Cypherock
  • Introduction
  • Design Decisions
    • The balance between security and convenience
    • Cypherock X1 Hardware architecture
      • Using ultrasonic welding for the X1 Vault enclosure
      • Encrypted NFC communication for X1 cards
      • Using Javacards instead of MicroSD
      • Choosing USB vs QR Code
      • Why the X1 cards are not upgradeable
    • Cypherock is BIP39 compliant
    • Private keys should be near to impossible to extract
    • Conflict between trusted parties should not result in unauthorized access
    • Using Shamir Secret Sharing vs. Multi-sig
      • How is Shamir Secret Sharing implemented within Cypherock X1
      • Why Cypherock has a default 2/5 threshold scheme
      • Rejected Key Schemes
    • PIN Protection on Cypherock X1
      • Difference between backing up your PIN vs. Seed Phrase
  • Security Overview
    • Introduction
    • Keylabs - Third Party Security Audit
    • Remote Attacks
    • Physical Attacks
      • $5 Wrench Attack
      • PIN Brute Force Attack
      • Evil Maid Attack
      • Flashing Malicious Firmware
      • Side Channel Attack
      • Supply Chain Attack
  • Cypherock X1 Features
    • Eliminate messy paper backups
    • Open source with secure elements
    • Use Cypherock as a seed phrase vault
    • All-in-one Portfolio Manager
  • Getting Started
    • Download cySync
    • Import Seed Phrase from existing BIP39 compatible wallet
    • Generate a new wallet with Cypherock X1
    • How Cypherock generates your 24-word seed phrase
    • Best practices in keeping your X1 cards secure
      • Use the protective card sleeves
      • Geographical Seperation
      • Choosing your guardians
    • How do I know I am not locked-in to using only Cypherock X1
    • How do I know my Cypherock X1 is genuine?
      • Email 2FA for Product Authentication
    • How to recover your Crypto assets in the case of loss or theft
    • What happens to my Cypherock X1 if Cypherock goes out of business?
Powered by GitBook
On this page

Was this helpful?

  1. Security Overview

Introduction

Security is the paramount value which Cypherock X1 was built upon. Cypherock X1 offers state-of-the-art security features that make it the ideal wallet to HODL your Crypto with peace of mind.

  1. Open-Source with Secure Elements: Traditionally wallets had to make a choice between becoming open-source or using closed-sourced secure elements bounded by NDAs. Cypherock have the best of both Worlds. X1 Vault is open source and stores 1 of the 5 shards and the 4 X1 Cards have EAL 6+ secure elements and store the remaining 4 of the 5 shards.

  2. Distributed Entropy Generation: Entropy in X1 Vault is generated through XOR between the random number generated by the STM32L4 chip and the ATECC chip to avoid any single point of failure in entropy generation. The user can also input their own seed phrase if they want.

  3. Server-based Security Validation: Both X1 Vault and X1 Cards are required to be authenticated successfully through the server before the product can be used by the user. This ensures protection against supply chain attacks.

  4. Distributed Key Storage: The master key unlike other wallets is never stored in a single place permanently in Cypherock X1. The private key for a specific coin is generated in real-time in the RAM from the X1 Vault and any X1 Card, the transaction is signed, and then the private key is deleted from the RAM then itself. It never touches permanent storage ever.

  5. PIN Protection over Key Material: Each of the shards stored on the X1 Vault and the 4 X1 Cards is also protected by a user-generated alphanumeric PIN that has brute force protection enforced by secure elements.

PreviousDifference between backing up your PIN vs. Seed PhraseNextKeylabs - Third Party Security Audit

Last updated 1 year ago

Was this helpful?