Secure Element - Ryder

1. Summary

2. Executive Summary

Ryder engaged Halborn to conduct a security assessment of the Secure Element (JavaCard) firmware from October 28th to December 5th, 2025. The security assessment was scoped to the JavaCard applet provided in the GitHub repository; commit hashes and further details can be found in the Scope section of this report.

The Ryder Secure Element firmware is a JavaCard-based security application designed to provide secure key storage, cryptographic operations, and hardware wallet functionality for cryptocurrency assets. The firmware implements a comprehensive suite of cryptographic primitives and wallet management features while maintaining security isolation through the JavaCard platform.

3. Engagement Objectives

The purpose of the assessment is to:

• Identify potential security vulnerabilities within the JavaCard applet

• Validate cryptographic implementations against industry standards (BIP32, BIP39, BIP44)

• Assess resistance to physical and logical attacks

• Validate Shamir implementation against standards and math

• Verify secure key management and storage practices

• Test input validation and APDU command handling

• Evaluate side-channel attack resistance

• Execute comprehensive test suites and validate functional correctness

During the security assessment, Halborn executed the available test suite to assess the JavaCard applet’s functional correctness and security properties. The execution resulted in several non-passing test cases across different modules. These results indicate potential misalignment between the implementation and the current test expectations, and suggest that both the implementation and the test specifications may benefit from review and alignment.

4. Architecture Overview

The architecture is composed of multiple integrated modules:

1. Cryptographic Core Module - Implements fundamental cryptographic operations including:

- Secp256k1 elliptic curve operations for Bitcoin and Ethereum

- SHA-256, SHA-512, and RIPEMD-160 hashing functions

- PBKDF2 key derivation for seed generation

- Schnorr and ECDSA signature schemes

2. Wallet Management Module - Provides hierarchical deterministic (HD) wallet functionality:

- BIP39 mnemonic generation and seed derivation

- BIP32/BIP44 key derivation paths

- Master key and extended key management

- Multi-coin support through standardized derivation paths

3. Secure Storage Module - Manages persistent data and sensitive key material:

- Encrypted persistent storage with wear-leveling

- Secure key hierarchy with device-specific keys

- Mnemonic backup and recovery mechanisms

- Tamper-resistant storage using EEPROM

4. Access Control Module - Enforces security policies and authentication:

- PIN-based authentication with retry limits

- NFC pairing and secure channel establishment

- User confirmation requirements for sensitive operations

- Role-based access control for different operations

5. Advanced Features:

- Shamir Secret Sharing (NewShamir) - Multi-party key backup using threshold cryptography

- TapSafe V1 - Secure key recovery mechanism with distributed shares

- LED Management - Visual feedback for user interaction and security states

- Debug and Testing Framework - Comprehensive unit tests for cryptographic and functional validation

Halborn was provided 21 days for the engagement and assigned 1 full-time security engineer to review the security of the JavaCard Secure Element firmware in scope. The engineer is a hardware security and embedded systems expert with advanced firmware security assessment skills, and deep knowledge of JavaCard, cryptographic implementations, and hardware wallet security.

Halborn performed a combination of manual source code review and automated security testing to balance efficiency, timeliness, practicality, and accuracy in regard to the scope of the firmware assessment. While manual testing is recommended to uncover flaws in business logic, cryptographic implementations, and memory safety; automated testing techniques help enhance coverage and can quickly identify items that do not follow security best practices.

5. Conclusion

The Ryder Secure Element firmware implements hardware wallet functionality with a solid cryptographic foundation. The assessment confirmed the strength of the core architecture and identified opportunities to further enhance the implementation and test suite, reinforcing the overall robustness of the system.

6. Action Items for Ryder Team:

1. Test suite and validation

   - Review test results case by case to distinguish true defects from outdated or misaligned test expectations.

   - Address confirmed issues and re-run tests to validate fixes and avoid regressions.

2. Strengthening code quality and robustness

   - Continue aligning input validation across APDU handlers where helpful.

   - Reinforce bounds checking around array and buffer operations.

   - Refine error handling so responses do not reveal sensitive implementation details.

3. Process and tooling

   - Consider integrating automated tests into the CI pipeline to catch issues early.

   - Consider formalizing review checklists that emphasize security where relevant.