[btchip]

Well side channel attacks should be very relevant for all projects involving security. And several similar projects have already been produced (see TREZOR, KeepKey in the Bitcoin space), based on a similar chip which is in my opinon not great for that kind of use case (the fuse protection mechanism is not certified, the chip doesn't offer any protection against active physical attacks and so on) - that's well explained in the original Yubico article.

[lisper]

The SC4-HSM is not designed to be secure against physical compromise, but it can be made resistant against such attacks by encrypting the keys with a pass-phrase. This is not a perfect solution because the pass-phrase needs to be entered through a non-secure host, but it's better than nothing. An attacker would need to compromise the pass phrase and obtain physical possession in order to mount a successful attack.

[dfox]

With this security model it is in essence no better than plain USB flash drive. I would assume that adding at least some protection against physical attacks could be reasonably simple and would greatly expand the usefulness of the device (eg. making it somehow inherently tamper-evident and replacing the DFU bootloader with something custom and open that does the same thing as RDP Level 1, but without the bricking risk)

[lisper]

> With this security model it is in essence no better than plain USB flash drive

I disagree. With the right firmware, the SC4-HSM can securely generate keys that cannot be compromised without decapping the chip.

[btchip]

the projects I quoted above have the same "security model" then

[lisper]

> the original Yubico article

Which article are you referring to here?