Wallet Best Practice
Full Title or Meme
Rules for building wallets that will be safe.
Context
This is a design that will meet the requirements of North American governments.
AWS-LC FIPS 140-3 certificate: AWS-LC is an open source cryptographic library that is a fork from Google’s BoringSSL.1 It has been validated by NIST as a FIPS 140-3, level 1, cryptographic module, which is the latest and most stringent version of the standard for cryptographic modules for the U.S. and Canadian Federal governments. Performance and security benefits: AWS-LC is tailored by the AWS Cryptography team to meet the needs of AWS services, which require fast and verified cryptography. It includes low-level implementations that target 64-bit Arm and x86 processors, which improve the performance of AWS services such as Amazon S3. It also integrates CPU-Jitter as the source of entropy, which ensures the security strength of the keys it generates.2 Future integrations and versions: AWS-LC provides an API for direct integration with C and C++ applications. It will also be integrated with aws-lc-rs and ACCP 2.0 libraries, which are compatible with Rust and Java applications respectively. AWS is committed to maintaining and validating new versions of the AWS-LC FIPS module as it grows.3
- Google open source to OWF
- https://github.com/google/identity-credential
Solutions
- 2024-08-06 OWF Wallet Safety Guide Mostly a collection of high level principles that are not actionable.
References
- See wiki page on Cybersecurity Framework for Mobile Credentials.
