If your Private Key's are compromised by manufacturer's of hardware wallet's !!

The Sceptical Chymist

legendary

Activity: 3528

Merit: 7005

Top Crypto Casino

Quote from: PawGo on December 16, 2021, 03:59:51 AM

"decentralised"?
Why does it worry you?
Do you wonder if ATM producer created a backdoor in the machine and may steal your money?
Do you wonder if airbag in your car will be launched correctly? (Yes, I know Tanaka case)

Generally, I don't worry about any of those things because I know that there's some pretty clear legal recourse for me if non-crypto companies steal from me. But when it comes to anything in the crypto space, once your coins are gone, they're gone--so that's kind of an unfair comparison.

I'm in the class of people Pmalek referred to, i.e., those who are unable to verify that the code behind hardware/software/whatever wallets doesn't contain anything malicious, and therefore I have to trust that other people who know how to analyze code have done so with whatever wallet we're talking about.

And yeah, sometimes I do wonder about Ledger's products as I know their code is closed-source. I don't think it's likely that one day everyone's Ledger coins are going to disappear and that whoever runs the company is going to flee the country....but it's possible. Not probable, but the chance of it happening isn't zero.

Quote from: dkbit98 on December 22, 2021, 03:23:11 PM

Cryptocurrency vocabulary is full of errors and wrong phrases Wink

That's going to happen when computer-illiterate folks like myself get into it, but would we really want bitcoin to be for computer science majors exclusively?

dkbit98

legendary

Activity: 2212

Merit: 7064

Quote from: witcher_sense on December 20, 2021, 03:07:45 AM

There are some relatively reputable hardware wallets that allow you to generate your seed manually instead of having to trust built-in true random number generators.

You can do that with most hardware wallets by using dices or cards and then importing that seed words without depending on any electronical system, but you need to follow some instructions.
Bitbox wallet released step by step instructions for generating your own seed words with dices:
https://shiftcrypto.ch/blog/roll-the-dice-generate-your-own-seed/

Quote from: witcher_sense on December 20, 2021, 03:07:45 AM

For example, in Coldcard, there is an option to generate seeds using dice rolls, coin flips, a combination of both these methods, or a combination of all manual methods with the hardware wallet's own RNG. Upon each roll, you will be shown a hash of the result of each roll, which you can verify manually

Keystone hardware wallet also have the option for generating seed words with casino-grade dices that gives highest degree of entropy.
I think that Keystone verification procedure looks more straightforward than in case of Coldcard, but both of them work and that is important.
https://support.keyst.one/advanced-features/recovery-phrase/use-dice-to-generate-recovery-phrase

I am not sure if any other hardware wallet have built-in feature like this with simple verification, but I think this is something important to have.
Talking about seed generation, I wrote more about that in one of my topics, so if you notice any mistake please correct me or make any suggestion you have:
https://bitcointalksearch.org/topic/seed-generation-in-hardware-wallets-5317199

Quote from: o_e_l_e_o on December 22, 2021, 07:39:21 AM

It's intentional, but it's misleading.

I could also argue that wallet is not really a wallet for bitcoin, because they are not holding coins but only keys.
Cryptocurrency vocabulary is full of errors and wrong phrases Wink

o_e_l_e_o

legendary

Activity: 2268

Merit: 18748

Quote from: Pmalek on December 22, 2021, 04:15:15 AM

It's a called a 25th word intentionally

It's intentional, but it's misleading. Your passphrase does not just have to be a word, and indeed, shouldn't just be a word since a single word is easily brute forced and not secure. Passphrase or seed extension is better since it is more clear that you can use a whole phrase or numbers and symbols as well, which are necessary if you want it to be secure. It's also misleading to call it a 25th word since you can use it with seed phrases of any length.

BIP39 refers to it as a passphrase, although BIP39 also refers to seed phrases as mnemonic codes which I strongly disagree with since it implies they should be memorized.

Quote from: Pmalek on December 22, 2021, 04:15:15 AM

It's not the same as the "passphrase" used to refer to a password you use to encrypt your wallet file.

I would refer to that as a decryption key to avoid confusion.

Pmalek

legendary

Activity: 2730

Merit: 7065

Quote from: witcher_sense on December 20, 2021, 03:07:45 AM

As for passphrases (sometimes incorrectly called a 25th word)...

It's a called a 25th word intentionally to make it clear that we are talking about the type of passphrase that is added to the end of your seed to extend it with an additional string for better security. It's not the same as the "passphrase" used to refer to a password you use to encrypt your wallet file. It's a bit confusing that we use the same term for two different things.

witcher_sense

legendary

Activity: 2450

Merit: 4415

🔐BitcoinMessage.Tools🔑

Quote from: dvndr007 on December 16, 2021, 11:39:37 AM

how can i trust this secret key when someone else is telling it I want to create it manually and there is no option to do so. I said for now you have to trust them, its new yet soon you can do it manually too.

