-
@ semisol
2025-05-27 19:19:44
> There’ll be less eyes on the design
Same issue with MCUs, really. Anyway, large SE companies conduct their own testing *and* rigorous independent certifications. (semi-formal validation)
Not sure you can reach that level even if you open source, because the majority of the security is in the physical design, and so physical attack tests. And not the logic.
I have also significantly reviewed the design of the SE I am using.
> There’s no do over in BTC but there is in the fiat world
In the end, there is still damage. Fake digital signatures can be as damaging as blindly signing contracts. Credit card fraud can lead to millions lost for banks.
In the end, *someone* is losing something from it being insecure, and so they have a strong incentive to ensure they buy secure products.
> we can DIY build one
But does anyone? Or do we rely on the manufacturer and Espressif to solely deliver a correct product?
What if the boot ROM on the MCU logs your seed to a hidden area on the chip?