Hardware Signer: The Innovative Feature Enhancing Security of Crypto Wallets

Utilizing account abstraction and mobile devices hardware security modules to offer state-of-the-art security and UX: this is the Hardware Signer!

• November 15, 2022

• 4 min read





In the past few months we, at Braavos, have focused on implementing the basics users need from a self-custody wallet.

We released the wallet as a browser extension for all popular browsers and an application for iOS and Android devices. Users can access their funds wherever and whenever they want.

We introduced numerous features to the wallet, such as NFTs gallery for audio, video and 3D image.

Transaction Explainer that helps users understand in clear English what dApps are asking them to sign on.
Built-in Exchange so users can swap tokens from within the wallet at the best rates on StarkNet.

Mobile apps that are aligned with our vision for better security through better UX, superior to browser extensions.

All the above were completely new capabilities for StarkNet when Braavos introduced them, but other wallets in the wider crypto ecosystem have already implemented such capabilities.
Nevertheless, it was important to us to cover “the basics” and give users the functionality they are used to from L1 and other chains.

Once we have covered the basics, we have been directing all our efforts towards new innovations enabled by Account Abstraction coupled with L2 low gas fees. The goal is to improve the security and user experience of self-custodial wallets, ensuring people will not default to centralized solutions.

Common Ways to Secure Accounts

Today in crypto, there are two main ways to secure your account: a seed phrase or a hardware wallet.

Seed Phrases

A Seed Phrase is a 12 or 24 words users must store safely.
It presents a notorious UX as it’s subject to phishing attacks and frequently gets lost, resulting in users losing funds.

Hardware Wallet

A Hardware Wallet offers strong security, but presents very high friction for everyday users, as it is another physical device to handle, needs to be specially ordered, is costly, and users need to lear how to use it.

Is there a better way?

Hardware Signer

The Hardware Signer presents the first step in our journey to improve crypto user experience and make it much more accessible and secure for everyday users, while not compromising on decentralization and self custody.

So what is the Hardware Signer?
The Hardware Signer consists of two parts:

  • The secure sub-system in users’ mobile device
  • The account smart contract which can run arbitrary logic
    (a.k.a Account Abstraction)

Secure Sub-System

The Hardware Signer utilizes the secure subsystem built-in in users’ device — iPhone’s Secure Enclave or Android Phone’s Titan HSM – to protect the account.

The Secure Enclave / Titan chip is a dedicated and isolated sub-system, totally separated from the application processor, that can generate private keys and sign messages. It generates the keys using an internal True Random Number Generator (TRNG) and signs messages over the NIST-P256 elliptic curve (secp256r1) via its internal Public Key Accelerator (PKA). The private keys never leave the secure system and are unknown and inaccessible to anyone, not even to the user, or to the application itself.

This means that even if the device application processor kernel becomes compromised, user keys stay safe!

Deeper into the Secure Enclave

During the chip manufacturing process, a UID (Unique Identifier) is generated by the TRNG and is stored in the PKA. It can’t be read and never leaves the PKA, thus it is unknown even to the Secure Enclave processor and the Secure Enclave Processor Operating System (SepOS).

This UID is a random number which is unique per device and is used to encrypt all other keys that will be generated in the future on this device.
The way it works is as follows: the application will request the SepOS to generate a new key-pair, the SepOS will instruct the Secure Enclave TRNG to generate a key and encrypt it (using the UID). The app can then request the SepOS to decrypt the key and sign a message using the generated key. During this entire process, the generated key does not leave the enclave and is unknown to anyone.
(For more information on the Secure Enclave, please see here).

The way the Secure Enclave is built and operates, along with the fact that it is a target for attacks by powerful corporations and governments around the world, is the reason its security surpasses standard hardware wallets.

Account Abstraction

The power of Braavos as a smart contract based wallet on top of StarkNet is that it is comprised of two pillars:

  • The client side (e.g. the application) that allows the user to review/sign transactions and send them to the chain.
  • The chain side — an account smart contract that can run arbitrary logic; and in our case, run arbitrary signature verification logic.

The application signs the transaction using the mobile device security module and then sends it to the account contract on-chain that can verify it.

As mentioned above, the security module on iPhones and Android phones uses a cryptography called NIST-P256 (secp256r1), which is not compatible with any major blockchain cryptographic scheme, including StarkNet. 
This is why having a smart contract account on-chain that all transactions go through and can run arbitrary logic is crucial in utilizing these hardware secure modules on iPhones and Android phones.


How does the user approve the transaction? 
Can a malicious application auto-sign a transaction without the user’s consent?

The answer is clear: NO!

