BitBox02, which I'm working on. :)
We're trying to build the easiest hardware wallet without sacrificing security. It's dead easy to use. If you have any questions about it, let me know.
I actually have a question:
If I understand correctly, the bitcoin-only version does not support it being used as a U2F. Why is that?
And how can a "transaction signer" device be aware of the coin it's signing?
How can the bitbox02 care if what it is signing is a bitcoin transaction, a love letter, or a declaration of war?
Only my node knows what bitcoin is. How can device that is not running a full node nor does it directly connect to a full node know what bitcoin is?
What if there is a hardfork that changes the transaction format?
I can understand that the bitbox wallet client software can be bitcoin only or not.
Personally I bought the "multi coin" edition just to be able to use it as U2F as well. In the bitbox client I connected it to my node and removed the other shitcoins from view.
There is a hint that the bitcoin-only edition has a more secure firmware since it's more focused / stripped down but frankly In don't see how or why.
Is it just a marketing ploy to attract bitcoiners?
Sorry for the rant, it's still a great product and I am a happy customer.
reply
Great question! As @sime already mentioned, your hardware wallet needs to be aware of what kind of coin it's signing a transaction. Otherwise your host device could easily make it sign a bitcoin transaction instead of a litecoin one.
Differences between the coins not only include the derivation path, but also fundamentally how transactions work. For the hardware to support different coin transactions, the firmware needs additional code to support it.
The bitcoin-only version comes with a much slimmer firmware, because it removes these coin integrations (and other things, such as U2F). The goal of the bitcoin-only is to offer an as small as possible attack surface by removing all unnecessary code. Security wise the benefit might not be immense, but as a general rule, less code leaves less room for mistakes.
It's also really popular for people who want to gift it to their friends and family, because it doesn't lead to people asking about different cryptocurrencies and instead lets them focus on just Bitcoin.
reply
Does that mean I cannot sign an arbitrary message (e.g to prove ownership) instead of a transaction?
reply
Only to pubkeys that are associated with any of your bitcoin addresses
reply
Only allows signing BTC transactions that are on the BTC derivation path with BTC chain ID (if I understand correctly).
Trezor also has BTC only firmware. And it effectively does the same.
reply
What is the security advantage of being restricted to what you can sign?
reply
More functionality means more opportunities for weaknesses.
At the end of the day, humans make these technologies and humans can make mistakes.
This mitigates the exposure to human errors.
reply