The following FAQs cover common misunderstandings and misconceptions about Jade's security model options. If you have any further questions about Jade, please feel free to reach out.
Does Jade send wallet information to a server?
No, Jade does not send wallet information to a server. Jade offers two different security models, one of which strongly encrypts your wallet in combination with a blind oracle—while the other model allows Jade to be used statelessly without any blind oracle. Your seed phrase never leaves Jade and remains highly encrypted on your device.
What is a blind oracle?
A blind oracle functions as a virtual secure element. It holds the decryption mechanism to your wallet off-device, which makes Jade alone invulnerable to physical key extraction. This is unlike typical secure element devices which hold everything needed to extract your keys on the actual hardware device itself.
You can decrypt your wallet by entering your PIN on Jade and allowing your companion app to give you the decryption key via an encrypted channel. Jade is never connected to the internet or communicating with a blind oracle directly, and you can even do this process air-gapped via QR codes.
Do all hardware wallets communicate with online companion apps?
Yes. Bitcoin runs on the internet and therefore its users are required to interact with the internet to send transactions. Jade's communication is no different than any other hardware wallet; it retrieves the decryption key by communicating with a companion app, which receive messages from an online app in order to fetch balances and show transaction details for confirmation on the device.
A benefit of hardware wallets (including Jade) is that they are not connected to the internet directly and instead rely on their companion app to do this for them.
Do I have to use a blind oracle? What happens if my oracle is not available?
No. If you want to unlock your Jade without using a companion app or blind oracle, you are free to do so by scanning a SeedQR for quick wallet access or by manually entering your recovery phrase.
What are the benefits of using a blind oracle?
Using a blind oracle to encrypt your wallet means there is nothing of value to steal from a locked Jade by itself. This is different than most other hardware wallets, which, as mentioned, store everything needed to extract your private keys on the device itself. In this way, Jade is unique in that it does not offer a single point of failure, and an attacker needs to hack two different entities (both the blind oracle and Jade) instead of just the hardware wallet alone.
What do blind oracles know about my Jade or wallet?
Nothing. Blind oracles do not know your Bitcoin addresses, private keys, or even know your actual PIN (they also work over Tor). The only information a blind oracle stores is a hash of your PIN plus a nonce, allowing them to function completely "blind". You can use Jade with your own blind oracle or one run by Blockstream.
What additional threat is added when using an oracle?
Using a blind oracle does not pose any additional threat to your funds, as it is fully blind and does not know anything about your wallet data. In order to extract wallet information from Jade, an attacker would need to physically hack Jade and the blind oracle. Hacking or altering the blind oracle alone is not enough to extract any sensitive data.
Should I run my own blind oracle or use Blockstream's?
Whichever you prefer. Using Blockstream's blind oracle has the advantage of "decentralizing" your security without compromising any wallet information, however some users may still prefer to run their own blind oracle on a laptop or Raspberry Pi, for example.
Why does Jade use a blind oracle and not a secure element?
We developed our unique security model using blind oracles as a way to avoid needing a secure element for wallet protection, which allows Jade to be truly open-source, more accessible and easy to DIY build yourself. Secure elements are typically covered by NDAs, are more expensive, and drastically increase the complexity of building a DIY device.
Does I have to use Jade with Blockstream app?
No. Jade works as a standalone signing device with many popular wallet platforms.