Cryptographic hardware key

Question

Cryptographic hardware key

Opened this issue 2 months ago · 1 comments

In the flow chart for the Wallet Instance Initialization and Registration the wallet is expected to send the hardware_key_tag to the wallet provider (Step 9). The Wallet Provider on the other hand is expected to store the Cryptographic Hardware Keys (step 12).

Don't understand how the translation from key tag to actual key is expected to work.

Answer 1 · 2024-07-07T10:26:13.000Z

Note that further down in the text it's stated:

"It is not necessary to send the Wallet Hardware public key because it is already included in the key_attestation."

Which to me sounds like the key and not the tag is included in the attest key request. Or is it assumed that the device integrity service can acquire the key from the device using the tag ? In some out-of-band way ?