[Dylan16807]

It doesn't need to be perfect. The main requirement is that a chip holds on to a secret key, releases it upon getting the correct pin, has a limit on attempts, and is resilient to voltage and timing attacks. That's difficult but not exceptionally difficult.

Apple has chosen to run a ton of code inside the secure enclave, and bugs from that are on them.

[MiroF]

> has a limit on attempts

This is potentially a quite difficult problem IMO

[Dylan16807]

Is it? Have nonvolatile storage inside the chip, and increment+verify the attempt counter before checking if the supplied PIN is correct. What do you need beyond that?

[Jamwinner]

How do you know when to reset the counter? You dont want invalid attempts incrementing forever...there is your chink in the armor.

[Hackbraten]

What’s wrong with resetting the counter when unlocked successfully?

[manicdee]

What about unintentional passcode attempts such as a phone in a pocket getting butt-dialled?

[Dylan16807]

The interface should be designed so that you can't butt-dial more than a couple attempts.

But if that does happen then the system of timeouts will prevent you from using up all the attempts.

None of that gets in the way of resetting the counter only when the user succeeds.