Topic: Keystone 3 HW coming soon! - page 5. (Read 1494 times)

I agree and add that it is impossible to do planned aging for wallets, as they do with smartphones. Even in a smartphone, if desired, you can replace the battery, which is already impossible with Keystone 3.
The wallet does not need to constantly improve the hardware either, it must have enough resources to scan the QR code, and the ability to sign the transaction. The constant increase in processor power and increase in memory can only lead to more backdoors and greater difficulty in detecting them.

Hi,

We had the chance to receive a prototype of the new Keystone 3 Pro.
https://twitter.com/thebitcoinhole/status/1686546349498499072

These are our impressions about it.
✅ Rounded bounds compared with the previous generation make it feel more comfortable.
✅ Reduced size and dimensions, keeping the same screen 4" screen size.
❌ Missing removable battery. This is something will miss compared with the previous generation.
✅ 2 years warranty compared to the 1 year offered by the previous model.
✅ The support to manage up to 3 unique seed phrases from a single device is awesome. We didn't find this feature in any of the other wallets we compare.
✅ The wallet setup is super easy. With the chance to easily switch between 12 and 24 words, and recreate new keys with just one tap.
✅ Possibility to sign transactions using USB data, Bluetooth or QR, covering the different levels of expertise.
✅ The same with the firmware updates. You can upgrade using the USB port or a MicroSD card.
✅4 ways to configure the device unlock and the access to different features: numeric PIN, alphanumeric password, fingerprint, or gesture.
✅ A dedicated software is used instead of Android, which gives more security to the wallet.
❌ The touch sensor works fine, but it could be a bit better.
❌Missing features like SeedQR support, ephemeral seeds, some advanced security PIN features, etc.
✅ Very good price ($129) for a wallet with camera,  touch screen, fingerprint sensor and 3 secure elements

You can see all the details of the Keystone 3 Pro on our website.
https://thebitcoinhole.com/wallets/keystone-3-pro

Planned obsolescence is O.k. when it comes to bitcoin hardware wallets? 

I was thinking that a hardware device should have way more than 10 years shelf-life.. maybe even 30 years, even though sure maybe the battery would need to be changed a few times.. and yeah, maybe we might end up porting our coins (I mean access to the private keys to some other device - but would we want to have to move our coins for the mere sake of it?  maybe just leave our coins in the same spot?)


What he said.

 


Of course, even if I may well have been assuming that a hardware wallet would last much longer than 10 years, and maybe even 20-30 years, I was never considering that there would not be a back-up seed held in some kind of way(s).... and yeah, maybe if someone might ONLY be interacting with his/her hardware wallet once every couple of years (to verify funds and perhaps to verify that it still works and that s/he still knows how to use it), there may be some benefits in terms of keeping the amount of maintenance low and perhaps ONLY doing the bare minimum.. which is just making sure that everything still works.

For sure, if there might be some security vulnerabilities that might develop (or come to be known) at some point down the road, maybe we might presume that the more years that pass, the more likely that security vulnerabilities would be found out in regards to older devices and perhaps become vulnerable in certain kinds of scenarios - maybe also never presuming that losing physical access to the device would allow much sense of security and/or perhaps cause urgent needs to actually move the coins if that kind of a loss of access were to be discovered.

In theory, that is indeed correct. I'm not aware of cases where hardware implants were realized through battery packs, but I can see how that is a place where you are able to hide a rogue IC in plain sight.

Even though that would require changes to the main device (e.g. to accept data from the battery protection wire).

There's a positive cable, a negative, and one that has to do with protecting the battery. The hardware wallet shouldn't accept any "data" coming from those cables, no matter what an attacker programs into the battery.

I just realized another issue with this type of battery pack. They usually have a very thin PCB at the very top, underneath the orange tape, with unknown ICs potentially running unknown code.


In theory, they are just supposed to hold protection circuitry for the cells, but to reduce the risk of supply-chain attacks and hardware implants, some companies chose to use standard, user-removable and inspectable batteries instead (AA's or BL-5C's).

Generally speaking, it is a tough choice whether to make such a device tamper-proof / -resistant or not. It really depends on someone's individual attacker model, too. All of the 'verifiable hardware' principles go out the window if you brick it the moment you open it.

On the other hand, IF you do trust the manufacturer, supply chain and shipping, it can really effectively protect you from basically any (hardware) attack in day-to-day usage, since for almost every single attack on hardware wallets so far, it was required to physically open them up.

Although there are exceptions to this, as well...

Additional secure element and hardware for reading fingerprints costs money, and I think old Keystone Pro version had tampering detection unlike regular version, but I am not sure if this will be the case for Keystone3.  

Silly question... so I won't respond to this since the answer is obvious.

I compared prices for all other hardware wallets and I think this move from Keystone will force other hardware wallet manufactures to think about reducing prices, or giving special discounts.
There are few cheaper hardware wallets out there, but Trezor One will stop producing soon, cheaper OneKey devices are all based on Trezor One code, so we only have Jade wallet that is currently cheaper.

And it's compatible with other hardware wallets, but I don't think battery should last for years without problem, and it won't be as shitty as in ledger nono X.  

You also need battery for laptops and many other devices
I think heat and water are the main problems for lithium batteries, so keeping them away in cooler dry places is a good suggestion.
Tesla crap had huge problems when floods with water started to ignite batteries and create fires that can't be put down with more water.

I understand what you are saying, and I am not disagreeing. I am not defending Keystone's choice of system here, nor am I criticizing it. I am simply explaining the logic behind it and what is possible to do. It's a completely different discussion whether someone should keep multiple seed phrases in their hardware device, how safe that is, and if there are better alternatives.

To repeat. If I want to have two or three separate recovery phrases in the same device and at the same time, I can't do that with my Ledger or Trezor. But I can do it if I had a Keystone. That was my whole point. 

One may have as many wallets as he wants with a single SEED by attaching  different password phrase  to the given SEED. In this case the factory reset is not needed.

Frankly speaking, I also consider a few wallets in a single case as a ridiculous approach. 

Structurally separated wallets can be stored in different places and you can take only the one you need at the moment.

I wouldn't worry about it. The transaction will either be signed or not. Since Keystone is an airgapped device, you aren't broadcasting anything directly from the hardware wallet to the internet. But even if you did, the coins can't disappear in an irretrievable way. If signed and broadcast, they will start being spread across connected nodes and their mempools. If not, the coins remain in the same address you had them in. Do it again once you restore power.

You answered that yourself. If your hardware wallet supports only one seed, you'll have to reset it to factory settings to enter a second one. By supporting 3 seeds, no resetting is needed if you have up to 3 seeds in it. A reset will be needed only if you need to switch to a 4th.

Yes, but you don't have to move funds in order to replace a hardware device (assuming you even use one for such long-term hodling).

Hardware wallet devices (especially one like this) are designed to be a practical compromise between security of funds and convenience of use (spending). For long-term hodlers, however, I think that a simple paper or metal plate with a seed phrase (without any hardware/software wallet) is still a safer solution because it significantly reduces the number of attack vectors.

---

According to the video, it appears that the device will be designed to be tamper-resistant. So, if you try to open it, the device will likely reset, assuming the final device is constructed similarly to the prototype. It won't be a problem as long as you can restart the device again. Let's just hope they don't take drastic measures, such as bricking the device completely.

Do keep in mind that it's possible to get the 'best of both worlds' by making it easily user-replaceable, as that gives us the option to just store it outside the device and quickly insert it when needed.

In case that I'll buy a Keystone 3, I would try to figure out if it's possible to non-destructively open it and unplug and remove the battery for long-term storage. After all, it seems to be using a standard JST-type connector.

I really hate it when companies try to hype their product by showing a picture of an insignificant corner of the device. If they need that, it makes me think the device itself isn't impressive enough.

Many Bitcoins haven't moved in 10 years, and ignoring the ones that are lost, many of those must belong to long-term HODLers. I haven't owned Bitcoin for 10 years yet, but I don't like moving funds either.

I've seen many lithium batteries that still work after 10 years, although they lost maybe 40% capacity. I've also seen lithium batteries break phones because they inflated. It's convenient to have a battery in a hardware wallet, but adds a risk factor.

That's actually very affordable. Nice to see. It may become a good budget option.

Of course, if the battery dies you may be able to power it externally. But I'm talking about possible damage to the device itself, which is possible when a Lithium battery is stored inside a device for a long time without being charged / discharged.
Then again, it's fairly cheap to replace and you should have proper backups anyway.

I'm not sure why a hardware wallet needs a real-time clock, but that would be the only plausible use case. Any type of data storage (e.g. secure chip memory) is usually non-volatile nowadays.

What is the purpose of the CR2032 battery on PC motherboards? As far as I know, they are used to power the internal clock and retain the BIOS settings. Nothing more. And, in my experience, these batteries tend to outlast the average lifespan of a motherboard. I've only had to change the motherboard battery once in my life, and that was on a very old Pentium based system.

Following that analogy, I assume the battery in Keystone HW is also responsible for supplying power to the internal clock and to the security chip's memory.

Does biometrics require about $30, I don’t know, but it is not an essential feature to add to this price. I thought it would be possible with that price to remove the logo or different designs from the basic one.


What is the benefit of this? you can create thousands of accounts by create and delete a wallet in many HW wallets, which I think is safer than keeping 3 wallets at the same time.

The battery is another problem, but at this price and with the Black Friday sales (if they happen), I think it is appropriate.
The feature that caught my eye is PCI-grade anti-tampering feature which is a good trend that hardware wallets now take into account physical attacks.

Keystone just released new blog article and we now have official prices for new Keystone 3 devices and they are not bad at all compared to other hardware wallets.
Keystone 3 price is going to be $99 and Keystone 3 Pro version (with biometrics) price is going to be $129, and maybe there will be some additional discount for people who first got whitelisted.
That is significantly lower price compared with OneKey, Trezor T, Passport and other hardware wallets, and it's one of the first device with three secure elements, and ability to store three seed phrases.


source: https://blog.keyst.one/keystone-3-the-ultimate-protector-of-your-digital-assets-122144288fad

Another thing I noticed today is changed Logo on their X-twitter page is the new logo, so I am think they are in process of rebranding.


@KeystoneWallet

Any lithium battery will die way before that even if it is maintained in a best way, but I hope there is still an option to power USB cable and power on device.

I agree it's better to have removable battery, but I think you can easily have additional external battery connected with USB cable, or just connect it directly with power source.
Passport is more quality device but it's double the price of Keystone, so I wouldn't complain very much

Just for the sake of the internal clock, add CR2032 to this device? Doubtful. Will this battery work as backup power? Is it suitable for this? Another question is, if the CR2032 runs out at the moment of confirming the transaction, how will this affect this process? Although this can happen only after many years, because I think the load on her will be small.

The internal battery is of course less preferable, but it allows you to make the Keystone more compact. Even 1000 mAh should be enough to run a hardware wallet. Here, after all, the device will be turned on only at the time of confirmation of transactions and, moreover, for a short time. You won't be watching videos on a Keystone , which would drain the battery very quickly.

Well, it did make sense to increase phone size when people started browsing the web and watching movies on them. Hardware wallets will not need a bigger screen for anything, because their function will not substantially change. Therefore, I see no reason for huge hardware wallets.

I do enjoy devices that have a proper keypad or keyboard, since that allows me to quickly enter longer passphrases and passwords. So a certain minimum size would be needed, but not for a huge screen.

Personally, I believe we should keep in mind that Ledger was always a full-stack closed-source product. It's easy to 'fool' people when you keep them in the dark.
If a device is fully open and verifiable, e.g. following some of what https://betrusted.io/ are doing, it puts these little things miles ahead in terms of trust and 'reduced fooling potential' compared to something like a Ledger.

Wow, that's actually pretty nice. They're not the first ones to try a multi-secure element design, but others combined it e.g. with the secure element of their NFC IC (with the obvious drawbacks that come with this design decision..).

I'm excited to see the source files of this device and maybe also buy one for review.

Unfortunately, this makes it quite unsuited as a long-term / semi-cold-storage option. On a Passport, you can pop out the Li-Ion battery if you know the device won't be used for 6 months, which greatly reduces risk of pillowing.^[1]

That's unfortunate, as well. Also looks quite a bit less fancy (thicker, cheaper) than the renders.

[1] https://www.washingtonpost.com/technology/2022/04/18/lithium-ion-battery-swelling-why/

The CR2032 Lithium battery you see in the pictures is probably only for backup, and possibly for the internal clock. If you watch the complete teardown video, you can spot the pouch battery pack, similar to those used in various consumer devices with a rechargeable battery. I can't make out the manufacturer's number from the video, so I don't know the exact specifications of the battery. However, judging by the design and size, it's probably a Li-Polymer battery of at least several hundred mAh (some unconfirmed sources suggest 1000mAh). Such a battery, depending on the way the device is used and stored, can last for many years without major problems (very likely over 1000 charges).

I think that's more than enough lifespan for a device of this type because I doubt that anyone would want to use some old piece of hardware for their finances for say 10 years or more.