Offchain private key exchange as an attestation demonstration for Ledger Blue and Nano S
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
py
src
.gitignore
LICENSE
Makefile
README.md

README.md

blue-app-otherdime

OtherDime : secure private key swapping application

This application demonstrates a Nano S private key swapping application relying on the attestation logic, locking the code logic to the attestation. For more information, you can refer to the following Medium post : https://medium.com/@Ledger/attestation-redux-proving-code-execution-on-the-ledger-platform-fd11ab0f7c19

To use this application as is, the attestation has to be set to use Ledger as Owner, setting up the attestation as follows on a Nano S

python -m ledgerblue.endorsementSetupLedger --url https://hsmprod.hardwarewallet.com/hsm/process --perso perso_11 --key 1 --endorsement attest_1 --targetId 0x31100002

If you plan to use it within your own group, you can modify the OWNER_PUBLIC_KEY field

Several scripts are available for the most common actions in the py/ directory :

  • createKey to create a new key, ready to be exchanged

  • getPublicKey to retrieve the public key associated to a created key

  • getStatus to retrieve the status of the application regarding the key provisioning and sealing

  • sign to sign a given hash after unsealing the key following a user confirmation. Unsealing makes the key non exchangeable

  • exchange to exchange a sealed key between a personalized dongle and a non personalized dongle, following user confirmation

This application is currently usable on Nano S firmware 1.3+