Topic: Keystone 3 HW coming soon! - page 5. (Read 1802 times)

I would be interested to read that blog post, and I know WalletScrutiny could not verify source code for older version but that was one year ago.
This is not the first time I saw companies from China doing modification on source codes like this.

I don't think there is any open source secure elements yet, so that means that all hardware wallets have weak spot here.
Not that I am comparing this with Keystone example.

This is for older device, I am not sure they released code for new devices yet.
They changed it now and they released in public name of all secure elements, one of them is the same chip like Passport is using.
ATECC608B + Maxim DS28S60 (+ Maxim MAX32520 that is used only for Keystone 3 Pro version)

I agree with this.
When I asked Keystone CEO all this questions he refused to tell me more information, I think becasue they have signed some NDA crap.  

Maybe this is not such a bad thing, since I don't consider Keystone 3 Pro to be true airgapped device anymore.

Yes. there are other differences. For example Keystone 3 doesn't support multiple private keys at the same time as the Pro version. Also not supporting upgrade using the USB cable.
You can see a comparation between both versions here: https://thebitcoinhole.com/wallets/keystone-3-vs-keystone-3-pro

Keystone is not open source, and I have been considering writing a blog posts that dives into their claims.

Here's their 5 GB+ Android OS that does not have source code available:

https://github.com/KeystoneHQ/Keystone-system


What about their secure element firmware? Looks like that code can only be compiled with proprietary ARM software called Keil. https://github.com/KeystoneHQ/keystone-se-firmware

Additionally, there is no information as to who even makes their secure element. It's some kind of white labeled processor. https://github.com/KeystoneHQ/Keystone-developer-hub/blob/main/hardware/Keystone_V1.02_BOM.xls

Furthermore, their hardware schematic is not all-inclusive and omits the self-destruct mechanism.

Hopefully Keystone 3 will actually be open source, but I am growing tired of hardware wallet companies hiding behind false claims of open source. It really damages the definition and I consider it attack on the FOSS movement.

So does Keystone previous version.
It is more likely that ledger will soon stop updating ledger S, because they announced it themselves.
But if you like using ledgers old closed source junk, go ahead and do it, your choice.

Keystone always had a lot of discounts and promotions.
I never said they are cheap or cheapest wallet in the world, but they are certainly airgapped open source devices with fair price.

I do not dispute the fact that the Ledger nano S has been discontinued, which is absolutely natural since they are replaced by the nano s plus model, but they still receive firmware updates.

You also write about the low price of the Keystone, but I bought my Keystone Pro for $169 and pretty soon I'll have to throw it in the dustbin. I also want to remind you that they previously released one of the most expensive wallets in the world Cobo vault worth $479, which someone probably bought and already threw in the trash.

But if you like to throw away wallets a few years after purchase and then buy new ones, then I will not argue with that, that's your right.

I don't think it really matters because they already made a decision, and this was just a way to get more attention from people.
Like whitelisting was not only for people who applied on twitter, it is for everyone in next 6-7 days...

Expensive?!
Price was always around $100, much cheaper that Trezor T, ledgers, and most other hardware wallets offered today.

Anyway...website redesign is now complete, but Keystone also released yet again new Keystone logo, and they are officially releasing Kestone 3 Pro version for discount price of $90 (plus shipping).
This is currently one of the best deals for hardware wallets and price is fair in my opinion, but I more interested in Bitcoin only version or one with removable battery (they are thinking of releasing this in future).
I listened latest interview with Keystone CEO and if I understood correctly this new bitcoin-only wallet will have totally different name and branding.



https://keyst.one/

This is bunch or crap and incorrect information, and ledger has the worst hardware wallets in the world.
Ledger model S stopped manufacturing, ledger X uses worst batteries ever, they have a bunch of old models that ended up in graveyard, not to mention all the leaks, closed source code, recent disaster with Rec0very crap, etc.

The Trezor One and Ledger nano S were released in 2014 and 2016, respectively, and continue to receive updates to this day. Keystone is ending support for two generations of its wallets (3 Cobo models and 2 Keystone models) in a fairly short period of time. Personally, I no longer trust their products.

Has anyone passed the Keystone vote?


In general, in any case, after 18 months, regular Keystone wallets (gen.2) will not receive updates.
And now let's remember the story: first they release COBO wallets, then, due to internal disagreements, they stop supporting them and offer users to buy the same thing again but under the Keystone brand.
Now they are again offering to switch to the new Keystone 3 wallet, which does not differ significantly from the old models.
In my opinion, they give too short a life for their relatively expensive wallets.
And where is the guarantee that in a couple of years they will again not offer everyone to switch to Keystone 4?

Nice gesture from Keystone team.
Do you know if there will be any other difference between Keystone 3 Pro and regular version, except the lack of biometric fingerprint scanner and third secure element?
I know older version difference was tampering detection and I was wondering if that was the same in new version.
Biometrics are not my thing, especially for hardware wallets and saving $30 is also nice.

Maybe they will introduce additional model with removable battery soon, but even now you are purchasing all smartphones with non-removable batteries in EU.

Looks like Keystone 3  will miss EU market as European Parliament mandates  removable batteries in smartphone and all consumer electronics.

According to https://wallets.thebitcoinhole.com/ Keystone wallets are produced by China company (the headquarter is in Hong Kong) and, AFAIK, the companies from this country are tradiitionally oriented on EU market, so the decision to make battery irremovable in this particular model seems to be very strange.

I agree and add that it is impossible to do planned aging for wallets, as they do with smartphones. Even in a smartphone, if desired, you can replace the battery, which is already impossible with Keystone 3.
The wallet does not need to constantly improve the hardware either, it must have enough resources to scan the QR code, and the ability to sign the transaction. The constant increase in processor power and increase in memory can only lead to more backdoors and greater difficulty in detecting them.

Hi,

We had the chance to receive a prototype of the new Keystone 3 Pro.
https://twitter.com/thebitcoinhole/status/1686546349498499072

These are our impressions about it.
✅ Rounded bounds compared with the previous generation make it feel more comfortable.
✅ Reduced size and dimensions, keeping the same screen 4" screen size.
❌ Missing removable battery. This is something will miss compared with the previous generation.
✅ 2 years warranty compared to the 1 year offered by the previous model.
✅ The support to manage up to 3 unique seed phrases from a single device is awesome. We didn't find this feature in any of the other wallets we compare.
✅ The wallet setup is super easy. With the chance to easily switch between 12 and 24 words, and recreate new keys with just one tap.
✅ Possibility to sign transactions using USB data, Bluetooth or QR, covering the different levels of expertise.
✅ The same with the firmware updates. You can upgrade using the USB port or a MicroSD card.
✅4 ways to configure the device unlock and the access to different features: numeric PIN, alphanumeric password, fingerprint, or gesture.
✅ A dedicated software is used instead of Android, which gives more security to the wallet.
❌ The touch sensor works fine, but it could be a bit better.
❌Missing features like SeedQR support, ephemeral seeds, some advanced security PIN features, etc.
✅ Very good price ($129) for a wallet with camera,  touch screen, fingerprint sensor and 3 secure elements

You can see all the details of the Keystone 3 Pro on our website.
https://thebitcoinhole.com/wallets/keystone-3-pro

Planned obsolescence is O.k. when it comes to bitcoin hardware wallets? 

I was thinking that a hardware device should have way more than 10 years shelf-life.. maybe even 30 years, even though sure maybe the battery would need to be changed a few times.. and yeah, maybe we might end up porting our coins (I mean access to the private keys to some other device - but would we want to have to move our coins for the mere sake of it?  maybe just leave our coins in the same spot?)


What he said.

 


Of course, even if I may well have been assuming that a hardware wallet would last much longer than 10 years, and maybe even 20-30 years, I was never considering that there would not be a back-up seed held in some kind of way(s).... and yeah, maybe if someone might ONLY be interacting with his/her hardware wallet once every couple of years (to verify funds and perhaps to verify that it still works and that s/he still knows how to use it), there may be some benefits in terms of keeping the amount of maintenance low and perhaps ONLY doing the bare minimum.. which is just making sure that everything still works.

