What is Reddit's opinion of Ledger Trustlet?

From 3.5 billion Reddit comments

As of today, with Trustonic :

With the Trusted UI (current integration done today) :

• All Galaxy S6 models & sub models
• All Galaxy Note 5 models
• Galaxy Note 4 with Exynos CPU only (SM-N910C and SM-N910H models)
• Likely all future Samsung products, but you never know

Without the Trusted UI (will require a server or a second factor to avoid malware using the Trusted Application as a signing oracle, integration not done yet, but ready to be used for developers)

• Most Samsung phones from the Galaxy S3, but not all of them either
• Other recent phones from other manufacturers, but not many ... (under NDA, so, well)

Our application does extensive checks (is the TEE present, is it from Trustonic, can the TEE be accessed, can someone load an application inside the TEE ...) before allowing the user to purchase, so installing it is the best way to verify if your phone is supported (with or without Trusted UI)

In the future we can hope that those applications will be portable across several TEE providers. We're definitely not there yet, but I'll try to help by pushing for Open Source integration.

For some insights on the development process

The initial development will be done on the Blue API powering our next generation devices, which is also compatible with the upcoming TEE API (virtualized hardware wallet available for Android smartphones) - so if you want to contribute or test, have a Samsung phone, Galaxy S3 or above, and 5 euros to spend I'd suggest downloading Ledger Trustlet when the API is available (don't forget to set up a developer key in the "Options" menu before purchasing it as this can be done only once per device).

Since Android is the first target, I wanted to use Jaxx as a base wallet, but it doesn't seem to be Open Sourced yet though.

Initially, the hardware wallet will do as much validation as Jaxx / Consensys, i.e., just sign. If you need it to do more things than that, I encourage you to submit some features list below this post or create a new post and invoke me.

After validating that, anything that can be backported to the Nano will be, if possible given the free space left - I'd like to avoid having to maintain two different firmwares for Bitcoin/other alts and Ethereum as much as possible.

I have it running on an SGS7.

The app reviews can give you a good idea of what it doesn't work on :)

https://play.google.com/store/apps/details?id=com.ledger.wallet.bootstrap&hl=en

Author: Rassah

Content:

>We have been excited and anxiously waiting for this for almost two years, waiting for development to finish, and Ledger has finally brought it to us! Wallet integration into a secure trusted element built right into your phone, which makes your wallet app almost as secure as having a dedicated hardware wallet!

>Some background and explanation first:

>Many years ago ARM, the company that makes most of the CPUs running in Android smartphones, has implemented something called TrustZone, or TEE (trusted execution environment), which is a completely separate processor sitting next to the main CPU, which has its own memory, display, and input. It's basically a whole separate computer. The original intent was to have banks use it for increased security instead of relying on logins and passwords. But banks didn't care, so that chip has sat there, in everyone's phones, doing nothing.

>Until Ledger came along! They wrote a small wallet interface that loads into that TEE chip, and does all the key storage and signing there. So far it works with Mycelium and Green Address (for Android).

>The way it works is, when you install and set it up, the applet is loaded into the secure chip, and the chip goes through the process of generating HD private keys. These keys NEVER leave that chip. Then Mycelium Wallet gets the public portion of that HD wallet that lets it manage your accounts (xpub). When you create a new transaction, Mycelium checks your balances, creates the transaction, opens a secure encrypted channel to the TEE chip, and sends that transaction to it.

>When the TEE receives a transaction request, it opens a new screen, on top of your Android OS screen, so it's impossible to fake, and asks, "Hey, what is this, and what do you want to do with it?" You have to physically tell the chip that you do want to approve of that transaction, at which point the transaction is signed directly on the TEE and sent back to Mycelium Wallet, which then broadcasts it to the network.

>This is basically the equivalent of having a hardware wallet connected to your phone's USB port at all times, but built right into your phone. And nothing, not rooting, hacking, or physically accessing your phone (short of guessing your pin) will allow an attacker access to your private keys.

>It's as I've been saying, in the future we will go from phones that run software apps, to secure cryptographic devices that also run a phone app, and the future is now!

>The link to download Ledger's applet us here: https://play.google.com/store/apps/details?id=com.ledger.wallet.bootstrap

>Unfortunately it only works on some phones right now (mainly newer Samsungs), but more and more phones will be added over time. I have been using this thing since September for hundreds of transactions, and never had a problem (I'm a terrible beta tester, not being able to find any bugs), and it's great being able to carry any amount of coins without worry!

<strong>@LedgerHQ</strong>: >2016-02-22 06:22:51 UTC

>Upgrade @MyceliumCom or @GreenAddress with a Ledger TEE Bitcoin hardware wallet <em>play.google.com</em> (5€) @IntercedeMyID @trustonic

[^[Mistake?]](/message/compose/?to=TweetPoster&subject=Error%20Report&message=/471aya%0A%0APlease leave above link unaltered.) [^[Suggestion]](/message/compose/?to=TweetPoster&subject=Suggestion) [^[FAQ]](/r/TweetPoster/comments/13relk/) ^[Code] ^[Issues]

Author: Rassah

Content:

>We have been excited and anxiously waiting for this for almost two years, waiting for development to finish, and Ledger has finally brought it to us! Wallet integration into a secure trusted element built right into your phone, which makes your wallet app almost as secure as having a dedicated hardware wallet!