If there is way to do so please share a link or wallets providing this type of facilities.

There are some relatively reputable hardware wallets that allow you to generate your seed manually instead of having to trust built-in true random number generators. For example, in Coldcard, there is an option to generate seeds using dice rolls, coin flips, a combination of both these methods, or a combination of all manual methods with the hardware wallet's own RNG. Upon each roll, you will be shown a hash of the result of each roll, which you can verify manually (not for your actual seed but for testing purposes) by following this guide: https://coldcard.com/docs/verifying-dice-roll-math

As for passphrases (sometimes incorrectly called a 25th word), you can generate them easily with dice rolls completely offline without needing to download any software or buy any hardware. For example, you can download some of the wordlists presented here https://www.eff.org/deeplinks/2016/07/new-wordlists-random-passphrases and generate your random passphrase using a set of multicolored dice.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18748

Quote from: Pmalek on December 19, 2021, 03:03:59 AM

Maybe I am approaching it from the wrong angle.

I don't think you are. The insurance company will obviously need to know what they are insuring. I initially figured that this would simply require the user to share all of their master public keys with the insurance company, but this is not the case. Ignoring the massive privacy implications of doing this, this wouldn't work since the insurance company would have no proof that the master public keys you have shared with them are actually derived from your seed phrase and stored on your hardware wallet. Even signing messages would only prove ownership, and would not prove that the keys were stored on the hardware wallet.

Even if you found some way to prove that the keys were stored on the hardware wallet, then again there is no way to prove that you haven't duplicated those keys to another wallet. The only way round this I can think of is for the hardware wallet to come pre-initialized, and have no way for the user to access their seed phrase or private keys. This is obviously completely unacceptable, completely insecure, and provides zero back ups, so no one would ever use it.

Pmalek

legendary

Activity: 2730

Merit: 7065

Quote from: DaveF on December 16, 2021, 07:27:12 AM

Eliminating the fact that it could be abused, and I thought of it while posting this so I did not think in through all the way. Would you (any of us) be willing to pay more for a hardware wallet with some form of insurance. From an actual major company, that if the wallet if compromised and funds are lost through the manufacturers fault, the users get some or all of their funds back?

How to prove to the insurance company how much crypto was stored on the device? Let's say you can no longer access it for whatever reason to check and provide them with the needed proof. The insurance company would want an insight into your portfolio. If the manufacturer cooperates with the insurance company, we are back on the question of trust. Will they be keeping logs of your portfolio to send to the insurance company in case problems arise? Will you have to do that? Maybe I am approaching it from the wrong angle.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18748

Quote from: dkbit98 on December 17, 2021, 06:08:37 AM

Please include yourself in your anyone's list, it's very practical.

It's the ultimate in plausible deniability. I cannot reveal how many coins I own or where my seed phrases are backed up because I don't know myself!

dkbit98

legendary

Activity: 2212

Merit: 7064

Quote from: dvndr007 on December 16, 2021, 11:39:37 AM

...

You are writing so much nonsensical shit with your broken english language that my head is about to explode understanding what the writer wanted to say Roll Eyes

Quote from: dvndr007 on December 16, 2021, 10:38:20 AM

In case of private keys we should not trust anyone !!

Please include yourself in your anyone's list, it's very practical.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18748

Quote from: dvndr007 on December 16, 2021, 10:38:20 AM

there should be an option to choose seed manually instead random generation should be kept optional.

This is a terrible idea. You should never choose words manually to create a seed phrase, as the seed phrase you create will have very low entropy and be very insecure. If you do not trust any piece of technology to generate a seed phrase randomly, then you should create your own entropy using 256 coin flips like I said above and encode that in to a seed phrase, not just manually pick words you think are somehow "random".

Quote from: dvndr007 on December 16, 2021, 11:39:37 AM

If there is way to do so please share a link or wallets providing this type of facilities.

User Coding Enthusiast has made this tool to make generating a seed phrase from coin flips easier: https://bitcointalksearch.org/topic/handydandy-a-tool-to-work-with-entropy-5373505
However, once again, it requires you to trust the code he has written is not just delivering you a pre-generated seed phrase. If you cannot read the code for your wallet, then you probably won't be able to read the code for this either.

I would also caution that if you are planning to generate your own seed phrase using coin flips, you really need to know what you are doing since there are many many more ways you can mess up, create an insecure seed phrase, accidentally expose your seed phrase, lock your coins in addresses you can't access, and so on. This is why the vast majority of people don't do this and simply use reputable software or hardware wallets.

