2. Nicolas Bacca, CTO, Ledger
Secure Element solutions architect
Whitehat security reports
https://github.com/btchip/trezor-security-exploits
About me
LEDGER
4. Confirming a transaction is
complicated
Common use case : web purchase is
not covered
BIP 70 helps, but is not supported by Hardware
Wallets yet
BIP 70 is merchant centric
PKI issues again - how to validate certificates,
how to revoke certificates on a disconnected
User Experience limitations
LEDGER
5. Colored Coins with multiple kernels
Open Assets popular right now
Blockchain proofs
Augur, Bitproof ...
More Smart Contracts in the future
New protocol layers
Sidechains, Hubs
Growing, dynamic use cases
LEDGER
6. User Experience should be
customizable
One size doesn’t fit all
Valuable assets go way beyond the
transaction amount.
Moving targets
LEDGER
7. Similar to libConsensus : protect the
critical core
Provide the low level logic
Provide the isolation layers and manage the
lifecycle of pluggable easy to write high level
applications
Ledger OS
LEDGER
Customized
Confirmation UX
Open Assets
Confirmation UX
LedgerOS
8. Significant lessons to learn from the
Smartcard industry
GlobalPlatform : lifecycle and isolation, multiple
applications management
Java Card : isolation through a Virtual Machine
MultOS : native applications isolation
Formal validations of the above
Let’s make it more open, more
trustless, built correctly from the
ground up
This has already been done
LEDGER
9. Isolation with a Secure Element
Internal Secure Element (Java Card, (U)SIM card)
Isolation with TrustZone
Low level isolation on high end ARM cores
Isolation with Trusted Execution
Environment
High level isolation with dedicated OS
Moving towards better integration
LEDGER
10. Key protection
Malware, side channels, covert channels
Integrated, virtualized applications
Validation through third party,
pluggable, easy to write and secure
applications
Hardware Wallets tomorrow
LEDGER
11. Java Card playground for the high level API
https://github.com/ledgerhq/ledger-javacard (soon)
Trusted Execution Environment public beta,
high level isolation prototype
Open Source isolation product coming up end
2015 (BLE, NFC, screen)
Follow up with Ledger
LEDGER
@LedgerHQ