We’re thrilled to announce Keycard v2. Along with a new look, we’ve improved the product’s security against supply chain attacks with a new applet to verify the authenticity of Keycards. We’ve also removed the ability to upgrade the card to stop anyone, including Status, from being able to alter the way your Keycard behaves.
Read on to learn more about these security enhancements, Keycard’s jazzy new colour scheme, and how the new product impacts the previous version — spoiler: it doesn’t!
What’s New with Keycard v2?
Improved Supply Chain Security
We’ve been working on a mechanism that enables you to check the authenticity of your Keycard. A card is genuine if it can prove it has been manufactured by Status and thus prove that it runs the proper open-source software, which you can audit on our GitHub repos.
To achieve this, we’ve included a new applet on each card. This applet has a unique keypair and a certificate consisting of the public key of the keypair signed by a trusted authority — a Status controlled key in this case (see the end of this article for the public key).
Any wallet or application that you trust and that interacts with the card can challenge the Keycard applet with random data, and it will get back a signature and the certificate. The wallet or application can thus ensure that a trusted authority has issued the card and that the card is genuine.
This mechanism and the applet are fully open, meaning other suppliers can manufacture Keycards and use their own certificate authorities. We are working on a proposal to have a decentralised list of certificate authorities for the Keycard ecosystem, and this will be the subject of a future blog post.
Improved Security Model
We’ve decided to further tighten Keycard security by updating the product’s upgradability model. Before Keycard v2, the Global Platform keys, which are the keys that allow the installation of new applets on a Keycard, were fixed and available in our source code. This choice was made to facilitate the work of developers and allow them to add new applets to their Keycards.
We believe Keycard as a product is now at a maturity level where security takes priority over upgradability. Therefore, we’ve decided to offer our users the strongest level of security by closing any possibility of altering the installed software. To reach that goal, we randomize the Global Platform keys in production, making the product non-upgradeable.
This means that no one can alter your Keycard with a different code base — not even Status and not even if some authority tries to pressure us to do so.
A New Colour: It’s Orange!
Keycard is now a beautiful, vibrant orange, making it easy to identify which version of Keycard you own. If your Keycard is blue, it’s v1; if it’s orange, it’s v2. You can also check the serial number on the back of the card — the first two characters indicate the product version.
What Happens if I Own Keycard v1?
If you own a v1 Keycard, nothing changes for you, and you can keep using it with Status as you always have done.
Notes
- Status certificate authority signing certificates: 0x029ab99ee1e7a71bdf45b3f9c58c99866ff1294d2c1e304e228a86e10c3343501c
- Keycard GitHub repo: https://github.com/status-im/status-keycard
- Keycard technical documentation: https://keycard.tech/docs/
- Buy a Keycard: https://get.keycard.tech
- Contact Keycard about anything: getkeycard@status.im