By Ivo Georgiev, CEO and founder of Ambire Wallet
When it comes to crypto storage, hardware wallets have long been considered the gold standard from a security standpoint. However, given ongoing advances in mobile wallet technology and recent slip-ups from established hardware wallet providers, it appears mobile wallets may ultimately replace hard wallets as the go-to choice – both in terms of convenience AND security.
More specifically, the secure enclaves and trusted execution environments used in today’s mobile devices are more reliable than hardware wallets made by new startups. By leveraging these tried and true technologies and combining them with smart wallet capabilities such as account abstraction, mobile wallets are poised to become the de facto choice for both existing crypto holders and the rising tide of new users.
Today’s mobile phones are secured by a battle-tested arsenal of security features which have withstood the test of time. Chief among them are Apple’s Secure Enclave and Android’s Trusted Execution Environment (TEE). These battle-tested technologies enhance wallet security in ways that meet, and increasingly surpass, the capabilities of stand-alone hardware wallets.
Apple’s Secure Enclave is a separate coprocessor embedded within the main processor of iOS devices, which operates independently with its own secure memory. This technology is isolated from the rest of the device’s system, where it securely performs cryptographic operations related to user authentication, secure boot, and secure transactions.
On the other hand, Android’s TEE is a separate environment within the main processor, which utilizes a combination of hardware and software isolation mechanisms to create a secure execution environment. Unlike Apple’s Secure Enclave, TEE is an open industry standard implemented by various manufacturers, which means the level of security and implementation may vary between different Android devices. However, TEE has a long track record of utilizing secure execution environments to protect sensitive data and perform secure computations.
In short, both Secure Enclave and TEE are dedicated security components designed with strong isolation techniques, separate from the main processor, memory, and other system components. This isolation makes it extremely difficult for malicious actors or compromised software to gain unauthorized access to critical data. And given that both operating systems have been around for nearly two decades and receive regular security updates from Apple and Android, these technologies remain resilient against emerging threats and are arguably among the most reliable hardware security solutions on the planet.
Mobile device’s existing security features operate as a reliable base layer of security for web3 wallet applications, especially net-generation smart wallets that incorporate advanced features such as account abstraction.
Apple has a vendor lock in and the private key cannot be extracted. Due to this vendor lock-in, the only supported signing algorithm is incompatible with popular cryptocurrencies like Bitcoin and Ethereum. But due to technological advancements like account abstraction, signing with the Apple Secure Enclave is now possible.
And while Secure Enclave is based on secp256r1 elliptic curve encryption, unlike Bitcoin’s, which uses secp256k1, account abstraction allows users to verify secp256r1 to use the Secure Enclave.
As a result, a user’s private key can be securely stored within their phone’s Secure Enclave or TEE. This means cryptographic operations, such as signing transactions or verifying signatures, can be performed directly within the secure environment without exposing the private key to a potentially compromised software stack. This secure key storage and operations model significantly reduces the risk of key exposure, since the keys are protected even if the main operating system or other apps are compromised.
On top of that, account abstraction pushes users towards multi-factor authentication and account recovery, which makes it pointless for hackers to even attempt extracting users’ seed phrases. This, coupled with the fact that Secure Enclave and TEE offer robust user authentication mechanisms such as biometric authentication features are completely absent on most hardware wallets. In other words, the private key required for signing a transaction is securely retrieved and used within the trusted environment, and sensitive operations like executing smart contracts, sending funds, or generating cryptographic proofs can be performed within a Secure Enclave or TEE.
There is no doubt that hardware wallets have long been considered the gold standard of secure crypto storage. These devices have been around since 2013 and saw a surge in adoption dating back to the 2017 bull run, which witnessed high profile hacking incidents and exchange breaches. But the fact is, while new hardware wallets are steadily released into the market each year, most of these devices have failed to live up to their promise.
For instance, Ledger’s new Ledger Recovery feature was widely panned by the crypto community due to the fact that it introduces a theoretical backdoor to a device that is supposedly firewalled from the broader internet. Ledger co-founder’s insistence that this opt-in feature should not pose a risk “because nothing will happen without your consent on your device” did little to assuage the community, given the long history of cybersecurity attacks specifically designed to exploit similar opt-in features to devastating effect.
Trezor has also had its fair share of controversies. In 2022, a white hat hacker successfully accessed the contents of a Trezor One wallet by exploiting the device’s firmware update protocol via a fault injection attack. While Trezor has since updated its firmware update process, just last month a cybersecurity firm was able to physically hack into the Trezor T and successfully retrieve the hardware wallet’s seed phrase and pin.
Contrast against the fact that, while many attempts have been made to hack the Secure Enclave, nobody has succeeded in remotely retrieving anyone’s keys to date – despite the fact that hundreds of millions of iPhones are sold each year, giving malicious actors plenty of opportunities to try, and the enclave being used in applications more mainstream than crypto.
Clearly, many of the security risks that have been written off by hardware wallet companies as “theoretical” concerns have proven to be exploitable in real-world situations. Social engineering attacks remain the fastest growing and most devastatingly effective form of crypto exploit. However, the fact that today’s hardware wallets remain susceptible to side-channel attacks, firmware risks, and power glitching means cold wallet users have additional attack verticals to worry about, which are far less of a concern when using a well-designed mobile wallet.
The crypto industry is in dire need of a mainstream self-custody solution that is both intuitive and secure, without sacrificing on either. By harnessing the power of mobile devices and recent developments in account abstraction, web3 wallets can deliver an unparalleled combination of user-friendly interfaces and cutting-edge security. Mobile devices have replaced countless standalone devices and are increasingly underpinning most of our social and commercial interactions, and there are many good reasons to continue trusting these devices with the things we value.
Source: https://en.cryptonomist.ch/2023/07/08/mobile-wallets-replace-hardware-wallets/