Use a Hardware Security Module if available

[sergimn]

Is your feature request related to a problem? Please describe. After reviewing the code for a bit, I haven't found that the app uses setIsStrongBoxBacked() to store the passphrase to unlock the wallet inside the secure element in the event that it is available.

Describe the solution you'd like Check if the device has a HSM and use it to store the decryption key for the wallet. This would significantly improve security as the key would never be stored on regular storage but in the HSM, which is rate limited. You could even ditch the concept of a user-generated passphrase in this case and just use the phone's authentication method, which also uses the HSM (and thus is rate limited) and not require to plug in the Ledger device in case the user is using one as the view key is basically impossible to modify as it is encrypted at rest with the key inside the HSM

Additional context You can find more information in the following two links https://developer.android.com/training/articles/keystore#HardwareSecurityModule https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.Builder#setIsStrongBoxBacked(boolean)

[m2049r]

afaik the HSM is used by default (if available) for storing & using the encryption keys (used for crazypass) - what makes you think this is not so?

how is this related to ledger? if you want a view-only ledger wallet, create a view-only wallet with the ledger view key...