Skip to content

Suggest a wallet: GridPlus Lattice1 #8279

New issue
New issue
Closed
#8424
Closed
Suggest a wallet: GridPlus Lattice1#8279
#8424
Assignees
wackerow
Labels
wallet 👛This issue relates to adding or changing a wallet
@alex-miller-0

Description

@alex-miller-0
alex-miller-0
opened on Oct 17, 2022

Wallet name

GridPlus Lattice1

Wallet description

The Lattice1 enables management of cryptoassets with a simple, secure interface. It features a dedicated secure enclave, anti-tamper features, secure screen, and human readable smart contract markup so you can always be certain of what you are signing. Pair your Lattice1 with MetaMask, Frame, MyCrypto, etc. to access your crypto from anywhere. Look up balances, send transactions, and easily switch between your Lattice1 and SafeCard wallets.

Wallet logo

196211538-6f68463b-3f0d-4c3e-8f1f-478303d8eb06

Background color for brand logo

#FFFFFF

URL to the project

https://gridplus.io

When did the wallet go live to users?

October 2020

Does the wallet have an active development team?

Yes. Here are our public GitHub repos: https://github.com/GridPlus

Is the wallet globally accessible?

Yes, although shipping to certain countries must be done via reshipping services (most countries worldwide do not require this). A list of available shipping regions can be found here.

Is the wallet available in multiple languages?

English only, but other languages may be supported in the future.

What social links are there for the project?

https://twitter.com/gridplus
https://discord.gg/Bt5fVDTJb9
https://www.youtube.com/c/gridplus
https://www.linkedin.com/company/gridplus
https://www.reddit.com/r/GridPlus/

Does the wallet have a mobile app? If yes, which operating systems are supported (iOS, Android)?

No. The Lattice1 is a stateless signer that integrates with existing, popular Ethereum wallets (MetaMask, Frame, MyCrypto, Rebby, Ambire, etc) using our SDK.

Does the wallet have a desktop app? If yes, which operating systems are supported (Windows, Mac, Linux)?

No. The Lattice1 is a stateless signer that integrates with existing, popular Ethereum wallets (MetaMask, Frame, MyCrypto, Rebby, Ambire, etc) using our SDK.

Does the wallet have a browser extension? If yes, which browsers are supported (Chromium, Firefox, Safari)?

No. The Lattice1 is a stateless signer that integrates with existing, popular Ethereum wallets (MetaMask, Frame, MyCrypto, Rebby, Ambire, etc) using our SDK.

We also have a web application for managing secure device data, which is supported by all major browsers.

Is it a hardware wallet?

Yes, this is a hardware wallet. It is a stateless signer, so transactions are requested and broadcast by the integrated software wallet (e.g. MetaMask, Frame). The Lattice1 is only responsible for displaying transaction information to the user on a secure screen and signing the message/transaction if approved.

Is the source code for the wallet fully open-source?

No, but we will probably open source it in the next 6 months

What license is the wallet software released under?

Currently N/A

Who holds the private keys?

GridPlus has absolutely no access to user keys/funds and never will. The user is always 100% in control.

Seeds are stored on the HSM - we use a standardized Javacard EMV HSM chip, which is what you have on every credit/debit card. There is a special "GridPlus" Javacard application which is a fork of Status' Keycard and is responsible for storing the seed. There is one HSM inside the device itself (called the "Lattice Wallet") and each SafeCard has its own HSM which can be inserted into the card slot and unlocked at any time.

Firmware may access seeds in the secure microcontroller's active memory as long as the desired HSM is unlocked (this is done at the Javacard application level). The seeds are not persisted in long term memory and there is no firmware mechanism to export seeds or private keys.

Seeds may be imported onto the device via mnemonic using a secure screen or may be generated on-device using a TRNG.

Public keys and addresses may be exported by a paired requester, such as MetaMask (see next section for pairing details). The request and response are both end-to-end encrypted (in addition to, presumably, using SSL) so only the requesting app can see the exported keys.

Please describe the measures taken to ensure the wallet's security and provide documentation wherever possible

There are several hardware security features, which are outlined in this article. Here is an overview of some of the most important features:

Physical/Electronic Security Features:

  • Lattice firmware runs on a secure microcontroller, which draws all screens and retains access to secure data, such as seeds/keys.
  • An anti-tamper security mesh physically encases the secure microcontroller. The mesh has a small current running through it at all times, which is powered by a coin cell battery (~20 year life span). If the device is opened or tampered with, the mesh circuit will break and a special region of memory will be erased, which contains the root entropy of the device. If this happens, the device will permanently lock and keys will be irrecoverable. Note: we do warn users about this and offer them the option to disable this feature in software (requires device PIN).
  • The microcontroller is separated from a network interface (which receives encrypted requests via WiFi or Ethernet) by a fixed-size FRAM mailbox. This prevents side channel attacks and significantly limits the attack surface for code injection attacks.

Software Security Features:

  • A tightly controlled message protocol is utilized to limit the attack surface of software attacks.
  • All transaction requests (and most other requests) must be end-to-end encrypted. These requests are decrypted by firmware, which runs on the secure microcontroller. This means that the network interface cannot see them. All request types are also padded, so network snoopers will not be able to detect what a user is doing.
  • Only "paired" requesting applications can make e2e encrypted requests (transactions, pubkeys, secure data management, etc). The pairing process involves generating and displaying a secure code (60s expiration) on the Lattice1 device and entering that secret out of band on the app requesting the pairing. Any pairing may be removed on the Lattice1 device at any time and after that is done, the app will no longer be able to make secure requests (unless the user pairs with it again).
  • Addresses may be tagged with user-defined names. When a tagged address is used in a transaction, the hex string is replaced by the user-defined, ASCII name. Tags must be added using secure (a.k.a. e2e encrypted) requests.
  • Contract calldata can be ABI-decoded by an requesting application using utils in the GridPlus SDK. This replaces hex-string calldata with more structured, human readable function names and parameters.

Has the wallet's smart contract code or security modules been audited?

No

Does the wallet have an internal security team?

We have a firmware team, not a dedicated "security team" per se, but we are well versed in applied crypto

Any other security testing that should be noted?

All firmware features undergo significant testing prior to release and all changes are documented in this repo. Integrated end-to-end tests are implemented in the SDK here.

Scam protection?

Address tags and ABI decoding features are meant to give users better tools against scams.

Note that the Lattice1 is a stateless signer that can display a good amount of information on a secure screen, but it does not have access to blockchain state. This is intentional, as we do not want to use anything from the open Internet as a source of truth. Recall that all screens are drawn by secure firmware. For tags, we require the user to pre-commit data. For ABI decoding, we take advantage of the self-verifying nature of the ABI protocol to decode data types/structures.

Does the wallet support connecting to a hardware wallet?

Yes

Does the wallet support WalletConnect?

No

Does the wallet support importing Ethereum RPC endpoints?

N/A

Does the wallet support viewing and interacting with NFTs?

No

Does the wallet support connecting to Ethereum applications?

Yes, indirectly - it can integrate with all browser wallets using the SDK.

Does the wallet support staking directly?

No, but we are currently implementing support for BLS signatures + deposit/withdrawal key derivations so we will support staking at some point (hopefully soon).

Does the wallet support swaps directly?

It does not treat swaps any differently than other transactions.

Does the wallet support multi-chain networks?

Yes - it supports all EVM networks out of the box. We have a short list of common L2s and networks based on chainID. If a known chainID is used, we display the network name and coin unit name.

Does the wallet support Ethereum layer 2 networks?

Yes - all networks that use EVM transactions are supported out of the box.

Does the wallet allow the user to customize gas fees?

Not on the device itself, but this can be done on the browser wallet, e.g. MetaMask.

Does the wallet support sending transactions to ENS addresses?

Not directly, though you could use tags. As mentioned above, we do not want to use the Internet as a source of truth for secure screens.

Does the wallet support importing or automatically querying and displaying ERC-20 tokens?

Not directly, though you could use tags.

Does the wallet support EIP-1559 (type 2) transactions?

Yes. All existing Ethereum transaction types are supported, including legacy types.

Does the wallet have fiat on-ramps through credit/debit cards, wire transfers, or bank transfers (ACH)?

No

Does the wallet support withdrawals to fiat?

No

Is the wallet a multi-signature wallet?

No, but it is easy to create one using Gnosis Safe and SafeCards.

Does the wallet support social recovery?

No

Who can the ethereum.org team can contact regarding the wallet in future?

Our company Twitter is probably the best way. You can also reach out to Alex.

Does the wallet have a dedicated support team?

Yes. We offer live support in our Discord server as well as a ticketing system for more involved support inquiries.

We have a very quick response time; usually within a few minutes on Discord and less than a day for ticket inquiries.

What educational resources/documentation do you provide to users?

https://docs.gridplus.io/
https://www.youtube.com/c/GridPlus

Does the wallet have any integrated tools not mentioned above?

  • SafeCards allow users to quickly switch between wallets using the same Lattice1 device. All a user needs to do to switch wallets is insert a new SafeCard and unlock it with a PIN. All requests made to the device will now be made to the newly active SafeCard wallet. These are great for multisig wallets, backups, and separation of identities. For example, this enables connection to accounts derived from multiple mnemonics/seeds in the same instance of MetaMask.

  • EIP712 messages are also supported and are displayed using prettified JSON formatting.

Metadata

Metadata

Assignees

Labels

wallet 👛This issue relates to adding or changing a wallet

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions