The main function of a general keystore is to generate keys and store them in a safe place. In the blockchain industry, a wallet can use various open source libraries to generate the keys. Other option could be integrating with a hardware wallet.Unlike Android Keystore, which is used for general purpose, the name, “Samsung Blockchain Keystore” implies that Samsung Blockchain Keystore is a keystore that is dedicated to support blockchain transactions. Keeping this in mind, let’s look at some features that make Samsung Blockchain Keystore unique from other keystores.
Algorithms used to generate keys and signatures are different by cryptocurrency. For example, ECDSA (Elliptic Curve Digital Signature Algorithm) with secp256k1 curve is needed for Bitcoin and Ethereum. Samsung Blockchain Keystore supports algorithms specifically used for such cryptocurrency transactions.
Samsung Blockchain Keystore parses blockchain transactions in a safe environment, and show the transaction details to the user. A normal keystore usually does not parse any information to be signed, and focus on signing only.
Trusted User Interface (TUI) is a general term that includes trusted display and trusted touch that are accessible by only the authorized Trusted Applications that run in the TEE. Samsung Blockchain Keystore leverages TUI in TEE to display sensitive information and protect user’s input.
For instance, normal apps running in REE could maliciously show the recipient’s address or transfer amount that are different from what is actually included in the transaction. But because Samsung Blockchain Keystore leverages TEE to use TA to parse the transaction details and show the actual details on TUI, where the information can never be tampered with, user will be able to distinguish maliciously modified transactions
The following are TUI screens run by Samsung Blockchain Keystore.
[PIN] PIN input screen is used to (1) Register PIN and (2) Confirm PIN when user authentication is needed. When creating or importing a wallet, user needs to set up PIN first. User will be asked to enter the registered PIN when making transactions and checking Recovery Phrase again. User’s input of PIN in all these cases are run in an isolated environment, by TUI.
[Recovery Phrase] Recovery Phrase that represent the Root Seed and countless number of private keys, hence the secure display to show this Recovery Phrase cannot be emphasized enough.
[Double Checking Recovery Phrase] To complete creating a wallet, user must enter a few random words of the Recovery Phrase to confirm that user has written down the 12 words in a safe place. User’s input is protected here.
[Enter Recovery Phrase] When importing a wallet that was created from a different wallet, like a hardware wallet or Samsung Blockchain Keystore on a different device, user has to enter the 12 to 24 words. Likewise, what user enters is protected via TUI, including the keyboard.
[Transaction Confirmation] Regarding transaction confirmation, after parsing the transaction by a Trusted Application in TEE, Samsung Blockchain Keystore will show selected sensitive transaction details on TUI. The sensitive information differs depending on the blockchain platform, but most of them focus on the amount to transfer, recipient address and fee.
Trusted Applications and Trusted User Interface are all run in Trusted Execution Environment, an isolated environment. This means normal applications and malware that run in Rich Execution Environment (REE) will have no access to any information in TEE. Likewise, Samsung Blockchain Keystore will be able to prevent users from confirming maliciously modified transaction.
In order to sign a transaction via Samsung Blockchain Keystore, the user must manually confirm by clicking confirmation button and enter PIN or authenticate with a fingerprint. A normal keystore usually completes its function by generating a key and making a digital signature. But Samsung Blockchain Keystore prioritizes the user confirmation via a TUI feature in the belief that user’s explicit agreement is the most critical step in signing a transaction. Hence, it is impossible for malicious apps to acquire a user’s signature from the background or sign a transaction without the user knowing it.
Keys are generated differently depending on the type of algorithm used. For example, ECDSA (Elliptic Curve Digital Signature Algorithm) is applied for Bitcoin and Ethereum. Some cryptocurrencies consume a different algorithm as a standard. Because Samsung Blockchain Keystore is specific to blockchain, algorithms to generate keys and sign blockchain transactions are supported.
We saw that a keystore generates keys. But whether the randomness of the key is guaranteed so that the key cannot be predicted in any other way is another question. Generating this random key in a software environment is known to have security vulnerabilities. Samsung Blockchain Keystore leverages a True Random Number Generator (TRNG) feature from the device to guarantee randomness from a hardware level.
Once the keys are generated, where and how safely the keys are stored is important. Hardware wallet was originally designed with the purpose to store the keys in a separate environment. Similarly, Samsung Blockchain Keystore stores the encrypted Root Seed that generates numerous keys, in the Secure File system, where normal apps will not have access to nor be able to decrypt the file.