Backup node's seed in TPM #589

samuelmanzanera · 2022-09-27T06:48:14Z

Is your feature request related to a problem?

Since the hybrid root of trust implementation, we are using the software key for nodes while leveraging TPM for origin authorization.
However, in the case we would like to reset a node but not lose the crypto seed (being stored on the node data folder), providing a hardware backup would be great.

Describe the solution you'd like

We can create a new function in the TPM C program, to store the node's seed securely, while loading into memory during the node execution.
At the startup, the node would request the TPM to unwrap the seed.
Hence, the seed would not be lost if the data is removed and rejoining of the network would be easier.

Additional context

No response

samuelmanzanera · 2022-10-07T07:58:08Z

Closed by #602

samuelmanzanera added feature New feature request crypto Involve cryptography system Involve system management labels Sep 27, 2022

internet-zero assigned samuelmanzanera Sep 29, 2022

samuelmanzanera mentioned this issue Oct 4, 2022

Use NV indexes to store node's seed in TPM #602

Merged

samuelmanzanera closed this as completed Oct 7, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Backup node's seed in TPM #589

Backup node's seed in TPM #589

samuelmanzanera commented Sep 27, 2022

samuelmanzanera commented Oct 7, 2022

Backup node's seed in TPM #589

Backup node's seed in TPM #589

Comments

samuelmanzanera commented Sep 27, 2022

Is your feature request related to a problem?

Describe the solution you'd like

Additional context

samuelmanzanera commented Oct 7, 2022