VivoKey Apex update

Hahaha you have no idea, we are absolutely around the clock 24/7 working on at least 3-4 projects at the same time for VivoKey all over the world. I am amazed that Amal is able to keep all the new projects hush-hush. But yeah, VivoKey is evolving like you have no idea. Great time to be a Cyborg… Although I haven’t joined the club yet lol. But 2020 sounds like a good year to start that Cyborg life.

5 Likes

We really do appreciate and look forward to it.

Do tell, we wont tell Amal you told us :wink:

What will be your first?

2 Likes

How much user-available memory space is there on that chip?

1 Like

Maybe not exactly the answer you are after

I guess it will depend on what, and how many applets you deploy…But I guess you are asking, size BEFORE any deployment

Hence
not exactly the answer you are after

But this maybe be closer

( From the same thread )

1 Like

Okay, so let me rephrase that: once you factor out the minimal set of “obligatory” apps that make an Apex worth having and other overhead for the chip’s configuration and internal variables, how much is left for the user to do as they please, roughly?

EDIT: just saw the rest of the reply. Nevermind. Thanks :slight_smile:

1 Like

I just added this as you posted

But this maybe be closer

( From the same thread )

also this

Ummm…OKAY…Oops to slow :wink:

1 Like

What happens with customs / blinkies? Would each colour need to be certed, or what happens without blinkies or with custom mixes?

1 Like

Thi. is. future! XD

1 Like

Ah Rosco, on the prowl for ever increasing memory sizes

2 Likes

And also, would it be any limitation to user-custom applets to be deployed?
(I can imagine the sandboxing might cause issues with access to some of the chips features, or a higher level abstract app-redirection layer to be overridden by proprietary features/applets.)

1 Like

From looking at https://developer.fidesmo.com/javacard it seems that the maximum converted applet file size is 64kb

1 Like

Ooooh, good question!

I can step in here.

Kind of.

User-custom apps go through the Fidesmo process, but as a developer. They’re pretty easy to get for debug loading, you sign up with Fidesmo, get an applet ID from them and target that - you can then push and use manual servicing to install those.

You don’t really need approval or anything from Fidesmo to load via manual servicing or the FDSM tool. To publish the app to the “store” as such, though, they are likely to need a copy of your source code and some testing. They may also object to the publishing of an app if it goes against their TOS or even their alignments in the industry (it took us getting an email from a senior Tesla tech saying they weren’t going to target, challenge or have anything to do with third-party versions of the keycard applet for us to get approval on this front).

2 Likes

It takes a lot to get to here, and it’s not actually required. That’s a compatibility thing. If you’re targeting P71, you can simply say so.

Using the FDSM/manual service method, that is not an issue.

PIVApplet is the only one i can think of that goes above that size, and even then it’s not really that big - v3 CAP files are way different to v2 - they include different linking methods iirc (someone far smarter than me explained it to me).

1 Like

Nice, thanks for the info! Any recommendations on tutorials / resources for those of us looking to potentially get involved in development of applets?

1 Like

Our public Github repo has some good code examples - look for Javacard applets specifically, we’ve got a few things there (plus more you can’t see publicly :wink: )

Otherwise it’s java, but memory constrained. You don’t get ints, your IO is through a main-style function that’s called on the receiving of data, from there you determine which command is requested, if you handle that, if the data’s right etc, and send a response apdu

2 Likes

In case you’re working on the PGP applet, I look forward to 4096 bit PGP key support :wink:

5 Likes

Thanks!!
that is kinda relieving to read!

Although I assume they would, even through that process, still prevent my custom app to be the first instance to respond to a reader, right?
(I kinda can’t see any issue with that on my first thoughts, but can imagine that could be exploited)

1 Like

If anyone else has a bunq account:
I guess if we get enough upvotes on a feature proposal, they’ll at least have a serious look at it.

Here’s my Feature Proposal on bunq:

3 Likes

Yes, hello to you too. Welcome to the community.

Or do you just want to drop your clickbait here?

Jesus I hate online marketing…

EDIT: looks like it’s not advertisement after all, just a rude poster.

3 Likes

Welcome to the Community