Secure Elements are physical chips designed to do one and only one thing, handle a key and encrypting/signing stuff.
Because of this, companies that make them put a lot of effort into making them secure against remote and physical attack. They’re also very secretive about how they work. So, to an extent you have to trust the manufacturer of the SE chip not to have built in anything shady.
Because SEs are used to secure really important stuff for lots of people, they’d also be a great thing for government agencies to try and attack, so some people are suspicious of SEs and TPMs (trusted platform modules, basically the same thing)
The Coldcard has two SEs in it and stores the private key on them. Many other hardware wallets also use SEs. A SeedSigner uses a Raspberry Pi, which doesn’t have a SE.
The argument seems to be over whether not having a SE matters, or whether a SE is a good thing because it’s actually secured against a lot of attacks and you shouldn’t trust your keys to regular off the shelf hobbyist computer hardware, or a bad thing because you can’t trust SEs and they’re obvious targets for NSA/CIA/FBI/GCHQ/&c. to break
1f52b / 1F52B
npub1ra…tgns2
2023-01-07 00:43:26
in reply to nevent1q…g6kv
Author Public Key
npub1raftzmju5gq77twqxrumv5gnweew2t0p4v5upv8kku4vsz4j8jzq3tgns2Published at
2023-01-07 00:43:26Event JSON
{
"id": "4cf8c4b04666a972d0a14c5de4814cbad8a6e8d2917b1d7ef265df03d47f18b9",
"pubkey": "1f52b16e5ca201ef2dc030f9b651137672e52de1ab29c0b0f6b72ac80ab23c84",
"created_at": 1673052206,
"kind": 1,
"tags": [
[
"e",
"f1ec65c3ed5abcbc47408ed44ccdb576b0bba01370bf2d094b3262dfc4e8a57b"
],
[
"p",
"020f2d21ae09bf35fcdfb65decf1478b846f5f728ab30c5eaabcd6d081a81c3e"
],
[
"p",
"8e60715c5b66ee9ebf3636fd5edcb59dfbffaab6ca9efa59bfb5b0e71bfba03a"
]
],
"content": "Secure Elements are physical chips designed to do one and only one thing, handle a key and encrypting/signing stuff. \n\nBecause of this, companies that make them put a lot of effort into making them secure against remote and physical attack. They’re also very secretive about how they work. So, to an extent you have to trust the manufacturer of the SE chip not to have built in anything shady.\n\nBecause SEs are used to secure really important stuff for lots of people, they’d also be a great thing for government agencies to try and attack, so some people are suspicious of SEs and TPMs (trusted platform modules, basically the same thing)\n\nThe Coldcard has two SEs in it and stores the private key on them. Many other hardware wallets also use SEs. A SeedSigner uses a Raspberry Pi, which doesn’t have a SE.\n\nThe argument seems to be over whether not having a SE matters, or whether a SE is a good thing because it’s actually secured against a lot of attacks and you shouldn’t trust your keys to regular off the shelf hobbyist computer hardware, or a bad thing because you can’t trust SEs and they’re obvious targets for NSA/CIA/FBI/GCHQ/\u0026c. to break",
"sig": "fa1f1d81044d2c0c77a0a6aa6b56db9c97f6a095be5e29dc6cede81fc872ccdd0500e85431f53921182b291d3aaf362a0b3acc8b21d2519d62df8b7f43d6ff13"
}