NeuroticFish

legendary

Activity: 3668

Merit: 6382

Looking for campaign manager? Contact icopress!

Quote from: dvndr007 on December 16, 2021, 11:39:37 AM

For some people 100$ are like millions and for some millions are nothing its not about how much HW wallets are about holding, I bought a new person in crypto he wants me to setup a HW wallet and then he question how can i trust this secret key when someone else is telling it I want to create it manually and there is no option to do so. I said for now you have to trust them, its new yet soon you can do it manually too.

If there is way to do so please share a link or wallets providing this type of facilities.

If it's you who bought the HW from manufacturer and you did reset it yourself (on my HW you can enter incorrect pin 3 times and will reset, asking whether you want to enter old seed or want the device generate a new one) you should be good. Just the seed has to stay safe, offline, and only for your eyes only. (And make sure you've written down the latest seed!)

If you have It background, you can, instead of HW, use cold storage. Then you will know exactly what you do, but it will be way less convenient to use.

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: dvndr007 on December 16, 2021, 11:39:37 AM

For some people 100$ are like millions and for some millions are nothing its not about how much HW wallets are about holding, I bought a new person in crypto he wants me to setup a HW wallet and then he question how can i trust this secret key when someone else is telling it I want to create it manually and there is no option to do so. I said for now you have to trust them, its new yet soon you can do it manually too.

If there is way to do so please share a link or wallets providing this type of facilities.

The gist of your question here is that you choose not to trust anyone else. Then, you probably shouldn't trust your own computer either. Most of your OS and firmware are not open source and are known to have backdoors previously. If you don't trust independent audits or the source code of the hardware wallet, then I would urge you to just do it by hand, because by your logic, nothing is safe.

Your hardware wallet should be new and direct from the manufacturer with unopened seal. If you don't want to trust the manufacturer, you can use a pen and pencil, create your private keys, make your own transactions and broadcast it. Hardware wallet manufacturers have a reputation to uphold, the fact that any possible backdoors would destroy their business is a sufficient deterrence. If you don't trust their entropy, use your own. Otherwise, this topic has been discussed to death and the conclusion is almost always, if you don't trust them then don't use them. There is no way to mitigate your irrational fear if you can't feasibly construct your own hardware wallet from scratch.

dvndr007

member

Activity: 126

Merit: 10

For some people 100$ are like millions and for some millions are nothing its not about how much HW wallets are about holding, I bought a new person in crypto he wants me to setup a HW wallet and then he question how can i trust this secret key when someone else is telling it I want to create it manually and there is no option to do so. I said for now you have to trust them, its new yet soon you can do it manually too.

If there is way to do so please share a link or wallets providing this type of facilities.

NeuroticFish

legendary

Activity: 3668

Merit: 6382

Looking for campaign manager? Contact icopress!

Quote from: dvndr007 on December 16, 2021, 12:26:25 AM

As we know Private keys are generated only Once on every hardware wallet while setting up.

You know it wrong. A proper hardware wallet allows you reset to a new seed as many times as you want.

However, your point is somewhat correct. A hardware wallet can have loophole and the seed be created in a way they can easily find it.
Most go by trusting the manufacturer, since they may not want to risk their business and a massive lawsuit if they do fishy things.

However, the best way to fight that is use open source hardware wallet. Then you can expect that many smart people will review it.
And yet some hardware wallets are closed source...

My opinion is that if you get to have such amount of bitcoin you fear the hardware wallet company may steal them from you, the best call is to make your own cold storage.

dvndr007

member

Activity: 126

Merit: 10

9 out of 10 never reset their wallets, how many times you reset your wallet being practical I dont want to mess with it until you are experimenting, seed phrase is very important its private key there should be an option to choose seed manually instead random generation should be kept optional.

In case of private keys we should not trust anyone !!

DaveF

legendary

Activity: 3500

Merit: 6320

Crypto Swap Exchange

Quote from: dkbit98 on December 16, 2021, 06:57:07 AM

....
Note that open source doesn't mean that wallet is more secure or better, but it means that code can be verified and checked by security experts.

As the log4j vulnerability pointed out yet again, sometimes open source just means a lot more people miss the flaws then a just a few.

Quote from: PawGo on December 16, 2021, 03:59:51 AM

"decentralised"?
Why does it worry you?
Do you wonder if ATM producer created a backdoor in the machine and may steal your money?
Do you wonder if airbag in your car will be launched correctly? (Yes, I know Tanaka case)

At the end they are producers/sellers - and no-one will buy compromised devices. That's why they fix issues, they publish firmware updates etc.

