Jade DIY hardware wallet - page 3. | Bitcointalksearch.org

Jason Brendon

member

Activity: 162

Merit: 65

Quote from: HideYourKeys on May 08, 2024, 12:20:03 PM

I have flashed serveral TTGO T-displays for friends, as an entry-level device, I think it is the perfect choice.

Nevertheless, I have noticed that the last two ones I flashed (I only have one available, I gave away the other one) do not "keep the data", I mean, I flash them, and set up a wallet with the recovery words, the PIN, and so on... but once turned off and on, you have to enter all the words again... Have any of you guys experienced that? I am on 1.0.29 firmware.

P.S: I even wrote a post on this topic, and made a guide, in fact I made some ammendments and tricks on top of the videos the OP made. For instance, in some cases I did not get the bootloader prompt, but there are some commands to enforce its flashing. https://hideyourkeys.io/cheap-hardware-wallet-below-diy-guide/

Is it the new 'stateless' mode where it acts like SeedSigner(another DIY project) so every time you turn off the device, it forgets things.

HideYourKeys

full member

Activity: 149

Merit: 165

Metal Seed Phrase at the lowest price! From 44.99

I have flashed serveral TTGO T-displays for friends, as an entry-level device, I think it is the perfect choice.

Nevertheless, I have noticed that the last two ones I flashed (I only have one available, I gave away the other one) do not "keep the data", I mean, I flash them, and set up a wallet with the recovery words, the PIN, and so on... but once turned off and on, you have to enter all the words again... Have any of you guys experienced that? I am on 1.0.29 firmware.

P.S: I even wrote a post on this topic, and made a guide, in fact I made some ammendments and tricks on top of the videos the OP made. For instance, in some cases I did not get the bootloader prompt, but there are some commands to enforce its flashing. https://hideyourkeys.io/cheap-hardware-wallet-below-diy-guide/

Jason Brendon

member

Activity: 162

Merit: 65

Quote from: Cricktor on May 06, 2024, 03:34:16 PM

Quote from: Jason Brendon on May 05, 2024, 10:42:33 PM

I think this TTGO has wifi connection embedded? Huh

How can anybody use this to store your private keys?

I'm pretty sure (though couldn't find a quick confirmation) that even when there's wifi hardware available, it isn't enabled, no driver loaded, no wifi initialized or explicitly disabled. It wouldn't make sense to have such an attack vector open when you can disable this potential connectivity.

Or the other way round, if you fear such a DIY Jade could maliciously leak your wallet secrets via wifi, the code is open-source, as far as I've seen the firmware is reproducable. Inspect the code for shady stuff. The Jade clone can't guess your or other wifi's passwords.

I have the same strategy with my DIY PiTrezor which I run on a Pi Zero W. As wifi and/or Bluetooth can't be used with a basically Trezor One firmware, there's a) no driver for wifi or Bluetooth in PiTrezor's firmware and b) I disable explicitly both wireless modules in the Pi Zero's boot config. That's safe enough for me and my PiTrezor is more an experimental project, no valuable wallet on it.

I wish there was a DIY device that by default has no wifi at all...

Cricktor

hero member

Activity: 714

Merit: 1010

Crypto Swap Exchange

Quote from: Jason Brendon on May 05, 2024, 10:42:33 PM

I think this TTGO has wifi connection embedded? Huh

How can anybody use this to store your private keys?

I'm pretty sure (though couldn't find a quick confirmation) that even when there's wifi hardware available, it isn't enabled, no driver loaded, no wifi initialized or explicitly disabled. It wouldn't make sense to have such an attack vector open when you can disable this potential connectivity.

Or the other way round, if you fear such a DIY Jade could maliciously leak your wallet secrets via wifi, the code is open-source, as far as I've seen the firmware is reproducable. Inspect the code for shady stuff. The Jade clone can't guess your or other wifi's passwords.

I have the same strategy with my DIY PiTrezor which I run on a Pi Zero W. As wifi and/or Bluetooth can't be used with a basically Trezor One firmware, there's a) no driver for wifi or Bluetooth in PiTrezor's firmware and b) I disable explicitly both wireless modules in the Pi Zero's boot config. That's safe enough for me and my PiTrezor is more an experimental project, no valuable wallet on it.

