Topic: Krux DIY Hardware Wallet - page 3. (Read 2059 times)

You're right.  The more I think about it, the more obvious it is that using Android hardware for Krux would require a lot of work in order to make it secure.  I was just thinking out loud, since there are so many old phones just waiting to be repurposed rather than thrown out.  Hell, I still own an iPhone 4 that I used to use as a bedside clock.  But, yeah, it'd be a huge undertaking to make those kinds of devices truly secure for a hardware signer, whereas something like an Amigo works out of the box.

It took me less than 5 minutes to get Krux up and running on an Amigo, and I could do it again in less than 2 now that I know how.


I don't have any yet, but I found this on Twitter.  That's Krux running on an Amigo.  Note that the text in that pic is orange.  That's one of the theme options for Krux.  I prefer white, and there's also an option for black text on a white background.

Really, the Amigo seems like a perfect device for this.  It's a chunky device, but it has a nice sized touchscreen and you'd only need it to sign transactions.  Well, that and setup stuff, like creating a SeedQR.

Again, I have no experience with this thing yet, other than playing with it for an hour or so...  so I'm trying to keep my enthusiasm in check in case there's some fatal flaw I haven't discovered yet...  but I am truly blown away by this setup.

It's so simple.

I wish these guys had more support though.  Krux has so much potential, so I wish more people were working on it.  For example, I wish each page had an "i" icon to click for more info.  A touchscreen is perfect for that, especially since there are some options in the tools and settings that could be intimidating for new users, such as "Delete Mnemonic" ("Wait, didn't it get wiped out when I shut down the device?"), and at the bottom of each page's info I'd love a "Reset setting to default" option for that setting.

I'm just getting started with testing Krux, but I can't overstate how enthusiastic I am about it.  I've been wanting to get a SeedSigner for a while, but for my needs, this might be much better thanks to the larger screen and how they implemented the passphrase feature.

Simply as an app running on good ol' Google Android or actually replacing the OS and running only Krux without networking and other attack surfaces?

Not really; these devices are not meant to be programmed on a low level like the microcontroller in something like M5StickV.
Therefore you're usually restricted to running apps on top of a potentially highly insecure operating system, with connectivity and networking features built-in that offer zero advantages for a hardware wallet, meanwhile opening more attack surfaces.

Unless you can fully replace the operating system with a custom firmware, it would be a very bad idea to repurpose an old phone for this.

That sounds great! Do you want to share any pictures of it?

Ha!  So much for that.  I was waiting to be notified that it shipped, but it arrived in my mailbox today.  NICE!

My first impression was...  very good.  Krux seems simple with some powerful features, such as a very clean interface with SeedQR and easy access to testnet.

Then, I loaded the latest binaries for Krux, and...  wow.  Krux is awesome.

I've only started to play with it, but I'm blown away.  In some ways, Krux on an Amigo is the hardware wallet of my dreams.  It has a decently large touchscreen (the Amigo screen is the same size as the screen on an original iPhone).  It's air gapped.  It has SeedQR input, and it forgets the seed the moment the device is shut down.  YES!  It appears to have QR input for passphrases.  YES!!!

Passphrase input by camera is a very big deal that deserves praise.  Honestly, this feature should be in every hardware wallet with a camera.

TANGENT ALERT:  Somebody convinced hardware wallet manufacturers that the BIP39 passphrase is a dangerous feature, so they mostly hide it to discourage its use.  What they should be doing is simplifying the setup and educating users.  A strong passphrase is an incredible form of security that is unique to the user.  More people should be using passphrases.  I have three: One is for personal use.  One is for work.  And one is for testing (which rarely gets used).  One seed.  Three passphrases.  Perfect.  I've had this setup for a few years.

Like I said, I just got my Amigo, so I haven't had much time to play with it yet, but Krux on an Amigo looks like it might be an amazing setup.

I'm so impressed with Krux!

SO IMPRESSED!

Actually, it looks like it should be shipping soon, so it's all good.

I saw a video on Twitter where somebody ported Krux to run on an Android phone, and my jaw dropped.

Could you imagine how great it would be if there was a way to repurpose old Android phones and old iPhones to run Krux or something similar?  Obviously, at that point, the old phone would need to become a single-purpose device for security.  But, seriously, think about how many people might buy a new phone and turn their old one into a Bitcoin transaction signer like Krux if it was easy to do.  The hardware is perfect for this sort of thing.

Don't think I've came across a story for the name actually. As for your Amigo being on backorder that's too bad. Which site and continent are you ordering from if you don't mind me asking? Usually there is someone somewhere that has them in stock.

I'm just replying to say that I love what you guys are doing and I'm very excited about the project.  I have an Amigo on backorder, so I guess I'll be waiting for a while, but I ca't wait to give Krux a try.

Is there a story behind the Krux name?

Thanks(in the name of all Krux contributors)! I encourage you to build them, but I warn you it is addictive, once you build one you'll want all types
Regarding the law, the way I see it is there's one great thing about Krux: There's no business! No consumers or clients to "be protected". We are just a few nerds having fun with code e general purpose hardware at our own risk. No one asked for trust or money, all we want are scrutiny and ideas to improve our toys

I have to make you my most sincere congratulations! you are the master of DIY hardware wallets! sooner or later I'll try to make a DIY hw, as regards the new European law on the creation of open source codes which will have to be approved on April 26, do you know if there will be problems with the krux repositories?

