THE HUMAN TOUCH, WHY PHYSICAL VERIFICATION IS NECCESSARY

• VS
• 23 Jun, 2022

Every time you sign a transaction a transaction on the Ronyn Vault, the full transaction is shown to you on the display and as well the wallet is waiting for you to confirm the transaction.

Is it really necessary to show the transaction? Specially if its every time the transaction is done? Do we need human confirmation?

The answer is yes to ensure security. But to make the point lets be the devil’s advocate.

Suppose no transaction data was shown on the display. In this case how could one verify that the transaction which is signed in the Ronyn Vault (the hardware wallet) is identical to the one specified by the user on the PC/Smart phone to which the Ronyn Vault is connected? There is no cryptographic method by which we can verify that the transaction being signed is intended by the user without explicit confirmation by the user.

Since we cannot verify the transaction being signed is the intended transaction, this causes a security flaw. If a malicious entity was able to send a transaction to the Ronyn Vault, which is different from that which is intended by the user, then they would be able to extract assets and the user would not know.

This is known as a man-in-the-middle attack, where an attacker is able to display the intended transaction to the user, but is able to sign a different malicious transaction in the device. Since the Ronyn Vault's graphics stack is tightly coupled with the security of the device, verifying the transaction on the device's display removes the man-in-the-middle attack because the attacker cannot gain access to the graphics stack. The transaction displayed on the display is shown via a graphics stack running on a trusted environment. Every transaction is fully shown on Ronyn Vault’s display before each and every translation signature to ensure the intended transaction is signed.

It seems the human touch is necessary.