The NXP J3R200 is an EAL6+ certified secure element — the same class of chip used in passports, bank cards, and government IDs. Your private key is generated inside it, lives inside it, and has never existed anywhere else. No server, no cloud, no seed phrase. Just the chip.
Look inside the silicon ↓FrostCard's chip is the NXP J3R200 — a member of NXP's JCOP4 / SmartMX3 (P71) family. It is not a general-purpose processor that happens to keep secrets. It is purpose-built so that secret-keeping is the only thing it is good at.
The whole chip is a handful of square millimetres, yet every block on it exists to protect one number. Here is what is actually etched into it:
You'll see the phrase "EAL6+ certified" attached to this chip. It sounds like marketing. It isn't — it's a measured, independently audited claim under an international standard called Common Criteria.
The hardware is only half the story. The other half is the code that runs on it. FrostCard's firmware is written in JavaCard — an open standard maintained by Oracle — and runs as an applet inside a JavaCard Virtual Machine on the chip.
This is the single biggest difference between FrostCard and Tangem. Both use EAL6+ chips. The question is: what code runs on that chip, and can you see it?
Anyone can buy blank NXP J3R200 cards, compile the FrostCard applet from source, flash them themselves, and know exactly what code is running on their chip. Try that with Tangem.
The private key never comes from a factory, a server, or the app. The chip mints it itself, inside the sealed walls. Here's the exact sequence:
The NXP J3R200 is certified EAL6+ by independent labs. Here's what that means in practice — every way someone could try to extract your key, and the hardware defense that stops them.
And even if someone broke through all of that — past the chip, past the PIN, past the NFC encryption — they still face the covenants. The Kaspa network itself says: you can only send to these addresses. Or: these funds are frozen until 2027. That's the layer no other hardware wallet has.
Every line of firmware that touches your key is public. Because the applet is written in JavaCard — an open standard — and is fully open source, you don't have to take any of this on faith.