Onekey Classic or Bitbox - page 2. | Bitcointalksearch.org

lyw123

jr. member

Activity: 57

Merit: 4

Quote from: andy.arden on October 24, 2023, 02:24:13 PM

...I think. Anyway acording to them it was fixed but anyway…guess no company is 100% safe.

Originally, I only intended to use Trezor as it has the most users and the most open-source nature. I came across various user reviews of hardware wallets on the website https://www.trustpilot.com/review/ , and found that Trezor had the most stolen customers (= 12). Although it is widely believed that users' responsibility led to these thefts, but a single mistake could wipe me out. So I chose diversifying my altcoins in 3 different brand hardware wallets.

Quote from: Pmalek on October 24, 2023, 10:51:03 AM

...But dkbit98 mentioned something interesting. OneKey had a serious vulnerability a few months ago where it was proven that the keys from its secure element weren't encrypted and thus could be intercepted. That's exactly what a security company did and made OneKey aware of that. Despite the existence of a SE chip, it didn't make the wallet safer because it was coded wrongly. Who knows what else they did wrong that is yet to be discovered. Huh

Compared to OneKey, DKBit98 may prefer Keystone, perhaps because Keystone is air-gapped.
However, in terms of user base, OneKey (with 50k downloads on Google Play) is significantly larger than Keystone (with 5k downloads).

andy.arden

jr. member

Activity: 40

Merit: 1

Thank you all for the replies.

I will use Onekey with Sparrow for now, i dont think there is something that might go wrong, i use it on a mac i only use for basic stuff and i am quite obsessed with some security on it.

Anyway the vulnerability was on Onekey Mini and you actually needed to had the physical device and put some tool between the security chip and cpu?? I think. Anyway acording to them it was fixed but anyway…guess no company is 100% safe.

Btw i also have a Safepal S1 but i wont use that closed source and everything. I guess its worst than Onekey 🤣

Pmalek

legendary

Activity: 2730

Merit: 7065

Quote from: lyw123 on October 23, 2023, 07:50:35 PM

I want to buy three different brands of hardware wallets to diversify my altcoin storage. Currently I have TREZOR ONE and BITBOX02, both were purchased directly from the official website.

Since you are working with altcoins, I don't see the point in adding a 3rd hardware wallet to the mix. I don't have a a lot of positive things to say about most altcoins anyway. The Trezor One is a decent unit. I have never used a BitBox, so I don't feel like saying anything about it.

Quote from: lyw123 on October 23, 2023, 07:50:35 PM

It's hard to choose the third one, as both onekey and keystone do not passed the open source testing of WalletScrutiny. Is there any problem with the open source nature of OneKey at present? Can I trust that it is completely open source?

I haven't done any research or read their explanations (if they gave any) why WalletScrutiny wasn't able to verify the binaries. Looking at if from far away, it's not a good sign if you call yourself open-source but those claims can't be verified.

Quote from: lyw123 on October 23, 2023, 07:50:35 PM

Is it better that buying a new Trezor safe 3 (only using trezor safe 3 and bitbox02), instead of onekey or keystone (using trezor one, bitbox02, onekey/keystone)? Thank you!

The Trezor Safe 3 is a younger, stronger, and more modern version of the Trezor One. It's probably going to replace Model One completely one day. But dkbit98 mentioned something interesting. OneKey had a serious vulnerability a few months ago where it was proven that the keys from its secure element weren't encrypted and thus could be intercepted. That's exactly what a security company did and made OneKey aware of that. Despite the existence of a SE chip, it didn't make the wallet safer because it was coded wrongly. Who knows what else they did wrong that is yet to be discovered. Huh

lyw123

jr. member

Activity: 57

Merit: 4

Quote from: Pmalek on October 23, 2023, 12:05:13 PM

The positive thing is that both wallets are open-source. ...However, WalletScrutiny couldn't match the binary with the published source code.

I want to buy three different brands of hardware wallets to diversify my altcoin storage. Currently I have TREZOR ONE and BITBOX02, both were purchased directly from the official website. It's hard to choose the third one, as both onekey and keystone do not passed the open source testing of WalletScrutiny. Is there any problem with the open source nature of OneKey at present? Can I trust that it is completely open source?
Is it better that buying a new Trezor safe 3 (only using trezor safe 3 and bitbox02), instead of onekey or keystone (using trezor one, bitbox02, onekey/keystone)? Thank you!

Quote from: dkbit98 on October 23, 2023, 04:26:17 PM

I can't seak much about quality of Onekey wallets, but I know they had serious bug connected with secure element...

Using a passphrase, I am not very worried about being stolen after physical acquisition. Two worried things: 1. It cannot be hacked remotely. 2. It must be sufficiently open source to allow the community to fully review it.

dkbit98

legendary

Activity: 2212

Merit: 7064

Quote from: andy.arden on October 23, 2023, 04:38:26 AM

I wanted to check upon your experiences with these two devices. I already ordered the Onekey Classic so i guess will use that for a while. But was more interested on your thoughts about these, will use them for BTC and to crosschain swap between BTC and USDT on different times, instead on dealing with CEX's.

OneKey is biggest hardware wallet manufacturer from China and they are very popular there, but they mostly cloned code from Trezor.
From my own experience after talking with them about working together on one project, I can say they are semi-amateurs and liars.
I can't seak much about quality of Onekey wallets, but I know they had serious bug connected with secure element, and I wouldn't really use any Onekey device as a main hardware wallet.
Bitbox is Swiss made and they are more professional but small team so don't expect miracles from them, and I think they also started with Trezor code.

I would rather choose Trezor 3 Safe original wallet, instead of both options you mentioned.

Pmalek

legendary

Activity: 2730

Merit: 7065

It would have been better if you asked these questions before ordering your OneKey, but it doesn't matter now.

The positive thing is that both wallets are open-source. I also remember that the OneKey is one of those wallets that is based on Trezor's codebase with an added secure element. However, WalletScrutiny couldn't match the binary with the published source code. Compared to that, they managed to do it with the BitBox02.

Yamane_Keto

hero member

Activity: 630

Merit: 510

You are now not comparing hardware wallets, but rather between decentralized cross-chain swap aka bridge, and these bridges have a bad reputation, as most of the hackers in recent years were from these bridges, so I do not advise you to use them if you intend to exchange thousands of dollars for the high fees, limited liquidity, and the possibility of hacking the bridge and lose your money.

Onekey use swftbridge If you download the application from https://www.swft.pro/#Download and use it with any wallet, you will get the same results, but Onekey provides a built-in interface as shown here https://help.onekey.so/hc/en-us/articles/4910514476303-Use-App-to-swap-and-DeFi.

you can compare Onekey and Bitbox in other things related to hardware wallets.

thebitcoinhole

member

Activity: 76

Merit: 108

You can compare them on our website: https://thebitcoinhole.com/hardware-wallets/bitbox02-multi-vs-onekey-classic

andy.arden

jr. member

Activity: 40

Merit: 1

Hello mates,

I wanted to check upon your experiences with these two devices. I already ordered the Onekey Classic so i guess will use that for a while. But was more interested on your thoughts about these, will use them for BTC and to crosschain swap between BTC and USDT on different times, instead on dealing with CEX's.

Topic: Onekey Classic or Bitbox - page 2. (Read 371 times)