Samsung Blockchain Keystore leverages the ARM’s TrustZone, which is one of the best known technology to implement Trusted Execution Environment (TEE) in mobile devices. Trusted Execution Environment (TEE) is a secure area inside a main processor. As an isolated environment, it makes sure that the code and data loaded in the TEE are protected from software attacks and vulnerabilities in the Rich Execution Environment (REE).
In parallel to the apps that we use every day in REE, there are Trusted Applications (TAs), authorized security software that run in TEE. Samsung Blockchain Keystore leverages this TEE and implements TAs to run operations that require a high level of security, such as generating keys and signing a transaction in the blockchain network.
Samsung Blockchain Keystore also provides users with a Trusted User Interface (TUI) that runs in the TEE, so that the display that the user sees is not maliciously modified, and user’s input is securely protected. This is feasible because the information displayed on the TUI is run by an approved Trusted Application and the input that the user entered is isolated from other applications that run in REE.
Moreover, the use of Samsung Knox allows Samsung Blockchain Keystore to guarantee that the device is running an approved binary and that the Kernel has not been tampered with. Samsung Blockchain Keystore will be disabled for compromised device in order to protect your data.
To understand Samsung Blockchain Keystore Architecture, we will first look at the key components: DApp/Wallet that has integrated Samsung Blockchain Keystore, Samsung Blockchain Keystore SDK, Samsung Blockchain Keystore app, and Trusted Execution Environment that Samsung Blockchain Keystore leverages.
DApps and wallets usually provide users an interface to the blockchain network, by connecting to a node in the blockchain network. They help users manage cryptocurrencies or crypto-assets by creating and submitting a transaction to the blockchain network.
DApps and wallets that have integrated Samsung Blockchain Keystore SDK can leverage Samsung Blockchain Keystore to get the user’s blockchain address, which is like a user’s account on the blockchain network. Also, after creating transactions, DApps and wallets can request Samsung Blockchain Keystore to sign transactions safely.
DApp and wallet developers can download Samsung Blockchain Keystore SDK from the Samsung Developers site, and integrate it. The SDK directly communicates with Samsung Blockchain Keystore.
Samsung Blockchain Keystore is a preloaded app on selected Galaxy devices. When requests are received from DApps or wallets via the Samsung Blockchain Keystore SDK, the app controls operations and communicates with Trusted Applications that run in Trusted Execution Environment.
In the Samsung Blockchain Keystore app, user can setup the wallet, edit settings, like enabling fingerprint as an authentication method or changing alarm settings for notifications, and get more information about the service.
Samsung Blockchain Keystore leverages Trusted Execution Environment, where only authorized applications are able to be executed. Key features that are handled in this environment is generating Root Seed (root source of all the keys), parsing and showing transaction details, and signing a blockchain transaction. Also, Trusted User Interface (TUI) for secure display and user input protection is also executed in TEE.
Taking one step further from the main components, the following is an end-to-end service flow of what happens when there is a request from a DApp or a wallet to Samsung Blockchain Keystore to sign a blockchain transaction.
Before we begin, there are two assumptions: (1) Samsung Blockchain Keystore is already set up and (2) Dapp/Wallet knows the user’s address, by deriving it from the Samsung Blockchain Keystore. In other words, the Root Seed, which is the root to many keys, is already generated in the TEE, and safely saved in Samsung Blockchain Keystore. Keeping this in mind, let’s look into each step.
DApp/Wallet creates an unsigned blockchain transaction. The transaction could be triggered by the user to buy a crypto-asset, or send cryptocurrencies. Transaction details, like recipient address, amount, fees, and etc. are used to create a transaction.
DApp/Wallet uses Samsung Blockchain Keystore SDK to request Samsung Blockchain Keystore to sign the transaction.
Samsung Blockchain Keystore receives the transaction via the SDK and handles the operation request in order.
Controller in Samsung Blockchain Keystore that communicates with Trusted Application (TA) passes the transaction to TAs in the Trusted Execution Environment to parse the transaction details.
Samsung Blockchain Keystore displays the parsed transaction details on the Trusted User Interface, which also runs in the Trusted Execution Environment.
The User checks the transaction details on the Trusted User Interface and manually confirms that all the transaction details is correct by either entering PIN or authenticating with a fingerprint.
Samsung Blockchain Keystore signs the transaction with the key derived from the Root Seed in the Trusted Execution Environment.
Transaction signed by TA in Samsung Blockchain Keystore is now returned to Samsung Blockchain Keystore app.
Through Samsung Blockchain Keystore SDK, Samsung Blockchain Keystore returns the signed transaction to DApp/Wallet.
DApp/Wallet receives the signed transaction and submits it to the blockchain network. Once the transaction is confirmed by the nodes, it is applied on the blockchain ledger.