Ensuring the security of firmware and software updates is crucial when using a hardware wallet. OneKey is committed to providing the highest level of security for its users. Here are the measures we have in place:
- Code Audit: Our code undergoes audits by professional security teams (e.g., SlowMist, OffsideLabs) to ensure there are no backdoors. This guarantees the safety of users' private keys, secure storage, and signature security.
-
Transparent Compilation Process: OneKey’s hardware firmware and software code are fully open source and can be viewed on GitHub, where you can see the specifics of each update. To aid understanding, we also provide detailed information on every update prior to its release.
Related Reading:
"Open source code verification for firmware installed on OneKey hardware wallet devices"
"Authenticate the consistency of firmware files with the open source code released by OneKey"
- Verification During the Upgrade Process: During the hardware wallet firmware upgrade, OneKey App will perform digital signature verification on the new version to ensure the source and integrity of the upgrade. If any tampering is detected, OneKey App will promptly issue a warning to alert users to potential risks.
- Private Key Security: The security chip (or referred as "Secure Element") in the OneKey hardware wallet remains offline during its use. The generation and storage of private keys occur entirely in an offline environment. See more details 👉 here.