|
Title: Secure Element in Hardware Wallets Post by: dkbit98 on December 28, 2020, 12:12:23 PM I see many people talking about Secure Element in hardware wallet like some mythical creature that will protect us from all evil, but in reality Secure Element is just a chip or microcontroller used in a similar way like in SIM cards, SDcards, IDs, Payment Cards or Phones, and they can potentially be exploited by malicious firmware updates. In Hardware wallets they are used as second chip for storing private keys and seed words. What are the benefits of Secure Element in Hardware Wallets? - Seed words never leave device but they stay in Secure Element - Secure updates - Generating 'random' numbers - No tempering Secure Elements can be open source (can be verified and confirmed) or closed source (any firmware can be used including malicious), certified or not certified. Current state of Secure Elements is Hardware wallets:
Note that older hardware wallets models Passport, ColdCard, Onekey may have outdated chip version ATECC608A! Credits and thanks @SFR10 for making this wonderful table Let's see some examples how Hardware Wallets got exploited before in presentation Exploiting Hardware Wallet’s Secure Element (https://sector.ca/wp-content/uploads/presentations18/Volokitin_Exploiting_Hardware_Wallet%E2%80%99s_Secure_Element_--_SecTor.pdf) by Riscure and Sergei Volokitin. If you can choose, then always go for Open Source. *EAL = Evaluation Assurance Level Quote EAL1 - functionally tested EAL2 - structurally tested EAL3 - methodically tested and checked EAL4 - methodically designed, tested, and reviewed EAL5 - semi-formally designed and tested EAL6 - semi-formally verified design and tested EAL7 - formally verified design and tested **Trezor is working on their own fully open source Secure Element chip and they started separate project for this purpose called Tropic Square (https://tropicsquare.com/). - Cobo hardware wallet stopped production and renamed to Keystone with some changes in software and hardware. CC = Commons Clause License https://commonsclause.com/ - Seed Generation in Hardware Wallets (https://bitcointalk.org/index.php?topic=5317199.0) - Open Source Hardware Wallets (https://bitcointalk.org/index.php?topic=5288971.0) Title: Re: Secure Element in Hardware Wallets Post by: casperBGD on December 28, 2020, 12:20:09 PM interesting topic, must say that I was not aware that Trezor does not have any secure element inside
it is always good to divide complicated things into small parts, for better understanding by community, and educate community as much as possible, that is the only way to decrease number of scams that are inevitable part of every industry, especially growing one, like crypto industry but, nothing will help you if you do not secure your own data properly, it can not be overstated the importance of securing your own private keys / mnemonic seeds, and not sharing those with anyone, and interacting with proven wallets/exchanges only Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on December 28, 2020, 12:25:47 PM Sure, Trezor only have one chip and everything is open sourced, but that does not mean that having dual chip and secure element is always better, especially if that chip is using closed source firmware (see posted example for exploits), and yes nothing will help you if you send scammers your seed words.
Title: Re: Secure Element in Hardware Wallets Post by: Pmalek on December 28, 2020, 12:56:11 PM The summary page states that the vulnerabilities discovered in the Ledger Nano S were all fixed. But since it's closed source, it can't be reviewed. Unless there is a newer research that confirms the vulnerabilities are still there, can we assume this is no longer a threat?
As an extra tip, waiting a few weeks before performing a firmware update wouldn't be bad if someone has reasons to believe the servers might be hacked and are storing a fake firmware. It seems that Ledger has no intention of making the secure element fully open-source. Quote We're great supporters of open-source and strive to open-source as much of our software as possible. In that light, we will soon open-source the part of the firmware that is responsible of displaying the dashboard where you can see the apps. The parts of the firmware that interact with secure parts of the Secure Element will not be open-sourced, since they are based on proprietary technology, protected by patents and an NDA we signed with the chip manufacturer. https://www.reddit.com/r/ledgerwallet/comments/e1wh5q/is_ledger_going_to_make_the_firmware_open_source/Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on December 28, 2020, 01:10:28 PM It seems that Ledger has no intention of making the secure element fully open-source. NDA with chip manufacturer is very important, but who cares about 'stupid' customer data...it is open for everyone ::) They don't want to ever change this, and that is why my open source wallets of choice would be ColdCard mk3, BitBox02 and CoboVault and not in that specific order. Title: Re: Secure Element in Hardware Wallets Post by: witcher_sense on December 28, 2020, 01:40:40 PM
What part of Microchip ATECC608A is open source? As far as I know, Microchip has stopped publishing datasheets for their microchips after ATECC508A version, further versions are all NDA. Can I trust these secure elements if data is no longer available for everyone to see and check? How can I be sure that governments haven't forced Microchip to implement some backdoors to steal my crypto? Found an old topic from Trezor explaining the reasons why they don't use secure elements https://blog.trezor.io/is-banking-grade-security-good-enough-for-your-bitcoins-284065561e9b Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on December 28, 2020, 01:55:45 PM What part of Microchip ATECC608A is open source? Some Hardware Wallet manufacturers are using Microchip ATECC608A and they claim Firmware they use is open source. Passport wallet released everything on their github.Same chip is used for other devices, not just hardware wallets, and most of it is released on github, but full datasheet is under NDA: https://github.com/MicrochipTech/cryptoauthlib No chip or secure element is perfect and there will always be some bugs, but I am not so sure about government backdoors. Title: Re: Secure Element in Hardware Wallets Post by: bob123 on December 29, 2020, 10:54:10 AM What are the benefits of Secure Element in Hardware Wallets? - Seed words never leave device but they stay in Secure Element - Secure updates - Generating 'random' numbers - No tempering The mnemonic code (which you are referring to as "seed words") are not stored on the secure element. The actual seed is stored there. The mnemonic code is only used to generate the seed. Secure updates and a RNG does not require a secure element. Any crypto co-processor is sufficient for this. Yes, a secure element helps against tampering. interesting topic, must say that I was not aware that Trezor does not have any secure element inside That's the reason the trezor is highly vulnerable to physical attacks. The trezor needs further protection mechanisms (e.g. strong password) to be sure that an evil maid attack won't make you lose your coins. Title: Re: Secure Element in Hardware Wallets Post by: casperBGD on December 29, 2020, 01:08:12 PM interesting topic, must say that I was not aware that Trezor does not have any secure element inside That's the reason the trezor is highly vulnerable to physical attacks. The trezor needs further protection mechanisms (e.g. strong password) to be sure that an evil maid attack won't make you lose your coins. but what they are selling, just a piece of hardware with a software open-source light wallet installed on it? what is the main difference between that solution, and same open-source software on some old laptop, that is not used for anything else, just to have access to your wallet? why the Trezor is better (just asking, I do not think that it is not) from old laptop? and old laptop sitting somewhere is the basement could be not recognized as hardware wallet, or it would be harder than seeing Trezor as a wallet what is a main Trezor advantage, in your opinion? Title: Re: Secure Element in Hardware Wallets Post by: ranochigo on December 29, 2020, 01:23:57 PM but what they are selling, just a piece of hardware with a software open-source light wallet installed on it? Trezor was one of the first HW wallet maker and it was their choice to not put a secure element within their devices. Their rationale being that the main attack vector is from the net, among various other stuff [1]. I saw this counterargument (by Ledger) years ago and thought that it made more sense[2].what is the main difference between that solution, and same open-source software on some old laptop, that is not used for anything else, just to have access to your wallet? why the Trezor is better (just asking, I do not think that it is not) from old laptop? and old laptop sitting somewhere is the basement could be not recognized as hardware wallet, or it would be harder than seeing Trezor as a wallet what is a main Trezor advantage, in your opinion? Trezor is designed to not be vulnerable to typical malware and viruses as its primary purpose is to receive and sign transactions, so the attack vector is pretty small. I think their firmware is also signed so that isn't a threat. I think your final question is about HW wallets in general. As said, the secure element will mitigate the attacks as mentioned. It really depends largely on your usage. Are you confident with handling air gapped storage? Do you want a bit more convenience while ensuring the same level of security (relative)? Do you want to save money on HW wallets? Personally, I bought a HW wallet not because it's more secure (the threats are largely irrelevant to me) but that it provides much more convenience and portability than an airgapped wallet. Trust me, a hardware wallets makes everything smoother than starting your RPI up and realising your Electrum got corrupted again and having to find and type in the seeds again. [1] https://blog.trezor.io/is-banking-grade-security-good-enough-for-your-bitcoins-284065561e9b [2] https://www.reddit.com/r/Bitcoin/comments/52x08n/is_bankinggrade_security_good_enough_for_your/d7odee4/ Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on December 29, 2020, 01:52:05 PM List is updated with CoolWallet S using CC EAL 5+ SE microchip Secure Element
You can read what Kraken team found about CoolwalletS HERE (https://blog.kraken.com/post/4384/inside-kraken-security-labs-flaws-found-in-coolwallet-s-hardware-wallets/) in their report. Secure element can be hacked or exploited like in any other device, that is why Android for example is having bounty program for anyone who exploits secure element in their devices. ... Let's not forget that Trezor Satoshilabs developers are the first one who created and used BIP39, that is now industry standard and every other hardware wallet is using it.Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on December 31, 2020, 11:20:38 AM Four more hardware wallets added to the list and they all have various 'secure elements' integrated but like I said before, having secure element does not always make you hardware wallet better or more secure, and I would not recommend buying them:
-Jubiterwallet: EAL6+ SE Infineon, closed source (https://jubiterwallet.de/) -Kasse HK-1000: EAL5+ ST31H320 A03, closed source (https://kasseusa.com/) -Keevo: EAL5+ Infineon Optiga Trust-P, closed source (https://www.keevowallet.com/) -Secux: EAL5+ Infineon CC, closed source (https://secuxtech.com/) Title: Re: Secure Element in Hardware Wallets Post by: bob123 on December 31, 2020, 04:11:40 PM but what they are selling, just a piece of hardware with a software open-source light wallet installed on it? what is the main difference between that solution, and same open-source software on some old laptop, that is not used for anything else, just to have access to your wallet? why the Trezor is better (just asking, I do not think that it is not) from old laptop? and old laptop sitting somewhere is the basement could be not recognized as hardware wallet, or it would be harder than seeing Trezor as a wallet what is a main Trezor advantage, in your opinion? The difference is that your old laptop would be effectively an air-gapped wallet. This means it has to stay offline (not connected to any network) to be secure. Together with encryption, that's a really solid setup. But the downside is that its not very convenient to use. A Trezor (or other hardware wallets) have the advantage of them being used togeter with an online PC without the risk of losing coins. Security-wise its not as good as an air-gapped wallet, but convenience-wise it is so much more pleasant to use. You can connect your hardware wallet to an infected device without worrying to have your coins stolen since physical confirmation (in form of a button press) is needed to sign transactions. That's what all good hardware wallets have in common. A downside of trezor is the physical security which can be avoided by using proper password encryption (which is also necessary with an air-gapped wallet btw). Title: Re: Secure Element in Hardware Wallets Post by: Coin-Keeper on December 31, 2020, 08:49:08 PM Quote witcher_sense : Found an old topic from Trezor explaining the reasons why they don't use secure elements https://blog.trezor.io/is-banking-grade-security-good-enough-for-your-bitcoins-284065561e9b Great read and accurate as hell. Spot on! I did OpSec for a living and I will take full open source hands down. There is an amazingly high probability that there are engineered backdoors in any close source "secure element" chip being mandated by Gov agencies. Tin foil hat, maybe, but the risks have shown to be entirely too prevalent for a wise person to assume them. BTC is moving to around 30K per coin so the incentive is there! Here is my spin. Yep, my Trezor T's don't have a secure element chip. So I KNOW how they tick and so do all the other coders that care to "hit" them with everything they have in their tool belt. Along comes Trezor and GitHub and now SD encrypt completely removes the known weakness of the current Trezor T controller. Its GONE fully, so man up and learn how to use your device. Its safe and fully open source. For those that insist on continuing with closed source elements in their devices you have been warned, LOL. Let me remind members here that there has NEVER been an instance of that one controller weakness "in the wild" for Trezor T's. The "other guy" with a closed source controller/element has had numerous instances of theft happening with phished app's etc.... Title: Re: Secure Element in Hardware Wallets Post by: malevolent on January 01, 2021, 01:47:32 AM Thanks for the list, OP, for some reason I thought all Secure Elements were closed source.
