Pages:
Author

Topic: Hardware wallet FUD (nonce attacks, unofficial firmware, etc) (Read 346 times)

legendary
Activity: 2212
Merit: 7064
Let's always remember though, that open-source and DIY does not guarantee security of the codebase. It's possible / plausible that especially a newer, smaller DIY project with few, non-monetarily-motivated developers has had less 'eyes on the code' and fewer professional penetration tests against it than a commercially developed and sold product.
True, but in the same time there is much less danger that some attacker would even try to attack relative unknown devices like this.
It's almost impossible for them to achieve anything because this devices are mostly air-gapped (seedsigner, krux), unless you download and install some malicious firmware update.
hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
How do we know the device (Blue Wallet, Passport.. etc.) wouldn't transfer the seed off itself using QR code?
Just verify the QR codes. Generate a PSBT using the wallet application (in your example, BlueWallet), decode it and verify that it's just a PSBT.
Then take the signed PSBT QR code from the Passport and do the same.

I am repeating myself, but for maximum paranoia-security, you can read through Passport's firmware codebase, notice that it doesn't add any data except the signed PSBT to the QR code, then build it yourself, add your developer key into the Passport and flash it with your built binary.
This guarantees you that it's not doing anything dodgy.

Keep in mind, the application (BlueWallet) can't really 'leak' anything through the QR code anyway, as you only scan it with the hardware wallet. The hardware wallet always 'knows more' (the seed phrase) than the app, so there's nothing to be leaked in that direction.

All in all, their recommendation was to make your own VPN using something like WireGuard or OpenVPN. Something similar like a DIY hardware wallet would work too, provided that it's made easy for people to assemble pieces of hardware and firmware together.
It's easy to make DIY hardware signing devices with raspberry pi zero, or with cheap M5StickV or Maix Amigo devices.
Nothing would connect you with Bitcoin and maybe you could purchase them in your local electronic shop.
Let's always remember though, that open-source and DIY does not guarantee security of the codebase. It's possible / plausible that especially a newer, smaller DIY project with few, non-monetarily-motivated developers has had less 'eyes on the code' and fewer professional penetration tests against it than a commercially developed and sold product.
legendary
Activity: 2212
Merit: 7064
Can this also be used for all other QR codes?
I know for sure that Safepal hardware wallet has closed source this, so you can't verify anything coming from their QR code, and all other stuff they have is closed source.
I am not sure how this works for Passport hardware wallet, but they have almost everything open source like design and firmware, but you need to verify with them how QR codes work.
For DIY signing device SeedSigner QR code is simply a string of numbers representing each word on the BIP39 wordlist, and Krux signing device supports it:
https://github.com/SeedSigner/seedsigner/blob/main/tools/seed_phrase_to_qr.py

All in all, their recommendation was to make your own VPN using something like WireGuard or OpenVPN. Something similar like a DIY hardware wallet would work too, provided that it's made easy for people to assemble pieces of hardware and firmware together.
It's easy to make DIY hardware signing devices with raspberry pi zero, or with cheap M5StickV or Maix Amigo devices.
Nothing would connect you with Bitcoin and maybe you could purchase them in your local electronic shop.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
...But lately I've come across some anti-HWW bitcoiners

Eliminating EVERYTHING ELSE from the discussion, if you take a large enough group of people who are all passionate about something, there will always be groups within that group who are pro something or anti something.

It's similar to the situation with VPNs, where some people claim that they (depending on the VPN provider) actually reduce privacy, since they can identify you based on the size and type of the packets you send from one point to another.

All in all, their recommendation was to make your own VPN using something like WireGuard or OpenVPN. Something similar like a DIY hardware wallet would work too, provided that it's made easy for people to assemble pieces of hardware and firmware together.
JL0
full member
Activity: 817
Merit: 158
Bitcoin the Digital Gold
How do we know the device (Blue Wallet, Passport.. etc.) wouldn't transfer the seed off itself using QR code?

Keystone:

Quote
Keystone’s QR codes are transparent. Users can verify what is getting in and out of their hardware wallets, ensuring no sensitive information is leaked. The team released the hardware wallet industry’s first open-source tool to decode the QR codes for users to know how the software works and enable signing off on intended transactions.

Quote
With Keystone, you are able to decode the QR code content in an easily readable fashion, showing you exactly what the hardware wallet is sending to the Keystone Companion app, and allowing you to verify that no sensitive data is being leaked.

