TriPylon Architecture: The Hardware
Andrei Nedobylskii
A common question we receive is: why did we choose the ESP32-S3 for the first version of our wallet instead of a standard Secure Element (SE) chip?
The answer is simple: we are building more than just a "key-carrying thumb drive." We are creating a flexible, extensible computing platform.
Security is not just about a single chip, it is the synergy between hardware and software. Here is how we transform a powerful, popular microcontroller into an impenetrable fortress.
The Hardware Foundation of ESP32-S3
We chose this chip for its perfect balance of performance and security features, which we utilize to their full potential:
* Native Security Features: We implement Secure Boot to ensure only our signed firmware can ever run on the device.
* Encrypted Storage: We utilize Flash Encryption, meaning all data stored in the memory is kept in an encrypted state.
* One-Way Locks: Using eFuses (one-time programmable memory), we can hardware-disable debugging interfaces like JTAG, effectively "burning the bridges" for potential attackers.
* Cryptographic Power: The chip features hardware accelerators (AES, SHA, RSA, ECC) that allow for near-instant cryptographic operations.
* Memory for Growth: The significant RAM and processing power allow us to run a complex Virtual Machine (VM) and support high-quality graphical interfaces—tasks that are often impossible on limited, specialized SE chips.
* Connectivity: Native USB HID support ensures the wallet works out-of-the-box with browsers via WebHID, while built-in Bluetooth and WiFi provide a foundation for future wireless features.
Our TriPylon Nucleo operating system provides the critical extra layers of protection, including time-deterministic execution for cryptographic operations to prevent side-channel attacks.
Future-Proof: The Nucleo Architecture
It is important to understand that while the ESP32-S3 is our starting point, it is not our limit.
Despite our current hardware choice, the TriPylon Nucleo operating system is designed from the ground up to be modular and cross-platform.
* Portability: The system is built to run on other microcontrollers, including those with built-in Secure Elements.
* Extensibility: The Nucleo architecture already supports the integration of external security chips (SE) for future, more advanced versions of the device.
* Verification: Because we use fixed library versions and a modular C++ structure, the entire system is optimized for formal verification, ensuring every part of the code is checked for reliability.
We are creating a technology that does not depend on a single silicon vendor but instead ensures security through robust architectural design.