Leo Wandersleb on Nostr: That is why I came to like the combination of SE and MCU where the SE is oblivious to ...
That is why I came to like the combination of SE and MCU where the SE is oblivious to what the MCU stores but the MCU stores all secrets with a key only the SE knows. What's wrong with that? Now the auditor can treat the SE as a black box that yields a key encryption key only if provided with a secret but bricks itself if the secret cannot be provided in x attempts.
You say, Coldcard could do something shady in their not-a-ROM boot ROM? But that's MCU side, right? So can we audit it? Or are you talking about the hardware not being what they claim it is?
Published at
2024-10-16 12:53:06Event JSON
{
"id": "20d9a17e7e0a34ad5915c654cadf0fa07edf31b63392fb00e6549210078e8ac4",
"pubkey": "46fcbe3065eaf1ae7811465924e48923363ff3f526bd6f73d7c184b16bd8ce4d",
"created_at": 1729083186,
"kind": 1,
"tags": [
[
"e",
"e05887c3d1b4a9e89fc30822205292da8a980d2789d930c3c5b4442b4481efdb",
"",
"root"
],
[
"e",
"d5949033bf2c848c47089f057c6125407e0eb2aa5d07bd696c9b728c2a74ac1c",
"",
"reply"
],
[
"p",
"52b4a076bcbbbdc3a1aefa3735816cf74993b1b8db202b01c883c58be7fad8bd",
"",
"mention"
],
[
"client",
"noStrudel",
"31990:266815e0c9210dfa324c6cba3573b14bee49da4209a9456f9484e5106cd408a5:1686066542546"
]
],
"content": "That is why I came to like the combination of SE and MCU where the SE is oblivious to what the MCU stores but the MCU stores all secrets with a key only the SE knows. What's wrong with that? Now the auditor can treat the SE as a black box that yields a key encryption key only if provided with a secret but bricks itself if the secret cannot be provided in x attempts.\n\nYou say, Coldcard could do something shady in their not-a-ROM boot ROM? But that's MCU side, right? So can we audit it? Or are you talking about the hardware not being what they claim it is?",
"sig": "84347d033cc5f8c3abf9b0d11d7461bf1965f584bdccc8579f2ace3cf289d1951d7a876bcae50a0490a7b4a001c1a72caa6efaff47d84b53df6a39fe820f9f26"
}
