[alexmingoia]

You have to put the keys somewhere.

Storing keys in SGX and using attestation to ensure only valid nodes access them is significantly more secure than not using the SGX.

Using SGX gives a Signal user’s phone the same level of security as using a hardware wallet like Ledger Nano.

[orph]

Keys are not stored in SGX. Keys never leave the phone.

[alexmingoia]

Can you provide more detail?

”Running MobileCoin in an SGX enclave allows nodes to securely manage keys for users. A client can perform remote attestation to its MobileCoin node before transmitting its keys into the remote enclave along with a short recovery PIN. The MobileCoin node can then rate limit authenticated access to the keys, while the enclave prevents the node operator or anyone who compromises the node from circumventing the software and attempting to brute force access to the keys directly. In this way, user keys can reside safely in a node and survive across application reinstalls or lost devices, without having to trust the node operator or the security of the node computer, and without having to memorize or safely store extremely long recovery passphrases.”

https://mixin.one/assets/MobileCoin-Whitepaper-EN_FINAL.pdf

[orph]

See #5 for more details: https://github.com/mobilecoinfoundation/mobilecoin#faq

> 5. Will I need to put my keys on a remote server to scan the blockchain for incoming transactions?

> Keys will never leave your mobile device. This is a challenging problem and we are very excited to share our solution when we release our mobile SDK software.

[bigiain]

Ahh, right. Nice. So keys never leave the phone due to magical hand waving. Got it.