SatoshiLabs, the manufacturer of the Trezor hardware wallet, has announced a new initiative, dubbed ‘Tropic Square‘, the goal of which is to create open-source chips.
Tropic Square stands for ‘TRuly OPen IC,’ and is a new company built by SatoshiLabs founders Pavol Rusnák and Marek Palatinus, joined by CEO Evžen Englberth and Chief Technology Officer Jan Pleskač. The team claims the company will disrupt a multi-million dollar industry and be beneficial for the crypto and hardware wallet, but also other industries, hardware manufacturers, and their customers. This they plan to accomplish via an open, fully auditable chip, the announcement said, without providing a specific timeline.
Coming from the Bitcoin (BTC) background and its “Don’t Trust, Verify” message, Trezor argues that certification can’t replace independent reviews. The wallet itself was built on the principles of transparency and self-sovereignty, they said, while the beauty of open-source is that anybody can study and audit the entire content, which is, therefore, being constantly reviewed by thousands of reviewers – a point critical for BTC, as understanding leads to decentralization.
However, not everything in BTC open-source, they add. One of these are the special chips called “secure elements,” which claim to be secure because they’ve been awarded certifications. But their claim can’t be verified as they are closed and require a non-disclosure agreement (NDA). Looking at a reviewed certified option, the team found several critical flaws that can result in the keys being stolen from the chip with no special hardware – attacks they claim nobody tested against. “We did not even try very hard to break the chip,” said the team. The vendor wouldn’t tell the customer of the vulnerability, and neither could Trezor because of the NDA.