GridPlus
GridPlus
Lattice1
SafeCards
Phonon
Support
GridPlus
GridPlus
Welcome!
GridPlus Website
GridPlus Web Wallet
GridPlus Blog
GridPlus Discord Chat
Introduction
Lattice1 Overview
Introduction to SafeCards
Phonon Network
Lattice1
Lattice1 Setup
Lattice1 Concept
Lattice1 Security Features
Lattice 1 Power Supply
Supported Digital Assets
GridPlus MetaMask Extension
Lattice1 Guides
GridPlus Web Wallet
GridPlus Web Wallet
Send and Receive Crypto
Use Ethereum Smart Contract ABI Function Definitions
Set and Use Spending Limits
SafeCards
Setting Up A New SafeCard
SafeCard Management… Safely
SafeCard CLI
Order & Delivery
Before You Order
Shipping and Delivery
Support & Troubleshooting
How to Get In Touch With Us
Lattice1 Pairing Troubleshooting
Lattice1 WiFi Troubleshooting
Lattice1 Doesn't Recognize the Inserted SafeCard
Additional Resources
GridPlus Brand Assets
Developer Resources
Blockchain Basics
Introduction to Private Keys
Powered by GitBook

Lattice1 Security Features

Lattice 1 Secure Architecture

When we designed the Lattice1, the highest priority and our biggest focus was - of course - the security of your funds. The Lattice1 has a smaller attack surface than legacy hardware wallets because it's got two totally separate hardware environments inside the box.

The General Compute Environment (GCE) has internet connectivity and runs Linux. Our security model operates under the assumption that it's always compromised (even though that is unlikely.) Then there's the HSM (Secure Compute Environment - SCE) which is cut off completely from the outside world. They pass through signing requests and signatures through a size-limited FRAM "mailbox" and only one side can connect at a time. Signing requests are put into the mailbox by the GCE and the SCE passes back signatures. There's no remote contact with the HSM, no accessible factory or engineering debug features, and the limited mailbox size prevents overflow attacks.The two environments cannot directly communicate as they are segregated at the component level. This means you have a flexible always-online device, but your private keys are completely inaccessible from the internet.

The components we use for the Lattice1 are sourced from multiple hardware manufacturers in different locations - this means that a supply chain attack would have to span three continents and involve multiple governments.

Tamper mesh

All these secure elements above are enclosed in an anti-tamper mesh which is like a tripwire that will erase your secrets if a physical intrusion attempt is detected.

The anti-tamper mesh is a Laser Directed Structure (LDS) mesh - you could say a 3D maze of tiny electrical traces with a waveform running through it constantly. If it's shorted out or the waveform is altered - the device bricks. This essentialy prevents 100% of physical attack attempts.

Large Touchscreen with EIP-712 Support

The large touchscreen is important for both UX and security, the screen itself is drawn by the SCE so you see precisely what you're actually signing even if your phone, computer, or even the Lattice1 GCE are somehow compromised. This diminishes the likelihood of man in the middle attacks like we see with USB legacy hardware wallets.

If you have a hardware wallet and you don't verify what you're signing on a secure screen, you're not getting a security benefit at all.

Lattice1 - Previous
Lattice1 Concept
Next - Lattice1
Lattice 1 Power Supply
Last updated 2 months ago
Contents
Lattice 1 Secure Architecture
Tamper mesh
Large Touchscreen with EIP-712 Support