How is NGRAVE protecting its users?
Due to recent industry news, we have received multiple questions on how NGRAVE assures ultimate security. Here are our answers.
- Article Quick Links:
- Is NGRAVE open source?
- Can you extract private keys from the NGRAVE ZERO via the USB port in firmware updates?
- Will NGRAVE make a custodial platform or a third-party seed backup solution with shards?
- Custodial Platform
- Seed Recovery Service
- How can I be sure my NGRAVE ZERO wasn’t tampered with in a supply chain attack?
- Final words
We believe strongly in the benefits of open source, but we also must consider its limitations. The security principle of having many eyes checking our code only holds if many people are looking at our code and reporting issues. Unless we have a large and active user base, there is a significant risk that zero-day vulnerabilities do not get disclosed. This means that right now, we will not open source any part of ZERO's firmware, including the secure element, as we prioritize security. However, we are committed to a future plan of gradually releasing open source components when the conditions are favorable, considering factors such as a sizable and engaged user base to maximize code scrutiny and vulnerability disclosure.
To understand our reasoning, you have to understand the overall security design of our inner working: there is a 'regular' firmware taking care of peripherals such as the touch screen, and a secure firmware authenticating the rich OS & providing the operations for all security related operations (secure storage of private key, PIN & fingerprints, signing, key creation with TRNG, etc). We have tried to find the best solution for our secure firmware and partnered with the only player in the world offering EAL7-certified firmware.
The vision of open source from our CTO
Verify and Install Firmware Update Yourself.
of Ruben Merre, NGRAVE CEO & Co-founder, with Scott Melker, AKA The Wolf Of All Streets.
Your ZERO comes fitted with 4 layers of protection that should give you peace of mind:
- Cryptographic verification: When setting up your ZERO, you can easily verify that your device is genuine and was made by NGRAVE. Additionally the firmware is cryptographically signed and is verified every time your ZERO boots. If there is the slightest change in software, signature verification will fail and ZERO will refuse to boot.
- Tamper resistance: You can’t open the device without damaging it.
- Tamper evidence: Even if you would succeed in bypassing the previous measure, you can’t put it back together again without leaving traces.
- Tamper responsiveness: There are sensors inside the ZERO which will detect it being opened and will wipe/reset the device.
Article Quick Links:
- Is NGRAVE open source?
- Can you extract private keys from the NGRAVE ZERO via the USB port in firmware updates?
- Will NGRAVE make a custodial platform or a third-party seed backup solution with shards?
- Custodial Platform
- Seed Recovery Service
- How can I be sure my NGRAVE ZERO wasn’t tampered with in a supply chain attack?
- Final words
NGRAVE is a digital asset security company and the creator of the world’s most secure cryptocurrency wallet, NGRAVE ZERO. NGRAVE ZERO was developed in collaboration with a world-renowned team of cryptography and security experts.