The hardest challenge for wallets is protecting secrets from an attacker that has physical
access to the device. This type of attacker can steal your device from you on the street or from
your house when you are gone. They can modify your device hardware or firmware without your
knowledge. Physical attackers have unlimited attack vectors.
Every kind of security can be defeated by a physical attacker if the attacker has enough time
and money. As an example, hardware security labs have the ability to completely reverse engineer
the silicon chip or a Government in power can force the manufacturer to turn over the design
files. After a chip's internal design has been fully recovered, a lab can very effectively
target specific areas on the chip using a laser to induce changes in memory or logic. The memory
state change can cause the chip to not check critical security parameters before running some
Keeping both the Remote and Physical attack vectors in perspective, Cypherock X1 seeks to
protect your seed phrase and conduct secure transaction signing. Even if a hacker steals your X1
wallet, it is impossible to extract your private keys from the device. Further our unique design
ensures that your assets are safe from all known attacks as explained below.
- Supply chain attack
The X1 wallet comes preloaded with a non replaceable bootloader. On first boot, the
device instructs the user to download the desktop application from Cypherock’s website.
When the X1 wallet detects the application, user can verify their new device securely.
Every X1 wallet and cyCard could be uniquely verified by our server using 256 bit
elliptic curve digital signature algorithm. Once the X1 wallet gets verified through the
desktop app, user can download the latest signed firmware into the device.
- Evil maid attack
Evil maid attack happens when a hacker gets physical access to an unattended device and
it in some undetectable way, so that the hacker can remotely access it later.
Let’s assume, if the X1 wallet is embedded with a wireless transmitter, the compromised
wallet could transmit any PIN it received. To prevent that happening user is instructed
verify the X1 wallet on every boot. Every wallet and card has a serial number and a
bit private key.
- Side channel Analysis
X1 does not store any private information like wallet seed, PIN or PIN attempt counter
Hence there is no useful data to extract or glitch upon. PIN authentication takes place
the EAL 6+ secure element on cyCard.
- PIN bruteforce attack
It is important to note that PIN authentication takes place inside the cyCard. Every
wrong PIN is entered, the waiting time between the attempts increases exponentially.
- Flashing malicious firmware
Official firmware is signed by the Cypherock master key. Installing unofficial firmware
possible on genuine X1 wallet since wallet comes preloaded with a secure bootloader.
- $5 wrench attack
A $5 wrench attack occurs when an attacker physically threatens you using a deadly
hand over your private keys or send over the funds.
For maximum security, it is recommended to store cyCard at different locations. This
increases the time required to get access to the keys and in turn increases the risk for the
attacker. Further you can maintain multiple wallets in single Cypherock X1, one of which can
be used as a dummy wallet for which the keys can be handed over.
Combination of Cypherock X1 and cyCard is the first such attempt to decouple storage and
computation aspect of a hardware wallet. It is one of the most unique and secure methods to
ensure the safety of Crypto assets.