>Some background and explanation first:

>Many years ago ARM, the company that makes most of the CPUs running in Android smartphones, has implemented something called TrustZone, or TEE (trusted execution environment), which is a completely separate processor sitting next to the main CPU, which has its own memory, display, and input. It's basically a whole separate computer. The original intent was to have banks use it for increased security instead of relying on logins and passwords. But banks didn't care, so that chip has sat there, in everyone's phones, doing nothing.

>Until Ledger came along! They wrote a small wallet interface that loads into that TEE chip, and does all the key storage and signing there. So far it works with Mycelium and Green Address (for Android).

>The way it works is, when you install and set it up, the applet is loaded into the secure chip, and the chip goes through the process of generating HD private keys. These keys NEVER leave that chip. Then Mycelium Wallet gets the public portion of that HD wallet that lets it manage your accounts (xpub). When you create a new transaction, Mycelium checks your balances, creates the transaction, opens a secure encrypted channel to the TEE chip, and sends that transaction to it.

>When the TEE receives a transaction request, it opens a new screen, on top of your Android OS screen, so it's impossible to fake, and asks, "Hey, what is this, and what do you want to do with it?" You have to physically tell the chip that you do want to approve of that transaction, at which point the transaction is signed directly on the TEE and sent back to Mycelium Wallet, which then broadcasts it to the network.

>This is basically the equivalent of having a hardware wallet connected to your phone's USB port at all times, but built right into your phone. And nothing, not rooting, hacking, or physically accessing your phone (short of guessing your pin) will allow an attacker access to your private keys.

>It's as I've been saying, in the future we will go from phones that run software apps, to secure cryptographic devices that also run a phone app, and the future is now!

>The link to download Ledger's applet us here: https://play.google.com/store/apps/details?id=com.ledger.wallet.bootstrap

>Unfortunately it only works on some phones right now (mainly newer Samsungs), but more and more phones will be added over time. I have been using this thing since September for hundreds of transactions, and never had a problem (I'm a terrible beta tester, not being able to find any bugs), and it's great being able to carry any amount of coins without worry!

Author: Rassah

Content:

>We have been excited and anxiously waiting for this for almost two years, waiting for development to finish, and Ledger has finally brought it to us! Wallet integration into a secure trusted element built right into your phone, which makes your wallet app almost as secure as having a dedicated hardware wallet!

>Some background and explanation first:

>Many years ago ARM, the company that makes most of the CPUs running in Android smartphones, has implemented something called TrustZone, or TEE (trusted execution environment), which is a completely separate processor sitting next to the main CPU, which has its own memory, display, and input. It's basically a whole separate computer. The original intent was to have banks use it for increased security instead of relying on logins and passwords. But banks didn't care, so that chip has sat there, in everyone's phones, doing nothing.

>Until Ledger came along! They wrote a small wallet interface that loads into that TEE chip, and does all the key storage and signing there. So far it works with Mycelium and Green Address (for Android).

>The way it works is, when you install and set it up, the applet is loaded into the secure chip, and the chip goes through the process of generating HD private keys. These keys NEVER leave that chip. Then Mycelium Wallet gets the public portion of that HD wallet that lets it manage your accounts (xpub). When you create a new transaction, Mycelium checks your balances, creates the transaction, opens a secure encrypted channel to the TEE chip, and sends that transaction to it.

>When the TEE receives a transaction request, it opens a new screen, on top on your Android OS screen, so it's impossible to fake, and asks, "Hey, what is this, and what do you want to do with it?" You have to physically tell the chip that you do want to approve of that transaction, at which point the transaction is signed directly on the TEE and sent back to Mycelium Wallet, which then broadcasts it to the network.

>This is basically the equivalent of having a hardware wallet connected to your phone's USB port at all time, but built in. And nothing, not rooting, hacking, or physically accessing your phone (short of guessing your pin) will allow an attacker access to your private keys.

>It's as I've been saying, in the future we will go from phones that run software apps, to secure cryptographic devices that also run a phone app, and the future is now!

>The link to download Ledger's applet us here: https://play.google.com/store/apps/details?id=com.ledger.wallet.bootstrap

>Unfortunately it only works on some phones right now (mainly newer Samsungs), but more and more phones will be added over time. I have been using this thing since September for hundreds of transactions, and never had a problem (I'm a terrible beta tester, not being able to find any bugs), and it's great being able to carry any amount of coins without worry!

<strong>@LedgerHQ</strong>: >2016-02-22 06:22:51 UTC

>Upgrade @MyceliumCom or @GreenAddress with a Ledger TEE Bitcoin hardware wallet <em>play.google.com</em> (5€) @IntercedeMyID @trustonic

[^[Mistake?]](/message/compose/?to=TweetPoster&subject=Error%20Report&message=/471anf%0A%0APlease leave above link unaltered.) [^[Suggestion]](/message/compose/?to=TweetPoster&subject=Suggestion) [^[FAQ]](/r/TweetPoster/comments/13relk/) ^[Code] ^[Issues]