Frequently Asked Questions
A VESvault API PROJECT
What is VESwallet?

VESwallet is the VESvault API integrated with the open source code from MyEtherWallet and MyCrypto.

Who did the API integration?

VESvault Corp. did the integration without any involvement from either MyEtherWallet LLC or MyCrypto Inc., but in accordance with the licensing terms listed in their Disclaimer, and repeated as the VESwallet Disclaimer.

Is VESvault Corp. a digital wallet company?

No. VESvault is more of a B2B service than B2C. We will provide VES to any B2C SaaS that wishes to extend the benefits of VES to its user base. We chose to do the first API integration ourselves to reduce the cycle time to launch and test our API integration. We've submitted our code to both MyEtherWallet and MyCrypto along with the request to include it in a future release. Our preference is for them, and other wallet makers, to take over from here. We will continue to support VESwallet but will direct users to other wallet sites as they become available with VES.

Does VESvault have any other B2C SaaS?

Yes, we have CloudDash (www.clouddash.net). is a document storage management tool that currently implements VES with Google Drive, Dropbox and OneDrive, and soon will work with the new wave of decentralized, Blockchain storage services such as Filecoin, Storj, Maidsafe and Sia. CloudDash has been in operation for almost a year and has users in 100 nations. However, CloudDash does not yet use end-to-end encryption. CloudDash was launched with server side VES to ensure VES worked properly before extending it to the client side. We expect to bring end-to-end encryption to CloudDash in the near future and certainly before the integration with decentralized Blockchain storage services.

VESwallet FUNCTIONALITY
What does VES do?

VES is short for Viral Encrypted Security. VES provides a way of reliably recovering encrypted content in the event that the encryption key is lost. This solves the problem that has kept encryption from being practical for mainstream use. While some adventurous product innovator types are ok with managing the risk of key loss, the vast majority of the population is not and will not use encryption as long as the problem persists.

How does VES work with a digital wallet?

For the Keystore option, VES allows you to store your encrypted wallet password in your VESvault (in the cloud). You can also use your VESkey to retrieve your wallet password without typing it in. And, once properly established, your VES network provides a reliable means of Recovering your wallet password if you forget it and you forget your VESkey.

Does that improve the Keystore option?

Yes. VES makes losing your wallet password less likely. It also means your wallet password is stored separately from the private key that it encrypts, allowing you to have multiple copies or your encrypted private key safely stored on USB drives stashed in various places so you won't lose them. Overall, there's less chance of losing either the wallet password or the private key, and since they are both encrypted and stored separately, neither is a single point of vulnerability. This makes the Keystore option both safer and more secure.

But MEW doesn’t recommend using the Keystore option?

No they don't, but their reason is to avoid phishing (visiting a malicious site posing as your wallet). This can be easily avoided by using bookmarks and/or checking your URL to ensure it is correct. Interestingly, it seems phishing was part of the motivation that lead one of the two founders to split from MyEtherWallet to form MyCrypto. MyCrypto will soon come out with desktop and mobile app versions of their wallet and has stated that this is far better than using a browser. VES in conjunction with the Keystore option on a desktop or mobile app can be a very secure way to store your private key. See our VESwallet Product Overview for more information on 3 increasingly secure use-cases with the current Keystore option:

www.wallet.ves.world/assets/download/VES-Wallet-Overview.pdf

What if I want to switch from VESwallet to another wallet?

No problem. Your VES network, contents of your VESvault and your wallet password are independent from any single wallet and are usable with any wallet using the VES APIs.

VES FUNCTIONALITY
Is VES a proprietary encryption?

No. VES doesn't replace encryption, rather it's a complement to it. VES works with current state-of-the-art encryption algorithms.

Are all VES services end-to-end encrypted?

Through our APIs all wallet encryption occurs at the client side. All encryption processes pertaining to the VES Recovery process, which are executed through the VESvault website, also occur at the client side for end-to-end encryption. The lone exception is our CloudDash document storage product, which has not yet been updated with end-to-end functionality and still uses our legacy server side VES processes.

Is VES zero knowledge?

The VESvault servers never see content that's unencrypted. However, since metadata may not be encrypted by VES, that information isn't hidden from our servers. We do not share or use any metadata information with anyone.

What is VES?

VES stands for Viral Encrypted Security. VES uses a viral network of friends who can assist you in Recovery if you've lost your key. But, these friends do not have access to your encrypted content. It's viral because your friends have their own friends who can assist them in Recovery, and so on, and so on. This network can easily result in a reliability of Recovery that far exceeds 99.999999%, but we'll address that further down in this FAQ in the reliability issue.

How does VES work?

You preselect people who know you as friends who can assist you in Recovery if you lose your VESkey. These friends must also set up their own VESvaults and VESkeys. If you lose your VESkey, your friends can enter their VESkeys to assist you in Recovery. To mitigate the collusion problem (addressed further in this document) and social hacking in general, your friends should voice verify or video verify that you are in fact the person requesting assistance. Once a pre-determined number of friends have assisted you, you can enter your new VESkey you created when you lost your previous VESkey to complete the Recovery of all your lost encrypted content.

