I feel I perceive the aim of a blind oracle: to not have our encryption key saved in Jade in order that an attacker cannot carry out a bodily key extraction by manipulating the {hardware}.
The oracle serves as a type of “safe component” and helps maintain Jade absolutely open-source by being in an exterior server.
We will get the key key to unlock the pockets utilizing an Elliptic Curve Diffie-Hellman (ECDH) key change, which is barely accessible after we set the PIN accurately.
Nevertheless, I do not perceive how is the PIN itself secured.
Query:
Would not the PIN be topic to the kind of key extraction the oracle is meant to guard us from, since it isn’t saved in a safe component?
If sure, feels like getting the PIN can be simply an extra step, however as soon as the attacker has it, he’s able to acquiring the key key by performing the ECDH himself, which does not sound a lot safer.
Can somebody clarify to me what I am getting unsuitable right here?
Thanks!
