How OneKey Prevents Supply Chain Attacks?

The OneKey software creates a random number and sends it to the hardware, which then sends the result to OneKey's Server, which confirms the authenticity of the certificate using the signature on the random number and the device's built-in digital certificate.

If the verification passes, the Server will validate the certificate's authenticity and then use the certificate's public key to verify whether the signature is correct, returning the verification result to the app and the time of the last verification if the verification fails.

Was this article helpful?
1 out of 1 found this helpful