From 6125dd93c759e3a37edb1215634266338ea8d103 Mon Sep 17 00:00:00 2001
From: Thomas <trbiv@proton.me>
Date: Thu, 24 Oct 2024 21:11:57 -0500
Subject: [PATCH] initial docs on the hardware signer

---
 docs/src/SUMMARY.md                   |  1 +
 docs/src/overview/hardware-signing.md | 25 +++++++++++++++++++++++++
 2 files changed, 26 insertions(+)
 create mode 100644 docs/src/overview/hardware-signing.md

diff --git a/docs/src/SUMMARY.md b/docs/src/SUMMARY.md
index 010d9b59..0a8a591f 100644
--- a/docs/src/SUMMARY.md
+++ b/docs/src/SUMMARY.md
@@ -3,6 +3,7 @@
 - [Introduction](./README.md)
 
 - [Overview](./overview/README.md)
+   - [Hardware Signer 🚧](./overview/hardware-signing.md)
 
 - [Getting Started 🚧](./getting-started/README.md)
    - [Building the OS 🚧](./getting-started/building-the-os.md)
diff --git a/docs/src/overview/hardware-signing.md b/docs/src/overview/hardware-signing.md
new file mode 100644
index 00000000..45425666
--- /dev/null
+++ b/docs/src/overview/hardware-signing.md
@@ -0,0 +1,25 @@
+
+
+# Leveraging secure enclave for hardware signing
+
+
+## The Android side 
+
+Android allows for creating and signing with a secure private key that cannot be 
+extracted from the device via the secure keystore system. 
+
+[Android Keystore Documentation](https://developer.android.com/privacy-and-security/keystore)
+
+Some notable features: 
+- Extraction prevention: key material cannot be extracted from the deivce in case of theft and 
+   cannot be accessed by application processes.
+- Hardware security module: similar to a Trusted Execution Environment (TEE), but specifically 
+   embedded Secure Elements (eSE) or on-SoC secure processing units (iSE)
+- Key use authorizations: specific authorizations can be set (and cannot be changed) to enforce 
+   key usage to meet certain constraints such as specific algortithms or time intervals.
+
+
+## The Starknet side 
+
+On Starknet, our account implementation needs to allow for this hardware signer.
+