We can use last block of flash to store the secret and hmac with the PIN.
Later we can also make a block before secrets unreadable such that glitch attacks doesn't read out the secret.
Every block is 512 bytes. We can get the last block like this:
Might make sense to add a checksum to make sure we are reading the secret, not some random junk.
We can store data in the block like this for example:
<secret><sha256(secret)><hmac_sha512(secret,pin)>
Factory reset should erase content of the last block with random data.
With https://github.com/diybitcoinhardware/micropython/pull/1 we now can use flash storage independently of qspi. Makes sense to store device secret on flash and all other files on
/qspi
.We can use last block of flash to store the secret and hmac with the PIN. Later we can also make a block before secrets unreadable such that glitch attacks doesn't read out the secret.
Every block is 512 bytes. We can get the last block like this:
Might make sense to add a checksum to make sure we are reading the secret, not some random junk. We can store data in the block like this for example:
<secret><sha256(secret)><hmac_sha512(secret,pin)>
Factory reset should erase content of the last block with random data.