Can this also be used for all other QR codes?


Source:

https://blog.keyst.one/ever-wondered-what-your-hardware-wallet-inputs-and-outputs-9b33b4cedafd
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
...But lately I've come across some anti-HWW bitcoiners

Eliminating EVERYTHING ELSE from the discussion, if you take a large enough group of people who are all passionate about something, there will always be groups within that group who are pro something or anti something.

Hardware wallets serve a purpose but they are not always the best answer for everything.
Someone holding $100 of BTC and using it to buy things and then getting more probably does not need a HW wallet.

Posted this close to 3 years ago, still true today: https://bitcointalksearch.org/topic/helping-usually-new-people-choose-their-wallets-5205304

-Dave
legendary
Activity: 2212
Merit: 7064
On Passport, by default you can only install a firmware image that is signed with Foundation's developer signing key.
However, you can add your own key and then it will let you install firmware signed by yourself and present you with a warning on each boot (so you'd notice if someone did it on your device).
That is fine and it reminds me on something similar we can see on smartphones running grapheneos.
I am not sure how other hardware wallets are dealing with this because I never researched it deeply.

What are your thoughts on this article
I don't know what to say about two year old article, nothing new is said there.
There are risks purchasing and using hardware wallets, but you can mitigate most of them if you are careful.
You can buy device locally in official reseller shop, use disposable email address and alternative delivery address for ordering and delivery, use PO or UPS boxes, etc.
Alternative way is to build your own DIY signing device or just use small old laptop as a cold storage.
There is no perfect universal solution for everyone, and I can find negative or positive for any options.
newbie
Activity: 8
Merit: 8
What are your thoughts on this article:

https://robertspigler.com/in-defense-of-my-attack

Don't get me wrong, I use hardware wallets, I generate my own seed, etc.

But lately I've come across some anti-HWW bitcoiners and I've been wondering if HWWs are as secure as they claim to be.
hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
Back to hardware wallet topic, some of this devices are not allowing installation of unofficial firmware and they need to be signed, like in case with Keystone, and maybe Passport (not sure).
I think that for Trezor you can install any firmware you want, even create your device with custom firmware, but risk is that you can lose all your coins if you don't know what you are doing.
On Passport, by default you can only install a firmware image that is signed with Foundation's developer signing key.
However, you can add your own key and then it will let you install firmware signed by yourself and present you with a warning on each boot (so you'd notice if someone did it on your device).
legendary
Activity: 2212
Merit: 7064
Learning how to install linux mint is not harder than learning how cook by watching youtube videos. Tbh you don't even need linux. A clean windows install would do.
There is not such a thing as a clean windows install, it's always dirty and complicated  Smiley
Installing Linux is now much more easier then it was few years ago, and you probably don't need to install any additional drivers for your hardware, so it's quicker process than for wiNd0ws.
Instead of Linux Mint I would choose Fedora Linux in 2022.

Back to hardware wallet topic, some of this devices are not allowing installation of unofficial firmware and they need to be signed, like in case with Keystone, and maybe Passport (not sure).
I think that for Trezor you can install any firmware you want, even create your device with custom firmware, but risk is that you can lose all your coins if you don't know what you are doing.
legendary
Activity: 3276
Merit: 2442
You can use electrum or a similar open source wallet on your iphone/android device too. It is not rocket science. They are pretty safe too. (not as safe as a linux pc but i would say pretty close)

So, in your opinion, an open source wallet on iphone/android is as safe (or safer) than a hardware wallet?

Nope. In my opinion hardware wallets make no sense to use. Completely unnecessary.

If you are going to hold, use a piece of paper.

If you are going to spend, use your phone.

If you are going to trade, well the exchange does the holding for you.

There isn't any need for a hw wallet in any of these situations.

Ok, let's say a non-technical person (like the vast majority of people) wants to buy $25k in Bitcoin and hold it for 5 years.

What would be your recommendation to this person?

1) Install a mobile app on his phone, generate a seed, back up the seed, receive the bitcoin and then uninstall the app.

2) Learn how to install Linux and a wallet like Electrum or Sparrow and use that to generate the seed and receiving address.

3) Other (specify)

Learning how to install linux mint is not harder than learning how cook by watching youtube videos. Tbh you don't even need linux. A clean windows install would do.

