How to Upgrade the Firmware

Latest Firmware

If you're looking for what's new, you can find the latest firmware revision on our GitHub, along with the full revision history.
GitHub - GridPlus/lattice-firmware-history: History of Lattice firmware updates and corresponding changes

The Process

The Lattice1 will check check for updates to the HSM firmware automatically every 6 hours. Once an update is available, the device will prompt you to confirm the installation of the new update manually.
Then all you need to do is kick back and watch the progress bar for a minute or two. Your device will reboot and you’ll be back in action with an upgraded Lattice1.
The HSM update will never be installed without your approval. However, we strongly recommend you upgrade to every single new update available.
You can also check if an update is available manually without waiting for the regular 6-hour scan if you go to Settings → Software update on your Lattice1.
Also, if you want to make sure what firmware revision you have in your device, you can check this if you go to Settings → Advanced → Device info.

Update Security

How can we safely update your secure hardware over the air like this? Every release must be signed by multiple GridPlus private keys which are separated geographically so your device can verify the provenance of the release. The secure bootloader will reject any updates that do not meet these strict criteria before installing anything. You can also use the verification tool to make sure your Lattice1 is authentic - no other device can receive our update.
The device is made up of two elements (the HSM/SCE and the GCE) - the GCE that runs a simple Linux system updates automatically (far less often than the SCE), but every single part of the device is constructed with the idea that the GCE is vulnerable at all times - this means that no part of the system that handles secure data is ever exposed to the update.
In other words, funds are safu.
The Linux GCE is also updated - the updates are very infrequent and automatic - you're not prompted to approve them. These happen completely outside of the secure chip running the firmware and do not touch any secure data or private keys.
Last modified 20h ago