Cookie Consent by Free Privacy Policy Generator ๐Ÿ“Œ Optimize Address Fetching in the Samsung Blockchain Keystore SDK with Seed Hash

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security



๐Ÿ“š Optimize Address Fetching in the Samsung Blockchain Keystore SDK with Seed Hash


๐Ÿ’ก Newskategorie: Programmierung
๐Ÿ”— Quelle: developer.samsung.com

Last June, Samsung introduced Samsung Blockchain Keystore (SBK), a secure built-in cold wallet in Galaxy devices. The cold wallet is isolated with Samsung Knox and encapsulated within a defense-grade Trusted Execution Environment (TEE). The Samsung Blockchain Keystore SDK enables use of this wallet in Android applications.

In this article, we discuss how to optimize the address fetching process with seed hash. Fetching addresses from the Samsung Blockchain Keystore using the SDK is time-consuming, so this blog will help you learn how to store your seed hash values to avoid delays in fetching information whenever you launch your app.

The Samsung Blockchain Keystore (SBK) SDK enables users to get blockchain public addresses from the Samsung Blockchain Keystore and sign a cryptocurrency transaction to authenticate. A public address is the hashed version of the public key and is used to recognize a blockchain cryptocurrency account. As the blockchain protocol goes, anyone can fetch the balance and transaction history of an account with its public address.

Developers can invoke the getAddressList() API of the SBK SDK to fetch the address list. Every time this API is called with the same request, you get the same address list. A change to the list occurs only when the wallet's root seed has been changed. The Programming Guide: API Flow and Use Cases provides more detailed information.

Seed hash

The SDK uses the term Seed Hash (see Figure 1, inside the green rectangle).

Figure 1 Figure 1: SBK SDK API flow and use case

The SDK Glossary says:

Seed Hash: A pseudo seed hash that is generated randomly when the HD wallet is created. If the master seed of a wallet is changed, the seed hash will be changed as well.

The getSeedHash() API gets the current seed hash from the Samsung Blockchain Keystore. Fetching the address list from the Samsung Blockchain Keystore using the SBK SDK initiates an expensive operation that requires a considerable amount of time. To provide the user with a seamless experience, the SBK SDK programming guide recommends that developers store information from the getSeedHash() API. Developers then need to invoke the getAddressList() API only when the stored seed hash is different from the seed hash fetched using the SBK SDK.

Prerequisites

Before you begin, be sure you've met these prerequisites:

Store the seed hash

I recommend using Android SharedPreferences to store the seed hash. Remember, the seed hash value is not sensitive data; it's not the wallet's root seed itself. It's a hash value generated to keep track of change in the wallet. Because high-level security is not a concern, and when you have a relatively small collection of key values that you'd like to save, SharedPreferences is an easily implemented solution.

All you need to do is get the SharedPreferences file and then read and write key-value pairs on it. If you prefer another method of storing data, you can select any one of the methods described in the Android: Data and file storage overview.

The following code snippet refers to SharedPreferences:

private static final String seedHashKey = "seed\_hash";
private static final String defaultSeedHashValue = "";
private static SharedPreferences mSharedPreference;

mSharedPreference = getActivity().getPreferences(Context.MODE\_PRIVATE);

public static String getSeedHash() {
    return mSharedPreferences.getString(
                                 seedHashKey, defaultSeedHashValue);
}
public static void setSeedHash(String seedHash) {
        SharedPreferences.Editor editor = mSharedPreferences.edit();
        editor.putString(seedHashKey, seedHash);
        editor.commit();
    }
}

//Fetch SeedHash from SBK and Store on Share Preference
String seedHashSDK = ScwService.getInstance().getSeedHash();
setSeedHash(seedHashSDK);

Get the address list from the Samsung Blockchain Keystore

The getAddressList() API of the SBK SDK requires the HD path list and callback function parameters.

  • HD path list parameter: An ArrayList, a list of strings in which every string denotes an HD path. See Understanding Keystore > Key Management for more information.
  • Callback function parameter: A callback function of type ScwService.ScwGetAddressListCallback. The address fetching method is performed asynchronously, once the completed onSuccess() or onFailure() method is invoked. onSuccess() holds the required address list as a List, whereas onFailure() holds the error code.

The following code snippet retrieves four addresses at one time:

private ScwService.ScwGetAddressListCallback mScwGetAddressListCallback =
new ScwService.ScwGetAddressListCallback() {
    @Override
    public void onSuccess(List<String> addressList) {
        Log.i(Util.LOG\_TAG,
                       "Accounts fetched from SDK Successfully.");
    }
    @Override
    public void onFailure(int errorCode) {
     // Error Codes Doc:
     // https://img-developer.samsung.com/onlinedocs/blockchain/keystore/
        Log.e(Util.LOG\_TAG,
              "Fetch Accounts Failure. Error Code: " + errorCode);
    }
};

public void getPublicAddress(ArrayList<String> hdPathList) {
    mScwService.getAddressList(
              mScwGetAddressListCallback, hdPathList);
}
ArrayList hdPathList = new ArrayList<>();
hdPathList.add(ScwService.getHdPath(ScwCoinType.ETH, 0));       //m/44'/60'/0'/0/0
hdPathList.add(ScwService.getHdPath(ScwCoinType.ETH, 1));       //m/44'/60'/0'/0/1
hdPathList.add(ScwService.getHdPath(ScwCoinType.ETH, 2));       //m/44'/60'/0'/0/2
hdPathList.add(ScwService.getHdPath(ScwCoinType.ETH, 3));       //m/44'/60'/0'/0/3

//  BTC -> "m/44'/0'/0'/0/0";

getPublicAddress(hdPathList);

Representation

For an Accounts info demonstration, I've used Android's RecyclerView. For detailed information, see Create a List with RecyclerView and this android recyclerview example.

Figure 1Figure 1 Figure 2: Fetching an address list from the Samsung Blockchain Keystore

Store address information on an application database

Once you have fetched the required addresses from the Samsung Blockchain Keystore, design your mechanism to store this information. Letโ€™s look at requirements at this stage:

  • Storage for account information: Accounts presented at app launch have to remain consistent on subsequent app launches, unless the wallet has been changed.
  • Provide users with a seamless experience: Information should not be fetched from Samsung Blockchain Keystore using SDK every time the app launches, because it causes delays.

This leads us to Android Room. Room provides an abstraction layer over SQLite to allow fluent database access while harnessing the full power of SQLite.

The three major Room components are:

  • Database: Contains the database holder
  • Entity: Represents a table within the database.
  • DAO interface: Contains the methods used for accessing the database.

For more information about Android Room, see the documentation, blogs, and samples.

Database

Database class extends the RoomDatabase and builds the required database file.

@Database(entities = {AccountModel.class}, version = 1)
public abstract class AccountsDB extends RoomDatabase {

    private static AccountsDB accountsDB;
    public abstract IAccountsDAO iAccountsDAO();

    public static AccountsDB getInstance(Context context) {
        if (accountsDB == null || !accountsDB.isOpen()) {
            accountsDB = Room.databaseBuilder
                       (context, AccountsDB.class, Util.DB\_NAME)
                                                         .build();
        }
        return accountsDB;
    }
}

Entity

Here, we have declared our Model Class as a Room Entity using annotations. Room converts โ€œthe members of the classโ€ to โ€œcolumns of the table,โ€ reducing boilerplate code.

@Entity
public class AccountModel {
    // accountID used as primary key & indexing, Auto Generated
    @PrimaryKey(autoGenerate = true)
    private int accountID;

    private String publicAddress;
    private String hdPath;
    // Getter & Setter Methods     
      .. ..
}

DAO interface

Here, you have to declare methods and corresponding database SQL queries to be run. This interface is implemented by the Room persistence library; corresponding codes are generated automatically to perform required database operations.

@Dao
public interface IAccountsDAO {
    @Query("SELECT \* FROM AccountModel")
    List<AccountModel> fetchAccounts();

    @Insert(onConflict = OnConflictStrategy.REPLACE)
    void insertAccounts(ArrayList<AccountModel> accountModels);

    @Query("DELETE FROM AccountModel")
    void removeAccounts();
}

On invoking the Java method, corresponding queries are performed on the database. For example, invoking the removeAccounts() method executes the DELETE FROM AccountModel query.

Database operations

Room doesnโ€™t allow you to issue database queries on the main thread, as it can cause delays. Database CRUD operations must be performed on a separate thread.

Iโ€™ve used AsyncTask on this example to perform database operations. AsyncTask allows you to perform background operations and publish results on the UI thread without manipulating threads and/or handlers yourself. AsyncTask gives a high-level wrapper over multithreading, so you don't need expertise in concurrent threads or handlers.

  • doInBackground(Params...): Performs a computation on a background thread.
  • onPostExecute (result): Posts on the UI thread once doInBackground() operation is completed. The result parameter holds the execution result returned by doInBackground().
  • execute(Params...): On invocation, executes the task specified with given parameters.

See the API reference for details.

