Topic: BC Vault hardware wallet - is this a reasonable answer to a question? - page 2. (Read 1488 times)

Additionally we released the Aluminum versions of BC Vault and since it is Black Friday today, special price is also available!

P2WPKH support also added!

Version 1.3.2 with private key reveal was just released!

See this KB Article on support page!

Hello all!

As I promised, we did listen to your input and implemented the export private key in a way, that we feel is safe enough for the user to do it in a way, where the exposure risk is at minimal. Following is the procedure:

- BC Vault has to be booted in special mode for private key reveal to work (you hold down a key when you plug it in)

- Advanced mode has to be enabled in the application

- You will then see "Reveal private key" option by each wallet (small red key icon on the right):


- Once you choose to reveal the private key, your wallet will be marked "Not secure" forever. Same as we already have for all imported wallets (we already did support import of private keys, as mentioned)

- You will then confirm the reveal on the device itself:


- Finally you get "your precious one":


Displaying the private key on the device insures (as opposed in the application), that the key still was not exposed on anything connected to the internet. It is now your choice to either write it down, take a picture on film, etch it on glass with Daguerreotype...or simply trust your phone camera and take a digital picture (careful!)

And they say big display is not so important?

Public release is scheduled for next minor release of application+fw (very soon).

They could covert WIF back to raw and import that.

But we will support WIF import in next release (it actually is supported already in libraries, but GUI is filtering out the "invalid" chars).

Those users will not be exporting private key anyway If you come in situation where you really need "barebones" private key, best way is to export it raw. WIF might become WIFv2 or exWif or whatever standard the future will bring, but raw private key stays the same forever. So to be able to be future proof, raw is the way to go in my opinion.

We might add WIF as option for BTC as you suggested, but this will not be implemented right away.

That wont do, most users don't know how to convert private key to WIF, some don't want to use converters or tools to convert it to WIF.
Lastly, almost all (Bitcoin) clients do not support non-WIF private keys.

1. It's shorter and the identical characters are omitted, so it's still "cool".
2. Why don't you just add an option/default option to convert prv key to WIF for coins like BTC? The conversion isn't that complicated.

We considered that, but we will not do WIF. Why?

- WIF is only usable for BTC, EOS (and for EOS you can not include both private keys)
- It is case sensitive which is not "cool" for manual operations

If you get raw private key, you can always do whatever you want to it...Like convert to WIF if you want to.

I had a lengthy discussion with out team and I do think we came to a very good solution for possible export of private keys in a way, where user will not be compromised even if procedure is initialised on a compromised desktop. Such wallets will also be marked as insecure - we already mark all imported wallets as such!

BTW!!!! TI forgot to mention, that if you want to use known private key wallets on BC Vault right now, you CAN! Simply generate private keys somewhere safe (well actually you need 64 chars, x2 for EOS) and use "Import wallet". This way, you will have all the wallets on BC Vault, which private keys you have. You just have to be extra carefull on where you generated them.

Stay tuned for more soon!

We do not try to evolve new encryption algorithms, nor do we have a plan to do so This is really very very very complex stuff that is more in the field of mathematics than IT.

Google Authenticator is not really about encryption, it's more about TOTP (Time-based One-time Password Algorithm) - it's time based authentication process, but I am really glad you mentioned it. Millions use it for sensitive stuff as 2FA for crypto exchange logins and similar, but did you know Google Authenticator is NOT open source (it was sometimes)? (Source: https://lwn.net/Articles/581086/).

Thank you for your thoughts.

As I said, you will not have to wait for us to go bankrupt for access to your private keys! Once we find a proper way we feel comfortable with in regards to all aspect of security, we will allow private key export!

I'm going to leave a quote from Satoshi (can't find the exact source tough):

It's not even about trusting the fact that you did a good job... I don't know you, but you're probably a lot smarter than me (I must honestly say I wouldn't have a clue as to where I should start when creating a hw wallet). It's all about the fact we should not have to trust your word when you tell us you created a propriatory algo to derive keys, or when you tell us you used community standards to encrypt backups.... Bitcoin's community is trustless,  we want to verify (or at least have a Dev we know verify the code).

But, I feel we'll never agree, so I wish you the best of luck with your company, and j hope you take the feedback you received to heart when you make decisions for your future products.... But in the end, it's between you and your customers. I just hope you'll stick to your word and release your decryption tool if you ever go bankrupt...

We use standard crypto algorithms considered most secure by todays standards, so no worries here. You can NOT decrypt backups without global pin, password pin, wallet pin, wallet password! So again no worries here! You run up the wrong alley...we did not “invent” some uber encryption algorithm and just use it. Those things are tricky and we are not playing with fire.

It is just a couple of really good ideas on how to make life of potential attacker really hard that we do not want to divulge straight away.

