Each SCM includes a PiCM4 compute module that is protected by a Zymbit Verified Hardware Agent. The agent runs autonomously from the CPU and provides independent verification of boot, file system access and overall system integrity.
SCM includes the powerful PiCM4 Linux compute modules.
First release product leverages the resources of the PiCM4 family of compute modules.
Comprehensive peripherals support
As developers ourselves, we try to build APIs that allow you to benefit from the power of cryptography, without needing to understand the underlying math. Zymbit wallet functions are designed to provide access to powerful features like generating a wallet master seed, child keys and managing wallet recovery from mnemonic phrases and shared secrets.
The Secure Compute Module provides a wide choice of cryptographic services and types that are easily accessed through the Zymbit API.
A Hierarchical Deterministic (HD) wallet is a reliable and secure way to manage hundreds of keys, embedded in a single device.
HD wallets use proven de-facto standard algorithms developed for blockchain and crypto applications. Zymbit’s HSM6 product implements standard protocols – BIP32/39/44 and SLIP39 – in a compact, easy to integrate module that’s programmable through secure APIs.
Tutorials on using HD wallet:
To simplify your life, the SCM can be shipped with a choice of pre-configured OS, application software and security policies that align with your product development stage.
Zymbit manufacturing tools and services help you transition your SCM based design to volume manufacturing quickly and securely.
|Security Highlights||Secure boot on Raspberry Pi
File system encryption
Key generation, storage and management in secure hardware
|Compute resources||Broadcom BCM2711 quad-core Cortex-A72 (ARM v8) 64-bit SoC @ 1.5GHz
H.265 (HEVC) (up to 4Kp60 decode), H.264 (up to 1080p60 decode, 1080p30 encode)
OpenGL ES 3.1, Vulkan 1.0
Up to 8GB LPDDR4-3200 SDRAM
Up to 32GB eMMC Flash memory
|Compute interfaces||Gigabit Ethernet, IEEE 1588 precision time protocol
2.4 GHz and 5.0 GHz IEEE 802.11ac wireless
Bluetooth 5.0, BLE 28 x user GPIO configurable for
SPI, I2C, UART, ADC, DAC, PWM, I2S
2 x HDMI 2.0 ports (up to 4kp60 supported)
1 x MIPI DSI Serial Display
1 x MIPI CSI-2 Serial Camera
1 x PCIe 1-lane Host, Gen 2 ( 5Gbps )
1 x USB 2.0 port ( highspeed )
|Private / public key pairs||512|
|Foreign public keys||128|
|Wallet Functions|| BIP 32 – hierarchical deterministic wallet
BIP 39 – master seed mnemonic generator
SLIP 39 – with shamir’s secret sharing
BIP 44 – mulit-account support
|Cryptographic Services|| ECC KOBLITZ P-256 (secp256k1)
ECDH (FIPS SP800-56A)
TRNG (NIST SP800-22)
ECC NIST P-256 (secp256r1)
AES-256 (FIPS 197)
|Tamper Sensors||2 x Perimeter breach detection circuits
Accelerometer shock & orientation sensor
Main power monitor
Battery power monitor
battery removal monitor
|Software API||Python, C++, C|
|Physical Format||Encapsulated module|
|Dimensions||57.2 x 42.5x 9.5 mm
2.25 x 1.67 x 0.37 Inches
Module main connectors: 2x Hirose Header DF40C-100DP-0.4V
Mating main connectors: 2x Hirose Receptacle DF40C-100DS-0.4V, 1.5mm clearance
Mating main connectors, extended** : 2x Hirose Receptacle DF40HC(3.0)-100DS-0.4V, 3.0 mm clearance
Mating external battery connector: 1x KYOCERA AVX 009155002201006
Mating perimeter, LED connector: 1x KYOCERA AVX 009155004201006
** required if CR2412 battery fitted under module
|Production mode lock||Software API command|
|Measured system identity & authentication||Standard factors include RPI host, Zymbit HSM, eMMC memory|
|Data encryption & signing applications.||Encrypt root file system with dm-crypt, with LUKS key manager hook
Encrypt data blobs with “zblock” function
Encrypt data in flight with OpenSSL integration
|Real time clock||36-60 months operation with external CR2032, application dependent, 5ppm accuracy.|
|Backup battery||Used for RTC and perimeter circuits
Under-module battery connector pads, to any 3V source on motherboard
Optional under module battery holder, for CR2412 coin cell *
* requires motherboard connector height 3.0mm
|Backup battery monitor||Yes|
|Last Gasp battery removal detection||Yes|
|OEM Custom features||Contact Zymbit|
|Example Cipher Suites||AWS-IOT | TLS_ECDHE_ECDSA_AES256_SHA
MS-AZURE | TLS_ECDHE_ECDSA_AES_128_GCM_SHA256_P256
|Accessories & related products||Developer Kit|