All you need to do is clicking "next next next next" and everything will be there.

Generate seeds and write down them on a piece of paper and its done.

Easier than boiling an egg.
legendary
Activity: 2730
Merit: 7065
It basically boils down to trust in one way or the other. You can verify the installation binaries, signatures, and firmware, and that will tell you that they are signed by the right people and originate from the official teams behind those wallets. And then what? How many people actually know what the open-source code does and check to make sure the developers didn't insert something malicious or made an unintentional mistake? 1/10? More likely 1/100 do that.

The rest of us mere mortals are stuck trusting that nothing malicious has happened and that those 1/100 that know what they are doing have done their jobs properly. The system is generally working quite well for popular open-source projects with significant communities. But all it takes is one intentional/unintentional mistake for it all to crumble. Hopefully, that'll never happen. That's why most people can't do much then rely on trust despite the saying: "verify, don't trust."
legendary
Activity: 2268
Merit: 18771
Ok, let's say a non-technical person (like the vast majority of people) wants to buy $25k in Bitcoin and hold it for 5 years.

What would be your recommendation to this person?

1) Install a mobile app on his phone, generate a seed, back up the seed, receive the bitcoin and then uninstall the app.
Absolutely not. Most mobile wallets are either closed source or non reproducible, which is a complete non-starter. Even if you choose and open source one and verify it or even better build it yourself, you are still installing it and generating your seed phrase on an insecure device with internet access. Such a set up should be used for a few hundred bucks worth of bitcoin at most, and certainly not $25k.

2) Learn how to install Linux and a wallet like Electrum or Sparrow and use that to generate the seed and receiving address.
This is a good option. You should ideally use an old computer or laptop for this that you can dedicate for this purpose only and never again use for anything else. It should remain permanently airgapped and should be completely formatted before you start.

3) Other (specify)
1 - A good hardware wallet.
2 - A paper wallet, although you still need the same steps of a completely formatted and permanently airgapped device as above to generate the paper wallet safely.
copper member
Activity: 2338
Merit: 4543
Join the world-leading crypto sportsbook NOW!
The argument is that there is no way for users to know that the firmware signed by the maker is the one that is actually running on the device (only that the device claims that its running that).
That's wrong; you flash the device yourself using the firmware downloaded and verified from the website whenever you update it, actually. So every time you do, you re-verify that everything's fine.

Interesting.

Is this flashing you talk about done by the official hardware wallet app? (BitBox App, Trezor Suite, etc)

Or is this something I need to do separately myself?

I wrote a guide on how to verify Electrum, most hardware client-software such as Trezor Suite can be verified the same way.  As n0nce mentioned, the firmware for the Trezor (for example) is updated through the Trezor Suite client, which of course should be verified before it is used to update firmware.

Other vendors may do things a bit differently, for example the ColdCard hardware wallet verifies the firmware itself before installing it.  When upgrading the firmware on a ColdCard, you download it and store it on mSD card, and then load the mSD card into the hardware wallet.  Once you start the upgrade process the firmware is verified by the device before it's installed.
hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
Or is this something I need to do separately myself?
You do it yourself; how it's done depends on the wallet, but on the Passport you just put the file you've downloaded and verified, on a microSD and then insert it and start the update process on the wallet.

BitBox and Trezor are done through their software if I remember correctly.
But you're supposed to verify the wallet software, too, of course.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
....
Nope. In my opinion hardware wallets make no sense to use. Completely unnecessary.

If you are going to hold, use a piece of paper.

If you are going to spend, use your phone.

If you are going to trade, well the exchange does the holding for you.

There isn't any need for a hw wallet in any of these situations.

For you....For others it's a different story.

Hot wallet on my phone a few hundred dollars of crypto at most. Or, as I like to say, the phone is worth more then the crypto on it.
Warm wallet, under $2500 but that much would suck to loose so although it's on an internet connected PC it's needs a hardware wallet to sign / send.
Cold wallet. 2 of 3 mutisig in separate locations that all have live physical security and single pass-though man-traps.


The argument is that there is no way for users to know that the firmware signed by the maker is the one that is actually running on the device (only that the device claims that its running that).
That's wrong; you flash the device yourself using the firmware downloaded and verified from the website whenever you update it, actually. So every time you do, you re-verify that everything's fine.

Interesting.

