Hardware wallets is a physical device that stores cryptocurrencies. These wallets contain private keys in an offline mode. Hardware wallets can neither get connected to the internet nor are able to run complicated apps. Hence, they are considered secure from attacks. In this article, we will review Ngrave ZERO, a top hardware wallet in the cryptocurrency market.
Ngrave is a digital asset security company. The primary goal of Ngrave is to provide everyone with a safe and secure cryptocurrency wallet.
Ngrave is built with the world-leading institution in nanotechnology, Interuniversity Microelectronics Centre (IMEC), along with the research group for applied cryptography, The Computer Security and Industrial Cryptography (COSIC).
IMEC handles NGRAVE’s product development, along with being its industrialization partner.
Ngrave provides both hardware and software security solutions. The product suite 1.0 consists of hardware wallet Ngrave ZERO, Ngrave GRAPHENE ( cryptographic puzzle to keep you key secure), and an application Nrgave LIQUID.
NGRAVE ZERO is a completely offline and physically tamper-proof hardware wallet. Thus, eliminating any sort of remote attack vectors. It is built from scratch and is manufactured in Belgium, Europe.
Ngrave ZERO review: Summary
The following are attributes of the Ngrave ZERO wallet.
- The size of the wallet is 125 x 72 x 14.
- It has a 4-inch color high pixel density screen.
- The screen resolution of Ngrave ZERO is 480 x 800 pixels.
- It has an LCD capacitive 600 Cd/m2 touch screen with high brightness.
- It comes with a 640 x 480 built-in camera.
- Ngrave ZERO has a 12 x 12 mm fingerprint sensor.
- It offers a built-in light sensor.
- It has a button to switch “on” on the side of the device.
- Ngrave ZERO is water and dust resistant.
- To make it tamper-resistant, it has an outer casing, inner casing, and PCB.
Ngrave is a standalone device. It does not require any connection such as USB, Wifi, NFC, or Bluetooth. Therefore it brings down the digital attack surface to minimal. It is entirely “air-gapped”.
Ngrave has a USB-C port only for wall charging. Firmware updates can also be securely transmitted over USB. The device needs to be rebooted prior to updating.
All the updates are verified in an isolated partition. It is fully sandboxed from the rest of the operating system. They were thereby ensuring total separation from the USB connected partition.
Also, most of the updates happen in that part of the operating system, which is not responsible for security but for adding what is displayed on the screen and coin supports.
There will be differential updates that it adds and removes only certain specific features. Ngrave does not involve rewriting the whole firmware. All the updates will be signed and some of them will also be open source.
There is an online connection to the blockchain through the NGRAVE LIQUID APP. The wallet remains completely offline. The signing on the transactions and syncing of the account happens through QR Code. This communication through QR Codes is the only way by which you can communicate from the wallet to the app. The information on the private keys never leaves the wallet.
Ngrave ZERO: Security review
The firmware on the device is certified EAL7, CE, ROHS, and EAL7 is the highest security assurance and certification in the world. It uses STM32MP157C (2019) MCU/MPU.
Therefore, when it comes to security, the firmware has built a strong anti-tampering framework. When you switch it on you have to do a cryptographic attestation to ensure that your device has not been tampered physically. You have to scan a QRCode.
There are two ways of securing your Ngrave ZERO wallets. The first way is to choose a 12,18 or 24-word recovery seed phrase. The second way is by creating a personalized key also known as the “NGRAVE Perfect Key”. This key helps you to make your own private key. It is a 64 character hexadecimal equivalent of the 256-bit master seed.
How to create NGRAVE Perfect Key
You can choose a four-digit pin code.
To secure your private key Ngrave also adds biometric data. You have to press your finger on the fingerprint sensor three times to record your fingerprint completely.
The camera will be taking light from the built-in light sensors. Photons measure the ambient light enhancing the randomness and the strength of the key. All this information will be processed by an interior chip to make a key that will be changing in real-time. You can interact with the key making it impossible even for Ngrave to know. It removes any backdoor to the keys by either the hardware wallet manufacturer or the chip manufacturer.
You have the option to choose between “freeze” and “unfreeze” to start and stop the keys changing in real time. You can do this any number of times. You can also highlight specific parts of the keys you want to choose and you can also shuffle them. This makes the interaction with the user intuitive and fast.
Ngrave GRAPHENE Plates: Back up your Keys
Now you need to make a backup of these keys. We usually write the recovery seed phrase on a paper but Ngrave offers something special.
It offers a high-quality stainless steel solution called the Ngrave GRAPHENE. It is a cryptographic puzzle that is highly durable. It can withstand housefires ( 1660 °C / 3020°F), water, shock, corrosion, or any such extreme situation. It is an encrypted solution that is non-electronic. It consists of two plates which you can keep in separate locations. You need both plates to complete the key.
For every character you see on the screen you can make a hole in the GRAPHENE by using an automated embossing pen. It has a mechanism to click that generates physical power exertion to make a hole in the first plate without damaging the second one. You do this for all the characters. The characters on the first plate are arranged differently for each customer. There are 1024 holes in the upper plate. There are 1078 possible upper plate configurations. This way the key is split into two plates. So only if these two plates are together you can know the key. It eliminates a single point of failure.
Suppose you lose one of the plates. Ngrave advises its customers to buy more than one lower plate since it is cheaper compared to the upper one. Then you can store the keys in two lower plates.
Now if you lose the upper plate. You can choose from the following options –
Ngrave attaches an order no. to each package delivered to its customer. By entering that order number in a dedicated Ngrave server or a blockchain interface, you can know the upper plate configuration.
You can identify yourself with your KYC Data with the Ngrave team. You can contact customer support who keeps offline records of all the orders and get information about the configuration.
You also have the right to tell the Ngrave team not to store your order details. If you choose this option, you will never be able to recover the upper plate configuration even if you lose it.
You should always refrain from taking pictures of these plates or storing them online.
These plates also have posthumous continuity. The locations could be stipulated in a will, traditional notary, or blockchain notary.
Ngrave ZERO has an integrity verifier in the ARM®TrustZone® module. When we boot the wallet it regularly checks the software to find out if there are any kind of unwanted running tasks. It checks both authenticity and integrity.
There is no debugging access in the wallet that results in removing the possibility of flashing a chip. You can not modify the firmware. If the device detects that someone is trying to access the hardware it will then wipe itself as well as the keys.
The private keys never leave the wallet. Communication is only possible through QR codes that do not contain any sensitive information.
Ngrave ZERO: Hardware review
Ngrave ZERO is a multi-layered anti tempered hardware device. It uses high-end material. The metal casing shields the radio frequencies that could be picked by an attacker and reduces the range of private keys while doing a brute force attack. Ngrave uses custom firmware which has been verified by security experts and planning to open-source it for community review.
Ngrave ZERO consumes 1200 mAH (Ultra-Efficient Low Power). It uses a USB compatible battery charger and utilizes a low power efficient power management.
It supports Bitcoin, Ethereum, EOS, Litecoin, Neo, and many others. It also supports 1000+ ERC20 tokens.
Compatibility with other apps
Ngrave has its own app named NGRAVE LIQUID. You can scan the QRcode in the wallet to download the Ngrave mobile wallet. You can further scan the next QR Code in order to sync all your accounts on the device to your app.
All the communication between Ngrave ZERO and LIQUID will be through QR codes. The ZERO wallet communicates with the LIQUID and then the LIQUID communicates with the blockchain. It can fetch all the real-time data of all the transactions. It cannot access your private keys. It gives us a strong mobile application experience.