Could someone pre-program their own key in my device before I receive it? (Supply chain attacks)

No. The NGRAVE ZERO is fully tamper-proof and would be prohibitively difficult and expensive to break into or pre-program.

  • The device is also designed to detect any intrusions, upon which it will wipe itself entirely.
  • If an attacker were to succeed in tampering with the device, NGRAVE's cryptographic attestation step (see setup section) would show that the device had been tampered with the moment you turned it on.
  • If an attacker were to get beyond this stage, the key generation process is done in such a way that the user manipulates the final key, resolving any tampering that would have occurred before.

This final step is unique to NGRAVE.