j on Nostr: I can't find the link right now, but their reasoning was that most secure element ...
I can't find the link right now, but their reasoning was that most secure element chips use proprietary code, and one has to sign an NDA to even access the documentation, which goes against the whole idea of open source. They also said they evaluated a few chips and found vulnerabilities, but were unable to disclose because of those NDAs. Apparently they found a fully open source chip. They reference the openness concerns in this article:
https://trezor.io/learn/a/secure-element-in-trezor-safe-3 .
Published at
2024-05-09 02:07:26Event JSON
{
"id": "812c6b270e5dad463bed2bb2bd2d3775e2d531de32fe14fdeebb968f4d25e9cc",
"pubkey": "f90b373f3b028128a7578dc7a1ba8a16b469d775797c7907e8216f83f9054907",
"created_at": 1715220446,
"kind": 1,
"tags": [
[
"e",
"17d151c3d96f414b3f5b8181ffa75ea50894c77dbf077149334e0d760d2d0612",
"wss://relay.nostr.band/",
"root"
],
[
"e",
"b4a80293200d3c9a6b4b38e967d01b24bb8491cbb462b9ecaf251f91799ebbf9",
"wss://purplerelay.com/",
"reply"
],
[
"p",
"a80455732d5bfa792f279011a8c871853182971994752b9cf1169611ff91a578",
"",
"mention"
]
],
"content": "I can't find the link right now, but their reasoning was that most secure element chips use proprietary code, and one has to sign an NDA to even access the documentation, which goes against the whole idea of open source. They also said they evaluated a few chips and found vulnerabilities, but were unable to disclose because of those NDAs. Apparently they found a fully open source chip. They reference the openness concerns in this article: https://trezor.io/learn/a/secure-element-in-trezor-safe-3 .",
"sig": "cd043ff7c9926fb9c9f6e95cc8bb4cea4bf2526ad9a8b109fa76b3877c10c2f1f59a3c081e25db7237e2b89d5f85a527701fa648c01d427dd7d822906c874922"
}