Isn't VES the same thing as Shamir's Secret Sharing?

No. VES is similar to Shamir's Secret Sharing but VES solves the reliability and collusion issues that have kept past services based on Shamir's from being practical. Think of Shamir's as an engine and VES as the whole car. For the technical folks, while Shamir's uses polynomials, the VES engine is based on linear algebra.

What's the reliability problem that VES solves?

If something is encrypted, it's valuable and even a 99.9% recovery rate is unacceptable – would you want to be that 1 out of 1,000 that loses all your encrypted content – your wallet, photos, videos, documents, emails, vmails, etc.? For encryption, recovery isn't practical until it's well over 99.99999%. Even if the odds of losing your wallet are 1 in 10 million, that's too high a risk. Past implementations using Shamir's didn't appear to consistently deliver anywhere near the reliability that's needed.

How does VES solve the reliability problem?

As mentioned previously, by using the viral network of friends that can assist in recovery. As the network grows, the reliability increases exponentially. But even a very small network of 5 friends who each have 5 friends, can reduce the probability of losing encrypted content from key loss to less 1 in 92 million (go to www.VESvault.com/fun-math and enter N=5, p0=30% and X=2). How many people on Facebook have only 5 friends?

What is the collusion problem that VES solves?

By themselves, the Tokens (essentially scrambled versions of the Recovery key) are unusable as keys and are essentially as difficult to brute force hack as state-of-the-art encryption. It takes a certain number of Tokens to recombine and re-create the recovery key – in linear algebra it takes at least as many equations as there are variables to solve the variables. The collusion issue is that if you have X malicious friends where X is the number of friends necessary to assist you in Recovery, those X people can collude to re-create your key and gain access to your encrypted content.

How does VES solve the collusion problem?

The Recovery key re-created by the Tokens isn't the same as the key you use to access your VESvault, your VESkey. It cannot unlock your Primary vault. Rather, it unlocks a backup copy of your Primary vault, the Shadow vault. The Shadow vault is never accessed outside of a key loss event and only by one account – yours (identified by your email address and VES password). This allows us to put multiple, strong layers of restrictions on access to the Shadow vault, and it gives us the ability to grow these restrictions over time. Also, since you determine the number of friends required to achieve Recovery, you can set that number higher. For example, rather than having 2 out of 5 friends needed for Recovery, you can select 4 out of 8. So, IF 4 of the trusted people you've selected to assist you decide to turn malicious and somehow find each other to collude without alerting your other, reputable, friends, they'd still need to steal your account to set off a Recovery event to gain access to your content. Stealing your account is one barrier, and setting off a Recovery event is another because it instantly alerts you and all your real friends that something is going down. These barriers exceed those of most reputable non-encryption sites that people use and trust with sensitive information such as bank accounts, medical records, credit cards, social security numbers, etc. There are a sufficient number of security barriers here that make the likelihood of a successful hack from an extremely unlikely group of colluding friends extremely remote. And, as we said, there are more to come. Again, this risk is limited to your “friends” that collude. To everyone else not in possession of the reconstructed recovery key, your encrypted content is protected by encryption that is no less secure than any encryption service without VES. For more information on security issues refer to our security white paper: www.vesvault.com/articles/VES-Whitepaper-Abstract.

Is my VESkey the only thing I need to access my VESvault?

No. You need 3 things: your email account, your VESvault password and your VESkey. The computer you use can generally stay logged into your VESvault account (VESvault password), but after you enter your VESkey there is an activity timer that deletes the key after 1 minute of inactivity.

Should my VES password be different from my VESkey?

Yes! Your password and VESkey should NEVER be the same. Making them the same reduces your security.

Can I have multiple lost VESkeys at one time?

Yes, you can have an unlimited number of Recovery operations in process at one time. For example, if you lose your 2nd VESkey before completing Recovery for the 1st lost VESkey, you will have created a 3rd VESkey. That sets off a Recovery process for the 2nd VESvault while the 1st is still ongoing. Since the friends you selected for the first VESkey will automatically be pre-selected for the 2nd, when they offer assistance you will Recover any content in both the lost 1st and 2nd VESvaults.

What if my friends lose their VESkeys?

Then they can initiate their own Recovery with their friends. Once their Recovery has occurred, they can assist you with your Recovery. This is the viral beauty of VES – as your network grows, the probability of Recovery grows exponentially. And, you get all the benefits of someone else's previously setup VES network as soon as you select them to be your Recovery friend. You essentially plug into their network.

What if I find my lost VESkey during Recovery?

No problem. Entering the lost VESkey before Recovery is complete is another way of Recovering your lost VESvault. As soon as the lost VESkey is entered, all the information is Recovered and re-encrypted with the new VESkey. At that point the old VESkey is useless. Going forward you will use the new VESkey.

How do I know VES encryption is being used and is working?

When you open your VESvault you will see the VESvault vortex. Go here https://www.vesvault.com/animations to see what the vortex looks like. If you use VES encryption with CloudDash, you will see that the encrypted files have encrypted file names that end with the .VES file extension.

Does VES use two-factor authentication for the password?

That's in the pipeline, as are other security enhancements.