Wallet Logo

Tangem Note

🔍 Last analysed 23rd March 2022 . Bad Interface
25th March 2020

Jump to verdict 

Help spread awareness for build reproducibility

Please help us spread the word discussing build reproducibility with Tangem Note  via their Twitter!

Do your own research!

Try out searching for "lost bitcoins", "stole my money" or "scammers" together with the wallet's name, even if you think the wallet is generally trustworthy. For all the bigger wallets you will find accusations. Make sure you understand why they were made and if you are comfortable with the provider's reaction.

If you find something we should include, you can create an issue or edit this analysis yourself and create a merge request for your changes.

What is a bearer token?

Bearer tokens are meant to be passed on from one user to another similar to cash or a banking check. Unlike hardware wallets, this comes with an enormous "supply chain" risk if the token gets handed from user to user anonymously - all bearer past and present have plausible deniability if the funds move. We used to categorize bearer tokens as hardware wallets, but decided that they deserved an altogether different category. Generally, bearer tokens require these attributes:

  • Secure initial setup
  • Tamper evidence
  • Balance check without revealing private keys
  • Small size
  • Low unit price
and either of these applies:
  • Somebody has a backup and needs to be trusted.
  • Nobody has a backup and funds are destroyed if the token is lost or damaged.

The Analysis 

Product Description

Security Details

A Tangem Card is a highly secure hardware cold wallet made to store any kind of digital assets / cryptocurrency / Bitcoin on blockchain technology. With an NFC-enabled phone, you can verify your balance and extract your assets if you want to move them to another wallet.

Transactions and verifications are carried out via the Android companion app, Tangem - Crypto wallet No Source! . The app must be installed through a phone that supports NFC.

A video tutorial on how to setup the Tangem could be found on YouTube.

With the Tangem card, a user can:

  • Check the validity of the Card and the assets it’s holding.
  • Show the assets blockchain address.
  • Extract (send) funds to other Tangem Cards or blockchain wallets.
  • Pay with the Card (with merchants currently accepting crypto).

The private key is stored on the secure EAL6+ chip. Tangem also claims that their firmware is audited by Kudelski Security

Google Play Critical Review

Michael Hutchison
★☆☆☆☆ January 8, 2022
Card does not scan… Do not buy may not work waste of money….

Tangem Developer Portal Security Information

Tangem Developer Portal - About

There are several mechanisms of attestation for the holder to ensure they operate a genuine Tangem card:

  1. Card attestation. During the manufacturing process, special service keys are generated within the card (not to be confused with wallet keys) and the public key of the card is uploaded to the Tangem attestation service back-end. At the time of attestation, the card confirms the ownership of the corresponding private key, and the public key is compared with the one uploaded to the server.

  2. Attestation of wallets. If wallets have already been created on the card, during the attestation process, a special challenge will be sent to the card to verify the possession of the corresponding private keys.

  3. Firmware attestation. The card can access any random segment of its flash memory containing firmware and return its hash. Thus, the holder can make sure that the firmware installed on the card was produced by Tangem as well as that this is exactly the firmware that was checked by the auditor.

Tangem Developer Portal - Features

A wallet on the card is an Asymmetric Cryptography key pair (public and private key).

Wallet private key is the main secret of the card. It will be generated by the card on the factory or by the user using the Create wallet method. It is never revealed and accessible by the host application via the NFC interface. COS will internally use a wallet private key only during execution of Sign and some attestation commands.

Tangem Card is equipped with a True Random Number Generator that’s used for generating private keys. This approach makes it impossible to generate the same key, as well as the ability to predict the result of the operation.

Analysis

Like most cryptocurrency cards that use NFC, the Tangem depends on the companion app, Tangem - Crypto wallet .

They claim that transactions are truly hand-to-hand as the Tangem is meant to be physically passed on from one person to another. Depending on the companion app, the receiver must have an NFC enabled Android phone with the Tangem app installed.

We sent out a tweet to clarify with Tangem whether the private key gets generated in the factory or by the user.

They responded:

No, in our B2C products all wallets has to be generated by users. But we have this option for B2B partners and can generate wallets at the factory if needed. But again, not for the Tangem Wallets and Tangem Notes.

The clarification makes a distinction between their business-to-business customers vs their business-to-customer clients.

As a bearer token, the Tangem lacks an input or output interface that could confirm a transaction independent from a companion app when redeeming the funds.

(dg)

Verdict Explained

The design of the device does not allow to verify what is being signed!

As part of our Methodology, we ask:

Bad Interface!

Can the user verify and approve transactions on the device?

If the answer is "no", we mark it as "Bad Interface".

These are devices that might generate secure private key material, outside the reach of the provider but that do not have the means to let the user verify transactions on the device itself. This verdict includes screen-less smart cards or USB-dongles.

The wallet lacks either an output device such as a screen, an input device such as touch or physical buttons or both. In consequence, crucial elements of approving transactions is being delegated to other hardware such as a general purpose PC or phone which defeats the purpose of a hardware wallet.

Another consquence of a missing screen is that the user is faced with the dilemma of either not making a backup or having to pass the backup through an insecure device for display or storage.

The software of the device might be perfect but this device cannot be recommended due to this fundamental flaw.

The product cannot be independently verified. If the provider puts your funds at risk on purpose or by accident, you will probably not know about the issue before people start losing money. If the provider is more criminally inclined he might have collected all the backups of all the wallets, ready to be emptied at the press of a button. The product might have a formidable track record but out of distress or change in management turns out to be evil from some point on, with nobody outside ever knowing before it is too late.