Jason Brendon

member

Activity: 162

Merit: 65

Quote from: dkbit98 on June 01, 2023, 09:12:07 AM

TTGO (Lilygo) T-Display ~$10 USD

https://github.com/3rdIteration/Jade/blob/master/diy/readme.md

I think this TTGO has wifi connection embedded? Huh

How can anybody use this to store your private keys?

apogio

hero member

Activity: 560

Merit: 1060

Quote from: BlackHatCoiner on April 05, 2024, 02:30:46 PM

I should think about it twice before questioning Blockstream for their lack of research. Tongue

Especially since the founder has invented the core mining mechanism of bitcoin Tongue

Seriously though, nice catch and nice study. You have provided us with some knowledge.

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

Quote from: Pmalek on April 05, 2024, 09:15:47 AM

Feel free to add something more if you want to.

As it turns out, I was not totally right.

It doesn't directly use libsecp256k1, indeed, but it does use secp256k1-zkp, which is a fork of the former. As you can see in here, it says that their EC library calls secp256k1_surjectionproof_verify() and secp256k1_rangeproof_verify(), which are defined only over secp256k1-zkp. You can verify by searching in libsecp256k1 (empty) and in secp256k1-zkp (non-empty).

I should think about it twice before questioning Blockstream for their lack of research. Tongue

Pmalek

legendary

Activity: 2730

Merit: 7065

Quote from: apogio on April 05, 2024, 01:24:42 AM

the address generation process is a core process, which, I hope, has been tested by both software unit tests and human tests. I can't believe that there will be a flaw in such an important aspect of the software.

I didn't mean there would be flaws in it b default. I am sure we would have heard about it by now. The Jade doesn't have the userbase of Trezor or Ledger, but whatever it's got, we would have heard about something like that.

The bugs I was speculating about could perhaps be the result of certain software/hardware issues and not a scenario you would see if everything was working top-notch.

Quote from: BlackHatCoiner on April 05, 2024, 08:50:08 AM

I checked Jade's github repository a little bit. It doesn't use libsecp256k1 as the library for performing elliptic curve operations, at least as far as I can see. It isn't a very good sign, considering that it's the most tested library for that sensitive purpose, and used by the most reputable pieces of software like Bitcoin Core.

To me the portion of the project that is cryptography-related is the most crucial. I wouldn't care if the UI had a bug. However, if there's a bug in cryptography like a non-random R-value in a signature, that can be catastrophic. But, again, I'm not totally sure they use another reputable library for EC operations.

This is a question and topic that should be directed to their customer service team, instructing them to push it further to their development team to clarify. I will do it during the weekend if I don't forget. Feel free to add something more if you want to.

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

Quote from: apogio on April 05, 2024, 01:24:42 AM

It is a realistic scenario, but not a likely to happen scenario. I mean, bugs can be found in the code, but the address generation process is a core process, which, I hope, has been tested by both software unit tests and human tests. I can't believe that there will be a flaw in such an important aspect of the software.

I checked Jade's github repository a little bit. It doesn't use libsecp256k1 as the library for performing elliptic curve operations, at least as far as I can see. It isn't a very good sign, considering that it's the most tested library for that sensitive purpose, and used by the most reputable pieces of software like Bitcoin Core.

To me the portion of the project that is cryptography-related is the most crucial. I wouldn't care if the UI had a bug. However, if there's a bug in cryptography like a non-random R-value in a signature, that can be catastrophic. But, again, I'm not totally sure they use another reputable library for EC operations.

apogio

hero member

Activity: 560

Merit: 1060

Quote from: fillippone on April 05, 2024, 01:26:51 AM

This is how I would approach the question.
Also, I am irrationally risk-averse when it comes to losing Bitcoin (I said irrationally!) so I would further lower that threshold.

Quote from: Cricktor on April 04, 2024, 03:44:44 PM

Some bad feeling likely remains with a device that showed signs of unreliability. A one-time bad day I would brush off, kind of.

