Hi,
I just bought a Jetson TX2 development kit for evaluation. I am checking the way if it can act as a cryptocurrency hardware wallet. Of course, other than this, the chip is still busy on other tasks concurrently.
On the wallet requirements :
This wallet code running there must be authenticated, i.e. hacker can’t put there code there
This code shall generate a RSA keypair such that the private key cannot be read out
This code shall sign messages and returns back the signed messages
I am not sure if the “TrustZone” is good for this purpose. Has anyone done similar thing before ? Please share me your experience. Many many thanks !
You might give an example of some current wallet you want to use with a TX2. I’ve never done anything with cryptocurrency, but if you have a specific application, then it might be possible to make suggestions.
FYI, RSA key pairs can be generated with OpenSSH tools (“ssh-keygen”). One would typically store the private key readable only to the end user (root also gets to read that though). Public keys can go anywhere are intended to be visible to the public.
Thanks for your reply !
There are some “software” wallets implementation from github, says, Trust Wallet · GitHub , which is a wallet for Ethereum. However, the private key of such “software” wallet is either in the CPU user space or kernel space. Potentially, it can be read by a malicious program.
Therefore, to have a better security, there’re many hardware wallet for cryptocurrency such that the private key is protected from the outside world. Even the owner of the hardware wallet doesn’t know the private key. The wallet just shows the public key and returns the signed message. For example, https://www.ledger.com/products/ledger-nano-s?r=2c06&path=/products/ledger-nano-s&tracker=reviewwallets
Heard that there’s a “TrustZone” in the ARM core. The code and data running there are protected from outside program. Therefore, I want to check if it is possible to make a hardware wallet with the “TrustZone” in TX2.
“TrustZone” is unrelated to “TrustWallet”…“TrustZone” is related to signing boot content so an altered boot can’t be installed (typically a malicious boot loader would alter boot in order to sniff private keys as the booting system starts…“TrustZone” can prevent this).
From what I see it looks like “TrustWallet” was designed for smart phones (i.e., Android or iPhone). Android has a Linux kernel, but otherwise is quite different than basic Linux. You couldn’t just compile an Android program and have it work on Linux. This would probably be quite difficult to build for a Jetson. It doesn’t mean someone else doesn’t already have such an application, but this particular one does not appear to be designed for basic Linux.
The general scheme you are mentioning is just a public/private key pair. The infrastructure for this in Linux is quite good (I would go so far as to say “top notch”), but I am unfamiliar with crypto currency wallets, so I can’t give much advise.
The mentioned Ledger Nano is a hardware enforced device. I don’t know if this will work on Linux or not, you’d have to ask…if it does, then any user space program would need to be ported to arm64/aarch64/ARMv8-a. If the driver or user space software is publicly available, and intended for some other Linux architecture (usually a desktop PC), then you would probably be able to compile it for arm64. It is quite possible the source code is not available, but given the hardware enforcement of this device the source code could probably be public without any issue.
… so “TrustZone” can work as a secure bootloader only.
Sorry that I thought “TrustZone” is an another core/module that the main core can communicate with it.
Btw, after booting into OS (Linux / Android), can the OS load this “TrustZone” with another program and communicate with an application running in Linux ?
It’s kind of the reverse. When you start with TrustZone, then you can use it to load trusted applications. One example is you’re free to use a pass phrase within the bootloader to mount an encrypted file system without fear of someone changing the bootloader to echo the password each boot. You can read more about from the documents on secure boot:
[url]Jetson Download Center | NVIDIA Developer
(you might have to log in to see it, not sure; in which case you might have to hit the link a second time to see actual content)
TrustZone is about setting up a trusted environment, and is not itself an end user application (it is a mode). Being able to set up trust requires multiple steps. You’d basically design your system with whatever security you have in mind, and then you’d burn the security fuse such that only boot software you’ve signed will work.
A concept like “TrustWallet” is entirely a third party application. In many ways you wouldn’t need anything else to trust the application. On the other hand, you wouldn’t know if something like a keyboard logger hadn’t been installed; with other security (such as TrustZone) you can harden the environment surrounding your individual applications.