cryptnox-logo
Shop Now

Cryptnox Dual Generation Mode

Dual Card Generation — Two Cards, One Secure Seed

1. What Is Dual Generation Mode?

Two factory-linked Cryptnox cards cooperate through an interactive ECDH exchange to generate an identical, non-extractable master seed. The seed is never exposed in the clear and cannot be exported — guaranteed by each Secure Element


Dual Generation Mode lets two specific Cryptnox cards jointly create the same master seed while guaranteeing that:


  • The seed is never exposed in plaintext at any stage of the process

  • The seed cannot be extracted from either secure element
  • Only the two factory-bound cards can successfully complete the protocol

Why it is secure:


  • Each pair of cards is cryptographically bound through a factory-installed Dual Basic Group Secret and performs an interactive, mutually authenticated ECDH exchange,
for the generation of random identical seed
  • The result is two physical cards that function as an identical hardware devies (same addresses, same keys) 

  • They can never be exported or revealed secret material to the host or any third party

2. How Does Dual Generation Mode Work?

Dual Generation is an interactive, three-step card-to-card exchange that enforces mutual authentication and message integrity

Card A and Card B are a factory-linked pair (they share the pair-specific Group Secret burned into each Secure Element)

Cryptnox Dual Generation Mode

This architecture is based on Cryptnox patented key generation and recovery technologies designed to secure cryptocurrency hardware wallets.

Result :

•    MasterSeed = SHA-256 (ECDH_shared)
•    Stored non-exportable on both cards — identical seed on Card A and Card B

Only this specific pair can complete this protocol (pair-bound by Group Secret)

3. Why does Dual Seed Generation Guarantee Security?

  • The generated Seed is NEVER in the clear: it is computed inside the Secure Element and written to secure EEPROM; at no step is the seed output or serialized in cleartext to the host
  • Non-extractability: Private values, ECDH shared secret and the stored Seed are protected by the SE’s hardware controls (non-exportable objects, tamper resistance). Extraction via software or APDU is impossible
  • Pair exclusivity: The Group Secret is unique to the manufactured pair — you cannot mix-and-match cards from different pairs. Any attempt to do so fails the group-signature checks
  • MITM and replay protection: All exchanges are encrypted, integrity-checked (CMAC), signed, and use fresh nonces/salts, preventing interception, injection or replay attacks
  • No external dependency: No cloud or third-party oracle is required — the cryptographic proof and derivation happen offline inside the chips