what is a main Trezor advantage, in your opinion? I can stick it in my pocket and connect it to my phone to pay someone when I'm away from home or abroad. A lot more convenient than taking a bigger device such as a laptop with me. Title: Re: Secure Element in Hardware Wallets Post by: ABCbits on January 01, 2021, 12:36:11 PM It seems that Ledger has no intention of making the secure element fully open-source. Now that i know there are open-source secure element, why don't Ledger migrate from closed-source to open-source secure element? Do they find secure element they currently use is more secure than all open-source secure element? Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on January 01, 2021, 12:46:53 PM Now that i know there are open-source secure element, why don't Ledger migrate from closed-source to open-source secure element? Do they find secure element they currently use is more secure than all open-source secure element? Ledger is using ST31H320 and ST33J2M0 secure elements that are EAL6+ level of security but in combination with their normal STM32F042K chip overall security is downgraded back to EAL5+ Some Hardware like Ngrave are promising EAL7+ secure element, but as far as I know only ATECC608A is mostly open source and it can be found even in M5Stack Core2 ESP32 AWS Development Kit. Title: Re: Secure Element in Hardware Wallets Post by: igor72 on January 01, 2021, 07:13:55 PM What are the benefits of Secure Element in Hardware Wallets? - Seed words never leave device but they stay in Secure Element - Secure updates - Generating 'random' numbers - No tempering The mnemonic code (which you are referring to as "seed words") are not stored on the secure element. The actual seed is stored there. The mnemonic code is only used to generate the seed. Title: Re: Secure Element in Hardware Wallets Post by: casperBGD on January 01, 2021, 07:55:35 PM what is a main Trezor advantage, in your opinion? I can stick it in my pocket and connect it to my phone to pay someone when I'm away from home or abroad. A lot more convenient than taking a bigger device such as a laptop with me.agree completely, but isn't that what hot wallets are for? to have wallet for your payments, that does not have all your funds in it with fiat, you also do not hold all your funds, when you have to pay for bread and milk in the store The difference is that your old laptop would be effectively an air-gapped wallet. This means it has to stay offline (not connected to any network) to be secure. Together with encryption, that's a really solid setup. But the downside is that its not very convenient to use. A Trezor (or other hardware wallets) have the advantage of them being used togeter with an online PC without the risk of losing coins. Security-wise its not as good as an air-gapped wallet, but convenience-wise it is so much more pleasant to use. You can connect your hardware wallet to an infected device without worrying to have your coins stolen since physical confirmation (in form of a button press) is needed to sign transactions. That's what all good hardware wallets have in common. A downside of trezor is the physical security which can be avoided by using proper password encryption (which is also necessary with an air-gapped wallet btw). thanks, that is what I thought as well, they are selling convenience, and that is ok, although if one has more funds, it is better to have several wallets, and use one or two for payments (or other type of hot wallet) and all the other store on the same way, as old laptop (for HODL purpose) Title: Re: Secure Element in Hardware Wallets Post by: malevolent on January 01, 2021, 11:26:31 PM agree completely, but isn't that what hot wallets are for? to have wallet for your payments, that does not have all your funds in it with fiat, you also do not hold all your funds, when you have to pay for bread and milk in the store A different passphrase may be used to access long-term storage funds, or a different physical hardware wallet altogether. When making bigger payments away from home a hardware wallet will still be useful and more convenient. Title: Re: Secure Element in Hardware Wallets Post by: ranochigo on January 02, 2021, 04:23:36 AM agree completely, but isn't that what hot wallets are for? to have wallet for your payments, that does not have all your funds in it Depends on your needs, as with most stuff. Hardware wallets will undoubtedly protect you against physical and non-physical attacks. Plausible deniability baked into the device makes it a great device to be used to limit the losses from a $5 wrench attack. The bane is that you have to purchase a hardware wallet which depends on your holdings might be a big portion of your funds.with fiat, you also do not hold all your funds, when you have to pay for bread and milk in the store thanks, that is what I thought as well, they are selling convenience, and that is ok, although if one has more funds, it is better to have several wallets, and use one or two for payments (or other type of hot wallet) and all the other store on the same way, as old laptop (for HODL purpose) I have quite a few discussions on it but I've never really had an argument that refuted my point that HW wallets are at the very least as secure as cold storage, when you consider all the possible attack vectors. But I can stand by the fact that for most, they are considered as *equal* in terms of it's security. Hardware wallets are expensive, the secure element is useful. If you want a cheaper but not as sophisticated alternative, use a RaspBerry Pi offline. Title: Re: Secure Element in Hardware Wallets Post by: Pmalek on January 02, 2021, 08:37:12 AM Now that i know there are open-source secure element, why don't Ledger migrate from closed-source to open-source secure element? Do they find secure element they currently use is more secure than all open-source secure element? Apparently it is a question of security. There was some talk that they would create a new open-sourced chip, but I don't know what happened with that. There is an old reddit post from one of their team members that mentions that Ledger feels that there are currently no open-sourced chips that can be compared with closed-source chips in terms of security. Quote I just meant that today there are no open-source chips that can offer the same level of security as the closed-source chips. However, it is Ledger's intention to open-source as much as possible, but existing constraints within the chip industry make this a slow process. https://www.reddit.com/r/ledgerwallet/comments/a30lc4/a_closer_look_into_ledger_security_the_secure/Title: Re: Secure Element in Hardware Wallets Post by: bob123 on January 02, 2021, 12:51:19 PM I have quite a few discussions on it but I've never really had an argument that refuted my point that HW wallets are at the very least as secure as cold storage, when you consider all the possible attack vectors. When considering all possible attack vectors, you come to the conclusion that a hardware wallet has a larger attack surface than an air-gapped wallet. You can pretty much break everything down to be relatively equal. But one important attack vector is the online machine it is used with. While in theory there shouldn't be any way to compromise the device from an online pc, this shouldn't be completely ignored. Especially phishing attacks can work pretty well. And a vulnerability in the microcontroller and/or secure element can make the hardware wallet insecure when used with a compromised PC (which it is made for). This attack vector only applies to hardware wallets, but not to air-gapped wallets. I wouldn't consider a hardware wallet as secure as an air-gapped wallet solution. Title: Re: Secure Element in Hardware Wallets Post by: ranochigo on January 02, 2021, 01:11:23 PM But one important attack vector is the online machine it is used with. While in theory there shouldn't be any way to compromise the device from an online pc, this shouldn't be completely ignored. Definitely, I won't consider anything impossible when it comes to security. If the attacker can compromise the hardware wallet with a vulnerability in a secure element and without physical access, then it would be terrible. I hope that it wouldn't happen and it's probably why some hardware wallets are able to be run with an airgap as well. If that's the concern, then I guess that'll make it more equal.Especially phishing attacks can work pretty well. And a vulnerability in the microcontroller and/or secure element can make the hardware wallet insecure when used with a compromised PC (which it is made for). This attack vector only applies to hardware wallets, but not to air-gapped wallets. I wouldn't consider a hardware wallet as secure as an air-gapped wallet solution. Some APTs and malwares has demonstrated their ability to jump airgaps. Definitely possible and has been done but it's quite a lot of work, would've been easier to just compromise the OS itself. What I think could be a potential concern other than the sidechannel (I've mentioned that enough and I know secp256k1 mitigates some of it), is that despite the ability to encrypt the files, which should be viewed as a workaround other than a mitigation, there isn't any way to ensure that the files cannot be extracted from the device, I believe you can clone the HDD/SD card to try it again and again. As you've mentioned, the seeds are stored within the secure element and X failed attempts would brick it and render it unrecoverable in some HW wallets. Title: Re: Secure Element in Hardware Wallets Post by: bob123 on January 02, 2021, 08:18:45 PM Is it still true the trezor is not safe as i heard something like its open or closed source? Forgot which one meant safe. Trezor is completely open source, which is good.. because the source code is open a.k.a. publicly available. However, there is a hardware vulnerability.. Use a long and secure password and you are fine tho. It is "just" a physical attack vector which allows to extract the seed. Someone said if someone had access to your ledger for a few minutes, they could do something to do it. Anyone can confirm this? No. This applies to the trezor without any password protection. That's the physical attack vector i referenced. Title: Re: Secure Element in Hardware Wallets Post by: The Sceptical Chymist on January 02, 2021, 08:34:04 PM They don't want to ever change this, and that is why my open source wallets of choice would be ColdCard mk3, BitBox02 and CoboVault and not in that specific order. I appreciate that recommendation and I found the OP here very informative, because I'm functionally computer illiterate (more or less). I love the Ledger devices, but that closed source code aspect does give me some doubts, though small ones.Never heard of the above wallets, although ColdCard does ring a bell somewhere in my noggin. I'll have to check them out. Hardware wallets are expensive, the secure element is useful. If you want a cheaper but not as sophisticated alternative, use a RaspBerry Pi offline. A Raspberry Pi? Is that not just the same as storing your private key on a micro SD card?Title: Re: Secure Element in Hardware Wallets Post by: ranochigo on January 03, 2021, 01:40:28 AM A Raspberry Pi? Is that not just the same as storing your private key on a micro SD card? Air gapped wallet, to be specific. I usually consider it as storing my private key on a micro SD card but with layers of encryption so that an adversary cannot crack it within a short period of time, if needed. Being able to sign the transactions offline will negate most malware attacks as the airgap will deter most malware. If not for the ease of signing, using a pen and pencil to write down the seed would have been sufficient.Title: Re: Secure Element in Hardware Wallets Post by: witcher_sense on January 04, 2021, 10:53:28 AM Let me remind members here that there has NEVER been an instance of that one controller weakness "in the wild" for Trezor T's. The "other guy" with a closed source controller/element has had numerous instances of theft happening with phished app's etc.... Additionally, secure elements that are widely used in hardware wallets usually can't handle simple peripheral tasks: you can't control buttons, you can't establish a USB connection, you can't control display functions. That is the reason why secure elements require additional microcontrollers. These microcontrollers are for general purposes, which means they are more vulnerable, and they are not secure whatsoever. If hackers somehow managed to reflash these general-purpose controllers, that would potentially allow them to retrieve sensitive information from secure elements.Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on January 04, 2021, 11:44:15 AM Additionally, secure elements that are widely used in hardware wallets usually can't handle simple peripheral tasks: you can't control buttons, you can't establish a USB connection, you can't control display functions. That is the reason why secure elements require additional microcontrollers. These microcontrollers are for general purposes, which means they are more vulnerable, and they are not secure whatsoever. If hackers somehow managed to reflash these general-purpose controllers, that would potentially allow them to retrieve sensitive information from secure elements. They found something like that in one of the previous ledger nano x wallet exploits, that was later patched and fixed in firmware update, but they claim secure chip was not affected. Even exposing other information like bitcoin balance and all addresses would not be considered good. https://www.ledger.com/enhancing-the-ledger-nano-xs-security Title: Re: Secure Element in Hardware Wallets Post by: witcher_sense on January 04, 2021, 01:51:29 PM They found something like that in one of the previous ledger nano x wallet exploits, that was later patched and fixed in firmware update, but they claim secure chip was not affected. Even exposing other information like bitcoin balance and all addresses would not be considered good. https://www.ledger.com/enhancing-the-ledger-nano-xs-security Either way, even if a secure element cannot be easily compromised, it will not convince me that my funds are safe, in case I lose my Ledger hardware wallet. It certainly gives me more time to move my funds somewhere else, but I can achieve that with Trezor if the passphrase was used along with the seed phrase. So, I can't see a point in adding secure elements. First, you, anyway, can't rely on them if hackers got physical access to your hardware. And second, unlike open-source systems, in closed-source ones, you have to trust SE manufacturers that they have not colluded with malicious third-parties. In short, secure elements are redundancy, which makes the system less trustless and more vulnerable. That goes against the principles of bitcoin. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on January 04, 2021, 01:54:50 PM ... Sure you can do that, but then you should also not trust any devices that exist today including smart phones, sim cards, SC cards, or payment cards that all have secure elements in them. Secure elements are not exclusive only for hardware wallets. Title: Re: Secure Element in Hardware Wallets Post by: DaveF on January 04, 2021, 04:50:55 PM
What part of Microchip ATECC608A is open source? As far as I know, Microchip has stopped publishing datasheets for their microchips after ATECC508A version, further versions are all NDA. Can I trust these secure elements if data is no longer available for everyone to see and check? How can I be sure that governments haven't forced Microchip to implement some backdoors to steal my crypto? Found an old topic from Trezor explaining the reasons why they don't use secure elements https://blog.trezor.io/is-banking-grade-security-good-enough-for-your-bitcoins-284065561e9b Kind of brings up an interesting point. If I sign the NDA I get a lot more info on how it works. But there are things I cannot talk about. Is that good or bad? I understand that there are some IP things that they might want to keep secret for as long as possible, putting time and money into R&D and such and then putting it out there so some fab in a country that does not care about IP can crank out a million units. Not good. I also know it leads to less trust because we can't verify anything. -Dave Title: Re: Secure Element in Hardware Wallets Post by: casperBGD on January 04, 2021, 08:20:45 PM ~snip I understand that there are some IP things that they might want to keep secret for as long as possible, putting time and money into R&D and such and then putting it out there so some fab in a country that does not care about IP can crank out a million units. Not good. I also know it leads to less trust because we can't verify anything. -Dave it is a way of doing business, you have to sign a NDA to have access to proprietary technology that brings us to another issue, why do we have to trust manufacturer, but trust is inevitable at some point when you are using third party provider services, and hardware wallet is a third party provider service although it is here for 12 years, this technology is still young to change ways in technology industry, IMHO, and you have to put your trust in something, or manufacture your own hardware device :( Title: Re: Secure Element in Hardware Wallets Post by: Coin-Keeper on January 04, 2021, 10:18:54 PM Quote but I can achieve that with Trezor if the passphrase was used along with the seed phrase. So, I can't see a point in adding secure elements. I sometimes feel like I must be the only active coder/user (based upon absence of others supporting the feature with their posts) that consistently uses SD encrypt. I have to add again that having my Trezors encrypted in tandem with long passwords makes them virtually unhackable using any conventional definition of the word. Plus with all that encryption I have the protection of using an open source hardware device that is visible to me. No hiding places in a chip keeps me feeling better. Title: Re: Secure Element in Hardware Wallets Post by: witcher_sense on January 06, 2021, 08:36:48 AM Sure you can do that, but then you should also not trust any devices that exist today including smart phones, sim cards, SC cards, or payment cards that all have secure elements in them. We should not trust any devices that contain secure elements either, we can't rely on SE because the information stored in these elements can be obtained in other ways. For example, hackers don't need to get physical access to our SIM card, instead, they can easily convince mobile phone employees to clone the SIM. Our payment cards have all sensitive information written on them, which makes them vulnerable to phishing, hacking, stealing, etc. If you were to lose it or get robbed, you wouldn't rely on SE to protect your funds, you would block your card instead thus making it completely useless. Secure elements are not exclusive only for hardware wallets. Title: Re: Secure Element in Hardware Wallets Post by: ranochigo on January 06, 2021, 09:19:36 AM We should not trust any devices that contain secure elements either, we can't rely on SE because the information stored in these elements can be obtained in other ways. For example, hackers don't need to get physical access to our SIM card, instead, they can easily convince mobile phone employees to clone the SIM. That is because your SIM Card contains the information required to authenticate with the cell towers. Operators can permit an alternate SIM card to use your number but that doesn't mean that the SIM card has failed it's purpose. It's primarily purpose is to resist any bruteforce attacks to get the keys and CMIIW, most modern SIM card bricks itself during a bruteforce attacks.Our payment cards have all sensitive information written on them, which makes them vulnerable to phishing, hacking, stealing, etc. If you were to lose it or get robbed, you wouldn't rely on SE to protect your funds, you would block your card instead thus making it completely useless. The secure element on a debit card is used to protect against cloning attacks. It is difficult to clone the chips in an EMV cards while it is easily to clone the magnetic stripe cards. The scenario that you present isn't the point of EMV cards in the first place, it's designed primarily to combat swiping attacks. When I lose my hardware wallet, I trust that the secure element can resist the attacks until I can transfer my funds out.The one time you can rely on the secure element is when the information that you need is inside the secure element itself. There is no one else to do social engineering to get the information within the SE unless the owner chooses to reveal it himself. When used properly, the secure element will not reveal the information held within and that is it's primarily purpose inside a hardware wallet, and inside a sim card, payment cards etc. For the scenario as stated, HW wallets containing SE still provides an additional layer of security. Title: Re: Secure Element in Hardware Wallets Post by: HCP on January 07, 2021, 08:44:56 PM The "other guy" with a closed source controller/element has had numerous instances of theft happening with phished app's etc.... And in how many of those cases were the funds lost because the secure element was breached? HINT: zero ::)In every single case, the end user broke the golden rule and entered their 24 word recovery phrase into a fake website and/or app instead of only entering it on the device itself. It could just as easily happen to someone connecting to a fake "trezor.wallet.io" website. Which has also happened before. (https://blog.trezor.io/psa-phishing-alert-fake-trezor-wallet-website-3bcfdfc3eced) Secure Element or not... open source or closed source... All the "security" in the world will be useless if you simply hand over the recovery phrase. :P Title: Re: Secure Element in Hardware Wallets Post by: Coin-Keeper on January 07, 2021, 09:46:34 PM HCP,
Hard to imagine someone would enter their SEED but it happens! Title: Re: Secure Element in Hardware Wallets Post by: witcher_sense on January 08, 2021, 10:01:11 AM Hard to imagine someone would enter their SEED but it happens! Interestingly, phishing websites almost never ask you for your passphrase, only for 24 words of your seed phrase. That means if you have set up a passphrase, you will not fall victim to these scam attempts. Scammers are stupid enough not to consider additional security levels users may have. The combination of seed phrase plus passphrase will likely be more robust than secure elements plus 24 words (no passphrase) when it comes to phishing attacks. In short, secure elements don't protect against phishing, while a simple combination of passphrase and scammer's stupidity does. ;D Title: Re: Secure Element in Hardware Wallets Post by: Pmalek on January 08, 2021, 10:24:51 AM Interestingly, phishing websites almost never ask you for your passphrase, only for 24 words of your seed phrase. That could be an intentional thing. The passphrase is considered an advanced feature. That means that newbies and those that don't feel comfortable enough to experiment with passphrases most likely don't have one either. It also means that if you know what a passphrase is, and you took the little time that is needed to set one up, you are unlikely to be gullible enough to insert your seed phrase in a fake wallet.Title: Re: Secure Element in Hardware Wallets Post by: casperBGD on January 08, 2021, 01:26:10 PM Interestingly, phishing websites almost never ask you for your passphrase, only for 24 words of your seed phrase. That could be an intentional thing. The passphrase is considered an advanced feature. That means that newbies and those that don't feel comfortable enough to experiment with passphrases most likely don't have one either. It also means that if you know what a passphrase is, and you took the little time that is needed to set one up, you are unlikely to be gullible enough to insert your seed phrase in a fake wallet.agree on this, it is for complete newbies, they could enter their seed phrase in fake wallet, if you done some research, you should probably know that you should not do that with that said, when I created my first block.io account, I did this because BTC wallets seem so complicated to use, and web wallet was easy to use, and these days I also think that ETH and tokens have much more user friendly usage and experience in wallets (no matter type) than BTC, maybe that is due to nature of the system, or the way the BTC records transactions, but I find it really hard to call me familiar for everyday use, while for ETH the process is linear, or that is just the matter of habit Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on January 26, 2021, 11:45:25 AM Added new hardware wallet Tangem (https://tangem.com/) with EAL6+ Samsung SecureCore microchip and like all other manufacturers they say their chip is the best :)
They have open source software development kit for their android and iOS mobile devices: https://github.com/Tangem Title: Re: Secure Element in Hardware Wallets Post by: Max_Headroom on January 30, 2021, 04:37:13 PM I just came about this open source project based on SmartCard-HSM called smartbtc
smartbtc http://smartbtc.eu/index.html the SmartCard-HSM smartcard hardware manufacture https://www.smartcard-hsm.com/features.html Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on February 09, 2021, 12:11:59 PM Added one more hardware wallet ImKey (https://imkey.im/) that claims to have EAL 6+ Military-grade CC security chip, but I can't find much information about it and it's not possible to confirm exact chip model and manufacturers.
