Pages:
Author

Topic: AirGapped Hardware Wallets (Read 1223 times)

legendary
Activity: 2212
Merit: 7064
July 22, 2024, 01:12:57 PM
#87
SecuX recently announced a brand new hardware wallet series called SecuX Neo, and they are claiming this devices are 100% Offline.
I noticed they have two versions Neo-X for €179 that has aluminum case and comes with XSEED Backup Set, and NeoGold for €119 that comes with gold plating plastic.
NeoGold is lighter but size anf functionality is exactly the same like with model Neo-X.
Communication is done with Encrypted Bluetooth, and it seems they are going to keep the habit of closed source code.


https://secuxtech.com/products/neo-series
legendary
Activity: 2730
Merit: 7065
October 28, 2023, 07:20:37 AM
#86
...and Bluewallet code can't be verified and reproduced, as far as I know.
True. The latest version that WalletScrutiny tested was 6.4.8, and they weren't able to build it from the provided source. Blue Wallet's latest app version is 6.4.10, released a few days ago. The latest versions that WalletScrutiny were able to reproduce from source were 6.4.5 and 6.4.4.
https://walletscrutiny.com/android/io.bluewallet.bluewallet/#resultsArchive
legendary
Activity: 2212
Merit: 7064
October 28, 2023, 02:51:34 AM
#85
i do not care about cheap wallet or not.
i am looking for the best one for long term holding.
Passport is probably one of the best air gapped hardware wallet options right now.
It is better built quality than Keystone, you can easily remove battery and you have clean open source code that works only for Bitcoin.

SeedSigner.  Buy it fully assembled if you don't feel comfortable doing it yourself.  Use it with BlueWallet.  Both are 100% open source.
Seedsigner is not bad but I still consider it as experimental device, and Bluewallet code can't be verified and reproduced, as far as I know.
For any newbie or beginner I would not suggest seedsigner for various reasons, but it's nice to use it in some multisig setup.
full member
Activity: 128
Merit: 190
October 24, 2023, 07:23:32 PM
#84
Time is running out i still not decide which one to get. Keystone 3 Pro/CoolWallet Pro/TANGEM and for BTC only Passport/SeedSigner.

SeedSigner.  Buy it fully assembled if you don't feel comfortable doing it yourself.  Use it with BlueWallet.  Both are 100% open source.  Why tie yourself to a company that you'll have to trust?

Best of all, if you someday change your mind, you can just buy a different wallet and import your seed.  You won't need to make a new seed & move your coins again because, with SeedSigner and BlueWallet, your seed won't have been exposed to a company that went dirty like Ledger is doing.

If you're waiting for a reply everyone can agree on, you're never going to get one.  Some people are followers and feel like they need to trust a company.  To me, that's bizarre.
newbie
Activity: 4
Merit: 0
October 24, 2023, 07:05:01 PM
#83
i do not care about cheap wallet or not.
i am looking for the best one for long term holding.

Time is running out i still not decide which one to get. Keystone 3 Pro/CoolWallet Pro/TANGEM and for BTC only Passport/SeedSigner.

legendary
Activity: 2730
Merit: 7065
October 20, 2023, 08:52:46 AM
#82
You are completely right, man.
After thinking about it, I should clarify the previous post. It's actually not from the secure elements that the secrets get sent from. The code retrieves the keys, encrypts them, and divides them into shards. Those shards are then sent over the internet to 3 third-parties. Ultimately, it doesn't really matter to the end user. The point is that private data that was never supposed to be online now can.
hero member
Activity: 714
Merit: 1298
October 20, 2023, 01:34:51 AM
#81

Regarding the secure elements. They have always been a black-box chip. It was never trustless, regardless if the HW was open or closed-source. The only thing that has changed now after Ledger's revelations is that we know that secure elements allow for remote sending of secrets.   

You are completely right, man.That is why the multisig wallet which requires at least two cosigners from wallets which use those  black-box chips produced by different makers is considered to be more safe haven for the stash in bitcoins than just, let's say, a single hardware wallet regardless the reputation of its manufacturer.
legendary
Activity: 2730
Merit: 7065
October 19, 2023, 10:50:26 AM
#80
For bitcoin-only wallet, I will recommend Passport.
For multicoins, go for Trezor. Not the new model with close source secure element. Also avoid Trezor coinjoin.
Judging by the type of hardware wallet xrahitel is considering, I believe he is on the hunt for something cheaper. And you are right, in that price range he is down to the Trezor One, Trezor Safe 3, or the Ledger Nano S Plus, which now has a 30% discount.

