For a TRUSTLESS device to operate we shall not be obliged to have faith in the numerous participants who are usually involved in the process: e.g. vendor, manufacturer, retailers.

Open-source software is a must to avoid trust in the vendor. While a community supervised code can reveal vulnerabilities faster, we have to make sure that our device is running that code as well. This process is called attestation, where we must be able to validate the hardware components and the program by ourselves.

TRUSSY solves this issue using the existing bootloader of the Trezor device. Their attestation concept has been validated over a long time and they were kind to publish it for the greater good. Using that solution without a constant USB connection enables us to create a more secured device.

The basic rule of attestation is that you have to make sure of the hardware first, hence a device with greater magnitude of performance can simulate the actions of the hardware, which we aim to validate.

TRUSSY’s hardware is encapsulated in a single molded transparent epoxy resin, which protects the device from tampering, while giving you the ability to check the hardware equipment of the device.

As of today, anti-tempering mechanisms like tamper evident stickers are placed on the packaging of the device, rather than inside the device itself.

TRUSSY’s USB port is protected with a temper evident sticker below the epoxy layer, which makes you see if any intrusion has been made during the manufacturing and the shipment process. Once you receive your device you will be the first to damage the USB protecting sticker while accessing.