On one side, Bee4, which is revolutionizing the market, giving SMEs access to the capital market, and on the other, DINAMO Networks, a specialist in digital security, which works on the Drex pilot project and provides security infrastructure for PIX transactions. Together, they are committed to delivering the highest level of security for your financial transactions.
BEE4 – a company that marks the birth of a new stage in the Brazilian capital market with SME shares represented by tokens using blockchain technology – is DINAMO Networks’ new partner. In the project developed by Bee4’s information security and infrastructure/architecture areas, the DINAMO solution now guarantees the generation, management and secure storage of cryptographic keys used by participating nodes within BEE4’s permissioned Blockchain network, in a secure cryptographic environment (HSM).
To operate in this scenario, DINAMO Networks invested in R&D and developed expertise in security in DLT and Blockchain environments, especially during its participation in the DREX pilot, the digital currency of the Central Bank of Brazil. It developed the integration of the Hardware Security Module (HSM) with this new technology, both to protect transactions with the private keys that represent the assets transferred on the network (custody of tokenized assets), and to protect the cryptographic keys of the network nodes (participants in the permissioned network).
This solution for protecting the cryptographic keys of the network nodes has been integrated into the BEE4 blockchain infrastructure to reinforce the integrity of the BEE4 network and make it as secure as possible. The nodes participating in the BEE4 network must be previously authorized and communicate securely to validate network transactions. These actions are performed through certificates and cryptographic keys that must be generated, stored and operated in a secure hardware cryptographic environment. The main objective of this development is to guarantee resilience and cybersecurity at a level equivalent to the standards currently applicable in critical financial market infrastructures such as the National Financial System or the Instant Payment System (through which PIX is processed).
Network security and integrity
The Blockchain technology chosen by BEE4 enables collaboration and data sharing between different parties in a closed network that we call a permissioned network.
The Basel Committee on Banking Supervision (Bank for International Settlements – BIS) recently published a report* presenting 44 new risks associated with the use of blockchains that are not permissioned. The study highlighted risks related to operations, security, governance, legal issues and compliance. Certain risks arise from the reliance on blockchains from unknown third parties (Global Blockchain Networks), making it difficult for banks to perform due diligence and supervision. According to the study, trust in unknown third parties increases the chance of 51% attacks, devaluing assets, due to vulnerable IT. In line with these recommendations, and also thinking about scalability, BEE4 chose to implement a permissioned network. It chose a Hyperledger BESU network, developed by the Linux foundation, the same one that was selected for the Central Bank's DREX pilot. To better understand the importance of security in this scenario, among the components of a BESU network, there are participating nodes, connected to each other with the objective of proposing and validating new transactions and storing the chain information. The technology uses a storage structure where data and transactions are recorded in securely interconnected blocks. A consensus protocol between nodes allows transaction validation and information synchronization.
Only authorized nodes can connect to others on the network. To ensure the security of communication and node identification, a Transport Layer Security (TLS) certificate is used, a cryptographic security protocol for communications in a computer network, ensuring the integrity of communication and propagation of messages on the network. Certificates, which are issued by a trusted authority, are used to manage node and account identities and to perform secure authentication. To prevent malicious attacks, such as the inclusion of fraudulent transactions or the alteration of previous blocks, only blocks proposed by authorized validators are accepted. New blocks are proposed securely using the cryptographic keys of the network's validator nodes. The blocks are then signed by each node (validators and participants) using a private key that guarantees and preserves their identity. The node key must be securely held, and each participant in the network will have to sign blocks securely.
The integrity of the network depends on the security of these certificates and keys used by the network nodes. The use of DINAMO's cryptographic hardware technology (HSM) provides advanced protection against physical and logical attacks, ensuring the integrity and confidentiality of the cryptographic keys and certificates involved. It is part of the best cybersecurity practices and is already integrated into several operations of the Central Bank of Brazil. As a use case, we can mention SPB and PIX, including the main global financial institutions.
Competitive Advantage
It is in this vein that Patricia Stille, CEO of BEE4, highlights the importance of choosing the Hyperledger BESU permissioned network and certified solutions for the business, such as DINAMO, which are in compliance with the best cybersecurity practices, essential to mitigate risks. BEE4's permissioned network has validator nodes from BEE4 itself and also from its participants, such as the asset registrar, which reinforces the importance of a secure network for the ecosystem.
Certifications
DINAMO Networks' solution ensures the protection and secure storage of cryptographic keys in secure and tamper-proof hardware environments certified by INMETRO and NIST FIPS 140-2 Level 3; it allows the secure generation and storage of cryptographic keys, enabling reliable and scalable cryptographic processes for validating (signing) transactions.
Conclusion
Digital security is an investment in business. Leading the transformation of the capital markets, Patricia Stille from BEE4 states: “Our priority so far has been to set up a robust and secure infrastructure to operate this new capital market. Now, we are expanding our ecosystem, connecting with Brokers to gain scale, investor volume and generate liquidity for the assets traded.”, concludes the executive.
EN 
PT 
