-
### Description
## Introduction
Currently, we have a number of private keys present in the codebase for the `earlgrey` product under `//sw/device/silicon_creator/rom/keys/fake`. These keys are use…
-
We need to access HSMs for the key access service (KAS). For now, we will emulate the behavior with SoftHSM. Since we are using chain guard images, we will have to do the folliwing:
1. build a cust…
-
The following proposes the addition of remote signing functionality within the substrate client.
# Context
Security of Proof of Stake networks lie within the hands of validators - without the s…
-
Originally posted by @drbild over a year ago to the original repository.
Though this is significantly out of date, I think the principles are still relevant, and wanted to retain the discussion.
…
-
**Is your feature request related to a problem? Please describe.**
As OWASP Top 10 gave a lot of emphasis on Cryptographic failures so we should have such vulnerability as part of VulnerableApp
**…
-
I received a request for clarification on the VSecM FIPS-complaint modules.
Below is a draft to be added to the documentation:
```text
A Note on FIPS Compliance with VMware Secrets Manager (VSecM)
C…
-
Hi there,
I would like to store the Root CA in Hashicorp vault to keep it secure and use smallstep as the frontend.
I was thinking the best way is if I can configure an external ca via a webhook…
-
-
Since TREZOR 2 will include a new USB protocol, we could add session encryption. This could either be optional or it could be required for the v2 protocol.
We could use ECDH to generate an ephemera…
-
Currently the `export_private_keys()` and `import_private_keys()` are a part of the `KeyManager` trait, but this is undesirable for two reasons. First, we want to promote the exclusion of the implemen…