I would not recommend the Ledger though. There is no way of knowing what is the next self-destructive act that we will see from this company. 
I have a Trezor One, and unless Trezor intends to remove support for this device soon, I wouldn't have issues recommending it.

Regarding the secure elements. They have always been a black-box chip. It was never trustless, regardless if the HW was open or closed-source. The only thing that has changed now after Ledger's revelations is that we know that secure elements allow for remote sending of secrets.   
hero member
Activity: 714
Merit: 1298
October 18, 2023, 05:48:27 AM
#79

I can also recommend wallet on an airgapped device. Example is https://electrum.readthedocs.io/en/latest/coldstorage.html


Airgapped machine is a good opt if you are sitting all the time at your desk in you home but it is not optimal in emergency cases which are not rear things in the current world. If you found themselves in such situation then, I think,  the having in the emergency bag the  lightweight and compact airgapped hardware wallet   instead of a bulky and heavy airgapped machine would be preferable for you.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
October 17, 2023, 03:24:45 AM
#78
Can you recomend what you are using.
is Ngrave is good?
is Tangem is good?
is Keystone 3 Pro good?
I am not using an hardware wallet for now. If I should recommend what I am using, but which is bitcoin-only, it is multisig wallet which I have been able to setup on my three devices.

I can also recommend wallet on an airgapped device. Example is https://electrum.readthedocs.io/en/latest/coldstorage.html

Keystone 3 Pro is a good hardware wallet. I like the fact that it is airgapped, able to make use of QR code and you can use it with software wallet like Electrum.
legendary
Activity: 2212
Merit: 7064
October 16, 2023, 06:35:20 PM
#77
Any one using Safepal X1.
I am still confused to choose right wallet.
I didn't see a single good review for Safepl X1 yet, so I am guessing it's not very popular, maybe due to fact that older version S1 was insecure closed source peace of shit with stolen modified code.
I wouldn't waste money for Safepal when new Trezor Safe 3 has similar price, and there are several other open source alternatives that are better.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
October 16, 2023, 12:37:09 PM
#76
Any one using Safepal X1.
I am still confused to choose right wallet.
It is one of the hardware wallets that I can not recommend anyone to use because it is a close source wallet and because you can not be able to connect the wallet to other wallets like Electrum.

You can see lists of hardware wallets here: https://thebitcoinhole.com/

Choose the one that you think is better for you. Let it be open source and in a way you can use it with other software wallet.

For bitcoin-only wallet, I will recommend Passport.
For multicoins, go for Trezor. Not the new model with close source secure element. Also avoid Trezor coinjoin.
newbie
Activity: 4
Merit: 0
October 16, 2023, 11:31:59 AM
#75
Any one using Safepal X1.
I am still confused to choose right wallet.
full member
Activity: 128
Merit: 190
September 27, 2023, 02:29:33 PM
#74
It almost seems like even more of a risk because of the malware that can hack in through the USB connectivity. There are so many different kinds of hardware / software/ airgapped wallets but almost all of them have some sort of security flaw it seems and that the only way to truly have the most secure form of storing your bitcoin is to run bitcoin node yourself. Hopefully this will change with time and there will be more secure ways of storing your coins without having the fear of losing them via a hack.

Some airgapped wallets don't even use USB.  I'm a big fan of Krux, which runs on a Maix Amigo.  The Amigo is a device with a 3.5 inch touchscreen and a camera.  No bluetooth, no wifi.  Once you load Krux software onto the device you never need the usb port again for anything but power, so you can plug it into an electric outlet instead of a desktop.  And you only need to plug it in to charge the battery.

So, once the software is installed, you never need to connect a Krux device to anything.  It's fully airgapped.  And the large screen makes it easy to see full addresses and see exactly what you're confirming every step of the way.

I posted a full review of Krux here.