Looks like it is made in China and their twitter social media account is not active since 2019, and having secure element does not have to mean that hardware wallet is better or safer than other wallets. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on February 10, 2021, 11:41:43 AM Wookong (https://wooko.ng/) Chinese hardware wallets also have secure element but it is currently one of the lowest graded EAL4+ chip from all known hardware wallets.
I could not find and verify what exactly microchip they are using but on their website they claim it is fully secured and not half secure like Ledger wallet, but not much data or explanation is provided. Everything looks closed source in this case, and I would stay away from this product. One more hardware wallet added is Hashwallet (https://www.gethashwallet.com/) with EAL 6+ Infineon SLE78 secure element. Similar Infinion chips manufacturer is used for Secux, Keevo and Jubiter hardware wallets. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on March 03, 2021, 02:31:32 PM Interesting update regarding Cobo vault hardware wallet after I asked them to provide identification for their secure element, and they refused to do it.
Nick Johnson opened, bypassed their tamper protection mechanism and examined it's inside with secure element. As main chip they are using Mediatek MT6850 but they lasered off identification marks from secure element chip in effort to hide this information from people! Nick managed to enter criteria in supplier database and came up with potential candidate MAX36010-BSN-T (https://www.maximintegrated.com/en/products/orderpage.html?fert=MAX36010-BNS%2BT) as security supervisor from Maxim. We can't be 100% certain, but I am updating information and adding this as probable secure element for Cobo vault. Common Cobo, you can't hide things like this forever :D https://i.imgur.com/oLvTLZD.png Full source report (https://weka.medium.com/defeating-the-cobo-vault-pros-self-destruct-mechanism-abf321e2f5b5) is very interesting to read. (archive) (https://archive.vn/GsKfZ) Title: Re: Secure Element in Hardware Wallets Post by: HCP on March 03, 2021, 09:49:25 PM Full source report (https://weka.medium.com/defeating-the-cobo-vault-pros-self-destruct-mechanism-abf321e2f5b5) is very interesting to read. (archive) (https://archive.vn/GsKfZ) The ending slayed me! Quote ... this device will be a viable alternative to the Ledger and Trezor, with a much nicer UI that seems likely to be further improved. Bwhahaha... :D :D :DWhich is a shame, because the one I have appears to be non-functional and in pieces. I love the way people think "outside the box" (if you'll pardon the pun ;)) like this: Quote I took my Vault to my local Veterinarian, and asked them to XRay it for me. :o :o :o That's genius!Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on March 21, 2021, 04:36:45 PM One small update regarding secure element chip ATECC608A that is used in ColdCard, BitBox and Passport hardware wallets.
This secure element is mostly used by Amazon and it is good for their services, but let's say it is not very smart when we are talking about Bitcoin and it doesn't know how to create a Bitcoin signature. When you sign a transaction on device with ATECC608A, secret needs to be moved to other stm32 memory chip, sign a transaction and then secret should be cleared from stm32 memory. That means that secret is leaving secure element and this can in theory be abused by some attackers in future, but something like this has not done so far. This can probably be applied to some Infineon secure element chips that Amazon uses, but I can't be totally sure about that. There is a lot of room for improvements in using secure element chips in hardware wallets and I expect next few years will be very interesting for inovations. Title: Re: Secure Element in Hardware Wallets Post by: DaveF on March 22, 2021, 11:15:50 AM ... When you sign a transaction on device with ATECC608A, secret needs to be moved to other stm32 memory chip, sign a transaction and then secret should be cleared from stm32 memory... Was thinking about something similar the other day and this probably unworkable thought came into my head. And entire secure wallet on a single chip. Create some custom spun chip with everything you need on the one chip. Would eliminate a few attack vectors, but might add some more. Was watching a youtube video about a company that built a custom piece of hardware for medical data pad for harsh environments, was essentially a custom android tablet with a HDMI connector but EVERYTHING was in 1 chip. RAM / ROM / Flash Memory, CPU, video processor, etc all in the one chip. Any thoughts? -Dave Title: Re: Secure Element in Hardware Wallets Post by: ranochigo on March 22, 2021, 01:28:28 PM And entire secure wallet on a single chip. Create some custom spun chip with everything you need on the one chip. Probably won't help much, if at all. There isn't any proprietary secure elements being produced by any hardware wallet manufacturers. Designing one and manufacturing them would probably make the cost of one skyrocket, not to mention that smashing that many components into a single chip isn't common at all.Would eliminate a few attack vectors, but might add some more. Was watching a youtube video about a company that built a custom piece of hardware for medical data pad for harsh environments, was essentially a custom android tablet with a HDMI connector but EVERYTHING was in 1 chip. RAM / ROM / Flash Memory, CPU, video processor, etc all in the one chip. Communication between secure element and the MCU should be encrypted and if anything were to be extracted. AFAIK, some MCUs actually wipe their memory on bootup, even if the user doesn't do a clean shutdown. Would be better to just use a SE that allows for transactions to be signed within that, so keys are never sent out of it. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on March 22, 2021, 01:44:13 PM Was thinking about something similar the other day and this probably unworkable thought came into my head. And entire secure wallet on a single chip. Create some custom spun chip with everything you need on the one chip. Would eliminate a few attack vectors, but might add some more. Was watching a youtube video about a company that built a custom piece of hardware for medical data pad for harsh environments, was essentially a custom android tablet with a HDMI connector but EVERYTHING was in 1 chip. RAM / ROM / Flash Memory, CPU, video processor, etc all in the one chip. Any thoughts? This is impossible to have today as secure elements are simple and stupid with only one purpose, so we need to have two chips for this to work. Some wallets like Trezor or Jade have only one chip but they don't have secure element. Good news is that Trezor team is making their own open source secure element that will be a gamechanger compared with all solutions we have at the moment. There will be no need for secret NDAs and closed source bs. Title: Re: Secure Element in Hardware Wallets Post by: Coin-Keeper on March 23, 2021, 06:47:41 PM Quote Good news is that Trezor team is making their own open source secure element that will be a gamechanger compared with all solutions we have at the moment. There will be no need for secret NDAs and closed source bs. That really sounds good to me! Title: Re: Secure Element in Hardware Wallets Post by: bob123 on March 24, 2021, 12:49:36 PM This is impossible to have today as secure elements are simple and stupid with only one purpose, so we need to have two chips for this to work. It is not impossible per se. A single chip itself is a set of electronic circuits. And it is not abnormal for a chip to have several sub-components. It is very well imaginable that one of these sub-components can be a secure element itself. That's like a "bigger" chip being made of "smaller chips". Nothing too uncommon. When we are talking about Chips or Microchips we are actually already talking about a set of components, all the time. Title: Re: Secure Element in Hardware Wallets Post by: DaveF on March 25, 2021, 12:30:37 PM ... When we are talking about Chips or Microchips we are actually already talking about a set of components, all the time. Exactly what I was thinking. Much like what I was saying is that someone took an established CPU design and then just added what you would normally see elsewhere on a board and combined it all onto 1 die package. Made for a smaller board and only put on what they needed. -Dave Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on March 29, 2021, 02:05:39 PM That really sounds good to me! Yes and according to recent news (https://bitcoinmagazine.com/business/tropic-square-receives-4-7-million-to-develop-open-source-security-chip) Tropic Square received 4 million euros from Swiss company Auzera for creating first ever open source security chip TASSIC that should be released by the end of 2022. This is a game changer for sure and I hope other manufacturers will follow them because it's always good to have healthy competition. Title: Re: Secure Element in Hardware Wallets Post by: Pmalek on March 29, 2021, 09:43:03 PM According to the article, TASSIC is expected to be used in Trezor devices, meaning the company is looking to completely change their security concept. Getting rid of the seed extraction vulnerability with physical access to Trezor hardware wallets will be achieved in this way. Only time will tell if the approach of having a publicly available codebase for the secure element was the right decision. I hope the chip will be tested thoroughly even if it means extending the ETA. We certainly don't need new bad press in the hardware wallet department. I also expect it to be a more expensive device compared to hardware wallets with older chips.
Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on April 29, 2021, 01:44:37 PM List of secure elements is updated with new hardware wallet OneKey (https://shop.onekey.so/products/onekey-x1-adapted-to-android-ios-to-be-updated) with HSC32I1 secure element, they claim it's EAL 6+ certified, however on hsec website I found this chip is EAL 4+ certified.
Interesting thing about this chip is that it is made for Huawei after United States imposed a ban on their devices, so Hongsi Electronics created fully compatible clone to replace ATSHA204A chip, using same SHA-256 algorithm with few more added. OneKey wallet is using HSC32I1 as secondary chip used for holding secrets, along with their main STM32 chip. https://i.imgur.com/TKkEwrn.png Title: Re: Secure Element in Hardware Wallets Post by: Max_Headroom on May 09, 2021, 02:03:07 PM Quote **Trezor is working on their own fully open source Secure Element chip and they started separate project for this purpose called Tropic Square. That sounds great, I maybe going to buy a Trezor because of it.. ;D Any news about it? Information like what FPGA development board? what Hardware Description Language plataform etc.. Just curious .. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on May 09, 2021, 02:20:03 PM That sounds great, I maybe going to buy a Trezor because of it.. ;D Any news about it? Information like what FPGA development board? what Hardware Description Language plataform etc.. Don't expect to see this new Trezor hardware wallet released before late 2022, and I listened to one podcast with Trezor team explaining that it's technically nearly impossible to make 100% open source chip so fast, and final product will have to wait, but important thing is they have required funding of 4 million euros. Maybe you can learn more about it from this podcast with Vlad Costea and Slush, and follow @tropicsquare twitter channel for more news: https://bitcoin-takeover.com/s8-e8-slush-on-trezor-and-tropic-square/ Title: Re: Secure Element in Hardware Wallets Post by: Max_Headroom on May 09, 2021, 03:11:34 PM but important thing is they have required funding of 4 million euros. It reminds me professor Andrew S. Tanenbaum about European grants for developing a new tech ;D :D Sounds like the market price in 2014 plus inflation Andrew S. Tanenbaum: The Impact of MINIX (~ 6 minutes 50 seconds) https://youtu.be/86_BkFsb4eI?t=386 :D Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on May 21, 2021, 11:20:30 AM New hardware wallet model CoolWallet Pro (https://www.coolwallet.io/) introduced new Secure Element J3R110 that has higher evaluation assurance level EAL6+ compared with their older model CoolWallet S, and this chip is often used in smart cards.
I don't see any big improvements or changes and this wallet still remains closed source, so I would look for other alternatives. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on June 14, 2021, 09:19:05 AM List is updated with two new hardware wallets HyperMate G (https://hyperpay.tech/hypermatepro/g) and HyperMate Pro (https://hyperpay.tech/hypermatepro/pro), both of them are using the same Infineon secure element with EAL 6+ certification but exact model is not stated on their website.
HyperMate is company from China but Infineon is German semiconductor manufacturer and their secure elements are also used in other hardware wallets like Jubiterwallet, Keevo, Secux and Hashwallet. HyperMate is using Infineon chip in combination with Nordic BLE Chip, and interesting thing is that OLED screen of their hardware devices is directly connected with Secure Element to avoid middleman attacks. https://i.imgur.com/YIyd0eY.png https://hyperpay.tech/hypermatepro/pro Title: Re: Secure Element in Hardware Wallets Post by: Rath_ on June 14, 2021, 10:54:49 AM That sounds great, I maybe going to buy a Trezor because of it.. Any news about it? A few days ago, Tropic Square confirmed (https://twitter.com/tropicsquare/status/1403259265159208960) that their chip is expected to be available somewhere in 2022 and there doesn't seem to be any major problems which could delay the release. Still, I would not expect a new Trezor hardware wallet before 2023. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on June 14, 2021, 02:49:55 PM A few days ago, Tropic Square confirmed (https://twitter.com/tropicsquare/status/1403259265159208960) that their chip is expected to be available somewhere in 2022 and there doesn't seem to be any major problems which could delay the release. Still, I would not expect a new Trezor hardware wallet before 2023. Great news and they commented that goal for them is to release it in 2022 and that Secure Element will be available for everybody and not just for hardware wallets.As Ledger collected bunch of money in their latest fundraising it would be interesting to see if they join this race of developing their own open source alternative, or they will continue to waste more time and money on supporting altcoins. Hardware wallet wars are just getting started 8) Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on June 26, 2021, 03:08:20 PM List is updated with KeyStone Hardware wallet (https://github.com/KeystoneHQ) that have EAL5+ certification and 32-bit ARM Cortex-M0 secure element, like they announced on their github page with datasheet document.
