Why did your team decide to develop Jolt and what sets it apart from the competition?

Brian: Early this year, we began to survey the landscape of hardware wallets and kept seeing the same limiting factors. Namely, current options are relatively expensive, inconvenient and use weak hardware. Jolt is an open-source project that was created to address these shortcomings and offer an alternative option. We want users to have access to strong security no matter how much cryptocurrency they own. Jolt has an order of magnitude more ram, CPU, and storage when compared to hardware wallets such as the Ledger Nano S. With built-in WiFi, Bluetooth, and battery, Jolt can instantly send funds to pre-configured contacts, such as exchanges or mobile wallets, without a computer or phone, within seconds of being unlocked, allowing secure transactions on the go.

You’ve been relatively quiet since the project was first announced, what have you been working on?

A lot! Most notably, over the past few months we have: Fabricated custom hardware Developed an App based coin system Overhauled the GUI framework The most common feedback on our initial prototype was how ugly and bulky it was, but that was made using off the shelf components, unlike the current version which has a custom-designed circuit board and physical dimensions of just [62x32x6mm]. However, when designing and developing Jolt, we want to make sure any hobbyist has the ability to create their own hardware wallet using easily sourced, inexpensive components. A significant effort has gone towards developing our app system. With Jolt, you’re able to upload approved, digitally signed applications over USB or Bluetooth. Typically in most microcontroller projects, such as Trezor, the firmware is compiled into a monolithic blob and flashed to the device; adding additional code requires recompiling the whole firmware. While developing this way is much easier, our team believes that it doesn’t scale effectively as the number of coins increases. At least 1 megabyte of storage is allocated for applications, which should handle at least 30 Apps; the current Nano application is only 20 kilobytes.

The Jolt hardware wallet (middle) without it casing.

How do you internally manage the secret mnemonic?

The ESP32 microcontroller has a hardware AES encryption engine that encrypts all flash storage with a key that cannot be read back in any software. However, we wanted to go one step further. Jolt also communicates with a secure EEPROM chip, the ATAES132A. The EEPROM chip records all authorization attempts and provides an additional high-quality entropy source. The user’s mnemonic (256-bits of data) is spread out to 3 locations: ESP32 encrypted flash ATAES132A secure EEPROM Stretched User PIN* All 3 sources must be present to reconstruct the user’s secret mnemonic. Each failed pin attempt is recorded in a monotonically increasing counter in the secure EEPROM chip. The user’s PIN is stretched (slowed down derivation) via slow encryption commands on the ATAES132A; being hardware bound means that a hacker wouldn’t be able to brute force a PIN, even in the event of a complete compromise of the ESP32 chip. This novel method of mnemonic storage that is vastly more secure under physical attacks than our competitors who store the raw PIN in flash.

After the initial announcement, there were concerns raised about connecting over wireless. What kind of wireless security does Jolt include?

Wireless is a scary word when it comes to security. Jolt’s security model (along with any other hardware wallet’s), assumes all communication external to the device is public information and may be compromised. For further protection, Jolt has a screen which independently displays transaction information for confirmation and encoded all communications channels in simple, human-readable JSON. Side channel attacks, such as Screaming Channels, are taken very seriously. Jolt disables all radios during cryptographic operations. For those who don’t want anything to do with wireless communication, a version of the firmware without any WiFi or Bluetooth drivers will be available; all communication would have to take place over USB.

Jolt sounds like a great fit for the Nano eco-system. When is the estimated launch date?