As both a #security #researcher and #OpenSource advocate, I say forget the secure element.
I'm not sure exactly how cashu fits in here, but if it's just a matter of storing the tokens you get from the eCash server: require a PGP pubkey and encrypt the tokens with that. Simple, effective, and easy to audit.
Or ECC encryption, if you prefer that. https://cryptobook.nakov.com/asymmetric-key-ciphers/ecc-encryption-decryption
Dr. Hax
npub16v…meqha
2024-12-01 07:49:34
in reply to nevent1q…03cs
Author Public Key
npub16v82nr4xt62nlydtj0mtxr49r6enc5r0sl2f7cq2zwdw7q92j5gs8meqhaPublished at
2024-12-01 07:49:34Event JSON
{
"id": "85fede02a1c13c384fa1448bcd624639f5300373d3461df5a3ea494b24507547",
"pubkey": "d30ea98ea65e953f91ab93f6b30ea51eb33c506f87d49f600a139aef00aa9511",
"created_at": 1733039374,
"kind": 1,
"tags": [
[
"e",
"ae861bfa492bdfbd8ecc75fa8b35b700df3268111a523a155cba15fc763fed51",
"",
"root"
],
[
"e",
"08f77a55112f2b8ad33744ab2d11367d66152ab53e36e08fcc131fb5be8bd0b3"
],
[
"e",
"0104d59cfc2a47fbe3dc611e378ca649588312302956b637c1ffa331236e495d",
"",
"reply"
],
[
"p",
"5a3de28ffd09d7506cff0a2672dbdb1f836307bcff0217cc144f48e19eea3fff"
],
[
"p",
"d30ea98ea65e953f91ab93f6b30ea51eb33c506f87d49f600a139aef00aa9511"
],
[
"p",
"d3052ca3e3d523b1ec80671eb1bba0517a2f522e195778dc83dd03a8d84a170e"
],
[
"p",
"d3d74124ddfb5bdc61b8f18d17c3335bbb4f8c71182a35ee27314a49a4eb7b1d"
],
[
"t",
"security"
],
[
"t",
"researcher"
],
[
"t",
"OpenSource"
],
[
"t",
"opensource"
],
[
"r",
"https://cryptobook.nakov.com/asymmetric-key-ciphers/ecc-encryption-decryption"
]
],
"content": "As both a #security #researcher and #OpenSource advocate, I say forget the secure element.\n\nI'm not sure exactly how cashu fits in here, but if it's just a matter of storing the tokens you get from the eCash server: require a PGP pubkey and encrypt the tokens with that. Simple, effective, and easy to audit.\n\nOr ECC encryption, if you prefer that. https://cryptobook.nakov.com/asymmetric-key-ciphers/ecc-encryption-decryption",
"sig": "a33c89686ada46a1470709c3cf38127cb99d0c5a4c782c75f89c7cb4a442a221762c69a09efdee0ca5c1b1ffa329cfd8af1fcaa578d112ad0daf8a4cdad8ab72"
}