You are both correct. And since I have been asked the question a lot, about why I keep trusting the device and why I still use it, I want to make something clear.

1. I can read and understand C, so I feel confident reading the code. Which is important for me.
2. My usage is pretty limited. Once a month, I scan a private key QR code, I sign a transaction (usually a pretty small one), I erase the memory of the device (using temporary signer option).
3. Blockstream doesn't know my address, nor my name, since I received the product elsewhere, where I don't have the ability to access now, so if I request a change, or buy a new one, I will need to use my real name and address.
4. I own other devices that I use for more frequent transactions.
5. I always know that my backups are safe.
6. I always use QR codes, which is safer than USB cables. Still, QR codes are not a panacea, but, you know, I feel more confident.
7. The Jade is a reputable device.

Warning:
Finally, always be very cautious when it comes to using browser-based products (software & updates). Always verify what you download. Always think twice before downloading something.

fillippone

legendary

Activity: 2268

Merit: 16328

Fully fledged Merit Cycler - Golden Feather 22-23

I still don’t get it.

What is the risk of a fatal hardware malfunction once you have witnessed something like that one apogio experienced? 0.1%?
1 BTC is 70,000 USD.
1 Jade costs roughly 100 USD.

So 100 USD /0.001/70,000 USDBTC≈1.42 BTC

Ok, then it is not worth handling UTXO bigger than 1.42 BTC with such an hardware.
Provided you already have a functioning backup of the seed phrase (Master key).

This is how I would approach the question.
Also, I am irrationally risk-averse when it comes to losing Bitcoin (I said irrationally!) so I would further lower that threshold.

apogio

hero member

Activity: 560

Merit: 1060

Quote from: Pmalek on April 04, 2024, 10:34:49 AM

The worst thing I can think of from the top of my head is that it somehow starts generating addresses whose coins you can never spend (sign) because of a serious bug. Of course, I am just throwing ideas out there, and I don't think it's a realistic scenario.

It is a realistic scenario, but not a likely to happen scenario. I mean, bugs can be found in the code, but the address generation process is a core process, which, I hope, has been tested by both software unit tests and human tests. I can't believe that there will be a flaw in such an important aspect of the software.

What can happen though, is that someone can use a fake website to update their firmware and that the installed software can be malicious. This is a huge problem if it happens... I hope that the device won't work with the fake website, but since I am a developer and not a security person, I don't know how easy this scenario is.

Cricktor

hero member

Activity: 714

Merit: 1010

Crypto Swap Exchange

Quote from: Pmalek on April 04, 2024, 10:34:49 AM

The worst thing I can think of from the top of my head is that it somehow starts generating addresses whose coins you can never spend (sign) because of a serious bug.

Something of that category came to my mind, too. I don't say lightly, I'm not scared or not concerned. I would mostly assume, if a device starts to act wonky, it would produce enough garbage that errors creep in quickly that the network would simply reject a funky transaction, hopefully! But your described nightmare may still be possible if things go when Murphy takes over as he always does.

Some bad feeling likely remains with a device that showed signs of unreliability. A one-time bad day I would brush off, kind of.

Pmalek

legendary

Activity: 2730

Merit: 7065

Quote from: Cricktor on April 01, 2024, 06:50:00 AM

I know, that's the purpuse and part of the security model of those signing devices. You still want to be sure that after you re-instantiate your wallet, everything from that point of usage of the device is working reliably.

He can always fall back on his backup phrase in case the device starts acting up or becomes unusable for the purpose it was designed for (signing transactions). The worst thing I can think of from the top of my head is that it somehow starts generating addresses whose coins you can never spend (sign) because of a serious bug. Of course, I am just throwing ideas out there, and I don't think it's a realistic scenario.

apogio

hero member

Activity: 560

Merit: 1060

Quote from: Cricktor on April 01, 2024, 06:50:00 AM

I think, I wouldn't be as scared as fillippone is. After you can revive the device by re-flashing the firmware and it doesn't nag with further obvious instability or hangs, I'd dismiss the previous glitch as a one-time hiccup. Am I reckless?

