Pages:
Author

Topic: Hey bitcoiners if you are interested in the rebrand from Cobo to Keystone... - page 2. (Read 406 times)

newbie
Activity: 13
Merit: 23
If one day the worst thing happens to Keystone, we will release this signing key to the community.
Good to hear that, just remember that everything in Bitcointalk forum is saved and archived Wink
Thanks for the kind reminder and we will deliver what we promised Smiley

I think Cobo won't allow me to share the sales number of Cobo Vault Sad
I am not sure how Cobo decide that date (June 1st 2020).
Is this information going to be available for Keystone wallet? I don't see anyone who can stop you to release this info as you are the new boss.
Both trezor and ledger reportedly sold millions of hardware wallet devices, but I can't find any precise numbers for that.
We may disclose this number at a proper time.
But what I can disclose right now is that we have broken even in Aug (last month).

Right now we have only been selling this for 3.5 months I don't think that sales number can indicate anything.
But that may lead to misunderstanding. Hope you can understand.

Although it was an extreme edge case and destructive to the device do you have any plans to change the hardware to avoid the way shown to get around the self destruct?
Good question.
Few months ago I saw how easy is to bypass that Cobo self-destruct mechanism:
https://medium.com/swlh/defeating-the-cobo-vault-pros-self-destruct-mechanism-abf321e2f5b5
Oh I see what dose Dave mean.
Actually we had multiple layers of self destruct mechanism. I had some discussion here - https://twitter.com/CryptoKershaw/status/1421230350433505285
Also from Nick's article you can see that he was also aware of the multiple layers of self-destruct mechanism -
Quote
The firmware also shows three other pins used as “passive” tamper sensors; these ones can’t wake the device up from sleep, but can detect tampering of some kind while the device is active.
newbie
Activity: 13
Merit: 23
Hey Dave thanks for your questions!

Although it was an extreme edge case and destructive to the device do you have any plans to change the hardware to avoid the way shown to get around the self destruct?

Sorry I don't quite understand this question. Do you mind rephrasing a bit?

Do you have any plans to replace it with a solution that does not require a new device every couple of years as the battery that runs the wipe dies?
Yes! Actually we designed the AAA battery support for this kind of scenario. I know some hodlers touch their HW every 2+ years. In that case rechargeable battery won't work.
Details - https://twitter.com/KeystoneWallet/status/1413185377934917632
full member
Activity: 343
Merit: 167
I was just looking at buying a Keystone wallet. I really like the presence of a removable battery and also the absence of changing the addresses of coins, which makes it impossible to attack with the substitution of the address index:
https://blog.sia.tech/a-ransom-attack-on-hardware-wallets-534c075b3a92
Thanks!
Actually if you use Keystone with BlueWallet or other 3rd party wallet who has change address, we will show the index (image below) to prevent this ransom attack.

If you didn't notice this when you sign the tx, after you sign it by accident, you can still see the index in your signing history.
It's very good that you are showing the index for the change address! Trezor wallets don't show that. Ledger doesn't want to burden users with the problem of index spoofing at all.

I would like to advise you to add the following features to your wallets to differentiate you from your competitors for the better:

1. Many users do not trust the random number generators built into wallets, so it would be nice to let the user enter an arbitrary sequence of 0 and 1 (128 or 256) to form their own seed of 12 or 24 words.

2. Give an opportunity to import third-party cold private keys using: QR code, via SD card or virtual keyboard.
These features can only be added to the Pro model, which will significantly differ from the Essential model.

I hope you will listen to my advice and make a truly professional wallet that will significantly differ for the better from other wallets on the market.
legendary
Activity: 2212
Merit: 7064
With our next gen we will have a cypherpunk version which allows users to burn their own firmware. And this version won't be shipped with a workable firmware so the user has to compile his own firmware and hopefully this will avoid new comers from buying it.
Interesting to see that you are working on next gen Keystone device, I think this is the first time I heard about this, and I would like to see first version coming out.

If one day the worst thing happens to Keystone, we will release this signing key to the community.
Good to hear that, just remember that everything in Bitcointalk forum is saved and archived Wink

I think Cobo won't allow me to share the sales number of Cobo Vault Sad
I am not sure how Cobo decide that date (June 1st 2020).
Is this information going to be available for Keystone wallet? I don't see anyone who can stop you to release this info as you are the new boss.
Both trezor and ledger reportedly sold millions of hardware wallet devices, but I can't find any precise numbers for that.

Although it was an extreme edge case and destructive to the device do you have any plans to change the hardware to avoid the way shown to get around the self destruct?
Good question.
Few months ago I saw how easy is to bypass that Cobo self-destruct mechanism:
https://medium.com/swlh/defeating-the-cobo-vault-pros-self-destruct-mechanism-abf321e2f5b5
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
Although it was an extreme edge case and destructive to the device do you have any plans to change the hardware to avoid the way shown to get around the self destruct?
And
Do you have any plans to replace it with a solution that does not require a new device every couple of years as the battery that runs the wipe dies?