Is this flashing you talk about done by the official hardware wallet app? (BitBox App, Trezor Suite, etc)

Or is this something I need to do separately myself?

Depends on the particular wallet. There is no 1 answer.

-Dave
newbie
Activity: 8
Merit: 8
The argument is that there is no way for users to know that the firmware signed by the maker is the one that is actually running on the device (only that the device claims that its running that).
That's wrong; you flash the device yourself using the firmware downloaded and verified from the website whenever you update it, actually. So every time you do, you re-verify that everything's fine.

Interesting.

Is this flashing you talk about done by the official hardware wallet app? (BitBox App, Trezor Suite, etc)

Or is this something I need to do separately myself?
hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
The argument is that there is no way for users to know that the firmware signed by the maker is the one that is actually running on the device (only that the device claims that its running that).
That's wrong; you flash the device yourself using the firmware downloaded and verified from the website whenever you update it, actually. So every time you do, you re-verify that everything's fine.

There's one more step: verifying that the firmware actually comes from the source code in the repository.
That's something you can do yourself and any legit hardware wallet manufacturer should give instructions how to do so.
The fine people at https://walletscrutiny.com/ do this regularly for a whole bunch of wallets, in case you're uncomfortable doing it yourself.

The last step is verifying that the source code is good, this is extremely important as well. But that's the case for any wallet, software or hardware.

Are these worries warranted? What are the chances of losing our bitcoin even if we do everything right: buying the wallet from official website, running our own node, generating our own seed, checking app signatures, etc.
It depends on the wallet. Closed-source wallets and non-verifiable open-source wallets? Not unlikely. Open-source, verifiable wallets? Less so.
With everything else being fine, there remains the risk of a new codebase not having been analyzed and attacked enough yet to know that it's safe and secure.

If all of this is true and COLDCARD can suddenly rugpull everyone, what hope does Bitcoin have?
Bitcoin doesn't care about a single hardware wallet manufacturer.

Are these FUDers being overly paranoid? Or are we all dumb for trusting hardware wallet companies?
Again, depends on the device.
I wouldn't trust anything that's closed source firmware (like Ledger or Square's device), and I much prefer if the hardware is open-source and auditable, as well.
legendary
Activity: 2212
Merit: 7064
If all of this is true and COLDCARD can suddenly rugpull everyone, what hope does Bitcoin have?
You are watching to much sci-fi movies and Coldcard has nothing to do with someone having hope for Bitcoin, it's just nonsense.

First, you have hardware wallets with open source firmware code so anyone can inspect and see what is happening, there are no hidden stuff for Trezor, Codlcard, Keystone, Passport, etc.
For Trezor you can even identify all hardware components and make your own DIY device, but they are also working on new prototype secure element chip, that should improve security a lot.
Coldcard is not exactly open source anymore, but you can still verify it's code and I don't think it's dangerous to use it, unless some major bug happens.
Closed source hardware wallets like Ledger, Safepal, etc are much more dangerous, and you could never know if they have some secret junk inside, so I would stay away from them.

Speaking about open source firmware, you should be aware that almost all laptops and computers have closed source bios, so it's much bigger chance of something leaking from there, unless you have coreboot or something like that.
Intel and AMD are constantly sending information and they have whole hidden mini operating system inside with Intel Management and AMD equivalent.
Now, keeping laptop offline can help, but it's not perfect protection at all.
newbie
Activity: 8
Merit: 8
You can use electrum or a similar open source wallet on your iphone/android device too. It is not rocket science. They are pretty safe too. (not as safe as a linux pc but i would say pretty close)

So, in your opinion, an open source wallet on iphone/android is as safe (or safer) than a hardware wallet?

Nope. In my opinion hardware wallets make no sense to use. Completely unnecessary.

If you are going to hold, use a piece of paper.

If you are going to spend, use your phone.

If you are going to trade, well the exchange does the holding for you.

There isn't any need for a hw wallet in any of these situations.

Ok, let's say a non-technical person (like the vast majority of people) wants to buy $25k in Bitcoin and hold it for 5 years.

What would be your recommendation to this person?

1) Install a mobile app on his phone, generate a seed, back up the seed, receive the bitcoin and then uninstall the app.

2) Learn how to install Linux and a wallet like Electrum or Sparrow and use that to generate the seed and receiving address.

3) Other (specify)
Pages:
Jump to: