‘Crypto’ for ‘Cryptography’: How Justified Is the Exuberance Around Apple’s Developer CryptoKit?

Published at: June 7, 2019

Yannick Sierra, security engineering and architecture manager for Apple, opened up the cryptography session at the 2019 Apple Worldwide Developers Conference and presented the CryptoKit with these words:

Welcome to the bitcoin session! (Laughter in the room). Kidding — welcome to Cryptography and Your Apps session!

This opening quote ended up being the only reference to cryptocurrencies or blockchain throughout the entire presentation of CryptoKit — Apple’s new framework for app developers designed to simplify building security-enhancing cryptographic functionality. Sierra’s joke was likely in recognition of how eagerly the crypto community anticipated the event, as well as the launch of the new toolkit in general.

Despite the heightened expectations that many cryptocurrency enthusiasts harbored, the presentation itself was hardly a ringing announcement of Apple’s newfound openness to blockchain. It turned out to be what it was always meant to be: a hands-on rundown of the new developer tool — with use cases, implementation tips and chunks of code on the slides. Still, what can the crypto industry make of this new release, and does it have anything to do with Apple’s stance on cryptocurrencies?

Great expectations

In the electrified air of the allegedly unfolding blockchain arms race between the world’s major tech powerhouses, cryptocurrency aficionados are hanging on every word these companies say that could be interpreted as endorsement of blockchain technology and its applications. With the 2019 Worldwide Developers Conference underway, vigilant inhabitants of crypto Twitter spotted an unannounced addition to SF Symbols, Apple’s native icon set. Among 1,500 configurable symbols, developers can now leverage four different versions of the bitcoin icon:

Just noticed that Apple's new icon set (SF Symbols), includes bitcoin. pic.twitter.com/Og8dWp2C85

— Brandon (@brandnanthny) June 4, 2019

Needless to say, the move has been interpreted as an instance of mainstream validation, which followed a similar symbol-ic step by Microsoft. And then, crypto media went abuzz over yet another promising development, as it became known that Apple is poised to present a set of cryptographic developer tools.

For a wishful eye, there was little doubt that all the recent tidbits were pieces of the same puzzle: The company is ready to embrace crypto! After years of contentious relationships, marked by two occasions of Coinbase being dropped from App Store and an effective ban on mining on Apple devices, even small steps were seen as welcomed news.

Bullish comments on CryptoKit’s significance for the cryptocurrency space began to surface. Alejandro Machado, co-founder of Open Money Initiative, told The Block that cryptocurrency developers will capitalize on the new feature that CryptoKit offers: the capacity to leverage iPhone’s secure enclave — a hardware pocket disconnected from the processor — to reach the level of security comparable to that of hardware wallets. TrustWallet founder Viktor Radchenko concurred in a widely circulated tweet:

Apple announced CryptoKit for iOS 13, only a few steps away before you can turn your phone into a hardware wallet.https://t.co/21wPSBz0K3

— Viktor Radchenko (@vikmeup) June 4, 2019

Forbes’ Billy Bambrough summarized the enthusiastic vibe by calling CryptoKit’s rollout “Apple's first carefully measured steps into bitcoin and crypto.”

“Duct tape solution”

As it happens, not everyone was immediately ready to hop on the bandwagon. Blockchain developer Ronald Mannak countered the growing bullish sentiment with a series of tweets, deconstructing what CryptoKit is and what it is not. Mannak argued that the new tool is about cryptography, not cryptocurrency, and as such, it has nothing to do with Apple’s stance on crypto and blockchain.

With some improved functionality, CryptoKit is good news for developers but not “the game changer” for the broader crypto space, as compatibility of its affordances with Ethereum and other blockchains remains limited.

Blockchain video blogger Ivan Liljeqvist (Ivan on Tech) projected the same narrative when he spent the first few minutes of his recent stream dwelling on the difference between “cryptography” and “cryptocurrency” and suggesting that “hodlers” should not get overly excited about everything that has “crypto” in it.

He contended that CryptoKit doesn’t look like “how most cryptocurrencies are laid out today,” and it is “not designed for crypto, not having crypto use cases in mind,” citing potential issues with key retrieval and backup from the secure enclave. However, he admitted that one could still build a cryptocurrency on CryptoKit, although it would require a “duct tape solution.”

The basics of what we have

Which of these two perspectives better reflects reality? To answer this question, having a cold-eyed look at CryptoKit and the context of its emergence wouldn’t go amiss.

Apple CryptoKit is a framework that comes with the iOS 13 update. It is built on top of CoreCrypto — Apple’s native cryptographic library. Previously, iOS developers who wished to implement cryptographic operations had to rely on the library called Common Crypto, written in the language Objective-C. As much of the software development on iOS these days occurs in a different language, Swift, this discrepancy proved inconvenient: Unable to use the library directly in Swift, programmers had to spend time on writing wrapper frameworks to make use of it.

CryptoKit, written in Swift, takes care of the issue. It will allow a hassle-free implementation of cryptographic operations such as using public-key cryptography to create and evaluate digital signatures, perform key exchange and use generated symmetric keys to authenticate and encrypt messages. As per Apple’s documentation, the new framework “automatically handles tasks that make your app more secure.”

At the “Cryptography and Your Apps” session, Apple engineers presented major types of prospective use cases: protecting data on a device, protecting credentials and keys, sharing data across devices and users, securing network connections, and verifying remote parties. Sounds like a great privacy-enhancing tool for smartphone users — but where are cryptocurrencies in this picture?

For one, there is potential room for wallet functionality, as many blockchain experts already observed. Sergey Bolshedvorsky, senior iOS developer with Voxpopme, explained:

“The new framework will provide easy-to-use and efficient options for hashing, key generation, key exchange and encryption for developers. All these operations are essential for building cryptocurrency wallets. [...] CryptoKit allows to store private keys in the secure enclave which will hugely increase the protection of these keys and allow for secure public-key cryptography. Current documentation suggests that developers will not have direct access to private keys, therefore these are going to be securely protected and stored on a device.”

At the same time, Bolshedvorsky admits, the tool is not perfectly cut out for cryptocurrency-related applications beyond wallets, yet offers a wide array of uses beyond crypto:

“The current implementation of CryptoKit does not support secp2561k1 curve used by Ethereum and other blockchains, therefore it has a limited applicability for cryptocurrency applications at the moment. Support for these algorithms can be added in future updates, but it is not clear when it will happen. CryptoKit brings easy-to-use cryptography to all applications and it does not limit itself to crypto-related applications.”

Founder and CEO of Zerocracy, the creator of cryptocurrency zold, echoes this idea but points to some of CryptoKit’s less obvious implications for the crypto space. Yegor Bugayenko said:  

“Despite the expected market reaction that connected CryptoKit with blockchain and bitcoin, it has nothing to do specifically with those cryptocurrencies. CryptoKit will simplify data encryption and decryption operations, which are used in many other areas, including backups, secure emailing and messages, password generation, and many others. However, natively implemented data encryption algorithms will definitely boost the development of mobile nodes for new lightweight and non-PoW cryptocurrencies, providing millions of iPhone and iPad users with mobile access to microtransactions in the future.”

Industry reaction

Overall, blockchain experts outside of the developer community view CryptoKit’s arrival as welcomed news. While some consider it a manifestation of Apple’s long-anticipated turn toward crypto, others celebrate increased data security and privacy that the new tool is expected to bring about.

Dave Hodgson, director and co-founder of NEM Ventures, the venture capital and investments arm of the NEM blockchain ecosystem, believes that CryptoKit will add to the momentum of mainstream adoption:

"The latest move by Apple is further evidence that blockchain is gaining more mainstream adoption, and it follows a similar release by Samsung and other key players in the space. CryptoKit will allow developers to focus on building a greater user experience without having to divert resources to highly technical areas. An analogy would be GPS on smart phones - allowing Uber to focus on its Consumer app. If you couple CryptoKit with the Apple Sign In announcement, several interesting use cases present themselves and we hope to see other vendors offering similar tools for Android and Windows in due time."

Matt Branton, chief technology officer of a stablecoin project called Neutral, is largely on board with this optimistic view:

“The increasing interest in blockchain technology and cryptocurrencies among large enterprises signals wider mainstream adoption, in which traditional and emerging industries will continue to overlap. Apple’s plans to unveil the new tool, CryptoKit, which will feature in iOS 13, reveals a promising mission from a traditional tech giant to support growing consumer demand for higher security standards through cryptography. This trend of consumers striving for higher security standards has extended to the digital asset realm, with more and more market participants demanding higher levels of stability and reliability.”

