Audit of Tangem’s smartcard wallet code

Tangem provides “smart banknotes for digital assets”, as smart card storage media for Bitcoin private keys with basic wallet functionality. Tangem hired Kudelski Security to perform a security audit of the source code written by Tangem to offer these features.

We identified a number of security risks, and then ensured they have been appropriately mitigated by the Tangem engineers. We believe that these countermeasures provide adequate defenses against counterfeiting and cloning of cards, and against theft of blockchain assets. Our work covered the internal logic of the cards as defined by the source code, but we did not assess the card’s security against physical attacks (the card includes a number of protections, including those provided by EAL6+ components).

In particular, we didn’t find any backdoor, malicious or suspicious undocumented feature in the firmware. In order to ‘freeze’ the audited code and exclude further modifications, we compiled the firmware v.1.28 and then stored a copy of the resulting binary fingerprint. This fingerprint can now be embedded into users’ host (NFC) applications to verify the integrity of the firmware in each banknote that they hold.

The full audit report is not published, because it contains numerous references to proprietary information, such as snippets of the firmware source code. We thank Tangem for trusting us and for organizing the logistics for the binary integrity verification.

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s