The following example code snippet shows the database retrieve data task:

private static class fetchAsyncTask extends
                   AsyncTask\> {
   @Override
   protected ArrayList<AccountModel> doInBackground(Void...voids){
       ArrayList<AccountModel> accountModels = new                 
           ArrayList<AccountModel>(accountsDB.iAccountsDAO().fetchAccounts());
        return accountModels;
    }

    @Override
    protected void onPostExecute   
                        (ArrayList<AccountModel> accountModels) {
        Log.i(Util.LOG\_TAG, "DB Fetch Successful");
        AccountRepository.setmAccountModels(accountModels);
    }
}

public static void fetchAccounts() {
    // DB CRUD operations has to be performed in a separate thread
    new fetchAsyncTask().execute();
}
Figure 4 Figure 3: Fetching an address list from database

Next steps

It's a lot of technical info for one blog. However, it will be worth it to have your apps launch quickly and seamlessly once you've optimized address fetching in the Samsung Blockchain Keystore SDK. For more detailed information, see the following references, and don't hesitate to reach out with any queries and feedback.

...



๐Ÿ“Œ Optimize Address Fetching in the Samsung Blockchain Keystore SDK with Seed Hash


๐Ÿ“ˆ 120.69 Punkte

๐Ÿ“Œ Search-That-Hash - Searches Hash APIs To Crack Your Hash Quickly, If Hash Is Not Found Automatically Pipes Into HashCat


๐Ÿ“ˆ 52.69 Punkte

๐Ÿ“Œ โ€œWhereโ€™s My Crypto Coin?โ€ Featuring Samsung Blockchain Keystore SDK


๐Ÿ“ˆ 45.69 Punkte

๐Ÿ“Œ Samsung Blockchain Keystore SDK v1.3.0 Released


๐Ÿ“ˆ 45.69 Punkte

๐Ÿ“Œ A Minecraft Seed Reverse Engineering group has found the world seed for Minecraft's iconic pack.png image - Here's how they did it.


๐Ÿ“ˆ 33.38 Punkte

๐Ÿ“Œ OnlineVotingSystem up to 1.1.1 Password Hash hash without salt


๐Ÿ“ˆ 26.35 Punkte

๐Ÿ“Œ Tangany GmbH: Seed-Finanzierung fรผr Mรผnchner Blockchain Custody Startup (deutsch)


๐Ÿ“ˆ 25.86 Punkte

๐Ÿ“Œ DGAP-News: Tangany GmbH: Seed-Finanzierung fรผr Mรผnchner Blockchain Custody Startup ...


๐Ÿ“ˆ 25.86 Punkte

๐Ÿ“Œ Blockchain Security Startup Valid Network Raises $8 Million in Seed Round


๐Ÿ“ˆ 25.86 Punkte

๐Ÿ“Œ Using Blockchain Tech to Optimize the Supply Chain


๐Ÿ“ˆ 23.44 Punkte

๐Ÿ“Œ Android KeyStore Encryption Scheme Broken, Researchers Say


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ Android KeyStore Encryption Scheme Broken, Researchers Say


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ Rapid7 Nexpose Java Keystore password schwache Authentisierung


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ Android KeyStore Permission Bypass


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ Android KeyStore Permission Bypass


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ [dos] Android - 'getpidcon' Permission Bypass in KeyStore Service


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ #0daytoday #Android - getpidcon Permission Bypass in KeyStore Service Vulnerability [#0day #Exploit]


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ Keystore: Fronten zwischen G2A und Spieleentwicklern verhรคrtet


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ Keystore Key Attestation


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ Google Android 8.0/8.1 KeyStore Service erweiterte Rechte


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ Juniper Contrail Service Orchestration up to 3.2.x KeyStore Service Default Credentials weak authentication


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ Google Android Keystore LK Integer Overflow memory corruption


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ SAP NetWeaver AS JAVA up to 7.50 KeyStore Service privilege escalation


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ Cloudera Manager Keystore Password cloudera-scm-agent information disclosure


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ Google Android up to 9 KeyStore information disclosure


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ Juniper Contrail Service Orchestration bis 3.2.x KeyStore Service Default Credentials schwache Authentisierung


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ Can I use a secrets file to make a keystore with keytool?


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ CVE-2022-20195 | Google Android 12.0 Keystore Library denial of service (A-213172664)


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ What Is Linux Kernel Keystore and Why You Should Use It in Your Next Application


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ New Keystore features keep your slice of Android Pie a little safer


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ Rapid7 Nexpose Java Keystore password weak authentication


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ New Keystore features keep your slice of Android Pie a little safer


๐Ÿ“ˆ 23.07 Punkte

๐Ÿ“Œ Google Android 8.0/8.1 KeyStore Service privilege escalation


๐Ÿ“ˆ 23.07 Punkte











matomo