How almost all hardware wallets can steal your seedshiftcrypto.ch/blog/how-almost-all-hardware-wallets-can-steal-your-seed/
1008 sats \ 10 comments \ @joko 10 Nov 2022 bitcoin
write
preview
related posts
21 sats \ 5 replies \ @ln123 10 Nov 2022
Another good reason to multi-sig
reply
10 sats \ 2 replies \ @JeanLamine 10 Nov 2022
Or bip85 and some passphrases to keep it simple. Multisig is tricky.
reply
0 sats \ 1 reply \ @joko OP 10 Nov 2022
I don't think BIP85 or passphrases protect you in case of malicious firmware
reply
0 sats \ 0 replies \ @ln123 10 Nov 2022
Nor malicious hardware
reply
0 sats \ 1 reply \ @ken 10 Nov 2022
I need to multisig asap. I'm always considering that one of my hardware wallets may be compromised. The FBI sold honeypot burner phones for years without being detected. What are the chances that a state actor hasn't compromised the supply chain of one of the major hardware manufacturers?
reply
1 sat \ 0 replies \ @joko OP 10 Nov 2022
The point of the article is that there is a way to not having to trust the supply chain of your hardware wallet. Usually there is no easy way for a manufacturer to steal users funds (if they know what they are doing), except for a convert nonce channel. Anti-Klepto fixes this.
MultiSig eliminates that problem, but introduces others.
reply
2 sats \ 1 reply \ @takaponka 10 Nov 2022
Very good article, the chip is the weak point and can't be trusted. Tails + a garbage pc with no wifi or network card to generate a watch only is good solution too. Imo HW wallets are oversold to beginners.
reply
0 sats \ 0 replies \ @joko OP 10 Nov 2022
Tails + a garbage PC have other issues. Getting a good hardware wallet (with Anti-Klepto) is still a good choice for most people.
reply
1 sat \ 0 replies \ @Btckittykat 10 Nov 2022
This article reminded me of the Reflections on Trusting Trust paper - old but wild example of how you could have compiled open source code but still not have complete security. Only 3 pages, although I had to re read it a few times.
https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf
reply
0 sats \ 0 replies \ @l0k1 11 Nov 2022
I just now read the last part of this article, as I am in the middle of building an anonymising network and just created the cryptosystem for it.
I am a little amused to read that the hardware wallets are using internal entropy only. Proper strong cryptographic random number sources are fairly expensive, complicated devices and I just can't see a little USB stick and given the prices of these devices having a strong CRNG in them...
It's nice to see that this is being addressed, though. Entropy is a very important resource for secure communication systems. There is a limited supply, and in its absence many attacks exist for weakening encryption and giving away information to attackers, if they can inject predictability into the nonces.
reply