Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.zerokeyusb.com/llms.txt

Use this file to discover all available pages before exploring further.

ā€‹
Built for trust

ZeroKeyUSB is a self-contained, hardware-based password manager.
Engineered with a single goal: protect your credentials without ever connecting to the Internet. Each unit is assembled, tested, and encapsulated in industrial-grade epoxy resin to prevent external tampering ā€” making it waterproof, dust-proof, and maintenance-free.

ā€‹
System architecture

ā€‹
Component list

ComponentModelIĀ²C AddrPurpose
MCUMicrochip SAMD21E18Aā€”ARM Cortex-M0+ @ 48 MHz. Runs firmware, AES-128 CBC encryption, USB HID keyboard + CDC serial.
Secure ElementMicrochip ATECC608A (MAHDA-T)0x60Hardware TRNG for key/IV generation, monotonic Counter0 for PIN rate-limiting, 9-byte chip serial as PIN salt.
EEPROMST M24C64-WMN6TP0x5064 Kbit (8 KB) non-volatile storage. Holds encrypted credentials, AES key, IV, PIN hash, TOTP metadata. >1M write cycles.
DisplaySSD1306 OLED0x3C128Ɨ32 pixel monochrome white OLED. Shows credentials, menus, PIN entry, TOTP codes, progress bars.
Touch ControllerTS060x696-channel capacitive touch IC (5 channels used). Gold-plated PCB pads for Up/Down/Left/Right/Center.
USBUSB-C connectorā€”USB Full-Speed. Powers the device (~20 mA) and provides HID keyboard + CDC serial interfaces.
Write ProtectGPIO PA01ā€”EEPROM write-protect pin. Can be driven high to hardware-lock EEPROM writes.

ā€‹
Why these components

ā€‹
šŸ§  SAMD21E18A microcontroller

The ARM Cortex-M0+ processor balances performance, size, and power efficiency:
  • 256 KB Flash ā€” room for firmware, fonts, 9 keyboard layouts, and PROGMEM icon bitmaps.
  • 32 KB SRAM ā€” enough for display buffer, credential cache, and TOTP workspace without dynamic allocation.
  • Native USB ā€” hardware USB Full-Speed peripheral eliminates the need for external USB bridge chips.
  • Hardware DSU ā€” Data Scrambling Unit provides hardware CRC32 for fast boot-time firmware integrity checks.
  • BOOTPROT fuse ā€” BOOTPROT=7 locks the first 16 KB of Flash, preventing application code from modifying the bootloader.

ā€‹
šŸ” ATECC608A secure element

The ATECC608A provides three capabilities that software alone cannot guarantee:
CapabilityWhy it matters
Hardware TRNGGenerates the AES master key (16 B) and IV (16 B) with true hardware entropy ā€” not pseudo-random.
Monotonic Counter0Irreversible hardware counter for PIN attempts. Cannot be reset by software, power cycling, or chip erasing. After 50 consecutive wrong PINs, credentials are wiped.
Chip serial (9 B)Factory-programmed unique identifier used as salt in PIN hashing: SHA-256(PIN āˆ„ serial). Same PIN on a different device produces a completely different hash.
The MAHDA-T SKU has hardware AES disabled at factory, so encryption runs in software on the MCU. The ATECC is still critical for entropy, identity, and rate-limiting.

ā€‹
šŸ’¾ M24C64-WMN6TP EEPROM

  • 8 KB of non-volatile storage organized in 32-byte pages.
  • >1 million write cycles per page ā€” decades of normal use.
  • All credential data is AES-128 CBC encrypted before writing ā€” the IĀ²C bus only sees ciphertext.
  • Page boundary awareness: the firmware splits writes that cross 32-byte page boundaries to avoid the M24C64ā€™s address wrap-around behavior.

ā€‹
šŸ–ļø TS06 touch controller

  • Sealed, six-channel capacitive touch IC (five channels actively used).
  • Internal baseline calibration ā€” no analog tuning required.
  • Minimum sensitivity (0x3F) set at boot to prevent false triggers through the epoxy encapsulation.
  • 80 ms debounce, 800 ms long-press threshold, 150 ms channel lockout ā€” all handled in firmware.

ā€‹
šŸ’” SSD1306 OLED

  • 128Ɨ32 pixels, white-on-black, high contrast.
  • Driven via IĀ²C at address 0x3C.
  • Full-frame refresh (~512 bytes per frame) through Adafruit_SSD1306 library.
  • Excellent visibility in both daylight and darkness.
  • Protected behind the sealed epoxy window.

ā€‹
āš” USB-C connection

  • Draws approximately 20 mA ā€” similar to a wireless mouse.
  • No battery ā€” fully powered from the host USB port.
  • No wireless ā€” no Wi-Fi, Bluetooth, or NFC hardware exists on the PCB.
  • Works with Windows, macOS, Linux, Android, and iPadOS.

ā€‹
IĀ²C bus

All peripherals share a single IĀ²C bus at 100 kHz:
DeviceAddressRole
SSD1306 OLED0x3CDisplay
M24C64 EEPROM0x50Credential storage
ATECC608A0x60Secure element
TS060x69Touch controller
SDA and SCL are on PA08 and PA09 respectively. External pull-up resistors are present on the PCB.

ā€‹
Physical design

  • Encapsulated in epoxy resin ā€” prevents corrosion, dust, moisture ingress, and physical tampering.
  • No wireless interfaces ā€” eliminates remote attack surfaces entirely.
  • No external screws or seams ā€” the device cannot be non-destructively opened.
  • Gold-plated touch pads ā€” durable, corrosion-resistant, and visible through the resin.

ā€‹
Transparency, not exposure

ZeroKeyUSB is fully open source. The firmware and hardware schematics are publicly available on
GitHub ā†’ Depbit-lab/zerokeyusb.
Anyone can verify exactly what code runs on their device. Firmware updates require physical access ā€” either via SWD pogo pins or the USB bootloader with signed firmware. There is no remote update mechanism.
ZeroKeyUSB is a sealed product ā€” opening or reprogramming the device voids the warranty and destroys the epoxy encapsulation.