KeyStone wallet is almost identical with Cobo Vault that stopped with production of their hardware wallet, and main developer with his team created new company with same components and few improvements. I am not sure this is the best choice for secure elements, as similar cheap Cortex-M0 STM chips are often used as regular processors and not as secure elements, and Keystone is still hiding exact model they are using. Ledger for example is using non-secure STM32 Cortex-M processor is combination with secure element ST31H320, and other hardware wallets are doing something similar. Quote Keystone's Secure Element is a 32-bit security microcontroller, which is specifically targeted at low-cost and low-power fields. The Secure Element is an ARM Cortex M0 microcontroller integrated with a variety of secure cryptographic modules, including the SM1, SM2, SM3, SM4 algorithm, as well as RSA/ECC, DES/3DES, AES128, AES192/256, SHA1/256, SHA384/512 and other internationally recognized security algorithms. It supports true random number generation (TNRG). The Secure Element provides a variety of peripheral interfaces: USB2.0 full speed, SPI, UART, ISO7816, I2C, etc. built-in ROSC, and also supports crystal-free applications. https://github.com/KeystoneHQ/Keystone-developer-documents/blob/main/se/Keystone_Secure_Element_Datasheet.mKeystone's Secure Element has a 256K byte on-chip eFlash, 16K bytes of ROM, 16K bytes of on-chip SRAM, and 4K bytes of dedicated SRAM algorithm, of which on-chip ROM provides various algorithm interface programs for developers. It improves the development efficiency and optimizes system performance. Title: Re: Secure Element in Hardware Wallets Post by: zyobum on July 29, 2021, 10:26:18 AM Not sure about the CC EAL 7 certification of NGRAVE.
I was not able to find the certification here: https://www.commoncriteriaportal.org/products/certified_products.csv Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on July 29, 2021, 10:39:02 AM Not sure about the CC EAL 7 certification of NGRAVE. I don't know what kind of ''holy grail'' csv file you are showing us here, but Ngrave hardware wallet is not officially released yet, you can only pre-order it, so it's normal that secure element is not revealed and we don't know exact certification level.I was not able to find the certification here: https://www.commoncriteriaportal.org/products/certified_products.csv Only information we have is from their website claiming they have CC EAL7 certification. Quote Certification Level CC EAL7, CE, RoHS, FCC https://www.ngrave.io/products/zeroMPU 2019 STM32MP157C (High Performance Dual-core ARM® Cortex®-A7 including ARM® NEON and ARM® Trustzone® + ARM® Cortex®-M4 with FPU/MPU) with Secure Boot, Secure RAMs, Secure RTC, Active Tamper and Trustzone® Peripherals, Cortex M4 Resources Isolation. Ultra low power consumption. SE State-of-the-Art Secure Element Title: Re: Secure Element in Hardware Wallets Post by: zyobum on August 02, 2021, 07:52:13 AM I see, Thanks.
BTW, the link comes from the organization that runs the "Common Criteria" certification program: https://www.commoncriteriaportal.org/products/ (https://www.commoncriteriaportal.org/products/) There is a button in the menu "download CSV" redirect to the link I posted. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on August 17, 2021, 11:00:01 AM I am not great in making forum tables so.... is there anyone who can help me to create simple table form and improve my first post to list all hardware wallets and secure elements?
This should ideally have 5 sections, hardware wallet name, wallet Open Source YES/NO section, Secure Element YES/NO section, Type and model of secure element section, EAL Evaluation Assurance Level setion. Anyone who help me with this task will be rewarded with some merits and he will be credited for his work. You can write in this post or contact me with PM. Title: Re: Secure Element in Hardware Wallets Post by: SFR10 on August 17, 2021, 01:01:10 PM is there anyone who can help me to create simple table form and improve my first post to list all hardware wallets and secure elements? I can help you with that part but I'd like to request not meriting my post for a code that it's just an alteration of what you already have posted in this thread.~Snipped~ - The credit part is more than enough :) I'll post it here... Update: - Kindly double-check [especially towards the end]. Code: [center][table] Update 2: Thanks buddy for helping and for wonderful work with this table! You're very welcome, I'm glad I could help :)I checked everything, made few small corrections, updated first post and it looks much better than my old frankenstein list :D I tried making my own table but I always messed up thing when creating new lines, so maybe I will contact you in again in future for small assistance. Sure, feel free to contact me if you need more assistance. Btw, thank you for the credit part [I appreciate it] :) Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on August 17, 2021, 03:03:56 PM I can help you with that part but I'd like to request not meriting my post for a code that it's just an alteration of what you already have posted in this thread. Thanks buddy for helping and for wonderful work with this table!- The credit part is more than enough :) I checked everything, made few small corrections, updated first post and it looks much better than my old frankenstein list :D I tried making my own table but I always messed up thing when creating new lines, so maybe I will contact you in again in future for small assistance. PS No merits, as you requested ;)
Title: Re: Secure Element in Hardware Wallets Post by: Tibu on October 11, 2021, 06:09:16 AM I see many people talking about Secure Element in hardware wallet ... Hey, First of all, I would like to thank you for this great topic. It's really important to have such an overview while considering a hardware wallet. May I ask you to add our product ? It's called Satochip, based on a smart card, this hardware wallet is open source and build on the NXP JCOP interface. Here are the specifications:
If you guys need any information about our product, feel free to ask. I will be more than happy to help. See my signature for more ressources. Thank you. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on October 11, 2021, 04:33:29 PM Hey, Sure you can, Satochip is now added to the list in first page.First of all, I would like to thank you for this great topic. It's really important to have such an overview while considering a hardware wallet. May I ask you to add our product ? It's called Satochip, based on a smart card, this hardware wallet is open source and build on the NXP JCOP interface. I don't have plan to list every single hardware wallet that exist in the world, so it is possible that some of them are still missing. Title: Re: Secure Element in Hardware Wallets Post by: Tibu on October 12, 2021, 06:03:32 AM Hey, Sure you can, Satochip is now added to the list in first page.First of all, I would like to thank you for this great topic. It's really important to have such an overview while considering a hardware wallet. May I ask you to add our product ? It's called Satochip, based on a smart card, this hardware wallet is open source and build on the NXP JCOP interface. I don't have plan to list every single hardware wallet that exist in the world, so it is possible that some of them are still missing. Thank you for the quick shot ;) Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on October 19, 2021, 12:03:36 PM I found one interesting thing about Secure Element microchip ATECC608A (https://www.microchip.com/en-us/product/ATECC608A#buy-from-store) that is used in hardware wallets like Coldcard, Passport and Bitbox.
It can be fond and purchased online or in stores very easy for price of 1 usd (or less than 1 euro), and price goes even lower if you purchase it in a bulk. Than you only need to found a schematic and make your own diy secure hardware wallet. One example from microchip.com (https://www.microchip.com/en-us/product/ATECC608A#buy-from-store) website: 1-24 chips = $0.90 25-99 chips = $0.75 100-999 chips = $0.68 1000-4999 chips = $0.63 5000-9999 chips = $0.61 10000+ chips = $0.56 I couldn't find exact price for other secured element chips used in other wallets, but I doubt they cost more than a few bucks, so better think about that next time you want to spend money on some hardware wallet. ;) Title: Re: Secure Element in Hardware Wallets Post by: n0nce on October 19, 2021, 02:50:09 PM I found one interesting thing about Secure Element microchip ATECC608A (https://www.microchip.com/en-us/product/ATECC608A#buy-from-store) that is used in hardware wallets like Coldcard, Passport and Bitbox. Yup, I know about this - I never thought that I pay 100+ bucks for the secure chip, that's never been on my mind to be honest, I was always like 'I pay for the R & D' ;DIt can be fond and purchased online or in stores very easy for price of 1 usd (or less than 1 euro), and price goes even lower if you purchase it in a bulk. Than you only need to found a schematic and make your own diy secure hardware wallet. But to be honest, I would need more than 10 hours to 'clone' a BitBox, which means I'd work below minimum wage to DIY it instead of just buying it. That's why it wouldn't make so much sense in my opinion. However, it's good that they're readily available, so that at least in theory, you can have 'reproducible builds' of the hardware and not only the software / firmware. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on October 19, 2021, 03:09:09 PM Yup, I know about this - I never thought that I pay 100+ bucks for the secure chip, that's never been on my mind to be honest, I was always like 'I pay for the R & D' ;D I am not sure if 10 hours is needed to make one, but BitBox02 first showed up in 2019 and it is based on open source Trezor hardware wallet with many hardware and software modifications, But to be honest, I would need more than 10 hours to 'clone' a BitBox, which means I'd work below minimum wage to DIY it instead of just buying it. That's why it wouldn't make so much sense in my opinion. but BitBox02 remained open source with addition of secure element. Sure, you can purchase new Bitbox wallet today from manufacturer for €119, but you can make your own DIY Bitbox for around $20 (if you find and order all parts), because they released everything on their github page. - List of materials you need (https://github.com/digitalbitbox/bitbox02-firmware/blob/master/doc/bb02_bom_v2.10.pdf) (secure element used from 2021 is ATECC608B instead of ATECC608A. - Circuit Board Schematics (https://github.com/digitalbitbox/bitbox02-firmware/blob/master/doc/bb02_v2.10_schematics.pdf) - ATECC608B secure element (https://www.microchip.com/en-us/product/ATECC608B#buy-from-store) (around $1) - ATSAMD51J20A 32-bit ARM Cortex M4F microcontroller (https://www.digikey.com/en/products/detail/microchip-technology/ATSAMD51J20A-AUT/7390181) (around $6) - PRTR5V0U2F + all other parts (https://www.nexperia.com/products/automotive-qualified-products-aec-q100-q101/automotive-esd-protection-and-tvs/automotive-esd-protection/PRTR5V0U2F.html) (around 13$) There is total of 64 parts for BitbOx02 and total price of all parts is around $20, but you need to have some patience and soldering skills to put everything together and 3d print STL (https://gofile.io/d/LsoIBU) files. Maybe most complicated part of this project would be creating a custom printed circuit board but everything is provided in schematics documents. Title: Re: Secure Element in Hardware Wallets Post by: SFR10 on October 19, 2021, 06:54:24 PM I couldn't find exact price for other secured element chips used in other wallets, While I was searching for the first one on the list [without a price], I stumbled upon an old GitHub link that said Trezor had one ["STM32F205VET6 (https://github.com/joltwallet/jolt_wallet/blob/master/docs/faq.md#comparison-with-other-hardware-wallets)"]!- AFAICR, Trezor never released a model with a secure element [despite creating one for testing purposes], so I'm assuming that the information on that link is inaccurate. Am I right [I had no luck in verifying it]? Update: STM32F205VET6 is NOT a secure element, but a main microcontroller chip that every other hardware wallet device have and it is used for general operation. So that's why I couldn't find anything... Thank you for the explanation part.In other example from that link STM32F042K is main chip used in ledger wallet and they used second chip secure element ST31H320. In BitBox02 main chip is ATSAMD51J20A and second chip secure element is ATECC608B, so don't mix things please. Secure element is second chip that is usually only used for keeping a secret phrase. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on October 19, 2021, 07:03:36 PM While I was searching for the first one on the list [without a price], I stumbled upon an old GitHub link that said Trezor had one ["STM32F205VET6 (https://github.com/joltwallet/jolt_wallet/blob/master/docs/faq.md#comparison-with-other-hardware-wallets)"]! STM32F205VET6 is NOT a secure element, but a main microcontroller chip that every other hardware wallet device have and it is used for general operation.In other example from that link STM32F042K is main chip used in ledger wallet and they used second chip secure element ST31H320. In BitBox02 main chip is ATSAMD51J20A and second chip secure element is ATECC608B, so don't mix things please. Secure element is second chip that is usually only used for keeping a secret phrase. Title: Re: Secure Element in Hardware Wallets Post by: n0nce on October 20, 2021, 09:56:22 AM There is total of 64 parts for BitbOx02 and total price of all parts is around $20, but you need to have some patience and soldering skills to put everything together and 3d print STL (https://gofile.io/d/LsoIBU) files. Ohh right, right, PCB files are available as well, of course.. this would be a pretty cool project to be honest! :DMaybe most complicated part of this project would be creating a custom printed circuit board but everything is provided in schematics documents. You can order PCBs quite cheaply as well; maybe I'll order the parts and try my luck just for the heck of it ;) By the way; some services even solder the SMD stuff for you at little or no extra charge at all. Just one thing that I'm not sure of is how to program the chip (have to look into it). I have all sorts of programmers here though, so it should work. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on October 20, 2021, 10:16:22 AM You can order PCBs quite cheaply as well; maybe I'll order the parts and try my luck just for the heck of it ;) Yeah I know about PCBs and it's more complicated than other parts because it needs to be custom made, other things you just need to order and solder together.Only problem is that it may be a bit harder to find some parts because of global chip shortage, so you need to look locally as well as doing some internet search. Just one thing that I'm not sure of is how to program the chip (have to look into it). I have all sorts of programmers here though, so it should work. All instructions are provided on their github pug, but if something is missing I would say that it's very similar with Trezor wallet that have everything posted in more details, and maybe Bitbox devs are willing to help.Making some DIY wallet review article may bring more attention on their Bitbox wallet. Title: Re: Secure Element in Hardware Wallets Post by: n0nce on October 20, 2021, 10:27:22 AM ~ Unfortunately, no gerber files in the GitHub. I'm not sure how to convert the PDF into Gerber, it may be easy, it may be a pain lol.When looking online for someone who may have done it already, I came across this: https://www.eevblog.com/forum/blog/eevblog-1374-diy-trezor-crypto-hardware-wallet-part-1/ EEVBlog attempted the same thing with the Trezor, this should be an interesting video which I now added to my personal 'watch later' list :) Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on October 20, 2021, 10:43:55 AM Unfortunately, no gerber files in the GitHub. I'm not sure how to convert the PDF into Gerber, it may be easy, it may be a pain lol. There are some paid software for doing pdf to gerber conversion, but I think this free and open source software is also good, or you can just extract images from pdf file and convert them to gerber files:https://swannman.github.io/pdf2gerb/ Title: Re: Secure Element in Hardware Wallets Post by: n0nce on October 20, 2021, 03:08:03 PM Unfortunately, no gerber files in the GitHub. I'm not sure how to convert the PDF into Gerber, it may be easy, it may be a pain lol. There are some paid software for doing pdf to gerber conversion, but I think this free and open source software is also good, or you can just extract images from pdf file and convert them to gerber files:https://swannman.github.io/pdf2gerb/ Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on November 17, 2021, 03:24:20 PM https://i.ibb.co/4mKwwLP/img79ec828687dced911792909ccd9e0160.png
News update about Secure Elements, Microchip Technology is migrating their old secure element ATECC608A to the new version ATECC608B. ATECC608A chip is still used in some hardware wallets like ColdCard Mk3 and Passport, while Bitbox02 recently switched to new version ATECC608B. Same chip was previously used in M5Stack Core2 ESP32 Development Kit for AWS (https://m5stack.com/collections/m5-core/products/m5stack-core2-esp32-iot-development-kit-for-aws-iot-edukit?variant=37687799251116) and it's unknown if they updated it. Differences between ATECC608A and ATECC608B: - Low-Frequency I˛C Issue fixed (that can cause data corruption and device responding incorrectly) - Device Revision Differences (package marking on Microchip security devices does not identify the device type) - Execution Time Differences (after implementing new security enhancements) - Enhanced Temperature Range (extended range of -40°C to +100°C) - New Packages (3-pin RBH contact package) Both of this chips are nearly identical in every other way and devices should be able to replace them fairly easy, but problem is that they are hard to find on market because of chain supply and chip shortage issues. It is still unclear if this flaws in ATECC608A could affect ColdCard or Passport wallet or if that can be somehow exploited, but manufacturer strongly recommended converting to ATECC608B to enhance overall system security. Source document: https://ww1.microchip.com/downloads/en/Appnotes/Migrating-from-the-ATECC608A-to-the-ATECC608B-DS40002237A.pdf Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on December 08, 2021, 02:08:59 PM List is updated with new and little known hardware wallet Husky HDW20 (https://www.huskywallet.com/) coming from Canada, that has well known secure element ATECC608A.
This same secure element is used in other hardware wallets like ColdCard Mk3, Passport and Bitbox02 previously used this same secure element before switching to new ATECC608B. Wallet appears to be closed source, I couldn't find any github source, and all desktop and mobile applications are available on their website. Note that I didn't test this wallet myself and I don't know anyone who owns this device, so I can't confirm if stated secure element is really in this device. Title: Re: Secure Element in Hardware Wallets Post by: giszmo on December 12, 2021, 02:35:47 AM OP presents SEs as green/good and lack thereof as red/bad. I agree that there is certain situations where a SE can save the day but equally does the SE with their NDA-requirement and secrecy lead to a situation where we trust a black box a whole lot for being our own bank and throw "don't trust - verify" too easily over board.
Especially hardware wallets that use their SE's TRNG as sole source of entropy should be called out! Nobody can prove the TRNG to be truly random and in the worst case it just creates hash("you won't guess this", serialNumber, sequenceNumber) "random" numbers that the inventor can trivially guess. Such a hardware wallet would allow the provider to know all the private keys generated by all the users, putting him in the position of being able to pull the rug at any time. Please add in the OP:
As you can see in my footer, I work on WalletScrutiny where my primary goal is to prevent rug pulls as I see them as a systemic risk if we get another MtGox situation where half the community is affected. Reliance on a compromised TRNG is one of my big concerns. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on December 12, 2021, 02:03:52 PM OP presents SEs as green/good and lack thereof as red/bad. I agree that there is certain situations where a SE can save the day but equally does the SE with their NDA-requirement and secrecy lead to a situation where we trust a black box a whole lot for being our own bank and throw "don't trust - verify" too easily over board. I was neutral in this case, and I simply showed a color, green generally means GO, red color means STOP in traffic, but there is nothing good or bad about that.I can also say that tomato is red and cucumber is green, but that doesn't mean either of them are good or bad. If you read what I wrote, I actually said that secure elements can potentially be exploited by malicious firmware updates, and I wrote many times about dangers of hidden NDAs. Especially hardware wallets that use their SE's TRNG as sole source of entropy should be called out! Nobody can prove the TRNG to be truly random and in the worst case it just creates hash("you won't guess this", serialNumber, sequenceNumber) "random" numbers that the inventor can trivially guess. Such a hardware wallet would allow the provider to know all the private keys generated by all the users, putting him in the position of being able to pull the rug at any time. I already wrote a topic about Seed Generation in Hardware Wallets including entropy, and I am somehow aware of flaws with random generation (TRNG, HRNG, PRNG) but I am not at all expert and I don't understand deeply how they actually work.You are free to contribute this or any other of my topics and correct any potential mistakes I made: https://bitcointalk.org/index.php?topic=5317199.0 As you can see in my footer, I work on WalletScrutiny where my primary goal is to prevent rug pulls as I see them as a systemic risk if we get another MtGox situation where half the community is affected. Reliance on a compromised TRNG is one of my big concerns. I know your work, but I doubt MtGox can be repeated with hardware wallets.More likely scenario is that some government agency or malicious actor infiltrate any spy from the inside. Title: Re: Secure Element in Hardware Wallets Post by: JL0 on December 12, 2021, 07:15:45 PM Trezor releasing their new device with SE in 2022? Any ETA?
Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on December 13, 2021, 12:23:34 PM Trezor releasing their new device with SE in 2022? Any ETA? Nobody knows exact date and time especially with global chips shortage and problems with supply chain, but it is planned for the end of 2022.You can follow Trezor Tropic Square for news, and I will probably post any new information I hear in due time here. Important thing here is that this would be the first open source secure element, without secret NDAs signed. List is updated and new secure element ST33K1M5C added for ledger Nano S Plus device that is not yet officially released. I also made separate entries for currently available ledger hardware wallets because they all have different secure elements. Title: Re: Secure Element in Hardware Wallets Post by: JL0 on December 16, 2021, 11:43:50 AM Trezor releasing their new device with SE in 2022? Any ETA? Nobody knows exact date and time especially with global chips shortage and problems with supply chain, but it is planned for the end of 2022.You can follow Trezor Tropic Square for news, and I will probably post any new information I hear in due time here. Important thing here is that this would be the first open source secure element, without secret NDAs signed. List is updated and new secure element ST33K1M5C added for ledger Nano S Plus device that is not yet officially released. I also made separate entries for currently available ledger hardware wallets because they all have different secure elements. Title: Re: Secure Element in Hardware Wallets Post by: malevolent on December 17, 2021, 11:56:16 PM As you can see in my footer, I work on WalletScrutiny where my primary goal is to prevent rug pulls as I see them as a systemic risk if we get another MtGox situation where half the community is affected. Reliance on a compromised TRNG is one of my big concerns. Thankfully the whole Bitcoin space/ecosystem is more mature and varied now, any rug pull involving a major hardware wallet provider would be limited in damage. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on December 29, 2021, 01:52:15 PM Thankfully the whole Bitcoin space/ecosystem is more mature and varied now, any rug pull involving a major hardware wallet provider would be limited in damage. I have a feeling it's not mature enough, and bigger one hardware wallet manufacturer gets it increases the risk.It's enough to shop how mature and pro company is when all private customer information is leaked online :P Nice little article about Secure Elements explaining how they work, and what disadvantages/advantages they have. Like we talked before, biggest issue with secure elements is the fact that most of them are still closed source and we can't really verify chip security. Second problem is all the Certification levels, that makes customer having to trust companies who are evaluating all this. Having said that I noticed that ledger recently changed their certification to EALS+ and I can't find any information about that anywhere on internet... They suggest best way for solving this problems and disadvantages is with using multi-vendor multisig with multiple hardware wallets. https://unchained.com/blog/bitcoin-what-is-a-secure-element/ Title: Re: Secure Element in Hardware Wallets Post by: malevolent on December 31, 2021, 07:36:46 PM I have a feeling it's not mature enough, and bigger one hardware wallet manufacturer gets it increases the risk. It's enough to shop how mature and pro company is when all private customer information is leaked online :P But that's nothing to do security flaws with hardware, software, RNGs, etc. that non-technical users would have a difficult time protecting themselves against. Irresponsible behaviour of mature companies in other fields that results in leaks of customer info is also not an uncommon occurrence. (although an argument could be made that if they were sloppy with PI they might have been sloppy elsewhere, too) Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on January 02, 2022, 02:51:07 PM Onekey hardware wallet team finally released security information about their device with more information about secure element they are using for latest model Onekey Mini.
This is well know microchip ATECC608A used in many other hardware wallets like Coldcard Mk3, Passport, Husky HDW20, in some M5stack Amazon AWS EPS32 device and it was previously used in Bitbox02. Like i wrote before, microchip ATECC608A is not outdated and it has some flaws with low-Frequency I˛C Issue that can cause data corruption and device responding incorrectly. This was all fixed and updated in new version ATECC608B that is used only in Bitbox02 hardware wallet so far. Onekey also talked about certification (EAL6 for secure element), random number generator they use, and about Ultrasonic Welding used to reduce risks of tampering with device. Third party firmware can't be installed on their device because of use of security chip protection. https://onekey.so/security Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on May 25, 2022, 03:34:25 PM Secure element information updated for ColdCard Mk4 hardware wallet, that now have two secure elements SE1 Microchip ATECC608B and SE2 Maxim DS28C36B, along with STM32 main microcontroller.
They are using something called Pairing Secret, that means that secret is shared between three components, two secure elements and microprocessor. If one of those chips get's compromised, wallet with secret will be safe, and they use trick PIN's for improving security of their devices. ColdCard developers explained better in more details how Dual Secure Elements work on their github page: https://raw.githubusercontent.com/Coldcard/firmware/master/docs/mk4-secure-elements.md More information about second secure element they use - DeepCover Secure Authenticator Maxim DS28C36: https://www.maximintegrated.com/en/products/embedded-security/secure-authenticators/DS28C36.html Title: Re: Secure Element in Hardware Wallets Post by: JL0 on May 27, 2022, 06:23:08 PM Secure element information updated for ColdCard Mk4 hardware wallet, that now have two secure elements SE1 Microchip ATECC608B and SE2 Maxim DS28C36B, along with STM32 main microcontroller. Are there other wallets that use such a procedure?They are using something called Pairing Secret, that means that secret is shared between three components, two secure elements and microprocessor. If one of those chips get's compromised, wallet with secret will be safe, and they use trick PIN's for improving security of their devices. ColdCard developers explained better in more details how Dual Secure Elements work on their github page: https://raw.githubusercontent.com/Coldcard/firmware/master/docs/mk4-secure-elements.md More information about second secure element they use - DeepCover Secure Authenticator Maxim DS28C36: https://www.maximintegrated.com/en/products/embedded-security/secure-authenticators/DS28C36.html I think it's very good what ColdCard does. So you don't have to fully trust the SE. Title: Re: Secure Element in Hardware Wallets Post by: Pmalek on May 28, 2022, 07:31:32 AM Secure element information updated for ColdCard Mk4 hardware wallet, that now have two secure elements SE1 Microchip ATECC608B and SE2 Maxim DS28C36B, along with STM32 main microcontroller. Are there other wallets that use such a procedure?They are using something called Pairing Secret, that means that secret is shared between three components, two secure elements and microprocessor. If one of those chips get's compromised, wallet with secret will be safe, and they use trick PIN's for improving security of their devices. ColdCard developers explained better in more details how Dual Secure Elements work on their github page: https://raw.githubusercontent.com/Coldcard/firmware/master/docs/mk4-secure-elements.md More information about second secure element they use - DeepCover Secure Authenticator Maxim DS28C36: https://www.maximintegrated.com/en/products/embedded-security/secure-authenticators/DS28C36.html Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on May 30, 2022, 05:46:29 PM Are there other wallets that use such a procedure? I don't think anything similar was used in other currently available hardware wallets, and ColdCard was actually forced do invent this quick bandage solution after their older version Mk3 was recently hacked with extracted secret phrase and changed PIN.If you ask me, I wouldn't use any of Coldcard devices, and all of them had big security flaws in past, so there is no reason to think anything better will happen with Mk4. Mk2 had bad secure element that was revealed by ledger Donjon team, and most of Mk3 devices that exist today are all affected by their design flaw. Title: Re: Secure Element in Hardware Wallets Post by: Pmalek on June 01, 2022, 09:04:39 AM According to a well-known hardware hacker, STM microcontrollers are vulnerable to fault injection on a hardware level. You can patch it up or apply a bandage solution (like dkbit98 said) on the firmware and on a software level, but you are still dealing with an unsafe hardware component. Unsafe in the right hands.
Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on August 16, 2022, 12:44:36 PM New update is coming from Tropic Square and SatoshiLabs Trezor developers,
they are saying that first prototypes of their new transparent secure element is currently in production and they should receive them in the end of October 2022! Plan is that Tropic Square chips (TROPIC01) should become global security standard for many devices, not just for hardware wallets. They are testing this new chip and they plan to release testing results as soon as possible. This means that we can expect new Trezor hardware wallets with secure element after that, maybe in early 2023. Quote We designed the chip to provide a high level of security at every layer, from the choice of algorithms to the actual implementation. We target resilience against side-channel attacks and resilience against attacks causing erroneous behavior – the so-called ‘fault injection.’ Transparent chips allow us to open up implementation details to the community, which helps strengthen security through finding and highlighting potential vulnerabilities. https://www.linkedin.com/feed/update/urn:li:activity:6963468001845125120/Title: Re: Secure Element in Hardware Wallets Post by: DaveF on August 17, 2022, 12:07:59 PM New update is coming from Tropic Square and SatoshiLabs Trezor developers, they are saying that first prototypes of their new transparent secure element is currently in production and they should receive them in the end of October 2022! Plan is that Tropic Square chips (TROPIC01) should become global security standard for many devices, not just for hardware wallets. They are testing this new chip and they plan to release testing results as soon as possible. This means that we can expect new Trezor hardware wallets with secure element after that, maybe in early 2023. Quote We designed the chip to provide a high level of security at every layer, from the choice of algorithms to the actual implementation. We target resilience against side-channel attacks and resilience against attacks causing erroneous behavior – the so-called ‘fault injection.’ Transparent chips allow us to open up implementation details to the community, which helps strengthen security through finding and highlighting potential vulnerabilities. https://www.linkedin.com/feed/update/urn:li:activity:6963468001845125120/From the tl;dr all the info on the TROPIC01 is it pin and / or instruction compatible with other secure elements to any degree? For the wallets that are almost done now or will be done by the end of the year they are going to be using whatever you can get today. The next generation if it's pin / programming similar enough they might make it into them. If not it's going to be a while if there has been any work on them based on what you can get now. Could be wrong, just my view. Also, there is a strong sentiment in the security field to let the other guy test new things. We'll wait for gen 2. -Dave Title: Re: Secure Element in Hardware Wallets Post by: Cricktor on August 17, 2022, 02:43:15 PM First, the TROPIC01 has to materialize and be actually available. There's probably some light visible at the end of the tunnel now.
Second, does it work properly and is it actually secure as wanted/needed? This might take a while to probe... Third, which products will use it and when will those be available? (Might take even longer, but I'd expect a new Trezor device to show up first.) Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on August 17, 2022, 09:51:07 PM From the tl;dr all the info on the TROPIC01 is it pin and / or instruction compatible with other secure elements to any degree? I am not sure if it's going to be compatible with other secure elements, but it's going to be more secure and transparent, so that means no more hidden NDA's.For the wallets that are almost done now or will be done by the end of the year they are going to be using whatever you can get today. Current market is hungry for secure elements of any kind and I am sure they are going to have very good sales if they manage to pull this of in time, and use current global chip shortage. Behind the scenes Trezor is 100% already working on new hardware wallet device that is going to be compatible with this secure element, that is the only way they can compete with ledger. I will always choose open source hardware wallet with transparent secure element, instead of black box NDA closed source marketing propaganda devices. Title: Re: Secure Element in Hardware Wallets Post by: SFR10 on August 20, 2022, 08:10:20 AM they are saying that first prototypes of their new transparent secure element is currently in production and they should receive them in the end of October 2022! Am I correct in assuming that they altered their previous plans and chose to go with the "100%" open-source route or there are still some parts of it that don't fall into that category?Third, which products will use it and when will those be available? (Might take even longer, but I'd expect a new Trezor device to show up first.) The first product to showcase that secure element it's probably going to be their upcoming "Trezor Model R [confirmed by Rusnak (https://github.com/trezor/trezor-firmware/issues/2246#issuecomment-1129603781)]", but there's still no roadmap [AFAIK].- I counted "26 open issues for this specific model (https://github.com/trezor/trezor-firmware/issues?page=1&q=is%3Aissue+is%3Aopen)" on the first two pages alone, so I doubt it could show up prior to the completion of this SE. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on August 20, 2022, 09:28:28 PM Am I correct in assuming that they altered their previous plans and chose to go with the "100%" open-source route or there are still some parts of it that don't fall into that category? To be fair they claimed before that new secure element will be open source as much as possible, but let's wait and see what transparent exactly means.So far Trezor proved they won't use any insecure or closed source chips with secret NDAs, and they could do it many times, but they don't make compromises like others. The first product to showcase that secure element it's probably going to be their upcoming "Trezor Model R [confirmed by Rusnak (https://github.com/trezor/trezor-firmware/issues/2246#issuecomment-1129603781)]", but there's still no roadmap [AFAIK]. Oh that's nice, first time I see this information about TrezoRRR... ;) but sadly prusnak said it's wont be available any time soon (that was back in May).- I counted "26 open issues for this specific model (https://github.com/trezor/trezor-firmware/issues?page=1&q=is%3Aissue+is%3Aopen)" on the first two pages alone, so I doubt it could show up prior to the completion of this SE. Title: Re: Secure Element in Hardware Wallets Post by: Pmalek on August 21, 2022, 07:49:14 AM Am I correct in assuming that they altered their previous plans and chose to go with the "100%" open-source route or there are still some parts of it that don't fall into that category? This is the first official announcement in which I see the mention of the term "transparent" secure element. In the past, they called it either open-source or "as open source as possible" which was evident from their early announcements. The latest info dkbit98 shared mentions they are against "closed products". So the idea is still to create a different type of component from the traditional closed-source chips, but probably not a fully open-source SE. "As open-source as possible" should still be the most correct definition based on what we have seen up till now. Title: Re: Secure Element in Hardware Wallets Post by: Cricktor on August 21, 2022, 10:59:08 AM <snip> Please, do proper citations as it's not me but @SFR10 who wrote what you put into my "mouth". Thx in advance...Whenever Trezor's new device with TROPIC01 comes to market, I hope it won't be as expensive as their Trezor T is currently. Title: Re: Secure Element in Hardware Wallets Post by: JL0 on August 21, 2022, 05:17:36 PM Co-founder of Trezor replied to a question:
Quote @Petr Flídr Je nějaký odhad, kdy by mohl být první trezor s tímto čipem? @slushcz Realisticky 2024, hardware is hard :-). Quote @Petr Flídr Any guess when the first trezor with this chip might be? @slushcz Realistically 2024, hardware is hard :-). From his Czech speaking twitter account. https://twitter.com/Lupacz/status/1552555325026443265?cxt=HHwWgoC9pfS15IsrAAAA (https://twitter.com/Lupacz/status/1552555325026443265?cxt=HHwWgoC9pfS15IsrAAAA) https://twitter.com/slushcz/status/1552909830691643393 (https://twitter.com/slushcz/status/1552909830691643393) Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on August 21, 2022, 09:51:19 PM Whenever Trezor's new device with TROPIC01 comes to market, I hope it won't be as expensive as their Trezor T is currently. I doubt it's going to be cheaper, and with global inflation slowly turning into hyperinflation I would say this is almost impossible.I expect prices for most hardware wallets and other electronic devices to go up in near future, especially with shortage of everything. Co-founder of Trezor replied to a question :PHmmm... I expected device release in 2023, but time flies. I think they could create some pre-order campaign in 2023 with special discount prices to collect more money/coins from people. Would I pre-order this device? - Maybe, depending on price and specification I would consider purchasing it, but it's need to offer something really unique. Title: Re: Secure Element in Hardware Wallets Post by: Pmalek on August 22, 2022, 07:58:39 AM <Snip> Thanks for the link to the Czech article. Using Google translate it's possible to understand what they are talking about. The article again confirms (similarly to older announcements) that the chip will not be entirely open-source. Google translates it as "a largely open" chip where the idea is to be able to verify and audit that it doesn't do anything it is not supposed to do and that it doesn't have additional components that could assist in supply chain attacks.Quote Tropic Square is preparing the so-called Secure Element (SE) chip, which is supposed to be largely open. Among other things, this will enable its auditability. It is supposed to verify, among other things, that the chip is manufactured exactly according to the design, and therefore that there has been no modification or addition of an implant in the supply chain (generally referred to as a supply chain attack). Source: https://www.lupa.cz/aktuality/cesky-cip-tropic-square-jde-do-vyroby-vyrabet-se-bude-na-tchaj-wanu/?utm_source=rss&utm_medium=text&utm_campaign=rssTitle: Re: Secure Element in Hardware Wallets Post by: dkbit98 on August 23, 2022, 06:26:58 PM Adding some more information I found about upcoming Trezor prototype chip, and I didn't see this posted before or I missed it somehow.
Prototypes and the mass production of truly open integrated circuit chips are going to be made by UMC, a leading manufacturer of semiconductors from Taiwan. UMC headquarter is in Hsinchu, Taiwan, but good thing they are located in different locations in mainland China, as well as in Japan and Singapore. https://bitcoinmagazine.com/business/tropic-square-launches-open-source-chip-prototype-for-bitcoin-hardware Title: Re: Secure Element in Hardware Wallets Post by: Pmalek on August 30, 2022, 12:19:02 PM Adding some more information I found about upcoming Trezor prototype chip, and I didn't see this posted before or I missed it somehow. UMC was already mentioned as the manufacturer of the chips in some earlier announcements. I remember the name either from sources you shared or maybe the Czech blog post that was posted on the forum a couple of weeks ago. Prototypes and the mass production of truly open integrated circuit chips are going to be made by UMC, a leading manufacturer of semiconductors from Taiwan. UMC headquarter is in Hsinchu, Taiwan, but good thing they are located in different locations in mainland China, as well as in Japan and Singapore. UMC already operates out of two locations in China and if the US and China come to an agreement, maybe their Taiwanese headquarters will be called China in a few weeks or months as well. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on November 25, 2022, 07:23:38 PM Cypherock X1 (https://www.cypherock.com/) hardware wallet is added to the list with full transparent information about secure elements and microntrollers.
This device is certified with EAL5+ certification, and it using one secure element for main device ATECC608A, and second secure element NXP JCOP3 is used in cards you receive in package with device. Cypherock is using same outdated secure element like some other hardware wallets like ColdCard Mk3, Passport, OneKey Mini and Husky HDW20. It's currently harder to find new chip version ATECC608B, but they should make replacement as soon as possible. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on December 07, 2022, 01:55:52 PM New hardware wallet Ledger Stax (https://shop.ledger.com/pages/ledger-stax) is added to the list with secure element chip ST33K1M5, and it has EAL5+ certification.
This is newer model of STMicroelectronics chips that ledger is using in all of their devices, it is high speed MCU with 32-bit Arm Cortex-M35P CPU, and ledger is using this exact secure element in their S plus model, so nothing new to see here. We still don't know what microcontroller model ledger is using in Stax, but I am sure it's something from STM32 family of chips. It should also be mentioned that this secure element is totally closed source, and ledger have signed NDA with them. EDIT: Big news coming from Tretor and Tropic Square, they finally received first TROPIC01 chip prototypes and they released first picture of them! Something big is coming soon, while others (read ledger) are making same old junk in new shiny packaging ;) https://i.imgur.com/n3Z0daI.jpg https://nitter.weiler.rocks/tropicsquare/status/1600469041432313857#m Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on December 16, 2022, 07:12:21 PM One good thing after US semiconductor sanctions is that we are facing big push for open source RISC-V chip architecture, that is ironically first conceived in US, Berkeley, in 2010.
Chinese government and private sector (probably other countries under sanctions) are now all working together to avoid US sanctions, and they are indirectly helping production of open source chips. RISC-V chips could soon be real competition for Intel and AMD chips, and we could see fully open source devices soon, both hardware and software, and this could be used for hardware wallets in future. Trezor is working on new generation wallet with their new TROPIC01 chip, but they could face competition from China soon. It'0s not directly related to hardware wallets, but you can read full article below: https://asiatimes.com/2022/12/open-source-ic-architecture-taking-off-in-china/ Title: Re: Secure Element in Hardware Wallets Post by: n0nce on December 16, 2022, 07:58:12 PM New hardware wallet Ledger Stax (https://shop.ledger.com/pages/ledger-stax) is added to the list with secure element chip ST33K1M5, and it has EAL5+ certification. The device does look amazing, though! :D I'd love to try it, but closed source and multi-coin aren't my thing..This is newer model of STMicroelectronics chips that ledger is using in all of their devices, it is high speed MCU with 32-bit Arm Cortex-M35P CPU, and ledger is using this exact secure element in their S plus model, so nothing new to see here. We still don't know what microcontroller model ledger is using in Stax, but I am sure it's something from STM32 family of chips. It should also be mentioned that this secure element is totally closed source, and ledger have signed NDA with them. Big news coming from Tretor and Tropic Square, they finally received first TROPIC01 chip prototypes and they released first picture of them! Great news! This one might get a n0nce review. Something big is coming soon, while others (read ledger) are making same old junk in new shiny packaging ;) https://i.imgur.com/n3Z0daI.jpg https://nitter.weiler.rocks/tropicsquare/status/1600469041432313857#m Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on December 16, 2022, 08:19:46 PM The device does look amazing, though! :D I'd love to try it, but closed source and multi-coin aren't my thing.. It does look great and I wonder how much money they paid Apple designer Tony Fadell, probably a lot, but let's wait and see actual reviews from customers.I also said that I like they are the first hardware wallet using e-ink display, but device is to expensive for me, and under the hood it's almost the same thing as ledger nono S plus. Maybe Trezor will make something similar with their new version R, and there is one similar open source wallet OneKey Touch: https://onekey.so/products/onekey-touch-hardware-wallet/ Title: Re: Secure Element in Hardware Wallets Post by: n0nce on December 16, 2022, 08:55:01 PM The device does look amazing, though! :D I'd love to try it, but closed source and multi-coin aren't my thing.. It does look great and I wonder how much money they paid Apple designer Tony Fadell, probably a lot, but let's wait and see actual reviews from customers.Oh well; I guess we can discuss on a dedicated thread (if you haven't already created it) in case there's more about this to talk about. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on January 02, 2023, 11:52:44 AM First list update for new 2023 year is coming for new hardware wallet called Hito, that is currently available for presale.
Hit wallet is open source and information I have is that they are using one microchip with integrated secure storage, so it's different approach compared to all other hardware wallets. They are using Nordic Semiconductor model nRF5340 first wireless SoC with two Arm Cortex M33 processor that has built in support for Bluewtooth and NFC. We don't have confirmation for this because Hito hardware wallet was not officially released in public yet. https://i.imgur.com/d4IpEuX.jpg https://www.nordicsemi.com/products/nrf5340 https://hito.xyz/ Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on January 18, 2023, 03:29:53 PM I previously talked about security issues with some secure elements like ATECC508A that was used in older versions of ColdCard hardware wallets.
That was later been fixed with updated replacement chip model ATECC608A from the same manufacturer, but that was also reported to have some issues. Manufacturer came up with new model ATECC608B, but some hardware wallets are still using old version ATECC608A including Passport, OneKey, Husky and Cypherock X1. I am posting here sources that shows why exactly chip ATECC608A is not safe to be used in hardware wallets. This was presented by Olivier Heriveaux from ledger team and it's called Defeating a Secure Element with Multiple Laser Fault Injections, and they are also working on breaking ATECC608B: https://www.blackhat.com/us-21/briefings/schedule/index.html#defeating-a-secure-element-with-multiple-laser-fault-injections-23330 https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-Defeating-A-Secure-Element-With-Multiple-Laser-Fault-Injections.pdf Same team worked with Karim Abdellatif on breaking Firmware Encryption of ESP32 devices, and we see this was recently found usage in some DIY bitcoin signing devices and Jade hardware wallet, so it is worth mentioning. https://www.blackhat.com/us-22/briefings/schedule/#unlimited-results-breaking-firmware-encryption-of-esp-v-26345 https://i.blackhat.com/USA-22/Wednesday/US-22-ABDELLATIF-Unlimited-Results-Breaking-Firmware-Encryption.pdf https://i.imgur.com/Ag5XaMY.jpg Video Breaking Firmware Encryption of ESP32-V3: https://www.youtube.com/watch?v=wfZHQocTsZo Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on February 03, 2023, 11:26:26 AM Update and more information about Trezor SatoshiLabs new TROPIC01 secure element.
According to post from Tropic Square CEO Evzen Englberth, design of chips is functional and I they can move to next phase of development. TROPIC01 is manufactured by UMC in Taiwan, it will be 55nm chip packaged in Malaysia, and final chip will be 4x4mm with Ibex RISCV core. RISCV means that the chip will be open source and auditable. It's interesting that Trezor already started working on TROPIC02, complete SoC (System-on-Chip) that will have integrated TROPIC01 and the application processor cores. https://www.linkedin.com/posts/evzen-englberth_riscv-riscv-riscv-activity-7027210506398507008-V0-j Title: Re: Secure Element in Hardware Wallets Post by: zherbert on February 09, 2023, 11:19:10 PM Hi all! Wanted to share a Twitter Spaces we at Foundation hosted a few weeks back about secure elements; we dove into some nuances. Check it out: https://twitter.com/FOUNDATIONdvcs/status/1617879545708961792
Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on February 10, 2023, 11:27:52 AM Hi all! Wanted to share a Twitter Spaces we at Foundation hosted a few weeks back about secure elements; we dove into some nuances. Check it out: https://twitter.com/FOUNDATIONdvcs/status/1617879545708961792 I will probably listen this talk but since it's one hour long it would be a good idea to have this released as written article somewhere, maybe on your blog page.Problem I have with Passport hardware wallet is that it is still using outdated secure element ATECC608A, same one that is used in OneKey hardware wallet that was recently hacked by Unciphered. I don't think chip shortage is such a big issue anymore, so it's probably time to replace it with something better. Title: Re: Secure Element in Hardware Wallets Post by: zherbert on February 10, 2023, 03:15:36 PM Hi all! Wanted to share a Twitter Spaces we at Foundation hosted a few weeks back about secure elements; we dove into some nuances. Check it out: https://twitter.com/FOUNDATIONdvcs/status/1617879545708961792 I will probably listen this talk but since it's one hour long it would be a good idea to have this released as written article somewhere, maybe on your blog page.Problem I have with Passport hardware wallet is that it is still using outdated secure element ATECC608A, same one that is used in OneKey hardware wallet that was recently hacked by Unciphered. I don't think chip shortage is such a big issue anymore, so it's probably time to replace it with something better. That's a good idea, I'll see if we can post a blog post summary of the Twitter Space. Regarding OneKey, my understanding is this has nothing to do with the secure element, but instead an issue with their firmware – it seems that they didn't encrypt the traffic between the secure element and processor (lol). The 608a secure element by Microchip is not recommended for new designs, but I am unaware of any attack that doesn't involve a lab + lasers that could pull data out of it. We are of course switching to the 608b for next batch of Passports, but not due to any glaring vulnerability. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on February 10, 2023, 07:24:07 PM That's a good idea, I'll see if we can post a blog post summary of the Twitter Space. Taking transcripts from that audio would be nice.I listened your conversation today, and I didn't know stuff you guys said about Risc-V chips not being really open source. I was really surprised that you didn't speak more about upcoming Trezor secure element TROPIC01. Regarding OneKey, my understanding is this has nothing to do with the secure element, but instead an issue with their firmware – it seems that they didn't encrypt the traffic between the secure element and processor (lol). The 608a secure element by Microchip is not recommended for new designs, but I am unaware of any attack that doesn't involve a lab + lasers that could pull data out of it. We are of course switching to the 608b for next batch of Passports, but not due to any glaring vulnerability. Yeah I know the problem was not directly related with secure element in OneKey but it's connection with microprocessor, but there was clear indications that other hardware wallets have similar issues.As for ATECC608A secure element, it's clear that this is not secure enough chip anymore, their documentation proves that, and it was exploited before. Title: Re: Secure Element in Hardware Wallets Post by: n0nce on February 10, 2023, 10:22:46 PM I am unaware of any attack that doesn't involve a lab + lasers that could pull data out of it. We are of course switching to the 608b for next batch of Passports, but not due to any glaring vulnerability. You may want to look into using multiple randomized timings to drastically reduce the success rate of laser fault injections.I read a bit more about this topic after dkbit's reminder about the attack on the 608A and it seems like delays can be a pretty cheap, yet effective software countermeasure. The idea is that you make it much more difficult for an attacker to hit the exact right timing every time; if they shoot their lasers before or after the desired instruction, it won't have the desired effect. By computing or checking stuff (e.g. hardware flags or PIN code) multiple times instead of once, with random delays in between, an attacker will need to inject multiple faults and hit the timing perfectly on each of them. If the chance of hitting an instruction once is 0.1%, the probability of doing it twice in a row already falls to 0.01% and so on. Just an example paper on the topic: Combining High-Level and Low-Level Approaches to Evaluate Software Implementations Robustness Against Multiple Fault Injection Attacks (https://hal.univ-grenoble-alpes.fr/hal-01229261) Title: Re: Secure Element in Hardware Wallets Post by: zherbert on February 13, 2023, 02:54:40 PM Just an example paper on the topic: Combining High-Level and Low-Level Approaches to Evaluate Software Implementations Robustness Against Multiple Fault Injection Attacks (https://hal.univ-grenoble-alpes.fr/hal-01229261) Thanks, I've shared the paper with my team! Title: Re: Secure Element in Hardware Wallets Post by: n0nce on February 13, 2023, 10:10:17 PM Just an example paper on the topic: Thanks, I've shared the paper with my team! Combining High-Level and Low-Level Approaches to Evaluate Software Implementations Robustness Against Multiple Fault Injection Attacks (https://hal.univ-grenoble-alpes.fr/hal-01229261) Although I don't know whether you did that already (and you're obviously not required to disclose that ;)). In any case, this talk may also be of interest to your team, while they're at it, because these are ways to improve the security of a potentially glitchable secure element, simply through a software update. Proving the efficacy of software countermeasures for fault injection (https://www.youtube.com/watch?v=2F6HDJ1veXY) Title: Re: Secure Element in Hardware Wallets Post by: zherbert on February 14, 2023, 02:30:54 PM Just an example paper on the topic: Combining High-Level and Low-Level Approaches to Evaluate Software Implementations Robustness Against Multiple Fault Injection Attacks (https://hal.univ-grenoble-alpes.fr/hal-01229261) You're welcome! You may actually want to get your hardware tested (since this is a hardware security product) by professionals like riscure (https://www.riscure.com/services/) (although I'm not sure if they do hardware pentesting as a service). They will assess the security and tell you how to improve it & show you where your vulnerabilities are, before an attacker does it and sells that information to threat actors. You can even use a positive test result as a big extra selling point for the Passport. Although I don't know whether you did that already (and you're obviously not required to disclose that ;)). In any case, this talk may also be of interest to your team, while they're at it, because these are ways to improve the security of a potentially glitchable secure element, simply through a software update. Proving the efficacy of software countermeasures for fault injection (https://www.youtube.com/watch?v=2F6HDJ1veXY) We had the wallet.fail guys do an audit back in 2021. They told us we were the only HWW company they worked with that actually published the audit. https://foundationdevices.com/security/ Title: Re: Secure Element in Hardware Wallets Post by: n0nce on February 15, 2023, 02:06:15 AM We had the wallet.fail guys do an audit back in 2021. They told us we were the only HWW company they worked with that actually published the audit. https://foundationdevices.com/security/ I remember; I had read that report actually! Maybe worth getting another one now with all the improvements and fixes in place, on the Batch 2 hardware.These should definitely comfort @dkbit98 a bit, who is super-paranoid about the 608A.. ;) Quote from: https://foundationdevices.com/wp-content/uploads/2021/05/Q2-2021-Keylabs-Audit-Original.pdf 1.9. Attacks on ATECC608A After the review, new attacks on the ATECC608A and its usage in the COLDCARD firmware were published. Foundation Devices confirmed that these issues were fixed in the latest Passport firmware. Quote from: https://foundationdevices.com/wp-content/uploads/2021/05/Q2-2021-Keylabs-Audit-Response.pdf 1.9. Attacks on ATECC608A This defect was never in the Passport source code. Title: Re: Secure Element in Hardware Wallets Post by: Pmalek on February 18, 2023, 04:40:58 PM Yeah I know the problem was not directly related with secure element in OneKey but it's connection with microprocessor, but there was clear indications that other hardware wallets have similar issues. That's because so many of them use the same or similar codebase in their open-source projects. If a vulnerability is found in one brand, all the others that used that code (unless already patched) are vulnerable in the same way. That's the beauty and danger of open-source. This time, the problem was discovered by a party with good intentions. Next time it can be by someone with other motives. The applied fix, though, is software-based. The chip is vulnerable to other attack vectors, but badly written and implemented code was the issue with Onekey. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on March 01, 2023, 08:41:11 PM More good news coming from Trezor related with microchips they are using.
They started manufacturing their own key component chip wrapper for Trezor model T, that improves security and shortens times for mass production. I think this is all very important for their new hardware wallet model, that is going to be something special with Tropic01 secure element, and it could reduce price for their devices. https://bitcoinmagazine.com/business/trezor-controls-its-silicon-chip-supply-chain Title: Re: Secure Element in Hardware Wallets Post by: SFR10 on March 03, 2023, 06:53:00 AM and it could reduce price for their devices. Unfortunately, one of their spokespersons stated "considering that it costs almost the same as the previous one (https://archive.ph/1F9Pl#selection-915.0-935.261)", Trezor doesn't expect it to have an impact on prices.- It seems that at best, they could maintain the current prices. Title: Re: Secure Element in Hardware Wallets Post by: m2017 on March 03, 2023, 04:13:58 PM and it could reduce price for their devices. Unfortunately, one of their spokespersons stated "considering that it costs almost the same as the previous one (https://archive.ph/1F9Pl#selection-915.0-935.261)", Trezor doesn't expect it to have an impact on prices.- It seems that at best, they could maintain the current prices. If you want better prices, then need to wait for discount promotions. It is unlikely that they will underestimate the prices of hardware wallets. Perhaps for old devices that will be discontinued and stocks need to be sold from warehouses. Since testing of the chip will last throughout 2023 (which will most likely be used in a new device), there will be no new announcements for the next couple of years. Title: Re: Secure Element in Hardware Wallets Post by: Welsh on March 03, 2023, 04:58:58 PM If you want better prices, then need to wait for discount promotions. It is unlikely that they will underestimate the prices of hardware wallets. Perhaps for old devices that will be discontinued and stocks need to be sold from warehouses. As long as they're still offering support through patches/updates of their older devices, I can see quite a high demand for devices which aren't too complicated, and don't come at a high price point. Although, if they were to reach end of life, and therefore no longer be supported, I can't see them being used as much. Hopefully, they just go the route of patching/updating all devices when severe issues need to be patched. They don't need to enhance the UI/UX or add functionality of it, they can do that with the newer devices. Since testing of the chip will last throughout 2023 (which will most likely be used in a new device), there will be no new announcements for the next couple of years. 2024 announced potentially, and then whenever they're ready to actually sell it. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on May 31, 2023, 10:52:38 AM We have very important announcement coming from Coolwallet hardware wallet, they decided to release their firmware and secure element chip as open source!
This was decide after recent ledger wallet debacle incident, and Coolwallet wants to have more transparency with their devices. Secure element Coolwallet use has EAL6+ security and from my research they are using NXP chips in their devices, but we are waiting for official confirmation. With slick card format, current prices of $99/$149, and being opensource I think Coolwallet will have lot of new customers soon: https://www.talkimg.com/images/2023/05/31/wH2u8.jpeg Source blog post: https://www.coolwallet.io/coolwallet-will-open-source-its-hardware-wallets-secure-element-chip-code/ Thank you ledger ;) Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on July 27, 2023, 01:21:57 PM New wallet Keystone3 is ready to be released and they have interesting news and changes regarding secure elements.
Unlike in previous version where they didn't want to disclose everything, now they introduced upgraded secure element Microchip ATECC608B. Same microchip is used in ColdCard Mk4, BitBox and Passport, OneKey, Cypherock X1, Husky are all using older version of this chip ATECC608A that had some security issues. But this is just first part of the story, as Keystone3 uses additional secure element Maxim DS28S60 that works together with ATECC608B in safeguarding seed phrases. ATECC608B provides hardware-level security and authorization, and Maxim DS28S60 ensures that trusted platform module is always in place. Third secure element Maxim MAX32520 is used for securing fingerprint data, so I think this will be used only in Keystone3 Pro version. Regular Keystone3 wallet will have only two secure elements, and that is perfectly fine if you don't like to use biometrics. https://www.talkimg.com/images/2023/07/27/QJ04P.jpeg Thanks to this changes Keystone will now be able to store up to three seed phrases with different passwords, so there is no need to reset or have multiple devices anymore. I think this will push other hardware wallet manufacturers to improve, and they will have hard time competing with Keystone prices. Title: Re: Secure Element in Hardware Wallets Post by: zherbert on August 05, 2023, 05:55:50 PM Quick update, all Passport units shipping from two weeks ago (and ongoing) now use the Microchip 608b secure element.
Title: Re: Secure Element in Hardware Wallets Post by: satscraper on August 09, 2023, 06:24:14 AM Quick update, all Passport units shipping from two weeks ago (and ongoing) now use the Microchip 608b secure element. Research published in that paper (https://ieeexplore.ieee.org/document/9933270)claims that ATECC608B can still be defeated with the laser beam. What would you say about this? Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on August 09, 2023, 09:53:11 PM Quick update, all Passport units shipping from two weeks ago (and ongoing) now use the Microchip 608b secure element. Thanks for keeping us up to date with this change.I updated this information in my table, but it should be noted that most people still use old ATECC608A version. Research published in that paper (https://ieeexplore.ieee.org/document/9933270)claims that ATECC608B can still be defeated with the laser beam. What would you say about this? Oh no, it looks like we are going to see new version ATECC608C version coming out soon (this is just my speculation).But seriously now, all secure elements have flaws and I think all other secure element chips are more closed and it's much harder to find security flaws in them because of signed NDA crap :P I never heard of anyone having success with exploiting even older ATECC608A chips in hardware wallets, but it's always better to upgrade if possible. Title: Re: Secure Element in Hardware Wallets Post by: zherbert on August 10, 2023, 01:01:50 AM Research published in that paper (https://ieeexplore.ieee.org/document/9933270)claims that ATECC608B can still be defeated with the laser beam. What would you say about this? Oh no, it looks like we are going to see new version ATECC608C version coming out soon (this is just my speculation).But seriously now, all secure elements have flaws and I think all other secure element chips are more closed and it's much harder to find security flaws in them because of signed NDA crap :P I never heard of anyone having success with exploiting even older ATECC608A chips in hardware wallets, but it's always better to upgrade if possible. Thank you for sharing this. NVK came after us pretty hard about using the 608a while they were shipping with the 608b, even going as far as pulling our investors and employees aside at conferences to tell them that we are shipping insecure "pwned" hardware. I've always been very consistent in stating that no chip is perfectly secure, and that the 608b will likely be vulnerable to similar laser-based attacks (eg https://stacker.news/items/85239). I think the most important thing is to not put all your eggs in one basket – don't rely 100% on a single chip for secure key storage and don't blindly trust an MCU or secure element. Additionally, these laser based attacks require destroying the hardware wallet and the secure element chip itself, and they require higher-end lab equipment to perform. If you're someone who might be targeted because you're storing large amounts (hundreds of thousands or millions of dollars) of Bitcoin, consider using a passphrase and/or multisig. Title: Re: Secure Element in Hardware Wallets Post by: ranochigo on August 10, 2023, 04:13:05 PM Oh no, it looks like we are going to see new version ATECC608C version coming out soon (this is just my speculation). They have: https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-Defeating-A-Secure-Element-With-Multiple-Laser-Fault-Injections.pdf.But seriously now, all secure elements have flaws and I think all other secure element chips are more closed and it's much harder to find security flaws in them because of signed NDA crap :P I never heard of anyone having success with exploiting even older ATECC608A chips in hardware wallets, but it's always better to upgrade if possible. ATECC608B is still vulnerable in the same fashion. However, it is very difficult to execute and requires specialized equipment and skills with little to no room for error. Thank you for sharing this. NVK came after us pretty hard about using the 608a while they were shipping with the 608b, even going as far as pulling our investors and employees aside at conferences to tell them that we are shipping insecure "pwned" hardware. Interesting. They had an article on how the laser fault injection is not practical and not likely to be exploited and dismissed their reports. Talk about twisting narratives.Title: Re: Secure Element in Hardware Wallets Post by: Pmalek on August 15, 2023, 03:38:03 PM Looking at the information in your table, I can see that you mentioned that Trezor plans to introduce a secure element during 2022. We are now in mid 2023 and it hasn't yet been released. Maybe you can make a quick update to that line and place a different date or use different wording?
When we are on the subject of Trezor's work on the new SE, as someone who follows that closer than me, is there anything new to report on that? Have they released new release dates or reports on their progress? Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on August 16, 2023, 09:16:15 PM Looking at the information in your table, I can see that you mentioned that Trezor plans to introduce a secure element during 2022. We are now in mid 2023 and it hasn't yet been released. Maybe you can make a quick update to that line and place a different date or use different wording? Updated to 2023/24.I am not a fortune teller, and my predictions are based on Trezor posted articles, blogs, and tweets, and I don't know exact release date. When we are on the subject of Trezor's work on the new SE, as someone who follows that closer than me, is there anything new to report on that? Have they released new release dates or reports on their progress? I didn't see any official news but I think they are working on new device with new secure element, last thing I saw is them receiving new chips from manufacturers.Title: Re: Secure Element in Hardware Wallets Post by: NotATether on August 17, 2023, 07:03:52 AM The image in the OP is probken, @dkbit98 maybe you should switch it to Talkimg.
Am I the only one here who's bothered by the fact that there's only one EAL7 on this whole list, and that most of the mainstream hardware wallets either don't have an SE, or low quality one (hence why I chopped out the first few entries)? It is quite a shame, as HW manufacturers' reputation is built on trust, and I don't see how you're supposed to gather a lot of trust if you only have one hardware wallet released in the last 5 or so years. Title: Re: Secure Element in Hardware Wallets Post by: ranochigo on August 17, 2023, 07:50:14 AM Am I the only one here who's bothered by the fact that there's only one EAL7 on this whole list, and that most of the mainstream hardware wallets either don't have an SE, or low quality one (hence why I chopped out the first few entries)? The certification is quite expensive and time consuming. IIRC, EAL4 already costs >$200k (possibly a lot higher) and a year. Going any further than that, it would probably cost more and takes longer. From the business standpoint, it isn't very practical.It is quite a shame, as HW manufacturers' reputation is built on trust, and I don't see how you're supposed to gather a lot of trust if you only have one hardware wallet released in the last 5 or so years. I would prefer if HW manufacturers don't release a new HW wallet that often; most are secure enough and it isn't IPhone where obsolesce is a big concern. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on August 17, 2023, 06:28:58 PM The image in the OP is probken, @dkbit98 maybe you should switch it to Talkimg. I know, but I was a bit lazy to replace this and all my other images after imgur incident, even if I know there is nice tool to do everything much faster.Anyway, image is replace now, but it's nothing special just random chip that is not really important for the context. Am I the only one here who's bothered by the fact that there's only one EAL7 on this whole list, and that most of the mainstream hardware wallets either don't have an SE, or low quality one (hence why I chopped out the first few entries)? I don't really care about EAL numbers so much since nobody can verify this for closed source secure elements.Hardware wallet can have highest possible EAL rating and it can still be total crap. It is quite a shame, as HW manufacturers' reputation is built on trust, and I don't see how you're supposed to gather a lot of trust if you only have one hardware wallet released in the last 5 or so years. I can create my own trust rating but it means nothing, similar like difference between EAL7, EAL6 or EAL5.The certification is quite expensive and time consuming. IIRC, EAL4 already costs >$200k (possibly a lot higher) and a year. Going any further than that, it would probably cost more and takes longer. From the business standpoint, it isn't very practical. Sounds like a scam to me, all this money just to get some ''certificate'' of security, and there is no guarantee someone wont exploit it, only guarantee is signed NDA aka silence.Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on October 13, 2023, 08:03:28 AM Interesting news coming up in world of secure elements in hardware wallets.
Trezor was announced for some time they are working in their own secure element, but this product is not production ready yet, so they came up with second best solution. With new Trezor Safe 3 hardware wallet they introduced open source secure element Infineon OPTIGA Trust M! https://www.talkimg.com/images/2023/10/13/RIXEw.jpeg https://www.talkimg.com/images/2023/10/13/RId49.png Infenion is German based chip manufacturer and company was created back in 1999, so they have 24 long history in making microchips and security products. For me it's important to say that company is based in Europe so it should be easier and faster for Trezor to buy all secure elements they need. Infineon OPTIGA Trust M has open source code that can be verified on github and it has MIT license: https://github.com/Infineon/optiga-trust-m As stated on their website, use cases for this secure elements are mutual authentication, secured communication, secured updates, key provisioning, life-cycle management, data store protection, power management,platform integrity protection, secured zero-touch provisioning. Official website is showing more information and details about this product, and it is confirmed to be CC EAL6+ certified security controller : https://www.infineon.com/cms/en/product/security-smart-card-solutions/optiga-embedded-security-solutions/optiga-trust/optiga-trust-m-sls32aia/ Some other hardware wallet manufacturers previously used secure elements made by Infineon, but none of them used this exact model Infineon OPTIGA Trust M, but please correct me if I am wrong. Jubiterwallet, HyperMate and Secux all use unknown Infineon chips, Keevo wallet used Infineon Optiga Trust-P, Hashwallet uses Infineon SLE78. Overall I am happy with changes that Trezor made, and I am still waiting to see their own secure element, but sadly this will have to wait until 2025 or 2026 :P Title: Re: Secure Element in Hardware Wallets Post by: satscraper on October 13, 2023, 08:54:31 AM ~ Do you anticipate that a secure element from a company that has never been involved in chip development( I mean SatoshiLabs) could outperform OPTIGA Trust M developed by Infineon, a company with nearly a quarter-century history in this business? In my opinion, it would likely require a few years of extensive field testing before Tropic Square, their long-awaited product, gains the trust of the cryptocommunity. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on October 13, 2023, 09:00:34 AM Do you anticipate that a secure element from a company that has never been involved in chip development( I mean SatoshiLabs) could outperform OPTIGA Trust M developed by Infineon, a company with nearly a quarter-century history in this business? I am not a prophet to know the future.Satoshi Labs exists for TEN long years, and they are specifically dedicated to hardware wallets and Bitcoin development, so YES I think they can outperform it for use case of cryptocurrency devices. They will control everything about new Tropic Square chips with direct partnership with manufacturer, so it should work better for hardware wallets. Title: Re: Secure Element in Hardware Wallets Post by: satscraper on October 13, 2023, 09:35:05 AM Not for the purpose to dissuade you from your opinion but to tell you that not all is unambivalent in the project engineering involved into design of Tropic Square I will cite Zach Herbert, the founder of Foundationdevices, known for their Passport HW, on this matter:
Title: Re: Secure Element in Hardware Wallets Post by: rondolfo on November 10, 2023, 08:10:44 PM Ledger has just changed its website stating that LNS PLUS models are EAL6+ certified
Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on November 10, 2023, 11:29:16 PM Ledger has just changed its website stating that LNS PLUS models are EAL6+ certified This is only for Ledger Nano S Plus and for Ledger Stax, but it means nothing to you or me.If they changed EAL certification that usually means they made some changes with secure elements, but I didn't see any news about that. Title: Re: Secure Element in Hardware Wallets Post by: rondolfo on November 13, 2023, 10:37:07 PM We are from KriptoBR Official Reseller of Ledger, Trezor, SecuX and BitBox in Brazil.
We received the email from Ledger notifying us, that's why I informed them here, I asked if the chip had been changed and no, they confirmed that there hadn't been, it was just the update. They even changed the website where EAL6+ already appears Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on November 13, 2023, 11:25:18 PM We are from KriptoBR Official Reseller of Ledger, Trezor, SecuX and BitBox in Brazil. So basically nothing really changed in their hardware, but they decided to change and increase EAL certification just because they can do it and for them it sounds better like this :PWe received the email from Ledger notifying us, that's why I informed them here, I asked if the chip had been changed and no, they confirmed that there hadn't been, it was just the update. I will update information in table, but like I said before, nobody cares about this, especially not for ledger wallets, they already destroyed any leftover reputation they had. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on December 20, 2023, 10:31:07 AM I made a small update in the list and changed Jade wallet secure element from NO to Virtual.
Reason for this is because this is different approach from all other hardware wallets that don't have any physical secure element by default, and as far as I know nobody uses anything similar like Jade. This approach is not the same like regular secure elements available in market today, but it manages to keep everything reasonably safe and fully open source. You can find more information about Jade Virtual secure element and watch few minutes long video explanation on their website: https://help.blockstream.com/hc/en-us/articles/13745404122265-Does-Blockstream-Jade-have-a-secure-element- Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on January 31, 2024, 10:36:24 AM This list is now cleaned up and updated with new information.
I removed few devices that are not available anymore, and I identified secure element for Imkey hardware wallet as they released this inpublic. Imkey Pro is using SLE 78CLUFX5000PH chip made by Infineon and it has CC EAL6 certification. https://www.talkimg.com/images/2024/01/31/k8zdc.jpeg https://imkey.im/ Other hardware wallet manufacturers (Trezor, SecuX, HyperMate, Hashwallet, Keevo, Jubiterwallet) are using secure elements made by Infineon, but this exact model SLE 78CLUFX5000PH is used only for Imkey Pro. If you notice any mistakes or if you have additional information about secure elements please post it here. Title: Re: Secure Element in Hardware Wallets Post by: apustaja on February 18, 2024, 05:38:11 AM Very helpful post!
Should Trezor safe 3 with Infineon OPTIGA Trust M be EAL6+? The table shows it's N/A. Title: Re: Secure Element in Hardware Wallets Post by: Pmalek on February 18, 2024, 08:28:01 AM Should Trezor safe 3 with Infineon OPTIGA Trust M be EAL6+? The table shows it's N/A. It probably should. According to the chip specifications here (https://www.infineon.com/cms/en/product/security-smart-card-solutions/optiga-embedded-security-solutions/optiga-trust/optiga-trust-m-sls32aia/), it shows the certification type as EAL6+. More precisely, "CC EAL6+ high for HW." That description is for model SLS32AIA.@dkbit98 You might probably find the missing certification types for some of the chips by googling the model followed by 'EAL', then just search and see if it says EAL5, EAL6, or something else. Title: Re: Secure Element in Hardware Wallets Post by: dkbit98 on February 20, 2024, 10:33:24 PM Very helpful post! Yeah it should be like that, Trezor website also added that information recently, thank you for noticing it.Should Trezor safe 3 with Infineon OPTIGA Trust M be EAL6+? The table shows it's N/A. I added EAL6+ certification for Trezor 3 Safe, and if you are free to report anything else that is missing or incorrect in this list. Hardware wallets are changing stuff al the time, so there could be some information that is outdated. Title: Re: Secure Element in Hardware Wallets Post by: Jebsterius on March 28, 2024, 11:05:39 PM Hi everyone.
can't understand what exactly is stored on the device, judging from what I read on them. What do I really want to know - what is stored on the device? - The entropy - Seed phrase (mnemonic) - Master seed (bip39 seed) It sounds reasonable to store master seed (bip39 seed) - it's not human readable, you can derive keys from it, it can be restored via mnemonic, yet it can't be used to generate addresses for some coins (doge coin for examlple) or use the passphrase (another question i have). But as far as I understand, Trezor keeps the seed phrase in it. So the question remains... Specifically I'm interested in how it's implemented in keystone, trezor, ledger and onekey. Another question - passphrase. To use it after the wallet is created - you need the seed phrase to be present on the device, right? otherwise how would you use it as a 13 / 25 words? I'd appreciate the help a lot! struggling with the choice and understanding right now :( Title: Re: Secure Element in Hardware Wallets Post by: Cricktor on March 29, 2024, 11:36:55 AM ... I'd appreciate the help a lot! struggling with the choice and understanding right now :( https://i.ibb.co/GPX4n0F/From-Entropy-to-address-ip-bitcointalk-org.png (https://ibb.co/GPX4n0F) Likely source: https://raw.githubusercontent.com/EAWF/BTC-Toolbox/3938785f186c76598989cc0aa017ad351483d3b1/Images/KeyDerivationTechnicalOverview.png (https://raw.githubusercontent.com/EAWF/BTC-Toolbox/3938785f186c76598989cc0aa017ad351483d3b1/Images/KeyDerivationTechnicalOverview.png) A hardware wallet likely only needs to store the "random" Entropy Source and derivation path used at minimum from which all other stuff can be derived. It likely stores more like the Master Secret Key and Master Chain Code to avoid all computation steps again and again which wouldn't make much sense. The recovery words (Recovery Phrase in above diagram) are likely not stored as they can easily and rather quickly be computed from the Entropy Source. The optional mnemonic passphrase (your 13th or 25th optional passphrase in addition to the recovery words) shouldn't be stored on the device as it is only needed to derive the Master Secret Key and Master Chain Code from the BIP32 Root Key Derivation. If the optional mnemonic passphrase is empty ie. not used, the derivation steps still use as default 'mnemonic' as optional passphrase as an input to the 2048 rounds of PBKDF2 mill. I'm pretty sure this Master Secret Key and Master Chain Code are stored and secured by a hardware wallet. If Ledger crap e.g. has a dedicated unlock pin for a wallet with optional mnemonic passphrase then, that unlock PIN secures that unique Master Secret Key and Master Chain Code of a derivation with that optional mnemonic passphrase. This adds some convenience but hides security of a complex optional mnemonic passphrase in addition to the security of the Entropy Source behind a short PIN (security-wise not such a big issue as you have very limited number of tries to enter such a unlock PIN). I would still recommend to have an unlock PIN at least eight digits long or using more complexity. Don't take my words for granted as I haven't read a lot of the firmware source code of open source hardware wallets. I'm just interpreting what I would do if I were a developer. Do not choose a hardware wallet with closed source firmware, thus Ledger should be out of competition for various reasons. Try to get behind the security model of other hardware wallet competitors and how they cope with attack vectors and securing the important secrets of your wallet. To understand HD wallets better, I recommend working through pages at https://learnmeabitcoin.com/technical/keys/hd-wallets/ (https://learnmeabitcoin.com/technical/keys/hd-wallets/). |
