Secure Element in Hardware Wallets

[BobbysTransactions]

I don't care about your opinion, so if you don't like what I posted or you don't understand it than simply ignore it.

There are secure elements that are fully closed source, and those that are open source partialy.

This is not my opinion, but a factual information.

Claiming "factual" in this context is meaningless without presuppositions. Stating that hardware of any kind is "partially" open source is equally vacuous. Even if you specify to what extent the design, manufacturing, and firmware are accessible, reproducible, and modifiable by the public, there will probably remain elements that are inaccessible, proprietary, or unverifiable.

No hardware wallet is open source in the full sense of the term, offering complete transparency and reproducibility.

You actually need to have functional brain to understand this table, but I think even average gorilla would understand meaning of this image from my table, and what Open Source is referring to ^{hardware wallets}:

Translation:
First row - hardware wallet name, Second row - open source code.

Maybe my brain isn't functioning, but you say you're referring to source code and that this is obvious, but a few lines above you're presenting the idea of a "partially" open source hardware. Which is it?

[dkbit98]

No hardware wallet is open source

According to you nothing in the world is open source, this is how your brain is operating.
So go ahead and use closed source wallets, since for you there is no difference with open source wallets.

Maybe my brain isn't functioning, but you say you're referring to source code and that this is obvious, but a few lines above you're presenting the idea of a "partially" open source hardware. Which is it?

Oh your brain could be functioning oh right, but sadly not at level of a normal human being
I will say this for the last time OPEN SOURCE in MY TABLE is referring to HARDWARE WALLETS.

PS
Welcome to my ignore list.

[BobbysTransactions]

According to you nothing in the world is open source, this is how your brain is operating.

This is a bizarre response. When did I ever deny the existence of open source software? Are you trying to say there's no material difference between software vs hardware in terms of claims and validation?

Oh your brain could be functioning oh right, but sadly not at level of a normal human being
I will say this for the last time OPEN SOURCE in MY TABLE is referring to HARDWARE WALLETS.

I know that your table is referring to hardware - that's the whole point of my initial reply!


Not a single response has really addressed my main contention:  Even if a HW/SE vendor claims to have open source code the fact is that this code cannot be verified on any independent hardware, so the meaning of open source in this context is very limited when compared with software that can run on multiple hardware types.

[SFR10]

Three days ago, Tropic Square published a press release about TROPIC01 finally entering the full production phase, so I guess that also confirms it'll be used in Trezor's upcoming model ^{[with T3W1 tag]} that they mentioned they'll release by the end of this year: TROPIC01 The Future-Proof Secure Element Now in Full Production and Available Worldwide

[dkbit98]

Three days ago, Tropic Square published a press release about TROPIC01 finally entering the full production phase, so I guess that also confirms it'll be used in Trezor's upcoming model ^{[with T3W1 tag]} that they mentioned they'll release by the end of this year: TROPIC01 The Future-Proof Secure Element Now in Full Production and Available Worldwide

This is great news!
I think Trezor is going to release their new hardware wallet this in next few months, and that should the first to have Tropic Square chip integrated.
But it should be even interesting to see what is going to happen with third party devices and hardware wallets with this new chip.
Future is looking better for secure hardware wallets.

This is new pinned Trezor post on twitter:

SAVE THE DATE: October 21st — Trustless by Design

An industry-defining shift is on the horizon… Join our LIVE stream and witness firsthand how we’re redefining security.

Mark your calendars, streaming details to follow.

https://x.com/Trezor/status/1970125960948195391

[dkbit98]

List updated.
Now we have official confirmation for new Trezor Safe 7 hardware wallet that has integrated two secure elements.
TROPIC01 is their new auditable next generation secure element, and they also kept second Infineon OPTIGA Trust M secure element like in Trezor Safe 3 and 5.
We already talked about TROPIC01 secure element, and there is a good chance we are going to see them in other third party hardware wallets in future.
You can find more information on Tropic Square website:
https://tropicsquare.com/tropic01

 
https://trezor.io/trezor-safe-7

What I would like to see next is airgapped hardware wallet with TROPIC01 secure element, and this can be made by Trezor or someone else.

[Forsyth Jones]

What I would like to see next is airgapped hardware wallet with TROPIC01 secure element, and this can be made by Trezor or someone else.

Unfortunately the product wasn't shown in action, they just focused on the aesthetic aspect of the product, they should have shown more about how the device behaves when requesting a passphrase, how does it have a larger screen, is the same numeric keypad displayed with toggles for uppercase/special characters or a QWERT keyboard like in Keystone and Coldcard?

But I believe the on-screen keyboard input remains the same. So it didn't really excite me. I continue to find options like Passport or Coldcard Q better for my use case.

[dkbit98]

Unfortunately the product wasn't shown in action

I don't know what ''action'' do you expect to see...
There are a bunch of videos made by people who visited Trezor presentation, showing howe new Trezor device works.


List is now updated with Ledger Nano Gen5, but there is nothing new here since they are using exactly the same secure element ST33K1M5 like previous devices Ledger Stax, Flex and Nano S plus.
I would not waste a single sat on this device, or on ledger new paid ''multisig'' service they launched with this device.

[Forsyth Jones]

I don't know what ''action'' do you expect to see...
There are a bunch of videos made by people who visited Trezor presentation, showing howe new Trezor device works.

I was referring to the launch video. Also, in the first few days of the product's launch, there really wasn't much of anything, especially basic features like showing the product "in action" like restore, create a new wallet and set a passphrase. But today, several people have released what they filmed at their stands.

But my criticisms aside, Trezor did a great job, the final product looks beautiful. Now, let's just wait for new hardware with Tropic Square's SE. Speaking of which, how will the competition react to this open source secure element? Will they immediately release new versions of their hardware wallets just because of Tropic01?

[BobbysTransactions]

Now, let's just wait for new hardware with Tropic Square's SE. Speaking of which, how will the competition react to this open source secure element?

It's a step in the right direction. But... even though Tropic Square has publicly released their API documentation, architecture diagrams, and even their HDL code, they have not released their physical layout (GDSII files or mask data) used for manufacturing that would allow for cloning the chip.

The RTL(Verilog code)-to-GDSII workflow involves multiple specialised tools:

• Logic synthesis (gate level netlisting): Synopsys Design Compiler / Cadence Genus
  
• Floorplanning, placement & GDSII export: Cadence Innovus /Synopsys IC Compiler II
  
  

Any one of these could allow for supply chain attacks by corporations or state actors.

It's simply misleading to call this chip open source or fully auditable.

[satscraper]

Now, let's just wait for new hardware with Tropic Square's SE. Speaking of which, how will the competition react to this open source secure element?

It's a step in the right direction. But... even though Tropic Square has publicly released their API documentation, architecture diagrams, and even their HDL code, they have not released their physical layout (GDSII files or mask data) used for manufacturing that would allow for cloning the chip.

The RTL(Verilog code)-to-GDSII workflow involves multiple specialised tools:

• Logic synthesis (gate level netlisting): Synopsys Design Compiler / Cadence Genus
  
• Floorplanning, placement & GDSII export: Cadence Innovus /Synopsys IC Compiler II
  
  

Any one of these could allow for supply chain attacks by corporations or state actors.

It's simply misleading to call this chip open source or fully auditable.

Yeah, you are right, they indeed didn’t release the full PDK for TROPIC01, and I think they did that to prevent cloning and/or counterfeiting. Thus, at the physical Si level it may be considered as closed source, but at the code and architecture levels it is open source. In my view they took the balanced approach that allows checking and verifying the logic of the algorithms used, something that cannot be done with other SE used in hardware wallets.

[BobbysTransactions]

In my view they took the balanced approach that allows checking and verifying the logic of the algorithms used...

Agreed it's better than the competition but what is the threat model for Bitcoin?

People here call me schizo for suggesting merely that the model should include supply chain attacks by powerful state actors and security services.

[satscraper]

In my view they took the balanced approach that allows checking and verifying the logic of the algorithms used...

Agreed it's better than the competition but what is the threat model for Bitcoin?

People here call me schizo for suggesting merely that the model should include supply chain attacks by powerful state actors and security services.

This scenario is only possible if malicious actors are able to influence the manufacturer or infiltrate somehow manufacturing facilities ^{changing the dopants content/level for instance} to tamper with the chip in order to implement the hidden hardware backdoor. I think this is more likely to happen if chip fabrication is outsourced abroad, but if all processes are kept "at home" ^{under strict control and with carefully vetted staff} then it is less likely. Nevertheless, researchers may randomly select chips and use various methods ^{such as analyzing EM for instance} to look for any anomalies.

That said, although HWs are considered the gold standard for individual use, I trust none of them, regardless of whether they are open source.

To mitigate the threat you are concerned about, it is reasonable for personal use to rely on multisig wallet with cosigners from different manufacturers and/or developers.

[dkbit98]

Since we are talking about secure elements I decided to research what secure chips are used in modern day smartphones.
There are cases when smartphones can be used in similar way cold wallets in airplane mode.
I would not suggest using this method for holding larger amounts, but it should be safer than hot wallets if done correctly.

- apple iphones are using Secure Enclave, a dedicated coprocessor within the A-series and M-series chips.
- g00gle Pixel phones are using Titan M security chips, with latest models Titan M2 chips.
- Samsung phones in latest model is using their own Samsung chips S3FV9RR (EAL 6+) chip, and in older models S3K250AF with (EAL 5+)
- Huawei phones in some models are using same Titan chips from Samsung.

[satscraper]

Since we are talking about secure elements I decided to research what secure chips are used in modern day smartphones.
There are cases when smartphones can be used in similar way cold wallets in airplane mode.
I would not suggest using this method for holding larger amounts, but it should be safer than hot wallets if done correctly.

- apple iphones are using Secure Enclave, a dedicated coprocessor within the A-series and M-series chips.
- g00gle Pixel phones are using Titan M security chips, with latest models Titan M2 chips.
- Samsung phones in latest model is using their own Samsung chips S3FV9RR (EAL 6+) chip, and in older models S3K250AF with (EAL 5+)
- Huawei phones in some models are using same Titan chips from Samsung.

Wow, the topic of SE  in smartphones is very timely, but at the same time any meaningful discussion may take volumes due to the huge number of phone models that are hard even to list.So I’m not sure whether we should start the discussion here.

Regarding Android based smartphones.

I know that there is the Android Ready SE Alliance, created under Google umbrella.

Their official site lists the following SE vendors: Goodix, NXP, Samsung, ST, TMC, and several others.

BTW Xiaomi 14 and Xiaomi 14 Ultra use NXP’s SN220 family of chips.

[dkbit98]

Interesting presentation was released few days ago from Tropic Square developers and it's named Lessons from Building an Open-Architecture Secure Element:
https://media.ccc.de/v/39c3-lessons-from-building-an-open-architecture-secure-element#t=51

Whole presentation is around 40 minutes long, but you can learn a lot about procedure of building open-architecture secure element.
You can listen everything online or download and listen offline recording later, even as audio mp3 file.

[dkbit98]

List is updated again.
There is a new secure element coming from China and it is built inside new Keypal 2 hardware wallet.
THD89 secure element is made by Tongxin Microelectronics, and this is one of the first secure element with EAL6+ certification coming from China.
This chip is already used in ID cards and Keypal 2 is the first hardware wallet to add it.
In addition to this, Keypal 2 HW is using MCE GD32F470 also from China, and nRF52832 as Bluetooth chip.


https://www.tsinghuaic.com/index/index/star.html