I haven't used SeedSigner, but I assume it works the same way, except for the large touchscreen which Krux has if running on a Maix Amigo (I mention this because you can also run Krux on a M5StickV, which is roughly the same size as a Blockstream Jade).
hero member
Activity: 1344
Merit: 583
September 27, 2023, 01:27:18 PM
#73
It almost seems like even more of a risk because of the malware that can hack in through the USB connectivity. There are so many different kinds of hardware / software/ airgapped wallets but almost all of them have some sort of security flaw it seems and that the only way to truly have the most secure form of storing your bitcoin is to run bitcoin node yourself. Hopefully this will change with time and there will be more secure ways of storing your coins without having the fear of losing them via a hack.
legendary
Activity: 2716
Merit: 1855
Rollbit.com | #1 Solana Casino
September 26, 2023, 06:05:43 PM
#72
That means you have not read this topic that dkbit98 created a week and some days ago: NEW SafePal X1 hardware wallet

We do not know if it is truly or completely open source yet.

It is not making use of QR code which is most recommended way of signing unsigned transaction, but making use of Bluetooth which is not safe as QR code. QR code is still the safest way to sign unsigned transaction.

The wallet can not be connected with wallets like Electrum.
I missed that post, thanks for letting me know.

yups Open-Source is not completely, this is still untested and there is still no complete review for the use of Safepal X1.

I don't know why they have to sacrifice the QR code camera which is more secure and completely replace it with Bluetooth which is usually easier to hack even though it uses version 5.0, there will definitely be loopholes in the future.

and does not support third-party wallets, they only use their own Safepal wallet developed as a Browser Extension like Metamask.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
September 26, 2023, 03:44:47 PM
#71
and eventually, Safepal moved to Open-Source to prove that Safepal is committed to transparency and innovation.

In addition to announcing it as Open-Source, Safepal also changed the overall design and shape.
Using the Monochrome LCD type, even though the Safepal S1 already uses a full-color LCD (I prefer full-color).
and the use of Monochrome LCD is also based on low power consumption and uses a battery capacity of 128mAh.

Does not support Air-Grapped, only uses Bluetooth 5.0 High Speed connection method.
That means you have not read this topic that dkbit98 created a week and some days ago: NEW SafePal X1 hardware wallet

We do not know if it is truly or completely open source yet.

It is not making use of QR code which is most recommended way of signing unsigned transaction, but making use of Bluetooth which is not safe as QR code. QR code is still the safest way to sign unsigned transaction.

The wallet can not be connected with wallets like Electrum.
legendary
Activity: 2716
Merit: 1855
Rollbit.com | #1 Solana Casino
September 26, 2023, 03:34:31 PM
#70
-snip-
btw Safepal released new model X1 that should have open source firmware, but I would hold on until I see some reviews for that device.
and eventually, Safepal moved to Open-Source to prove that Safepal is committed to transparency and innovation.

In addition to announcing it as Open-Source, Safepal also changed the overall design and shape.
Using the Monochrome LCD type, even though the Safepal S1 already uses a full-color LCD (I prefer full-color).
and the use of Monochrome LCD is also based on low power consumption and uses a battery capacity of 128mAh.

Does not support Air-Grapped, only uses Bluetooth 5.0 High Speed connection method.
jr. member
Activity: 57
Merit: 4
September 24, 2023, 12:51:17 AM
#69
Quote
Who told you that Keystone have low sales?  They are currently sold out everything and you can only pre-order from their website.
QR is not used only by Keystone, but by many other airgapped devices like Jade, Passport, etc.

I have reviewed the official website introduction of Keystone, and it looks good. I have already placed an order for a Keystone 3 Pro, priced at $103.2, no shipping free. It seems like there are no other options available in terms of open-source hardware wallets that support altcoins and QR codes. Jade and Passport do not support altcoins.  All the hardware wallets are showed here. https://thebitcoinhole.com/
legendary
Activity: 2212
Merit: 7064
September 23, 2023, 03:30:03 PM
#68
Dear Sir, I have a few questions. (1) Airgapped wallets that rely solely on QR code communication appear to be very secure. However, related hardware wallets, such as Keystone, have low sales. Why?
Who told you that Keystone have low sales?  They are currently sold out everything and you can only pre-order from their website.
QR is not used only by Keystone, but by many other airgapped devices like Jade, Passport, etc.

I have 2 safepal s1. After read a post by dkbit98, I do not dare to use them, again. Safepal is closed source, and others are open source, like keystone. However their sales are very low. I am concerned about the lack of supervision.
Do what you want with your devices.
dkbit98 is nobody, and he didn't command anyone what to do in their life.
btw Safepal released new model X1 that should have open source firmware, but I would hold on until I see some reviews for that device.



Pages:
Jump to: