The purpose of this document is to detail the software specifications and security features used by Forsa Mini, Classic, and Touch.
The software used in Forsa devices is always open source and fully auditable.
Everyone can look at the code used in Forsa devices and verify its integrity,
find vulnerabilities, or suggest improvements and integrations.
We make
Forsa completely transparent to remove the inherent need for trust and to share
as much knowledge and ideas as possible with the broader community.
https://github.com/ForsaHQ/firmware
You can also refer to our Developer's Guide.
Forsa Mini & Classic
operating system
There are multiple layers of code to ensure the legitimacy and security of the operations performed by your device.
bootstrapping process
The bootloader is a simple program designed to install, update, and check the
firmware loaded on Forsa devices. The bootloader checks the firmware for
integrity and signatures, and runs it when everything is in order. This check is
performed each time power is applied to the device. If the bootloader detects
unofficial firmware, it displays a prominent warning on the device
screen.
If the bootloader detects that both buttons are pressed or that
there is no firmware on the device, it will start in firmware update mode (also
known as "bootloader mode"), thus allowing firmware updates via USB.
Bootloader Essentials:upload, update, check firmware integrity;
is updatable; signature for bootloader
checks.
Firmware
A firmware is the program that operates your device. It's the code that performs
most of the functions and features you use. Firmware is also critical to
ensuring safe operation. Firmware can be updated directly from the Forsa App
via USB and always requires physical confirmation (button press).
When
updating firmware, the bootloader erases the memory on the device and restores
it only after verifying the signature on the firmware. Downgrading firmware
erases memory.
Firmware essentials :operate the device; check by
bootloader; update regularly.
It is recommended that the device
be updated with the latest firmware version.Updating the firmware
is the only way to deal with certain known security vulnerabilities.
Authorisation
Physical access
Forsa devices implement several security measures to prevent unauthorized physical access.
Home screen - very useful
While adding a nice personal touch to your device, the home screen also serves an
important function. Having a custom and unique picture helps the user identify
the device as soon as it is turned on, thus acting as the first line of defense
against the device being replaced by my malicious third parties.
Changing
the home screen requires a PIN to be entered or it cannot be done. The same
feature applies to the device label.
PIN - Protects the device
The PIN is the number you set when you first initialize your Forsa device. It prevents the device from being used by an unauthorized person.
Password - Protected Seeds
Password protection is an ingenious piece of Forsa security design. Unlike PINs,
which are completely device-dependent and can be changed or disabled without
affecting your account, password phrases are tied to your
seeds.
By using a fully customizable phrase, you can add more
entropy to the seeds loaded in your wallet. This builds a whole new hidden
wallet "on top" of your seed. The password is not recorded anywhere on the
device; therefore it is untraceable and unbreakable.
Restore the mnemonic: Here's your money
The Recovery Helper is the ultimate backup of all private keys and related data used and protected by your device.
Forsa Touch
Operating System
There are multiple layers of code to ensure the legitimacy and security of the operations performed by your device.
wheel loaders
The boardloader is the write-protected, embedded immutable code for the device. Its function is to load and check the integrity and signature of the bootloader. The main purpose of write-protection of the on-board program is to make it an immutable part that is resistant to code based attacks (e.g. BadUSB) and errors that can reprogram any/all embedded code. It ensures that only embedded code with verified signatures runs on the device (and runs the expected code, not skipped).It is not possible to update, modify or delete the boardloader.
Boardloader Essentials:embedded; unmodifiable; loads the
bootloader and checks its integrity.
Bootloader
The bootloader is a simple program designed to install, update, and check the
firmware loaded on Forsa devices. The bootloader checks the firmware for
integrity and signatures, and runs it when everything is in order. This check is
performed each time power is applied to the device. If the bootloader detects
unofficial firmware, it displays a warning on the device screen.
If the
bootloader detects a finger press on the display or no firmware on the device,
it will start in firmware update mode (also called "bootloader mode"), allowing
firmware updates to be performed via USB.
Bootloader Essentials:upload, update, check firmware
integrity; is updatable; signature for bootloader
checks.
Firmware
A firmware is the program that operates your device. It's the code that performs
most of the functions and features you use. Firmware is also critical to
ensuring safe operation. Firmware can be updated directly from the Forsa App
via USB and always requires physical confirmation (tap the
touchscreen).
When updating firmware, the bootloader erases the memory on
the device and restores it only after verifying the signature on the firmware.
Downgrading the firmware erases the memory.
Firmware essentials:operate the device; check by bootloader;
update regularly.
It is recommended that the device be updated
with the latest firmware version.Updating the firmware is the only
way to deal with certain known security vulnerabilities.
Authorisation
Physical access
Forsa devices implement several security measures to prevent unauthorized physical access.
Home screen - very useful
While adding a nice personal touch to your device, the home screen also serves an
important function. Having a custom and unique picture helps the user identify
the device as soon as it is turned on, thus acting as the first line of defense
against the device being replaced by my malicious third
parties.
Changing the home screen requires a PIN to be entered or it
cannot be done. The same feature applies to the device label.
PIN - Protects the device
The PIN is the number you set when you first run Forsa. It protects Forsa from unauthorized use.
Password - Protected Seeds
Password protection is an ingenious piece of Forsa security design. Unlike PINs,
which are completely device-dependent and can be changed or disabled without
affecting your account, password phrases are tied to your recovery
booster.
By using a fully customizable phrase, you can add
more entropy to the seeds loaded in your wallet. This builds a whole new hidden
wallet "on top" of your seeds. The password is not recorded anywhere on the
device; therefore it is untraceable and unbreakable.
Recovering Seed Phrases: Here's Your Money
Recovery Seed is the ultimate backup of all private keys and associated data used and protected by your device.
