When a leading decentralized exchange platform was looking to create a premium cryptocurrency hardware wallet that would provide unmatched security protection and ease of use, they turned to security architect expert, Josh Datko of Cryptotronix and Cardinal Peak.
The objectives we were charged to achieve for the superior cryptocurrency hardware device were to:
- Provide unmatched security
- Create a robust, impenetrable design
- Make it so easy to use a grandparent could operate it
From examining available wallet solutions and hacking these devices to identify weaknesses, the device security criteria were developed to address current and potential vulnerabilities.
The team worked to design a hardware wallet that served as a computer for a computer. The device would be dedicated solely for cryptocurrency and private key security using components proven in other security applications and products.
The resulting wallet is a unique and comprehensive set of components and features that make it the most secure and powerful device of its type.
Firmware, Hardware and Process Features
- All software components are cryptographically signed and verified – from the bootloader to the application code – preventing malicious code from persisting in the device storage.
- ARM TrustZone is also used in the design to ensure that critical device procedures operate in a secure execution environment.
- Microchip SAMA5D2 processor is the gold standard in microprocessor security and capability and uses low-power consumption with high-precision and -speed to deliver functionality with inherently-designed security.
- PCI pre-certified and proven in electronic payment applications, the SAMA5D2 delivers encrypted IP for external RAM, DRAM encryption, and secure SRAM for environmental monitoring.
- Arm TrustZone Armv8-M is embedded in the SAMA5D2 core processor for an additional security layer and protected execution environment that is inaccessible to unauthenticated access, unlike other hardware wallets that operate as microcontrollers.
- Microchip ATECC608A co-processor is also used to provide anti-counterfeiting features and a root-of-trust.
- Through Microchip provisioning services, the ATECC608A is initialized at a Microchip facility and then custom parts for this device are released only to designated manufactures ensuring that an off-the-shelf ATECC608A cannot be replaced for the custom one in the design.
- Additionally, the ATECC608A has unique device certificates providing a foundation for strong device identity.
- FIDO Universal 2nd Factor (U2F) standard built-in device feature for security key and secure two-factor authentication
Premium Case Protection
In evaluating existing cryptocurrency wallets, the team determined that physical construction was poor, devices were easy to disassemble, and it was possible to open and modify any device. This ease of access makes those wallets vulnerable to a variety of physical attacks without being apparent to the owner.
Physical wallet security is an important feature that, while missing in other hardware devices, was deemed critical to the development team. The features of the premium cryptocurrency wallet deliver layers of tamper protection.
- Premium billet aluminum alloy mid-frame material casing
- Proprietary snap-in and adhesive physical wallet enclosure case that is tamper-resistant and tamper-evident
- Potting to prevent reverse engineering of the device in order to gain knowledge of internal design, components, and operating features plus protection from shock, vibration, moisture, and corrosive agents
- Manufactured, packaged, and distributed in North America using only vetted suppliers
Simplified and Sophisticated
Existing cryptocurrency wallets are very small, offer limited interaction, and are painful to use. With just two navigation buttons, no rich graphics, and basic calculator-type functionality, devices unnecessarily increased the complication of using a digital currency wallet, which could result in a risk of user error for many new cryptocurrency customers.
The design team set out to create a modern, smartphone-type experience for users while retaining security guarantees. The resulting sleek, lightweight wallet and interface inspire confident and increased usability for even the most basic users.
- Intuitive interface designed to streamline the workflow for cryptocurrency transactions
- Graphical visual design to support standard cryptocurrencies and minimize error
- FIDO U2F haptic feedback for quick, simplified, and secure device access
- 5-inch 320×480 resolution, full touch screen display in the size of a credit card and weighs just 100g
Realistically, designing any new device technology can be a compromise given the competing tradeoffs between security, performance, and usability. With the constant evaluation of these elements throughout the design and development project, our team created a secure, robust, and easy-to-use cryptocurrency wallet that protects customers, cryptocurrency, and keys.