Topic: Secure Element in Hardware Wallets - page 9. (Read 3075 times)
Sure, Trezor only have one chip and everything is open sourced, but that does not mean that having dual chip and secure element is always better, especially if that chip is using closed source firmware (see posted example for exploits), and yes nothing will help you if you send scammers your seed words.
interesting topic, must say that I was not aware that Trezor does not have any secure element inside
it is always good to divide complicated things into small parts, for better understanding by community, and educate community as much as possible, that is the only way to decrease number of scams that are inevitable part of every industry, especially growing one, like crypto industry
but, nothing will help you if you do not secure your own data properly, it can not be overstated the importance of securing your own private keys / mnemonic seeds, and not sharing those with anyone, and interacting with proven wallets/exchanges only
it is always good to divide complicated things into small parts, for better understanding by community, and educate community as much as possible, that is the only way to decrease number of scams that are inevitable part of every industry, especially growing one, like crypto industry
but, nothing will help you if you do not secure your own data properly, it can not be overstated the importance of securing your own private keys / mnemonic seeds, and not sharing those with anyone, and interacting with proven wallets/exchanges only
I see many people talking about Secure Element in hardware wallet like some mythical creature that will protect us from all evil, but in reality Secure Element is just a chip or microcontroller used in a similar way like in SIM cards, SDcards, IDs, Payment Cards or Phones, and they can potentially be exploited by malicious firmware updates.
In Hardware wallets they are used as second chip for storing private keys and seed words.
What are the benefits of Secure Element in Hardware Wallets?
- Seed words never leave device but they stay in Secure Element
- Secure updates
- Generating 'random' numbers
- No tempering
Secure Elements can be open source (can be verified and confirmed) or closed source (any firmware can be used including malicious), certified or not certified.
Current state of Secure Elements is Hardware wallets:
- Trezor: NO Secure Element (they suggest using BIP39 and Passphrase encryption; secure element planned for 2022)**
- Keepkey: NO Secure Element
- Jade: NO Secure Element (it has secure boot and encrypted flash)
- ColdCard Mk3: Microchip ATECC608A covered by epoxy, open source
- Bitbox02: Microchip ATECC608A, open source
- Passport: Microchip ATECC608A,open source
- Ledger: EAL5+/EAL6+ ST31H320, ST33J2M0, closed source!
- D'CENT: EAL5+ NXP P60
- Safepal S1: EAL5+ ? unknown chip, closed source
- CoolWallet S: EAL5+ SE microchip NXP P5CD081, closed source
- CoolWallet Pro: EAL6+ SE microchip NXP J3R110, closed source
- Jubiterwallet: EAL6+ SE Infineon, closed source
- Kasse HK-1000: EAL5+ ST31H320 A03, closed source
- Keevo: EAL5+ Infineon Optiga Trust-P, closed source
- Secux: EAL5+ Infineon CC, closed source
- Ngrave: EAL7+ STM32MP157C with unknown built-in secure element, ?
- Tangem: EAL6+ Samsung SecureCore microchip, open source sdk
- ImKey: EAL 6+ Military-grade CC security chip, closed source
- Wookong: EAL 4+ ? unknown chip, closed source
- Hashwallet: EAL 6+ Infineon SLE78 secure element
- Opolo: EAL 6+ NXP secure element, closed source
- OneKey: EAL 6+* HSC32I1 secure element; EAL 4+ according to hsec website
- HyperMate: EAL 6+ Infineon secure element, open source
CoboVault: EAL5+ (FIPS 140-2) probably MAX36010-BSN-T secure element with open source firmware- KeyStone: EAL5+ ARM Cortex-M0
Let's see some examples how Hardware Wallets got exploited before in presentation Exploiting Hardware Wallet’s Secure Element by Riscure and Sergei Volokitin.
If you can choose, then always go for Open Source.
*EAL = Evaluation Assurance Level
Quote
EAL1 - functionally tested
EAL2 - structurally tested
EAL3 - methodically tested and checked
EAL4 - methodically designed, tested, and reviewed
EAL5 - semi-formally designed and tested
EAL6 - semi-formally verified design and tested
EAL7 - formally verified design and tested
EAL2 - structurally tested
EAL3 - methodically tested and checked
EAL4 - methodically designed, tested, and reviewed
EAL5 - semi-formally designed and tested
EAL6 - semi-formally verified design and tested
EAL7 - formally verified design and tested
**Trezor is working on their own fully open source Secure Element chip and they started separate project for this purpose called Tropic Square.
Jump to: