user (202), thereby creating a risk profile and score for the user device (204) and user (202) by using at least one processing unit (110) comprising a cognitive engine (104);
creating keys based on the risk score and risk profile by using a key generation unit (302) in the key birth service (208);
generating an optimal key distribution approach using the risk score by using risk matrix of a key distribution unit (304) in the key birth service (208);
providing an intelligent and smart storage options based on device, user, and location context by using a key storage unit (306) in the key birth service (208);
evaluating a secure and optimal option for backing up the keys by using a key backup unit (308) in the key birth service (208);
analyzing the key usage during the cryptocurrency transaction in a blockchain network by using a key usage service (210) in the cognitive engine (104);
performing remedial action comprising at least one of a pause and reset, a rotation and a recovery, upon detection of any abnormal or suspicious pattern in transaction by using a remediation controller (404) in the key usage service;
monitoring the transactions and send alerts to the security operations center (SOC) on high critical risks thereby sending threat feeds to a server (112) comprising at least one data intelligence module (106) by using a key monitoring service (212) in the cognitive engine (104); and
providing security signals to the key monitoring service (212) to enrich data for faster and optimal decision-making by using the data intelligence module (106).

14. The method as claimed in claim 13, comprising configuring the data intelligence module (106) for:
detecting and responding to cyber threats targeting blockchain networks by using a cyber threat module (214);
blacklisting malicious fund transfers by using a blockchain module (216); and
providing information on blacklisted wallet addresses which are involved in AML by using an Anti-Money Laundering (AML) module (218).

15. The method as claimed in claim 13, comprising configuring the cognitive engine (104) for:
creating a risk profile and risk score for the user (202) and the user device (204) based on the attributes gathered from the user (202) and the user device (204);
using a risk matrix to assess the likelihood and potential impact of various risks related to key generation, distribution, storage, and backup; and
assigning the risk score to each risk, and then using the risk score to determine the appropriate key management measures needed to minimize cybersecurity risks and prevent financial loss.

16. The method as claimed in claim 15, comprising gathering attributes from the user (202) and the user device (204), wherein the attributes gathered from the user (202) comprises a GPS, a security preference, and a gyroscope and wherein the attributes gathered from the user device (204) comprises an operating system, a hardware, a fingerprint / retina scanner / HD camera and a rooted / jailbroken.

17. The method as claimed in claim 15, comprising providing the risk profile, wherein the risk profile comprises: a critical risk profile, a high-risk profile, a medium-risk profile, and a low-risk profile.

18. The method as claimed in claim 13, comprising providing the key birth service (208), wherein the key birth service (208) comprises of a key generation unit (302) configured for generating keys based on the risk score and risk profile by using artificial intelligence to decide on at least one key element for creating a strong process for key generation, a key distribution unit (304) configured for generating an optimal key distribution approach using the risk score, a key storage unit (306) configured for providing intelligent and smart storage options for the private keys, and a key backup unit (308) configured for providing a secure and optimal option for backing up the private keys.

19. The method as claimed in claim 13, comprising configuring the key usage service (210) for enabling the user (202) to initiate the usage of the crypto wallet key and performs transactions on the blockchain network, and wherein the key usage service (210) comprises a transaction module (402) and a remediation controller (404).

20. The method as claimed in claim 19, comprising configuring the transaction module (402) for using collected data to build a transaction history that will be used to baseline the user profile, and the service comprises at least one of transaction notification, a two-factor authentication (2FA), a whitelisted action, an activity, a baseline threshold, and a transaction limit.

21. The method as claimed in claim 19, comprising configuring the remediation controller (404) to be instructed by the cognitive engine (104) to triggers actions comprising at least one of a pause & reset (406), a key rotation (408), and a key recovery (410) upon detection of any abnormal and suspicious pattern.

22. The method as claimed in claim 13, comprising providing the key monitoring service (212), wherein the key monitoring service (212) comprises a monitoring module (502) and an alert module (504).

23. The method as claimed in claim 22, comprising configuring the monitoring module (502) for:
monitoring the user's (202) activities and the wallet's behavior continuously during transactions;
accessing the external signals to gather intelligence for enriching the monitoring service;
collecting the user device (204) and the user (202) telemetry data to fingerprint both the user device (204) and the user (202) behavior to analyze any suspicious activity; and
reviewing the entire cluster of activities happening under the key generation unit (302), the key distribution unit (304), the key storage unit (306), and the key backup unit (308).

24. The method as claimed in claim 22, comprising configuring the alert module (504) for sending alerts and notifications to the 24*7 security operations center (SOC) to get required security analysts' attention on high critical risks and send threat feeds to the data intelligence module (106).