I think the main thing to investigate is if the card uC can be compatible with the way Incognito is signing the transactions. I’m not a developer, but I remember the issues with XMR and Ledger, when they created the Ledger App (memory issues for examples)… Since the signing procedure is done inside the card, the uC of the card must have the needed integrated crypto primitives (AES, RSA…) and a sufficient amount of memory to sign the transaction successfully in a human time (seconds). The firmware of these cards can not be modified, so if a custom signing algo is needed, a new firmware must be developed, audited and certified in partnership with Tangem team. This could be potentially too expensive at this stage.
The specification of the Tangem card chip are:
- Embedded EAL6+ SecurCore microchip from Samsung
- Uses 3DES, AES, RSA, & ECC cryptography
- Arm SecureCore SC000 Processor
The cited Samsung chip could be probably the S3D350A, that is the only one with integrated NFC at the moment… If a customized firmware is needed, these are the specifications about chip RAM and ROM
The first thing to do could be experiment with their development kit, they provide a general purpose card where you can choose the right signature algorithm: https://shop.tangem.com/products/tangem-developer-kit
At the moment, Tangem supports all major cryptocurrencies (BTC, ETH, XRP, BCH, LTC, BNB, EOS, XLM, TRX, ADA, XTZ, DUC, RBTC, MTX, XEM, DASH, NEO, ONT), smart-contract and trustline assets. This also includes non-fungible tokens.
If the signing procedure of Incognito is compatible with the above mentioned cryptocurrency, the cards can be used and is sufficient only the wallet integration using their SDK. If this is not the case, only Tangem can develop a new firmware with the required functionalities, the Firmware sources are not available to the community
Firmware
Smart-card technology dictates a “security through obscurity” approach. Disclosure of the source code within secure elements would render hardware wallets vulnerable. In order to prove that Tangem firmware has no backdoors or bugs that would lead to loss of funds, Tangem has employed a renowned independent security auditor, Kudelski Security. The results of the audit are here:
https://research.kudelskisecurity.com/2018/08/06/audit-of-tangems-smartcard-wallet-code/amp/
Independence
Tangem firmware works on a native microcontroller level and does not rely on non-transparent platforms, such as third-party implementations of JavaCard VM. There are also no mechanisms to remotely control or update the firmware after the card is manufactured.
Hope this helps to understand the next steps to do, if the team/community wants to leverage this solution. The Tangem card idea within the Incognito ecosystem is really great in my opinion, I like the idea of an hardware wallet that can be exchanged like banknotes. This could enable a new P2P way to exchange anonymous crypto assets.