OG Lads

If locksmith copies your house key. And they promise they destroyed the duplicate. And you have no way to verify. Do you trust them? That's a vulnerability so many secure compute modules like TEEs face. Now imagine that level of trust in a satellite you can never double check after launch...especially if you don't have verification set up. If satellite signing keys are generated on Earth by the manufacturer, sometimes years before launch, there's a gap in time for a pre-launch attack. So when designing our security mechanisms, we engineered around this vulnerability. Every SpaceComputer signing key will be generated after launch, on the satellite's first boot in orbit. No human or manufacturer on Earth ever holds the keys. For customers evaluating orbital compute platforms, which is preferred: trusting a vendor's claim and contract, or verification from the hardware itself?