For sure, if there might be some security vulnerabilities that might develop (or come to be known) at some point down the road, maybe we might presume that the more years that pass, the more likely that security vulnerabilities would be found out in regards to older devices and perhaps become vulnerable in certain kinds of scenarios - maybe also never presuming that losing physical access to the device would allow much sense of security and/or perhaps cause urgent needs to actually move the coins if that kind of a loss of access were to be discovered.

In theory, that is indeed correct. I'm not aware of cases where hardware implants were realized through battery packs, but I can see how that is a place where you are able to hide a rogue IC in plain sight.

Even though that would require changes to the main device (e.g. to accept data from the battery protection wire).

There's a positive cable, a negative, and one that has to do with protecting the battery. The hardware wallet shouldn't accept any "data" coming from those cables, no matter what an attacker programs into the battery.

I just realized another issue with this type of battery pack. They usually have a very thin PCB at the very top, underneath the orange tape, with unknown ICs potentially running unknown code.


In theory, they are just supposed to hold protection circuitry for the cells, but to reduce the risk of supply-chain attacks and hardware implants, some companies chose to use standard, user-removable and inspectable batteries instead (AA's or BL-5C's).

Generally speaking, it is a tough choice whether to make such a device tamper-proof / -resistant or not. It really depends on someone's individual attacker model, too. All of the 'verifiable hardware' principles go out the window if you brick it the moment you open it.

On the other hand, IF you do trust the manufacturer, supply chain and shipping, it can really effectively protect you from basically any (hardware) attack in day-to-day usage, since for almost every single attack on hardware wallets so far, it was required to physically open them up.

Although there are exceptions to this, as well...

Additional secure element and hardware for reading fingerprints costs money, and I think old Keystone Pro version had tampering detection unlike regular version, but I am not sure if this will be the case for Keystone3.  

Silly question... so I won't respond to this since the answer is obvious.

I compared prices for all other hardware wallets and I think this move from Keystone will force other hardware wallet manufactures to think about reducing prices, or giving special discounts.
There are few cheaper hardware wallets out there, but Trezor One will stop producing soon, cheaper OneKey devices are all based on Trezor One code, so we only have Jade wallet that is currently cheaper.

And it's compatible with other hardware wallets, but I don't think battery should last for years without problem, and it won't be as shitty as in ledger nono X.  

You also need battery for laptops and many other devices
I think heat and water are the main problems for lithium batteries, so keeping them away in cooler dry places is a good suggestion.
Tesla crap had huge problems when floods with water started to ignite batteries and create fires that can't be put down with more water.

I understand what you are saying, and I am not disagreeing. I am not defending Keystone's choice of system here, nor am I criticizing it. I am simply explaining the logic behind it and what is possible to do. It's a completely different discussion whether someone should keep multiple seed phrases in their hardware device, how safe that is, and if there are better alternatives.

To repeat. If I want to have two or three separate recovery phrases in the same device and at the same time, I can't do that with my Ledger or Trezor. But I can do it if I had a Keystone. That was my whole point. 

One may have as many wallets as he wants with a single SEED by attaching  different password phrase  to the given SEED. In this case the factory reset is not needed.

Frankly speaking, I also consider a few wallets in a single case as a ridiculous approach. 

Structurally separated wallets can be stored in different places and you can take only the one you need at the moment.

I wouldn't worry about it. The transaction will either be signed or not. Since Keystone is an airgapped device, you aren't broadcasting anything directly from the hardware wallet to the internet. But even if you did, the coins can't disappear in an irretrievable way. If signed and broadcast, they will start being spread across connected nodes and their mempools. If not, the coins remain in the same address you had them in. Do it again once you restore power.

You answered that yourself. If your hardware wallet supports only one seed, you'll have to reset it to factory settings to enter a second one. By supporting 3 seeds, no resetting is needed if you have up to 3 seeds in it. A reset will be needed only if you need to switch to a 4th.