Yes. And Dr. Blaze with the Syrius Mobile Wallet.
All the operations are performed locally. It is implemented using the Trusted Dealer
setup that assumes a trusted entity (eg. the non-tampered app on your certified device) to run the keygen
ceremony.
The security of the FROSTED
implementation comes from the idea that every key shard should be decrypted only by an authorized party.
Think it this way: you can have 2 shards on your mobile device, one encrypted by your secure enclave processor
and another one by a passphrase
. The attacker needs both your FaceID
/TouchID
and your passphrase in order to be able to perform a successful keysign
ceremony. The 3rd shard (backup shard) can be safely stored on your Google Drive
or iCloud
account.
So the attacker must spoof your passphrase and compromise your Google Drive
or iCloud
account (assuming that he is not a nation-state that can break into the secure enclave
), which is significantly harder than social engineering a user into giving up his mnemonic
.