Neither are super critical, and if I get one it's probably the essential anyway but I do like the concept of the feature.

-Dave
newbie
Activity: 13
Merit: 23
I was just looking at buying a Keystone wallet. I really like the presence of a removable battery and also the absence of changing the addresses of coins, which makes it impossible to attack with the substitution of the address index:
https://blog.sia.tech/a-ransom-attack-on-hardware-wallets-534c075b3a92
Thanks!
Actually if you use Keystone with BlueWallet or other 3rd party wallet who has change address, we will show the index (image below) to prevent this ransom attack.
https://i.ibb.co/JjsLKRF/15041631600774-pic.png
If you didn't notice this when you sign the tx, after you sign it by accident, you can still see the index in your signing history.

I would like to see more popular coins available, such as ZEC.
In the near future our focus is still BTC, ETH and EVM chains.
ZEC is on our list but no ETA yet.

Still wondering whether your servers are always available, do they have overloads? Is the commission calculated correctly?
Yes. You are right. No matter how to optimize our own server, it's still a single point of failure.
To prevent this, we make Keystone compatible with many 3rd party wallets (thanks to PSBT) - https://support.keyst.one/3rd-party-wallets/bitcoin-wallets
You can use your own node too.
newbie
Activity: 13
Merit: 23
Thanks so much for these great questions!

Even though Cobo Vault firmware is open sourced, the firmware needs to be signed by a specific key which is owned by Cobo team. We have made a migration firmware to upgrade Cobo Vault to Keystone firmware but Cobo refused to sign that firmware.
Does Keystone hardware wallet also have this feature for signing a key for upgrading firmware and who owns this key now?
Yes. Keystone has the same scheme and we own the key. This thread describe the reason why we maintain this scheme - https://twitter.com/BitcoinLixin/status/1410283646045474816
TL;DR
1) If the key is public, hackers may use a 3rd party firmware to hack entry level users. They may pretend to be a CS guy and trick the user installing a malicious firmware.
2) With our next gen we will have a cypherpunk version which allows users to burn their own firmware. And this version won't be shipped with a workable firmware so the user has to compile his own firmware and hopefully this will avoid new comers from buying it.
3) If one day the worst thing happens to Keystone, we will release this signing key to the community.

It's suggested that Cobo Vault users use Cobo's own companion app to move these coins to other wallets before using the companion app we offer.
The purpose of this companion app is just keeping Cobo Vault still functional. No new features will be added to this companion app.
Is it possible in theory for someone to wipe out Cobo hardware wallet code and load Keystone code on it manually if he understands how?
Similar question would be, can someone make Keystone DIY wallet from scratch following instructions like it's possible with other competition hardware wallets (Trezor, etc.)
No. Cobo device only accepts the firmware that is signed by a specific key and that key is controlled by Cobo team now. People can compile Keystone's firmware but can't installed into Cobo device.
Yes. It's possible to do so and we have open sourced the hardware design like Trezor and Coldcard - https://github.com/KeystoneHQ/Keystone-developer-documents/tree/main/hardware

You can get full refund by Cobo if you purchase your Cobo Vault after June 1st 2020 - https://support.cobo.com/hc/en-us/articles/4407973083287-Cobo-Vault-Offline-Notice
Is there any stats or is it a secret how many Cobo hardware wallets have been sold so far?
It is good they are doing some refunds, but it is only from June of last year and I believe this devices exist longer than that,
so other people will have to switch to Keystone wallet with 50% discount and use spare parts from Cobo, or buy some other brand hardware wallet.
I think Cobo won't allow me to share the sales number of Cobo Vault Sad
I am not sure how Cobo decide that date (June 1st 2020).
full member
Activity: 343
Merit: 167
I was just looking at buying a Keystone wallet. I really like the presence of a removable battery and also the absence of changing the addresses of coins, which makes it impossible to attack with the substitution of the address index:
https://blog.sia.tech/a-ransom-attack-on-hardware-wallets-534c075b3a92

I would like to see more popular coins available, such as ZEC.

Still wondering whether your servers are always available, do they have overloads? Is the commission calculated correctly?
legendary
Activity: 2212
Merit: 7064
Even though Cobo Vault firmware is open sourced, the firmware needs to be signed by a specific key which is owned by Cobo team. We have made a migration firmware to upgrade Cobo Vault to Keystone firmware but Cobo refused to sign that firmware.
Does Keystone hardware wallet also have this feature for signing a key for upgrading firmware and who owns this key now?

It's suggested that Cobo Vault users use Cobo's own companion app to move these coins to other wallets before using the companion app we offer.
The purpose of this companion app is just keeping Cobo Vault still functional. No new features will be added to this companion app.
Is it possible in theory for someone to wipe out Cobo hardware wallet code and load Keystone code on it manually if he understands how?
Similar question would be, can someone make Keystone DIY wallet from scratch following instructions like it's possible with other competition hardware wallets (Trezor, etc.)

