Silicon Salon Presentation 2022-09-14

<img src="https://img.evbuc.com/https%3A%2F%2Fcdn.evbuc.com%2Fimages%2F340721109%2F956932281233%2F1%2Foriginal.20220823-183529?w=800&auto=format%2Ccompress&q=75&sharp=10&rect=0%2C0%2C2160%2C1080&s=ed33e3a84da6425d35e04eb147987558" width=1024> #bc-silicon-salon 2022-09-14 --- ### This is collaborative session You can follow these slides at: https://hackmd.io/9v0ABBXoTyyqzUcF3vDEsg?view/ ### Collaborative Notes at: https://hackmd.io/4UynsiS_SBO9EIDGuZ2AHw?edit Please join us on a laptop or smartphone! --- ## <img src="https://i.imgur.com/QyDl5nK.png" width="192" height="192"> What is Blockchain Commons? * We bring together blockchain & Web3 stakeholders to collaboratively develop interoperable infrastructure. * We design decentralized solutions where everyone wins. * We are a neutral "not-for-profit" that enables people to control their own digital destiny. --- ## Who am I? <img src="https://avatars.githubusercontent.com/ChristopherA?s=195"> Christopher Allen (@ChristopherA) Principal Architect & Executive Director --- ## <img src="https://i.imgur.com/QyDl5nK.png" width=192 height="192"> What is a Silicon Salon? - Facilitate wallet developers and semiconductor manufacturers to identify problems & assess needs. - ***This is what we're doing today in this salon!*** - We use what we learn to collaboratively engineer interoperable specifications. - We evangelize these solutions to the ecosystem. - We support our partners with reference code and test suites so that they can develop their own implementations. --- ## Who are you? - Semiconductor designers - Bunnie Studios, CrossBar/Cramium, Tropic Square - Wallet hardware manufacturers - Foundation Devices, Proxy, Validating Lightning Signer - Blockchain & Web3 ecosystem members - Bitmark, Unchained Capital - Advocacy organizations - Blockchain Bird, Human Rights Foundation - Cryptographic engineers & protocol designers & cryptographers --- ## Last Event ### www.SiliconSalon.com - Topic: Requirements for Secure Hardware - Pain Points - Architecture - Boot, Firmware & Supply Chain - Cryptographic primitives, protocols & acceleration - Threats & Countermeasures - Edge Topics - Building a secure infrastructure ecosystem - 5 Presentations - Blockchain Commons, CrossBar, Proxy, Libre-SOC, Tropic Square - Videos, Presenations, and Transcripts - Key Quotes --- ## <img src="https://i.imgur.com/QyDl5nK.png" width=192 height="192"> The hardware wallet challenges we're exploring today… * How do we boot securely? * How do we ensure firmware is secure? * How do we update firmware? * How do we ensure the supply chain isn't at risk? --- ## The Process - SCAN: Multiple presentations on these topics, with limited Q&A - _(~ 1 to 1-1/2 hour then a brief break)_ - FOCUS: Facilitated Q&A - ACT: Decide on next steps for collaboration - _(~15 minutes)_ Collaborative Notes at: https://hackmd.io/4UynsiS_SBO9EIDGuZ2AHw?edit --- ## Chatham House Rules Apply - _"participants are free to use the information received, but neither the identity nor the affiliation of the speaker(s) ... may be revealed."_ - We are recording the presentations for YouTube - We will not be sharing the Q&A, only recording to produce an anonymized summary - Summary will include quotes, but not names - You will have an opportunity to request anything you said be removed from the final summary --- ## Presentations - [ ] Bunnie Studios - [ ] Crossbar/Cramium - [ ] Proxy - [ ] Foundation Devices - [ ] Validated Lightning Signer --- ## Boot Questions How do we design bootloader securely but with flexibility? - Chip lifecycle - What functions available before OEM firmware? - Multiple-stages (chip, multichip, OEM, user) - How do we QA & debug returns? - Firmware signing & on-chip verification by OEM - Can wallet manufacturer/OEM replace root of trust with their own? - Can we do firmware rollback? Destroy all prior keys?? - Self-sovereign devices (remove OEM)? - Is this just the user as OEM? - Another move of reset vector? --- ## Firmware Questions How do we ensure firmware is secure? How do we update it? - Auditability, verifiability & public audits of code & secret management - manufactuer vs oem requirements? - What is “certified” vs “open”? - How can we ensure security given black box code? Deterministic builds? - Where are multiple security domains a solution? - With architectures of multiple chips, what are acceptable limits for updating different chips? - How to remove compromized keys with updates? - Threshold signatures for firmware keys? --- ## Supply Chain Questions How do we ensure the supply chain isn't at risk? - Hardware supply chain authentication - How far back does supply chain authentication need to go? - Back to chipmaker? Verify mask? How - New forms of authentication? - particularly as major manufacturers move away from passwords - CPACE, OPAQUE rather than PINs? - Sofware supply chain - Verification of dependencies --- ## The Bigger Picture - Who are we missing from this discussion? - What are our priorities for further discussion, requirements, new specifications, APIs, reference code? - Any “low-hanging fruit” that need investigation collectively? - Talent: We need more cryptographers, code review, hardware designers - Hiring/job board? - Cryptographers as a shared resource? - Peer security code reviews? - Is there more things that a neutral third-party like Blockchain Commons should be doing? --- ## Next Steps - Collaboration channels for futher discussion - Synchronous: [Private Signal group](https://signal.group/#CjQKINQTJeLo7ee3-i4qX6a94HouFQSXSreoQR6pbtc6JpRrEhBw2-O2uDKu7XjB_RupXaSy) - Asynchronous: [Github discussion area](https://github.com/BlockchainCommons/Airgapped-Wallet-Community/discussions) - Next Silicon Salon? - November? January? - Do you like what we are doing here today? - Become a ongoing [sponsor](http://github.com/sponsors/BlockchainCommons) of Blockchain Commons via GitHub. --- <img src="https://avatars.githubusercontent.com/ChristopherA?s=195"> Christopher Allen (@ChristopherA) <img src="https://i.imgur.com/QyDl5nK.png" width="192" height="192"> www.BlockchainCommons.com