Mateusz Tilewski, co-founder and CTO of blockchain network company Concordium Group, prefers to think of the new cryptographic developer package as a response to the need for higher-quality cryptography in consumer-oriented apps:

“The majority of hacks can be attributed to faulty cryptography design and implementations, so access to quality crypto-utilities is directly correlated to the security of an app. As one of the biggest companies in the world, it is no surprise to see Apple implement proven and stable standards in their kit."

Overall, while the community’s initial enthusiasm with regard to CryptoKit may be somewhat overblown, in the long run, however, it should further the cryptocurrency movement’s strategic objectives. Although its capacity right now to usher a tidal wave of mobile hard wallets remains controversial, it is upon the developers to test whether it could be an efficient way to move forward. In addition, wider implementation of cryptographic data security solutions means not just better data protection for consumers, but also potential collateral systemic benefits for crypto, including but not limited to the potential rise of mobile-based cryptocurrency nodes.

Tags
Related Posts
Better Safe Than Hacked? Google and Apple Flip-Flop on Crypto
The cryptocurrency sector has many criticisms. One is that it can appear impenetrable to newcomers. Another is that it is probably easier to lose money investing in crypto than in most other areas of finance. What’s more, these issues can combine to create a lucrative environment for hackers with nefarious intentions. Chrome browser extension makes a stink By virtue of the fluctuations and hype that influence the markets, investors are often highly motivated to buy certain cryptocurrencies. Regardless of their background, all face the same initial hurdles: Where to buy the cryptocurrency and where to store it? Due in part …
Blockchain / Jan. 9, 2020
Amazon Wins Patents for Cryptography and Distributed Data Storage Solutions
E-commerce giant Amazon has won two patents related to methods for protecting the integrity of digital signatures and improving distributed data storage. The two patents were published by by the U.S. Patent and Trademark Office (USPTO) today, Nov. 13. The first patent document, first filed in April of this year, outlines a “signature delegation” method for “protecting the integrity of digital signatures and encrypted communications,” by allowing for the generation, distribution, validation, and revocation of one-time-use cryptographic keys. In the proposed system, these keys are arranged in what is known in cryptography as a “Merkle Tree” structure, which is a …
Blockchain / Nov. 13, 2018
Protocol Labs and Ethereum Foundation Team Up to Research Verifiable Delay Functions
Filecoin owner Protocol Labs is collaborating with the Ethereum Foundation to develop a Verifiable Delay Function (VDF). The company announced the partnership in a blog post on April 19. VDFs are a relatively new cryptographic primitive that can protect systems relying on the generation of (pseudo) random values from manipulation strategies or attack. Examples of everyday use cases include picking a lottery winner on the blockchain, as VDFs could help stop miners from intervening with a block hash to win the jackpot. Dan Boneh, one of the researchers who introduced the concept in a paper last June, explained that VDFs …
Blockchain / April 22, 2019
Hyperledger Announces New ‘Cryptography Library’ for DLT Development
The Hyperledger Technical Steering Committee has approved the Ursa project, a modular cryptography software library, according to an official announcement Dec. 4. According to the statement, as Hyperledger has matured, projects “have started to find a need for sophisticated cryptographic implementations.” The post describes Ursa as a shift from having each project implementing its own protocols to collaborating on a shared library. Ursa is meant to avoid wasted work on duplicate projects, enhancing security by simplifying analysis and making it “less likely for less experienced people to create their own less secure implementations.” Furthermore, the project is supposed to grant …
Blockchain / Dec. 5, 2018
Uniswap wants to launch mobile wallet but Apple won’t green-light it’s launch
Uniswap Labs has announced plans to release a new self-custodial mobile wallet that will offer users the ability to swap on L1 or L2 networks without having to switch networks. According to Uniswap Labs, the wallet will allow users to check price charts and search for any token across various networks, including Ethereum, Polygon, Arbitrum, and Optimism. To ensure maximum security, Uniswap Labs worked with Trail of Bits for the audit of the wallet. Additionally, the seed phrases and private keys of both imported and newly created wallets will be encrypted and stored on devices using Apple's secure enclave, which …
Technology / March 3, 2023