You can get full refund by Cobo if you purchase your Cobo Vault after June 1st 2020 - https://support.cobo.com/hc/en-us/articles/4407973083287-Cobo-Vault-Offline-Notice
Is there any stats or is it a secret how many Cobo hardware wallets have been sold so far?
It is good they are doing some refunds, but it is only from June of last year and I believe this devices exist longer than that,
so other people will have to switch to Keystone wallet with 50% discount and use spare parts from Cobo, or buy some other brand hardware wallet.


newbie
Activity: 13
Merit: 23
Hey bitcoiners,

I am Lixin, CEO of Keystone hardware wallet. I was formerly the head of hardware wallet in Cobo, leading the team developing Cobo Vault.
Here is the proof of not being a fake account.

I know some of you have tons of questions about the rebranding, so I am here to address that.

Here are some questions I was asked frequently, we can start from these questions.

Why rebrand from Cobo to Keystone?
Back in September or October of 2020, the founders of Cobo told me that they don't want to do Cobo Vault product any more.
Reasons are -
1) There are very little product synergy between Cobo Vault and Cobo's main business Cobo Wallet and Cobo Custody. Both of them are custodial services. Cobo Wallet is for retail users while Cobo Custody is for enterprise users.
2) At that time Cobo Wallet was making tons of money because of the "DeFi Summer". They want to stop Cobo Vault and pivot all the dev resources to Cobo Wallet. Even though at that time Cobo Vault has broken even and growing very healthily.
We (the Cobo Vault team) were incubated by Cobo and ran as a subordinate company, separated from Cobo HQ for over 3 years. We were very dedicated to decentralized service and the hardware wallet product. We fully respect Cobo's decision but we can't work for Cobo Wallet.
So I bought out the Cobo's equity of the subordinate company (along with the intellectual properties). And the original Cobo Vault team left Cobo to create Keystone, which takes all the product legacies of Cobo Vault and also comes with some product improvements (details in a separate question).
For more details you can read -
https://blog.keyst.one/leaving-cobo-to-continue-the-cobo-vault-legacy-29bb2f8f026e
https://www.youtube.com/watch?v=XuRgGZTW82o

Can I upgrade my Cobo Vault to Keystone firmware?
I am sorry this is not allowed by Cobo. Even though Cobo Vault firmware is open sourced, the firmware needs to be signed by a specific key which is owned by Cobo team. We have made a migration firmware to upgrade Cobo Vault to Keystone firmware but Cobo refused to sign that firmware.
They are doing this because they want to convert those Cobo Vault users to Cobo Wallet.
Right now Cobo is refunding Cobo Vault users. From their refund application form, you can see that you need to register a Cobo Wallet account to get the refund. Also as an incentive, they will upgrade your Cobo Wallet account to VIP1.
For more details about the compatibility between Cobo Vault and Keystone -
https://twitter.com/BitcoinLixin/status/1405135132277706756

Can I still use my Cobo Vault?
If you have upgraded your Cobo Vault to BTC-only firmware (I believe most of the users here are doing so), and use it with BlueWallet, Specter, Sparrow or other 3rd party BTC wallet, you are good to go.
But please note that Keystone team can't fix any bugs or vulnerabilities of this product any more.
If you are using your Cobo Vault with multi-coin firmware and the mobile companion app by Cobo, we are not sure how long this companion app will be listed.
Thanks to the openness of QR code, right now we are launching a software companion app (in review now) to make Cobo Vault still usable.
Please note that these coins we can't support due to backend limitations - IOST, EOS, ETC, CFX, DCR, FIRO(XZC), Omni-USDT.
It's suggested that Cobo Vault users use Cobo's own companion app to move these coins to other wallets before using the companion app we offer.
The purpose of this companion app is just keeping Cobo Vault still functional. No new features will be added to this companion app.

What's the improvement of Keystone compared to Cobo Vault?
There are mainly 3 improvements -
1) We moved the microSD card slot out so it's much easier to plug it.
2) We upgrade to UR2.0 which is a much more advanced and robust QR protocol by Blockchain Commons team.
3) More integrations are coming (Casa and Caravan).
More details here -
https://blog.keyst.one/whats-new-for-keystone-a33f4e24c9cb

Compensation for old Cobo Vault supporters
1. You can get full refund by Cobo if you purchase your Cobo Vault after June 1st 2020 - https://support.cobo.com/hc/en-us/articles/4407973083287-Cobo-Vault-Offline-Notice
2. You can get 50% off for purchasing Keystone hardware wallet - https://twitter.com/BitcoinLixin/status/1399701850983596044

Thanks for your patience reading all the info. Please let me know if you have any further questions.
Pages:
Jump to: