future of hardware wallets bip 001
TRANSCRIPT
Future of Hardware WalletsBlockchain Incredible Party 001
Nicolas Bacca, CTO, LedgerSecure Element solutions architectWhitehat security reports
https://github.com/btchip/trezor-security-exploits
About me
LEDGER
Key protection Malware, (side channels, covert channels)
Independant devicesStatic validation only
Check destination, amount
Hardware Wallets today
Confirming a transaction is complicatedCommon use case : web purchase is not covered
BIP 70 helps, but is not supported by Hardware Wallets yet
BIP 70 is merchant centric
PKI issues again - how to validate certificates, how to revoke certificates on a disconnected platform
User Experience limitations
LEDGER
Colored Coins with multiple kernelsOpen Assets popular right now
Blockchain proofsAugur, Bitproof ...
More Smart Contracts in the futureNew protocol layers
Sidechains, Hubs
Growing, dynamic use cases
LEDGER
User Experience should be customizable
One size doesn’t fit all
Valuable assets go way beyond the transaction amount.
Moving targets
LEDGER
Similar to libConsensus : protect the critical core
Provide the low level logic
Provide the isolation layers and manage the lifecycle of pluggable easy to write high level applications
Ledger OS
LEDGER
Customized Confirmation UX
Open Assets Confirmation UX
LedgerOS
Significant lessons to learn from the Smartcard industry
GlobalPlatform : lifecycle and isolation, multiple applications management
Java Card : isolation through a Virtual Machine
MultOS : native applications isolation
Formal validations of the above
Let’s make it more open, more trustless, built correctly from the ground up
This has already been done
LEDGER
Isolation with a Secure ElementInternal Secure Element (Java Card, (U)SIM card)
Isolation with TrustZoneLow level isolation on high end ARM cores
Isolation with Trusted Execution Environment
High level isolation with dedicated OS
Moving towards better integration
LEDGER
Key protection Malware, side channels, covert channels
Integrated, virtualized applicationsValidation through third party, pluggable, easy to write and secure applications
Hardware Wallets tomorrow
LEDGER
Java Card playground for the high level APIhttps://github.com/ledgerhq/ledger-javacard (soon)
Trusted Execution Environment public beta, high level isolation prototypeOpen Source isolation product coming up end 2015 (BLE, NFC, screen)
Follow up with Ledger
LEDGER
@LedgerHQ
Thank youBlockchain Incredible Party 001