You aren't. I don't care very much to be honest, but I understand fillippone's concern, because it's a natural behaviour to be concerned when things like this happen and especially when they happen to devices that are used to hold secrets of any type. Could be private keys, gpg keys, passwords, anything like that.

Cricktor

hero member

Activity: 714

Merit: 1010

Crypto Swap Exchange

Quote from: apogio on April 01, 2024, 05:42:21 AM

Wow, what's that? Sounds intriguing, my knowledge in physics sucks haha

You might be interested to watch The Universe is Hostile to Computers. In the first minutes an election machines glitch is explained which likely happened due to radioactive decay or this cosmic ray stuff aftermath.

Quote from: apogio on April 01, 2024, 05:42:21 AM

In fact, as I have said, my Jade is amnesiac. Every time I turn it off it erases its memory. So I always need to scan a QR code to load my wallet. Nothing is persisted once it's shut down.

I know, that's the purpuse and part of the security model of those signing devices. You still want to be sure that after you re-instantiate your wallet, everything from that point of usage of the device is working reliably.

I think, I wouldn't be as scared as fillippone is. After you can revive the device by re-flashing the firmware and it doesn't nag with further obvious instability or hangs, I'd dismiss the previous glitch as a one-time hiccup. Am I reckless?

apogio

hero member

Activity: 560

Merit: 1060

Quote from: Cricktor on April 01, 2024, 05:26:56 AM

Maybe a cosmic ray particle or photons incident at the wrong place and time affecting the startup process when apogio turned on his device? Speculation...

Wow, what's that? Sounds intriguing, my knowledge in physics sucks haha

As far a the backups are concerned. Yeah, obviously nothing bad happened. In fact, as I have said, my Jade is amnesiac. Every time I turn it off it erases its memory. So I always need to scan a QR code to load my wallet. Nothing is persisted once it's shut down.

Cricktor

hero member

Activity: 714

Merit: 1010

Crypto Swap Exchange

Quote from: fillippone on March 31, 2024, 11:33:55 AM

It would be nice to understand what caused the issue in the first place.

Maybe a cosmic ray particle or photons incident at the wrong place and time affecting the startup process when apogio turned on his device? Speculation...

Quote from: fillippone on March 31, 2024, 11:33:55 AM

As I said before, I still would be scared of using that particular hardware.

I assume apogio checked thoroughly the recovery of his wallet after reflashing the device. That should be fine then, except if you're scared that some bits or registers could be instable in his device. If this were the case, instability could occur more often or worse screws things up right when you don't need it, like when you sign a large transaction.

Should we have some function tests built into the firmware to be able to check manually that all major functions are performing properly?

fillippone

legendary

Activity: 2268

Merit: 16328

Fully fledged Merit Cycler - Golden Feather 22-23

Quote from: apogio on March 30, 2024, 02:47:41 AM

I had the 1.0.23 version and I upgraded to 1.0.29.
It works well so far, since yesterday. I have done a full test of my personal use case. I mean, I have imported the wallet using the QR code, I have signed a transaction, I have changed the colors and the brightness, I have performed a factory reset. All good!

Well, Probably a software error. Nice recovery, Jade.
It would be nice to understand what caused the issue in the first place.
Of course, long-term holding with a Hardware Wallet is not a state-of-the-art practice, but It' 's fairly common.
As I said before, I still would be scared of using that particular hardware.

apogio

hero member

Activity: 560

Merit: 1060

Quote from: Pmalek on March 30, 2024, 02:30:23 AM

Quote from: apogio on March 29, 2024, 03:31:49 PM

I am glad that it turned out to be such an easy fix in the end that only required a fresh software installation. While we are on it, was the firmware on the device outdated anyways and you installed a new one or did you install the same version you already had on your Jade when it all went tits up?

I had the 1.0.23 version and I upgraded to 1.0.29.
It works well so far, since yesterday. I have done a full test of my personal use case. I mean, I have imported the wallet using the QR code, I have signed a transaction, I have changed the colors and the brightness, I have performed a factory reset. All good!

Topic: Jade DIY hardware wallet - page 3. (Read 1376 times)