reply on: TUTORIAL: Blockstream Jade Plus \ stacker news ~bitcoin

pull down to refresh

32 sats \ 11 replies \ @freetx 22 Jan \ on: TUTORIAL: Blockstream Jade Plus bitcoin

What happens if the blockstream website to "unlock the pin" goes away?

IIRC you can run your own pin server

Yes, just found this when you commented: https://help.blockstream.com/hc/en-us/articles/12800132096793-Set-up-a-personal-blind-oracle

0 sats \ 8 replies \ @nym 23 Jan

What does it do? Verify the integrity of the device?

27 sats \ 7 replies \ @freetx 23 Jan

Jades don't have "secure element" chips in them. This was a design choice since 90% of all "cracks" of hardware wallets involve disrupting the secure element to gain control.

As a result of no secure element, the way the device encrypts the data on it (your seed) is by using the pin you enter. Obviously a 5 digit pin is a very small keyspace (which would be trivial to crack), so what happens is that pin is itself key-stretched to become a much larger encryption/decryption key off-device by using the website.

So the back-and-forth scanning of QR codes does that, essentially the "secure element" is the website / blind oracle which transforms your 5 digit pin into a proper encryption/decryption key.

27 sats \ 6 replies \ @nym 23 Jan

Thank you. That comforts me a little. So the exchange has nothing to do with your seed (since you have to enter the pin before the seed anyway) and after it gets the pin and before it gets the seed it has no outside connection to the world again?

59 sats \ 5 replies \ @freetx 23 Jan

Correct. The only thing the pin+exchange is used for is to temporarily load the decryption key into the devices RAM. At no point is your seed - either in encrypted or decrypted form - ever off the device.

view all 5 replies