The Internet of Trusted Things
If you are actively involved in cryptocurrency, you should be conservative and protect your digital assets using various cryptocurrency wallets. A cryptocurrency wallet is essentially a software program which stores cryptographic keys and interacts with blockchains for users sending and receiving cryptocurrencies as well as checking their balances. Unlike a traditional wallet in your pocket, a cryptocurrency wallet, doesn’t store currency, but instead stores all the private keys associated with the generated wallet addresses. Those private keys are utilized to unlock the funds in your wallet and sign off the ownership of cryptocurrencies. Cryptocurrency wallets can be classified into two categories, namely hot wallets and cold wallets. While hot wallets are meant to be used on a daily basis and typically connected to the Internet to quickly access the blockchain, cold wallets are mainly kept offline for less exposure and utilized for long-term storage of cryptocurrencies. In practice, hot wallets can be implemented as desktop, online or mobile applications, whereas cold wallets include paper and hardware wallets. This blog post focuses on hardware wallets, one of the most secure types of cryptocurrency wallets.
A hardware wallet, which is also a cold wallet, is a dedicated piece of hardware that provides enhanced security features for storing private keys in the long-term and signing transactions offline. Typically, hardware wallets are connected to a computer via a USB port or to a mobile device via Bluetooth or NFC for checking the blockchain. Moreover, hardware wallets are able to work with various web interfaces and support multiple cryptocurrencies. In particular, the private keys are stored in the protected area of a hardware wallet and never been transferred out of the device in plaintext. Hardware wallets achieve a good balance between facilitating the blockchain transactions and keeping your digital assets offline and away from danger.
While hardware wallets offer increased security and trust for the data processed and stored in the device, they also need to be protected from a wide variety of attacks, including but not limited to:
Properties for Highly Secure Hardware Wallets
Designing a highly secure hardware wallet is a challenging task. By considering various attacks against hardware wallets and analyzing the security designs of popular hardware wallets in the market such as Ledger Nano S, Trezor, KeepKey, etc., we summarize the following properties which we think a highly secure hardware wallet should have:
A high-level system architecture of a secure hardware wallet satisfying the above properties is illustrated below:
An Trusted Execution Environment (TEE) is an environment that allows for secure execution of applications. TEE aims to achieve the following five security properties:
It is not difficult to find similarities between the security properties required by highly secure hardware wallets and those offered by TEE. As a result, TEE provides an ideal solution for further enhancing the security of hardware wallets. While there are several methods to realize TEE, ARM TrustZone is thought to be the most promising technology to implement TEE in ARM based mobile devices and embedded platforms.
ARM TrustZone is a system-wide security approach for the ARM Cortex-based processors. Unlike the dedicated cryptographic engines with pre-defined functionalities, ARM TrustZone represents a more flexible security solution by leveraging the CPU as a programmable trusted environment. It also offers protection when data is being processed in lieu of just providing cryptographic functions. The basic concept of TrustZone is to have a single physical processor core running the two virtual worlds, namely Secure World and Normal World, in a time-slice fashion. While the Secure World is responsible for accessing sensitive hardware, processing critical data and executing trusted software, the Normal World is the common execution environment for operating systems and other applications. These two virtual worlds are achieved by separating both software and hardware resources. Moreover, the TrustZone technology employs multiple hardware features to facilitate the switching between two virtual worlds. For more details for the ARM TrustZone, the interested reader is referred to https://www.arm.com/products/security-on-arm/trustzone.
A hardware wallet implementation is generally composed of three main group of functions: wallet storage functions, wallet management functions, and cryptographic operation functions. For realizing a hardware wallet using the ARM TrustZone technology, all the functions and their associated data need to be fully analyzed in order to determine the functions that should be executed in the Secure World and Normal World, respectively. For example, the functions for handling cryptographic keys should only be executed inside the Secure World. Moreover, the switching between two virtual worlds must be carefully investigated to ensure no sensitive information is leaked during this process. IoTeX is actively conducting research in this area to further enhance the security of hardware clients of blockchains
IoTeX is dedicated to creating a decentralized platform of IoT-oriented and privacy-centric blockchain to address the scalability, privacy, isolat-ability, and develop-ability issues of IoT DApps and ecosystem growth through its core innovation of the ’blockchain-blockchains’ architecture. IoTeX is aimed to be the one who connect the physical world block by block as well as push the frontier of blockchain 3.0.