Closed dylangerdaly closed 6 months ago
Hi
Compiling the firmware does not affect the device attestation.
Compiling the firmware let's you verify that the official release was created from the source code in this repo. See https://github.com/digitalbitbox/bitbox02-firmware/tree/master/releases#reproducible-builds
Thank you for that.
Just to confirm, if I wanted to change/modify the firmware and load it into a Bitbox02 I've brought, I can do that without any issues, and it won't affect attestation?
If I were to tap the I2C bus between the Secure Element and MCU, while the seed is being unlocked, would that leak the seed? Is there any form of transport security between the SE and MCU?
You can't boot modified firmware - the BitBox02 only boots firmware signed by engineers at Shift Crypto. What is it that you plan on working on?
If you tap the I2C bus, the seed would not be leaked. The transport is encrypted for many chip commands, but the primary reason it won't leak the seed is that the seed is never even transmitted there. See this article for some more details: https://bitbox.swiss/blog/best-of-both-worlds-using-a-secure-chip-with-open-source-firmware/
Ah - yeah this is what I'd like to work on, can I buy a non-blown Bitbox02?
I'm guessing the MCU has some form of Secure Boot on it, I'd prefer to do that than to re-work a black MCU onto the device.
Can I buy a device without the ifdef BOOTLOADER_PRODUCTION
set?
I want this so that I can compile and run/boot the firmware myself.
Ah thank you, very thorough docs!
I'm willing to pay a little more for an unblown device, I just want to control the firmware myself.
@dylangerdaly can you elaborate on what customizations you want to work on? Or is your goal simply to be able to build and install the firmware from source as-is without modifications?
My goal is to control the RoT of my own hardware (wallet)
Outside of that, implement OpenPGP support among other things that I shouldn't really need to justify.
The ability to boot my own firmware would be a major differentiator between Bitbox02 and a Ledger.
Is the hardware open? Am I able to order a Bitbox02 without the BOOTLOADER_PRODUCTION
ifdef set? If this isn't possible, can I order a Bitbox02 without the MCU soldered to the board? That way I can solder a fresh untouched MCU.
Thank you
+1 to rolling our own firmware, especially with all the recent issues with ledger it would be great to finally have full control over our own hardware.
Any update on this?
Yes - unfortunately it is not possible. We don't produce and sell unlocked devices, and we don't take custom orders for this either. Sorry to disappoint.
No worries, am I able to take the device apart and re-work (re-solder) the ATSAMD51J20A MCU? This can be difficult when the board is epoxied.
Are the hardware docs enough for me to send them thru to a fab in China, I'd like to produce a Bitbox02 that hasn't been blown, the schematics and BOM cost docs should be enough to produce this?
How does Bitbox personalize a blank device? I'd guess thru some sort of pogo pins on the board.
Lol actually, this might be a perfect opportunity to use my ChipSHOUTER, blast some EM to skip over some of the BOOTPROT fuses, then I can flash my own firmware
A blank device is setup using the factory-setup firmware (part of this repo).
Are the hardware docs enough for me to send them thru to a fab in China, I'd like to produce a Bitbox02 that hasn't been blown, the schematics and BOM cost docs should be enough to produce this?
I am not familiar with the hardware side. Maybe @jadzeidan can give some input.
Ahhh thank you, so I see an attestation keypair is generated on-device (Within the SE) and returned to you.
https://github.com/digitalbitbox/bitbox02-firmware/blob/master/src/factorysetup.c#L152-L168
Using EMFI or Vcc Glitching I should be able to flip the MCU into a debuggable state giving me the attestation keypair, are you sure I can't just buy an unprovisioned device? Valid Attestation keys would let me run my own firmware and say everything is fine to the client app, that seems like something Bitbox wouldn't want
The keypair generated there is not a valid attestation, for it to become valid a certificate needs to be set using the OP_SET_CERTIFICATE command. Official BitBox02s already have such a certificate anyway, so you would not even need to make a new keypair.
Re unprovisioned device: can't do it, but it would definitely be interesting to offer this in the future. Maybe next year :crossed_fingers:
Please contact security@bitbox.swiss regarding your glitching attempts, we'd be interested in learning more about it.
Ah I see, well that would work perfectly for me, passing attestation with my own firmware is even better!
Is it possible the Bitbox03 would see Unlocked SKUs? Feel like I should shout out the Precursor https://www.crowdsupply.com/sutajio-kosagi/precursor they're working on turning the FPGA into a RISC-V SoC.
Will do, I'll email and update here on progress.
Hello,
I'd like to buy a Bitbox02 however I'd like to know how compiling (and signing?) the firmware myself affects Device Attestation, also I can't seem to find any documentation on signing releases
Thank you
P.S - Pls support Monero, that'd be a massive gain imo.