Slightly different because if an ATM manufacturer steals your money your bank will probably eventually get it back to you and then put in an insurance claim and get it back from the operator of the ATM network the certified the machine.
And
The Takata airbags DID work as promised at 1st, it took a while for them to start to degrade and turn into grenadebags instead of airbags. Which is kind of like the log4j issue I mentioned above. Even with a lot of money and engineers looking at it, Takata fucked up big time.

Eliminating the fact that it could be abused, and I thought of it while posting this so I did not think in through all the way. Would you (any of us) be willing to pay more for a hardware wallet with some form of insurance. From an actual major company, that if the wallet if compromised and funds are lost through the manufacturers fault, the users get some or all of their funds back? How much of a premium would you pay if any?

As I said, I thought of it while posting so I might be be missing something obvious.

-Dave

o_e_l_e_o

legendary

Activity: 2268

Merit: 18748

Quote from: dvndr007 on December 16, 2021, 12:26:25 AM

As we know Private keys are generated only Once on every hardware wallet while setting up.

We can't generate it many times as we want, if that fixed one generation of key while setting up every hardware wallet are already compromised?

That's not true. You can generate as many seed phrases on your hardware wallet as you like. If your hardware wallet only allows you to generate a single seed phrase, or even worse already has a seed phrase generated on it by the time you receive it, then I would throw it in the trash immediately.

Quote from: dvndr007 on December 16, 2021, 12:26:25 AM

How do we trust anything or anyone that it's a complete random generation, we are not in it we are trusting manufacturer's? It's like trusting third party?

By using open source software which you can personally review the code so you know what it is doing. If that's not enough for you, then you are going to have to build your own device from scratch so you know what the hardware is doing as well. If that's not enough for you, then (and far easier) will be to generate your own 256 bits of entropy by flipping a coin and manually turning that in to a seed phrase.

dkbit98

legendary

Activity: 2212

Merit: 7064

Quote from: Beparanf on December 16, 2021, 06:38:19 AM

Manufacturer of hardware wallet use open source code so everyone can verify it. Hardware wallet company like trezor and ledger are both license company in there own respective company with doxxed owner.

Please don't post false and wrong information, and nobody cares if some hardware wallet company is respective or licensed.
Ledger any many other hardware wallets like Safepal and CoolWallet are closed source and you can't verify anything there.

Open Source Hardware wallets:

Note that open source doesn't mean that wallet is more secure or better, but it means that code can be verified and checked by security experts.

Beparanf

hero member

Activity: 2954

Merit: 796

Quote from: dvndr007 on December 16, 2021, 12:26:25 AM

As we know Private keys are generated only Once on every hardware wallet while setting up.

We can't generate it many times as we want, if that fixed one generation of key while setting up every hardware wallet are already compromised?

How do we trust anything or anyone that it's a complete random generation, we are not in it we are trusting manufacturer's? It's like trusting third party? If any force make them cheat on it how can we protect ourself because people are trusting hardware wallets blindly thinking its 100% safe many have lifetime saving's on it !!

There maybe possibilities of having loopholes while connecting to software's how can we trust it if they are created under any force?

How manufacturer's come out of these issue's ? what should be the next invention to protect crypto for getting more decentralised.

Questioning is the only right way, we should focus on appreciating questions to bring crypto to next level.

^{_{Disclaimer: OP is not attacking or blaming anyone, it's just a question nothing else.}}

Manufacturer of hardware wallet use open source code so everyone can verify it. Hardware wallet company like trezor and ledger are both license company in there own respective company with doxxed owner. Do you think they will gamble there own reputation while they already have a successful business on hardware wallet industry? You better not get paranoid there product is already proven many times. The idea of decentralized cryptocurrency is solely relying on trust, You should not here at the first place if you can't trust.

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

Quote from: dvndr007 on December 16, 2021, 12:26:25 AM

How do we trust anything or anyone that it's a complete random generation, we are not in it we are trusting manufacturer's? It's like trusting third party? If any force make them cheat on it how can we protect ourself because people are trusting hardware wallets blindly thinking its 100% safe many have lifetime saving's on it !!

While it may seem paranoid, no one should be trusted blindly, no matter what reputation they have. I have repeatedly written publicly that people live in delusion believing that hardware wallets provide some absolute security, because there is always the possibility that someone will find some critical vulnerability that is unknown at the moment.

I am not technically competent to say whether it is possible for some HW manufacturers to have some kind of backdoor through which they can seamlessly communicate with their devices and maybe even in some sophisticated way get hold of sensitive information. I can only say that it is wrong to believe that something is completely impenetrable just because someone says it.

Topic: If your Private Key's are compromised by manufacturer's of hardware wallet's !! (Read 311 times)