Risks and Technical Debt

On this page, you will learn about:

General and Core-specific technical risks and known Core technical debt.

Risks and Technical Debt

Category	Description
Hardware and Supply Chain	Heavy concentration of microprocessor manufacturing leaves users few options in the event processor-level/firmware level vulnerabilities exist (Intel SGX vulnerabilities, for example).
Supply Chain	Hardware wallets are not safe against supply chain attacks.
Hardware	Keychain Core support for hardware HSM has not been released yet.
Hardware	Keychain Core does not yet support the use of hardware wallets for the purposes of storing private keys.
Standards and Protocols	Some elliptic curve parameters of NIST where chosen without public involvement.
Standards and Protocols	Certain elliptic curves may contain algebraic weaknesses that are not widely known yet.
Standards and Protocols	Decentralized PKI
Standards and Protocols	Some PKI backends lack support for efficient and full client-side verification of the proof that public-key transactions are confirmed on the PKI.
Standards and Protocols	Decentralized PKI systems may be vulnerable to Sybil and concentration attacks.
Privacy	The user is vulnerable to strong adversaies who use Internet Service Providers to correlate the timing of PKI transactions cross their network and transactions on the PKI network.
Privacy	UTXO management, where applicable, is not yet optimized. Keychain Core segments UTXOs by the keychain, and this causes some of the protocol tokens to be locked into a keychain.
Privacy	To the extent private blockchains or DLTs are used, double spend protection practices for private blockchain/DLTs requires tradeoff with privacy
Public Policy	Users may be compelled by adversaries to provide decryption access to data
Public Policy	Malicious users may refuse to give decryption access during matters of public or national security
Other	Keychain Core does not implement blind signatures yet (Chaumian blind sigs)
Other	Keychain Core does not implement post-quantum cryptography yet
Other	The Keychain Core security model assumes some level of physical device security.
Other	Encrypted messages may be relatively large compared to small plaintext.
Other	Gateway objects still take up multiple megabytes of RAM, thus requires the device to have at least double digit MBs of RAM

Category

Description

Hardware and Supply Chain

Heavy concentration of microprocessor manufacturing leaves users few options in the event processor-level/firmware level vulnerabilities exist (Intel SGX vulnerabilities, for example).

Supply Chain

Hardware wallets are not safe against supply chain attacks.

Hardware

Keychain Core support for hardware HSM has not been released yet.

Hardware

Keychain Core does not yet support the use of hardware wallets for the purposes of storing private keys.

Standards and Protocols

Some elliptic curve parameters of NIST where chosen without public involvement.

Standards and Protocols

Certain elliptic curves may contain algebraic weaknesses that are not widely known yet.

Standards and Protocols

Decentralized PKI

Standards and Protocols

Some PKI backends lack support for efficient and full client-side verification of the proof that public-key transactions are confirmed on the PKI.

Standards and Protocols

Decentralized PKI systems may be vulnerable to Sybil and concentration attacks.

Privacy

The user is vulnerable to strong adversaies who use Internet Service Providers to correlate the timing of PKI transactions cross their network and transactions on the PKI network.

Privacy

UTXO management, where applicable, is not yet optimized. Keychain Core segments UTXOs by the keychain, and this causes some of the protocol tokens to be locked into a keychain.

Privacy

To the extent private blockchains or DLTs are used, double spend protection practices for private blockchain/DLTs requires tradeoff with privacy

Public Policy

Users may be compelled by adversaries to provide decryption access to data

Public Policy

Malicious users may refuse to give decryption access during matters of public or national security

Other

Keychain Core does not implement blind signatures yet (Chaumian blind sigs)

Other

Keychain Core does not implement post-quantum cryptography yet

Other

The Keychain Core security model assumes some level of physical device security.

Other

Encrypted messages may be relatively large compared to small plaintext.

Other

Gateway objects still take up multiple megabytes of RAM, thus requires the device to have at least double digit MBs of RAM