I am referring to this bill
https://www.european-cyber-resilience-act.com/

No problem, sorry for not posting screenshot/video confirmation, it took me only few minutes of testing, and I don't have any other old devices to try, so it could be related only with my device.
I am glad you tried to work on that and remembered to make a post about it in forum

Sorry to hear that, I believe we won't be able to go lower than Android 6.0. But the effort to lower the requirements was fruitful. Thanks for testing!

I just tried latest github version Krux 23.04 BETA_3 Android_0.5 on same old junk Android 4.4.2 and I can confirm it's sadly NOT  working.
Error message I am getting is: There was a problem parsing the package.
This is very old android device so I am not expecting any miracles

You may try the last version. It is now compatible with armv7 chips (not only v8). I tested on a Android v6.0, it wasn't working, now it is!

Yes, the buttons and small screen don't make a good UX, but as M5stickV was the first Krux device and has its fans for being so tiny it will always get our attention and updates.
Amigo UX, on the other hand, is really smooth, and still has a lot of room for improvements.

I'll see if I find some older phone to check if its possible to build the app for them too.

Yeah I know, but I have to admit that buttons are not very comfortable to use, if anyone plans to use them for entering letters and seed words manually

I tried using Krux app with Android v4.4.2 and sadly it could not be installed on this old smartphone from year 2015.
It works just fine in any newer smartphone and in android emulators.

Even M5stickV has 3 buttons now. After an update, power button can be used to navigate(go back).
DIY version Dock navigates using a rotary encoder.

-Android:
I don't know how old Androids will handle the app. As the app doesn't require anything fancy I hope it has some wide range of compatibility. I have some cheap, but not old phones to test. If you try let us know if it worked.
- Linux, Windows, Mac
If you have a PC running python, on any OS, by installing some requirements you can also run a very functional simulator from source code. It's a very good to start point to play with Krux code.

Dude, I don't know who told you about one button, but you are wrong about this, it would be almost impossible to operate any device with just one button, unless it's joystick style  
Small device M5StickV K210 have two buttons I think, and other larger devices that work with Krux code have more buttons.

It's airgapped device.
Computer usually have more functions and it has wider attack surface.

Yes I was talking about this, but previous version of secure element ATECC508A had even bigger issues, so old ColdCard (I think mk2) had to change it very fast.
It's realistic to say that same thing can happen with  ATECC608A and ATECC508B in future, like with any other secure elements, and you can't exactly remove and replace secure element from working device.

Even if you have perfect keypad like Passport you certainly wont write very long passphrase essays, because you still need to enter this each time you use device.

Krux Android App for testing (this is also working on some Android emulators I tried):
https://github.com/odudex/krux_binaries/tree/main/Android

What would be oldest the Android version supporting Krux app?
I have some ancient smartphone device with Android 4 or 5 I think  

Krux smaller devices has 3 buttons, and the most popular, Amigo, has capacitive touch screen. You could check the Android app to have an idea of what we are talking about.

How do you enter the passphrase when it has just one button? Or is it scanned in through a second QR code? Of course this wouldn't be an acceptable solution either, since someone could take a photo of that (while you don't notice) or just steal it, as well.

Exactly: Inside a secure element and not in clear text on an easy to scan QR code. Even if you have a good exploit against the specific secure element, it may take hours or days, as well as obviously lots of money and knowledge, execute it.

Sure! But at that point, it resembles more an airgapped computer than a hardware wallet, for me. Of course it will be hard to draw a line between the two definitions.

You are referring to this attack, right? https://hackaday.com/2022/11/26/defeating-a-cryptoprocessor-with-laser-beams/
Well, not secure is a bit exaggerated. Have you seen what type of setup and knowledge is needed to attack it, the risks and challenges in that process? It's not comparable to just having the seed on a piece of paper in clear text. Even setting up a passphrase cracking rig will be easier and cheaper for most folks than performing a hardware attack on a secure element. There are also significant risks involved, such as breaking the device / chip while opening and decapsulating the secure element.
Basically, you can compare such measures to physical locks. None is 100% safe, but they are made to discourage an attacker and buy you as much time as possible in case they do decide to try bypassing it. Time for moving your coins / calling the police, respectively.

Do you know how passphrase entry is realized? I believe unless you have a nice keypad like Passport or ColdCard, most people will just avoid using (a sufficiently secure) one.

With that said: I could argue that you could also use a passphrase on your Passport with secure element. Twice as secure; first layer of defense: secure element, second layer of defense: passphrase. Meanwhile when stealing someone's Krux & QR code, there is only the second layer.

You don't need to care physical seed phrase backup, but you are doing it in digital form inside secure element.
I agree with you that Krux is not very good as a portable device, but it's good enough as a part of multisig setup and to use it at home.

That is fine until someone exploits that secure element, and we already saw that many secure elements are not secure anymore, including ATECC608A that is used in Passport, OneKey, Cypherock, ColdCard Mk3...

Good passphrase and multisig solves this problem very easy, but it would be good to see Krux devs making some unique protection methods in future.

Do you think it would be possible to have some alternative firmware option for Krux similar like Jade wallet is using with third party server?

That's what passphrases are for. You can also write your seed in different ways, formats, number bases, encodings, encrypted, but sure this is not for everyone. Most people should just trust companies and go with mainstream solutions.
Krux has a supporting role in sovereign strategy, it's a Swiss army knife for create and load seeds in a variety of forms and to sign PSBTs and messages, it requiring less trust.

Yes!