10 sats \ 2 replies \ @billiam 9 Mar 2023 \ on: The Achilles Heel of BTC Hardware Wallets bitcoin
For tech users, no need for a hardware wallet as those have their own, special attack surface like everything else.
Idea:
Encrypted Virtual Machine with disabled network adapter, a minimal Linux OS, updated. Host disconnected from internet when seed + passphrase is generated with the wallet on the VM (sparrow or electrum). Jot down seed and passphrase and store them in two locations (metal plate ...). Copy the xpub and create a read only wallet somewhere else and use it to receive bitcoin and to broadcast transactions. Use from internet disconnected VM as a "signing device" only (sign transaction and copy to read only broadcast wallet)
Lol damn son, you must be custodying hella sats with that set up
reply
Problem is if host infected (keylogger, trojan, meterpreter, ...) recording keystrokes while offline and sending it back to attacker when going online. Also we don't know what zero days might exist in the vm software or operating system used.
reply