All this put aside, every single BC Vault includes Bounty Wallet with more than 1 BTC. You can somehow crack it, it’s yours. Up to today, money is still there. So we dare to put money where our mouth is.

I don't want to get dragged into this discussion, but the direction it's taking more or less forces me to post...

You tell us you might not release the decryption tool because it would allow somebody with access to a lot of resources to reverse engineer your tool and use the knowledge to decrypt somebody's backup.
This is a valid concern, but this kind of tought pattern comes at a price: if you don't release the source code of a working decryption tool, how will we ever be sure our backups are safe? For all we know, you might be encrypting the backupset using Des or rc4, or, God forbid, an algorithm you yourself created...

Delivering no, or a back box, decryption tool requires a lot of trust from the crypto community... Trust you have not yet earned...

If you are so worried about releasing a decryption tool, it makes me wonder how those backups are encrypted... If you messed up, a 3 letter agency won't need any tools released by you, they'll be able to decrypt our backups just fine... The only way for you and the community to be certain about the security of the backup encryption is if we can look into the tool's source code... Only if we see the code and it's inspected by some trusted devs will I put any trust in the tool and your product...
Open source decryption tools will make your backup safer. If weaknesses are found, the odds are much bigger they're going to be reported for a bug bounty so you can at least fix them

No worries, once we rethink how and when we will release private key export as I said! We do not want to rush such sensitive operation!

It shouldn't matter. If the data is encrypted properly, then an attacker shouldn't be able to do anything with it. The only way that this would be a problem is if they are using a weak encryption protocol.

Then why have your data backed up electronically at all? Just use BIP39, back up your words on paper, and be done with it.

But am I correct in saying I cannot decrypt my encrypted keys without your software which you refuse to release? If so, then you are arguing semantics. The whole point of a back up is that it is accessible by me when I need it to be.

Therein lies my issue. Why should you get to decide if I can extract my private keys?.
[/quote]

Actually we do not prevent you. You CAN extract your private keys, but in encrypted form (encrypted with your passwords+pins) -> backup.

As mentioned this is due to security reasons and we might add functionality to extract raw private keys in the future with a lot of warnings etc. so even the most basic user will truly understand what are security implications of such operation.

You can't do that if your hardware wallet is lost and you can't access your keys because they haven't released their back up software.

With BIP39 I can very securely restore without having to buy a new hardware wallet by using an air gapped machine and using that to sign transactions generated on a live watch only wallet.

Therein lies my issue. Why should you get to decide if I can extract my private keys?.

Finally had a time (we just released major upgrade for BC Vault - EOS, TRX, BNB, GRS...)...

HCP stands correct.
One needs another BC Vault device to restore the BC Vault backup. Contrary to BIP39, the backup includes many other things BIP39 just does not cater to, so it is not a closed-circuit system with the sole intention of protecting tradecraft, but rather to enable features other cryptocurrency hardware wallets on the market today do not offer.
It is the basic principle of security, which usually does not go hand in hand with commodity. Going back to the HSM analogy: one cannot simply mix-up data from the highest level of security-enabled devices among each other.
In case of losing/destroying/fault of the device, one will also have to buy a new HW device with Trezor, Ledger… since importing the 24 words into any software wallet renders the sole purpose of using HW wallet worthless, as one risks exposing all private keys to a perhaps “insecure” device or service.
Safely storing the seed recovery phrase entails additional cost as these usually cost more than the hardware wallets themselves.
With BC Vault, the private keys are stored in FRAM, which is less likely to break down compared to Flash used in benchmark devices.
Firmware upgrades are always done on a non-active partition to protect the device from faults during any upgrade procedures so one can rest assured not being stuck with “update” screen.
 
We have just released an update that includes:
- Support for Binance BNB on the new Binance chain (BNB as the ERC-20 token was supported by from the initial release)
- Support for EOS with stake/unstake capabilities and new account creation from within the app
- support for Tron TRX
- A previous update saw the addition of the Stellar XLM and Ripple XRP
 
As of now BC Vault still does not allow the export of private keys but we are considering all options and if we so decide, we will get back to you.
 
»It is better to debate a question without settling it than to settle a question without debating it.«

We are not talking about your hardware wallet here, but about your recovery software. You have said that if you go out of business, nobody can access their keys without your recovery software. At this point, nobody except you can even say if this software exists or not. How do we know it will decrypt and display the keys safely, and not accidentally store them in plain text in a file somewhere on our system, for example? How do we know it won't email all of our keys off to your email address? After all, by this point you will already have gone out of business, so what do you have to lose? All we can go on is your word. Hence, trust.

I can sense we will never see eye to eye on this, so we are going to have to agree to disagree, but you will never convince me to trust my private key back up to the promise of some future software being released by an internet stranger.