pull down to refresh

122 sats \ 6 replies \ @sime OP 12 Oct 2023 \ on: Trezor announces new wallet: Trezor Safe 3 bitcoin
Highlights from my points of view: USB Type C and Shamir Secret Sharing.
write
preview
1 sat \ 0 replies \ @hynek 12 Oct 2023
And SE and passphrase on device and low price tag. And bitcoin edition 🔥
reply
0 sats \ 0 replies \ @Athena_Alpha 13 Oct 2023
Shamir’s Secret Sharing (SSS) is often not the silver bullet many think it is. It still has a few weaknesses people should be aware of:

Device Single Point Of Failure

As SSS relies on splitting a private key up into multiple shards, that key must exist on a single device at the time of splitting and then also later on whenever you need to spend funds or even generate a new receiving address. If the device is compromised at either of these points in time (or in between), your funds can be stolen. For example, through a rouge employee, government coercion or other means Trezor could push a malicious software update. There could also just be a flaw in the hardware or software of the device that’s exploited. The next time you bring your shards together to spend or receive funds, the device would reconstruct the single signature key and poof, no more funds. Multisig on the other hand protects against this as there are multiple, separate private keys and potentially even multiple separate devices from different manufacturers

Increased Complexity

A number of other “custom SSS implementations” have suffered from major security vulnerabilities in the past due to the added complexity of implementing SSS, putting all users funds from that company at risk. For example, Armory’s Fragmented Backups feature which used SSS had a vulnerability found in it while the 3 of 5 HTC Exodus setup also ended up allowing for full key reconstruction if an attacker had just 1 of the keys. These both serve as valuable historic lessons showing that the added complexity of SSS compared to the straightforward creation of a Multisig wallet is not a preferred security practice
Is a Multisig setup perfect? No. Multisig is more complicated for users to manage. You have to backup not just more keys, but more configuration data in the form of a wallet descriptor file as well. If an attacker finds that wallet descriptor information they can see all the information about your wallet which can be a big breach of security and privacy. The transactions that are made using Multisig are bigger (in kilobytes) and so cost more in fees than Single Signature ones.
As is very common in matters of security, it depends on your own specific goals and technical capabilities, but in general you should try to KISS (Keep It Simple Stupid) 🙂
reply
0 sats \ 3 replies \ @Bullen 12 Oct 2023
Why is the shamir thing a good thing? Haha, please bare with me 😅
reply
100 sats \ 2 replies \ @sime OP 12 Oct 2023
  1. You can geographically split your seed into shards
  2. Set a threshold how many shards are need to recover your coins. i.e. one shard doesn't compromise the whole stack
reply
0 sats \ 1 reply \ @Bullen 12 Oct 2023
I can see where this could be interesting.
Maybe not for me, seems to easily become too complicated.
reply
0 sats \ 0 replies \ @sime OP 12 Oct 2023
Yeah, it is not for everyone.
reply