Contents

Remote Attack

Physical Attack

  • Supply chain attack
  • Evil maid attack
  • Side channel Analysis
  • PIN bruteforce attack
  • Flashing malicious firmware
  • $5 wrench attack

Security is the most important thing for the user when it comes to hardware wallets. The attacks possible on a hardware wallet can be broadly classified into :
1) Remote Attack
2) Physical Attacks

Remote Attack

The term remote means attacks where the attacker doesn't have physical possession of the device. A remote attacker can manipulate data sent to the hardware wallet or control a device that the wallet communicates with. This creates limits on what the attacker can do. If the wallet connects to a computer over USB, the attacker needs to find and exploit a bug in the device’s USB software stack or application layer usage.

Remote attackers are limited in what software/hardware they can look for vulnerabilities in because they can only see exposed external interfaces. With great sophistication, the attackers are still limited and hence it is much easier to protect code execution and use of internal device secrets because there is less software and hardware exposed to attacks.

Physical Attack

The hardest challenge for wallets is protecting secrets from an attacker that has physical access to the device. This type of attacker can steal your device from you on the street or from your house when you are gone. They can modify your device hardware or firmware without your knowledge. Physical attackers have unlimited attack vectors.

Every kind of security can be defeated by a physical attacker if the attacker has enough time and money. As an example, hardware security labs have the ability to completely reverse engineer the silicon chip or a Government in power can force the manufacturer to turn over the design files. After a chip's internal design has been fully recovered, a lab can very effectively target specific areas on the chip using a laser to induce changes in memory or logic. The memory state change can cause the chip to not check critical security parameters before running some operation.

Keeping both the Remote and Physical attack vectors in perspective, Cypherock X1 seeks to protect your seed phrase and conduct secure transaction signing. Even if a hacker steals your X1 wallet, it is impossible to extract your private keys from the device. Further our unique design ensures that your assets are safe from all known attacks as explained below.

  • Supply chain attack

    The X1 wallet comes preloaded with a non replaceable bootloader. On first boot, the device instructs the user to download the desktop application from Cypherock’s website. When the X1 wallet detects the application, user can verify their new device securely. Every X1 wallet and cyCard could be uniquely verified by our server using 256 bit elliptic curve digital signature algorithm. Once the X1 wallet gets verified through the desktop app, user can download the latest signed firmware into the device.

  • Evil maid attack

    Evil maid attack happens when a hacker gets physical access to an unattended device and alters it in some undetectable way, so that the hacker can access it remotely access it later. Let’s assume, if the X1 wallet is embedded with a wireless transmitter, the compromised X1 wallet could transmit any PIN it received. To prevent that happening user is instructed to verify the X1 wallet on every boot. Every wallet and card has a serial number and a unique 256 bit private key.

  • Side channel Analysis

    X1 does not store any private information like wallet seed, PIN or PIN attempt counter etc. Hence there is no useful data to extract or glitch upon. PIN authentication takes place inside the EAL 6+ secure element on cyCard.

  • PIN bruteforce attack

    It is important to note that PIN authentication takes place inside the cyCard. Every time a wrong PIN is entered, the waiting time between the attempts increases exponentially.

  • Flashing malicious firmware

    Official firmware is signed by the Cypherock master key. Installing unofficial firmware is not possible on genuine X1 wallet since wallet comes preloaded with a secure bootloader.

  • $5 wrench attack

    A $5 wrench attack occurs when an attacker physically threatens you using a deadly weapon to hand over your private keys or send over the funds.

  • For maximum security, it is recommended to store cyCard at different locations. This increases the time required to get access to the keys and in turn increases the risk for the attacker. Further you can maintain multiple wallets in single Cypherock X1, one of which can be used as a dummy wallet for which the keys can be handed over.

Combination of Cypherock X1 and cyCard is the first such attempt to decouple storage and computation aspect of a hardware wallet. It is one of the most unique and secure methods to ensure the safety of Crypto assets.