pull down to refresh

Background

I have a stack in a single sig passphrased wallet. The key (but not the passphrase, which I have to enter every time) is stored on a hardware signer, and I have a seed phrase backup on a couple of steel plates.
I was looking into securing this setup further in the 'positive' direction (i.e. preventing losing access to it, as opposed to preventing others from gaining access) by using something like steganography or references to a book, and thought I'd verify the seed phrase backup again before copying it.

What I did

Attempt 1

The best way to verify is by using another hardware signer. But the only other signer I had was a Ledger Nano X, left over from my shipcoin days. I don't trust the device and as it turned out, the only way to enter a new seed phrase into it required using their software Ledger Live, which I trust even less. I decided not to pursue that route.
I didn't want to spend money on another Bitcoin-only hardware signer either.

Attempt 2

I decided on using a software-only way, namely:
  1. Tails (which I'd never used before), and
  2. Whatever software would allow me to enter the seed phrase + passphrase and calculate something public I could compare against the key stored in my HW signer.
I downloaded, verified and etched Tails on a USB stick. For 2, my first attempt involved writing a Python script using bip_utils that asks the seed phrase and passphrase and calculates the zpub, to subsequently compare it to the control zpub (which I could see in my Sparrow/HWS setup).

Attempt 2.1

While Python is included in Tails, and I was able to install pip, I couldn't get the latter to install bip_utils on my Tails instance. It complained about it being an external library or something like that, presumably something having to do with security (?). It suggested installing it within a VM as a solution, but it seemed like too much to figure out, especially since...

Attempt 2.2

...I realized Tails had Electrum pre-installed already. So I thought: ok, I'll disconnect from the internet, import my seed + passphrase into Electrum, and compare the calculated zpub against the control one.
I went ahead with that. Electrum warned me along the lines of "You're running with permanent storage disabled, which is probably not what you want." It obviously was what I wanted!
I took basic precautions against side-channel attacks, like moving my phone away and putting a fan on to blow on it to mask the sound of the keystrokes.

But after I entered the seed phrase, I panicked

I was running Tails on my mini PC (which is normally used as a full Bitcoin node, plus a couple of self-hosted services). Most of the time it runs headless, but it's connected to a smart TV via HDMI. And I realized the TV itself had an ethernet cable plugged in. 😱
I thought: "What if the smart TV is spying on me and broadcasting HDMI input via the internet to the manufacturer? They'd be able see the seed phrase I've just entered." I quickly turned off the router to make sure the entire building was disconnected. Luckily I still had the passphrase (and a strong one at that, 56 bits of entropy IIRC) to protect me, which I hadn't entered yet and it was asterisked out anyway.
I entered the passphrase with the internet off and verified visually that the zpub was correct.
But then I started ruminating. "What's the likelihood of such a scenario? Do they have a legitimate reason to spy on HDMI input? Might they have included a backdoor in their hardware for illegitimate reasons?" The smart TV was an old model, purchased in 2018, slow and somewhat shaky, and it didn't support installing apps, updating the firmware or anything like that - so it couldn't have been infected with a virus or malware. It could only spy on me if such functionality was built-in by the manufacturer from the get-go.
I thought I'd sleep on it and probably move my UTXOs to a new wallet. Thanks to the passphrase I had at least a few days to act.
The following day I decided to have a closer look at the TV and realized:
  1. Wifi was disabled (it didn't know the wifi password)
  2. The ethernet cable, while it was plugged into the TV, wasn't plugged into the network switch.
So the TV wasn't even connected to begin with at the time of my entering the seed phrase. Phew! No need to move my coins.
I was running Tails on my mini PC (which is normally used as a full Bitcoin node, plus a couple of self-hosted services). Most of the time it runs headless, but it's connected to a smart TV via HDMI. And I realized the TV itself had an ethernet cable plugged in.
It's called Paranoia
reply
0 sats \ 0 replies \ @ek 27 May
It's not an air gap though which is the general advice so paranoia warranted imo
reply
It's not paranoia if they really are out to get you.
reply
I had studied the Glacier Protocol, which had made me sensitive to things I hadn't previously been aware of.
It was a learning experience.
reply
This would not be an issue with 2of2 multisig. They keys would never have to be in the same place, and you could verify them separately.
reply
Thanks, I might look into moving at some point.
I remember reading Lopp's article about why multisig was much better than SSS and he mentioned the ability to verify the keys separately.
reply
10 sats \ 0 replies \ @Fabs 26 May
Ohh! The forbidden "Glacier Protocol!"
Hey, if it makes you sleep better at night, why not.
reply
In a similar situation I've used seed signer to verify with Sparrow. Works fine, air gapped. I hope I'm not missing something big in terms of security.
reply
I don't own a seed signer and it looks like the best way to get one is to make one yourself, which I wasn't that interested in.
For the future I'll probably get another HWS that's considered secure. It's handy to have one.
reply
You can buy a premade, fully assembled seed signer yourself as well.
At the very bottom of this page: https://seedsigner.com/hardware/ there are links.
I definitely trust them far more than I trust the large companies.
reply
the best way to get one is to make one yourself, which I wasn't that interested in.
NGMI. User is paranoid, but not in the ways that count.
reply
It’s so simple a pleb can do it
Highly recommend seed signer
reply
Paranoid much?
reply
It's more likely that you screw up with your procedure and setup than anyone spying on your HDMI signal.
reply
It's all math anyway, you don't need any computers.
Chuck Norris verifies his seed phrase on a napkin.
reply
TBH, I would move my coins in that scenario. Call me crazy. I would. That TV is now a liability in my book.
reply
I knew some would call me paranoid and some would say I'm not paranoid enough.
I can see how such a liability can weigh heavily on one's soul, and increasingly more so as the purchasing power increases. In my leading up to sleeping on it I was oscillating between "May it remind me of my mortality" and "I want this out of the way".
reply
Defenestrate the tv
reply