pull down to refresh
0 sats \ 2 replies \ @Scoresby OP 20h \ parent \ on: Serving Bitcoin – refurbished bitcoin nodes bitcoin
I agree, except that I don't understand the difference between trusting someone else to install your OS and trusting someone else to give you an up-to-date copy of the chain. I'm sure there's some version of malware that could be put on a machine that man in the middles you when you try to sign a transaction over a certain threshold. Or it does this when you generate an address to receive.
My point is that in the case where you trust someone else to install software on a device both of you know will be used for bitcoin activities, why not trust them to give you a copy of the chain as well?
Code is shipped with any device that contains processing units, so unless you can verify that the code only does what it's supposed to do, there's a basic level of trust that you have to accept. So then the question goes past just startOS. If they didn't have an OS and gave you a usb drive with all the linux packages that you could independently checksum, you'd still need to trust all the authors of the code that's gonna run on that machine, including firmware. So, you're right, they might as well include a copy of the blockchain, as long as you could reliably verify it. And people generally aren't going to be putting their life savings on these devices since they're hot wallets. An attacker isn't going to strike it rich before word gets out about the supply-chain attack.
reply
You are getting at exactly what I was thinking.
Two points though:
-
while most people hopefully are using something else as their cold storage, they might frequently use such devices as watch-only wallets, and as such they might be using them to generate receive addresses for their cold storage.
-
my second point is that bitcoin-specific machinery may be more likely to get attacked. Or at least it is more likely to be a target.
reply