jade.fail – All Known Issues with Blockstream Jade & Jade Plus

Overview

Blockstream’s Jade and Jade Plus are hardware wallets designed primarily for Bitcoin (and sometimes Liquid), built around the ESP32 microcontroller rather than a dedicated secure element. While emphasizing open-source transparency, this design choice can expose the devices to vulnerabilities uniquely associated with the ESP32 platform—many of which you’ll find on esp32.fail.

This site, inspired by trezor.fail, esp32.fail, and airgapcomputer.com, catalogues known or suspected flaws in Jade’s hardware, firmware, supply chain, data handling, and privacy practices. We also address controversies like reliance on a centralized PIN oracle. Some of these issues are backed by formal disclosure; others are gleaned from community reports. Our goal is to present it all in one place.

Note: jade.fail is not affiliated with or endorsed by Blockstream. We’re an independent resource highlighting both verified vulnerabilities and user complaints.

Hardware Attacks

Because Jade uses a generic microcontroller approach, it can be more prone to physical tampering, side-channel attacks, and fault injection than wallets featuring specialized secure elements.

Firmware Decryption Side-Channel (“Evil Maid” Attack)

Researchers discovered that older Jade units running on standard ESP32 modules could have their firmware encryption key extracted via power analysis at boot. Armed with that key, an attacker can decrypt the firmware, glean sensitive data, and potentially inject malicious code.
Mitigation: Jade Plus employs ESP32-S3 hardware and secure boot to raise the bar against such attacks, but no solution is 100% foolproof if an adversary obtains prolonged physical access. For general background, see esp32.fail – Side Channel Attacks.

Lack of Secure Element & Physical Extraction Concerns

Unlike some competitors, Jade’s “virtual secure element” doesn’t offer strong hardware tamper-resistance. Advanced “decapping” or fault-injection labs could read secrets directly from the chip. Blockstream counters that Jade’s Blind Oracle PIN system encrypts the seed, making offline extraction difficult. Still, it remains less secure at the purely physical level than a dedicated secure element.

JTAG Debug Ports & Fault Injection

If manufacturing fuses aren’t fully set or if an attacker reopens JTAG pins, they can potentially dump memory or bypass boot checks. Similarly, fault-injection attacks (glitching) might let an adversary bypass critical security checks. Refer to esp32.fail – Hardware Backdoors for potential exploits on related ESP32 boards.

Other Physical Attack Vectors

USB Attacks: Malicious chargers or cables could attempt data injection. Air-gapped usage via microSD or QR codes is safer.
Bluetooth & Wireless: The BLE stack is historically prone to vulnerabilities. Jade Classic includes optional BLE; Jade Plus can disable it entirely. No specific Jade BLE exploits have surfaced yet.
Side-Channel on User Input: Observing the user’s PIN entry via EM/acoustic analysis is rare but possible. Use caution in public settings.

Firmware Vulnerabilities

Jade’s firmware is open source on GitHub under GPL, which allows community audits but also means discovered flaws are quickly public. Key concerns:

Malicious Transaction Signature (Key Exfiltration Attack)

A compromised or backdoored Jade firmware could leak private key data by manipulating signature nonces—similar to attacks documented on trezor.fail. Blockstream implemented an Anti-Exfil protocol, which requires companion wallets to validate nonce randomness, thwarting silent exfil. If your companion wallet lacks Anti-Exfil support, you remain vulnerable to disguised exfil attempts.

Firmware Bugs, Downgrade Attacks & Updates

Jade firmware is cryptographically signed. Jade Plus also uses secure boot to block unauthorized images. However, tricking a user into manually installing an outdated or modified firmware (a “downgrade attack”) can still compromise security. Always verify firmware from Blockstream’s official GitHub. Past minor bugs included unstable USB drivers, partial QR scanning failures, and large PSBT handling issues.

Software & UX Issues

Connectivity & Setup Difficulties

Early users reported challenges pairing Jade with the Blockstream Green app on certain platforms (iOS, Windows). The device occasionally required resets or re-generating the seed multiple times, causing user frustration. Though largely resolved by firmware updates, Jade can still be trickier than purely offline hardware wallets—especially if you rely on the Blind Oracle PIN server for unlocking.

User Interface Limitations (Jade Classic)

The original Jade’s single rotary wheel is widely criticized for tedious PIN entry. Jade Plus introduced two physical buttons and a bigger screen, improving navigation. Still, some users find Trezor- or Ledger-style multi-button layouts more intuitive.

Software Wallet Integration & Bugs

While optimized for Blockstream Green, Jade also supports Electrum, Sparrow, Specter, and more via standard PSBT/HWI. Occasional driver conflicts or error messages may appear, especially with large multi-sig transactions or niche script types. No major software-level exploit is confirmed, but watch out for persistent minor bugs if your chosen wallet lags behind Jade’s updates.

For deeper multi-wallet offline usage, see airgapcomputer.com.

Supply Chain Risks

Cloned or Malicious Hardware

Jade’s open hardware can be replicated, enabling malicious clones with pre-installed backdoors. Jade Plus introduces a digital “Genuine Check” to confirm authenticity, but it’s still wise to buy from official channels and inspect packaging for tampering. Keep in mind that no hardware wallet is immune to sophisticated supply-chain attacks—only vigilance and robust packaging help reduce that risk.

Tampering in Transit

As with Trezor or Ledger, an attacker intercepting your device in transit might flash rogue firmware or install extra components. Secure boot on Jade Plus helps prevent unapproved images from running, but always check for suspicious packaging or seals. Also watch for unsolicited “replacement device” scams if your address was leaked (see Data Leaks).

Manufacturing & M5Stack Modules

The original Jade uses M5Stack boards manufactured in China. Critics argue that relying on generic factory supply lines leaves potential for hidden backdoors or tampering at the factory level. Blockstream contends that Jade’s open hardware design makes hidden changes easier to spot. If you face state-level threats, a specialized secure-element-based wallet might be safer.

Other Blockstream-Related Mishaps

Beyond direct Jade vulnerabilities, certain corporate or operational oversights at Blockstream can impact user trust or security.

Phishing Incident & Response Criticism

In late 2023, a third-party fulfillment partner leaked personal data (emails, addresses) of some Jade customers, leading to targeted phishing emails posing as “Blockstream Support.” Users were urged to download fake “urgent firmware updates.” No seeds were compromised, but many felt Blockstream responded slowly and lacked strong partner security. This parallels the notorious Ledger 2020 breach.

Reliance on Centralized Infrastructure

Jade’s Blind Oracle PIN check relies on Blockstream’s server to verify your PIN. Critics see this as a single point of failure and potential privacy risk (IP addresses, usage patterns). While advanced users can host their own oracle or run Jade in stateless mode (no seed stored), novices often default to Blockstream’s setup. Similarly, using Blockstream Green by default can leak xpub or transaction data to company servers.

Privacy Concerns

Even if hardware security is acceptable, privacy can be undermined by central servers or user data logging. By default, Jade must contact the Blind Oracle (unless you run your own), which might expose usage metadata. Meanwhile, Blockstream Green’s default configuration can reveal your addresses and balances to Blockstream’s backend.

Oracle & PIN Verification

The “blind” oracle theoretically conceals your PIN, but logs could still reveal how often and when you unlock your device. You can operate Jade statelessly, re-entering your seed each time (akin to a SeedSigner flow), or self-host the oracle to avoid sending requests to Blockstream. However, these advanced setups require extra effort.

Transaction & Balance Privacy

Relying on Blockstream Green’s standard servers means your xpub data is visible to them, correlating all future addresses. For greater privacy, pair Jade with Sparrow or Electrum pointed to your own node. Jade Plus’s air-gap mode (QR or microSD) further reduces data exposure by avoiding direct network connections from the wallet device.

Data Leaks

2023 Customer Data Breach

A partial leak of Jade purchaser info occurred via a compromised shipping partner. Attackers harvested emails, phone numbers, and addresses—enough to target users with sophisticated phishing or potential physical attacks. Although no cryptographic keys or seeds were leaked, the mere knowledge that you own a hardware wallet can raise your threat profile.

Users complained Blockstream was slow to disclose details of the leak and criticized their reliance on external fulfillment partners with inadequate security. The incident recalled the damaging Ledger data breach of 2020. As always, exercise extreme caution with emails or texts claiming to be from “Blockstream,” and never reveal your seed or PIN to anyone.

Frequently Asked Questions

Is Blockstream Jade Secure Without a Secure Element?

Jade relies on software-based protections, encryption, and the Blind Oracle PIN model. This can be strong against casual thieves but is more susceptible to advanced lab attacks than a dedicated secure element device. For moderate threat models, Jade can suffice—especially Jade Plus with secure boot. For higher stakes, consider hardware with strong tamper resistance or keep Jade fully air-gapped.

What Are the Main ESP32 Weaknesses That Impact Jade?

ESP32 is vulnerable to side-channel (power analysis) and fault-injection. Attacks are documented at esp32.fail. If an attacker physically controls your device, they may extract or modify secrets, especially on older ESP32 hardware. Jade Plus mitigates some of these with updated chips and secure boot, but caution is still advised.

Is the Firmware Safe to Update?

Yes, provided you download from Blockstream’s official GitHub or their website. Jade Plus enforces cryptographic signing to ensure only legitimate images run. Beware of phishing links—verify checksums or signatures if in doubt.

Can I Improve Privacy with Jade?

Absolutely. Use your own node (via Sparrow, Electrum, or Specter) so you’re not relying on Blockstream’s servers for address tracking. Optionally, run your own Blind Oracle to eliminate server reliance for PIN verification, or go “stateless” to remove the seed from the device entirely.

References & External Resources

Blockstream Jade GitHub: https://github.com/Blockstream/Jade
esp32.fail: https://esp32.fail/ – Thorough documentation of ESP32 vulnerabilities
trezor.fail: https://trezor.fail/ – Similar site documenting Trezor hardware wallet issues
airgapcomputer.com: https://airgapcomputer.com/ – Strategies for fully offline wallet usage
Blockstream Blog: https://blog.blockstream.com/ – Official announcements & security updates
Ledger 2020 Leak: Archived coverage of Ledger’s major data breach