Blockstream Jade uses server-enforced PIN protection to encrypt your Jade's recovery phrase. This PIN server acts somewhat like a "remote secure element" to provide additional security for your funds. Understanding PIN Server Communication During initialization, Jade prompts the user to choose a unique PIN. This PIN is used in combination with a blind PIN server to encrypt your Jade’s key material. The companion app you connect your Jade to then passes messages between Jade and the PIN server, but it is blind to the data communicated since it is encrypted. The Jade itself does not communicate with the blind PIN server. To prevent physical attacks on a stolen Jade from extracting / stealing coins, the seed is encrypted with random keys split between the Jade device and a lock-out server. To describe this process in more detail: once the PIN is chosen, an ephemeral Elliptic Curve Diffie Hellman exchange (ECDH) exchange occurs with the remote server. An ECDH key exchange allows two separate entities with no previous knowledge of each other to generate a shared secret over public insecure channels. Using a known public key of the blind PIN server, an ECDH key exchange occurs, and the communications channel can be fully encrypted. Once the encrypted channel is established, the Jade and the remote server work together to create an AES256 key. Security Provided by PIN Server When creating a new wallet recovery phrase, entropy is gathered from the pool and the resulting key material used for the recovery phrase is encrypted using the AES256 key. This data can only be decrypted when the user inputs the correct PIN on the Jade and establishes a connection with the remote PIN server, mediated by the companion app (e.g. Blockstream Green). Since the server only has a part of the AES256 key, it is blinded to any of your wallet’s keys and the PIN used on the Jade. All data at rest is encrypted on the server. Note: If the PIN is entered incorrectly 3 times, the server and Jade both delete the secret requiring a restore of the recovery phrase. The newly-encrypted key material is then stored on the encrypted off-chip flash of the Jade and protected by Secure Boot. Secure Boot is a technology that prevents unsigned boot firmware from running on your Jade, such as a compromised firmware image from an attacker. It ensures that only firmware you intend to run is used to boot the device. Your Blockstream Jade now has a strongly-encrypted recovery phrase. An attacker would need to compromise both the local encrypted flash on the Jade and the remote PIN server in order to access the recovery phrase.