The cool thing about the built-in security module in mobile devices, such as the Secure Enclave, is that it supports, intrinsically biometric authentication of the user identity. 
This means that even the actual approval to sign a transaction is done directly versus the Secure Enclave. This means that the transaction approval, which is done via the user fingerprint or face identification, does not go through the application.


If no one knows the private key, what happens if the device gets lost or becomes bricked? How can the user gain back control of the account?

In Braavos, when the user has enabled the Hardware Signer feature, an account will have 2 public keys:

  1. The Hardware Signer key that will be used to sign all transactions
  2. The key derived from the seed phrase that can only sign one transaction — a “Request to remove Hardware Signer”

This request to remove the Hardware Signer won’t be executed immediately, but rather will have a time delay of 4 days (configurable). This delay allows the user to use the Hardware Signer to cancel such a request. 
This means that if the device gets stolen, lost or bricked, users will still be able to recover their account once the 4 days delay period ends. 
However, if their Seed Phrase gets stolen and an attacker issues a request to remove the Hardware Signer, the user will automatically (and repeatedly) get notified and will be able to cancel the request and keep all of the assets safe.


The Hardware Signer feature offers both state-of-the-art security level for crypto users and the experience users are used to from web2 solutions. In this sense, signing a transaction is as smooth and worry free as paying with Apple/Google pay.

This is just one, yet prominent, example of the power of smart contract based wallet (a.k.a Account Abstraction) and the new design space it enables.
We foresee the development of more and more nascent capabilities that will drive the crypto industry to a better and more inclusive future, providing new and existing users alike with uncompromised security coupled with uncompromised UX.

The Braavos wallet is available on Android and iOS and on multiple browsers: Chrome, Firefox, and more.

Motty Lavie, founder and CEO at Braavos. 

More Articles


How Braavos’ Wallet Signers Are Elevating The Crypto Experience

Diving into the second level of the Account Abstraction Security Pyramid: the Protected Signer. Discover what it is and how it works.

Smart Contract Wallet

27 Mar 2023


Smart Wallets – Transforming User Experience and Security

Unveiling the next generation of crypto wallets: how smart wallets are elevating security and user experience in decentralized finance.

Smart Contract Wallet

25 Mar 2023


Discover the Best of Starknet dApps with Braavos Wallet: A Comprehensive Guide

Explore Starknet dApps with ease using Braavos Wallet. Keep track of your engagement with the new gallery integration.

Braavos Wallet

25 Mar 2023

best-starknet-wallet-why-braavos-is-the-choice-for-new-starknet enthousiasts

The Best Starknet Wallet: Why New Users Choose Braavos in 2023!

With unique innovation and impressive growth figures, Braavos quickly became the best choice for Starknet, leaving old wallets in the dust! Here is why!


25 Mar 2023

Web3 Identity and Web3 Security What you need to know

Web3 Identity and Web3 Security: What you need to know!

Learn about Web3 identity and wallet security. Understand crypto identity elements, domain names, 2FA, and hackers' operations!


23 Mar 2023


Smart Contract Wallet Innovations: How is Braavos Leading The Way?

Discover how Braavos, the smart contract wallet, secures crypto enthusiasts' journey post-centralized incidents. Strategy, features & more!

Smart Contract Wallet

4 Mar 2023


Revolutionizing Crypto Signing: Braavos and StarkNet’s Account Abstraction Case Study

Revolutionize crypto signing with Braavos' use of Account Abstraction and familiar authentication methods like Face ID. Discover more now.


18 Jan 2023


Why are Smart Contract Wallets Considered as the Most Secure Wallet?

Learn about smart contract wallets and their features with Braavos. Discover account abstraction, hardware signer, and more.

Smart Contract Wallet

9 Jan 2023

Inside Braavos’ Development of a Wallet on StarkNet: A Behind-the-Scenes Look

The power of smart contract wallets on StarkNet: enhance security, 2FA, account segmentation & streamline transactions. Discover more now!

Braavos Wallet

16 Oct 2022

Braavos: Simplifying Crypto for Everyday Users with Secure Access

Simplifying Crypto for Everyday Users: Braavos’ Mission to Provide Secure Access to Digital Assets

Discover Braavos' mission to simplify crypto access and increase security. Learn how they're bringing digital assets to the masses!

Braavos Wallet

24 Sep 2022


Meet Braavos, the First Mobile Wallet Available on Starknet

Braavos' mobile wallet apps make it easy for users to access StarkNet and crypto while ensuring the highest level of security. Try it now!

Braavos Wallet

21 Aug 2022

Hello Braavos, a wallet on Starknet

Braavos, day 1

Braavos is a self-custodial smart contract-based wallet running on top of StarkNet. We provide users with all the basic functionality.

Braavos Wallet

27 Jul 2022

Be The First To Know

Subscribe now and receive monthly updates and interesting news about Braavos and Starknet ecosystem