drortirosh
commented
5 years ago Startup attestation check is sent to print for verification, but doesn't enforce traffic.
The getPrv (intercepted from webview) First perform attestation check, using hmac as nonce. The proxy validates attestation before forwarding to bitgo. As a result, fake attestation is blocked technically from accessing the private key.
Client should perform safetynet attestation on startup, and when sending funds.
Attestation should be checked by the proxy, and report to us in case of failure.