Topic: 🔥Seedkeeper🔥 Hardware device to safely store your seed (Read 329 times)

For French speaking people, we hosted a Space a few days back.

Topics:
- Security,
- Seed storage,
- Best practice


Here is the link: https://twitter.com/i/spaces/1BdGYylepNDGX?s=20

Regarding the PIN code, you dont need a dedicated PIN for each seed you want to save in the Seedkeeper memory.
The PIN is unique, from 4 to 16 chars and can include 0-9 but also a-Z or any other char. You will be able to put "ImInLoveWith0" as a PIN code.
This code is needed everytime you want to access the chip memory.

Using a metal plate instead of the PVC will not be more secure or wont last longer in time. And metal plate isnt suitable for NFC communication. Seedkeeper card is NFC ready, the antenna is hidden in the PVC layers.

How many digits codes? is that Seedkeeper have a number 0 for a pin?. because I'm just a little bit uncomfortable, Trezor hasn't Number 0 to create a pin which is my favorite number.

Why you don't make it like another seed keeper using steel?, the function will be more perfect, we don't need to worry about fire and we can keep it on a wood cupboard. And I don't know why we need to PIN for each mnemonic phrase where PIN/Password is we can use for an additional phrase using the same mnemonic seed to create another wallet/address.

That's very good to know, that you don't need to install some sketchy drivers and they work out of the box. Especially important with the current mess of 'Amazon card readers' that are apparently affected at huge scale.

Our readers are sourced from a trusted third party. It does not require any specific drivers as we are using well known chip that uses verified OS drivers. Eg: Realtek or Alcor.

True, however, this is a very recent / current issue that was recently figured out; I also read about that. In theory, you can build MITM USB cables and whatnot [1], but it's not an acute widespread issue right now, unlike the card reader situation.

Are you actually making your own card reader or sourcing it somewhere? Because if it's the latter, it could be affected, too. The issue is in the drivers.

Here's the first article I can find about it:
https://krebsonsecurity.com/2022/05/when-your-smart-id-card-reader-comes-with-malware

Would be worth checking your products / drivers you ship if they're affected too or not.

[1] https://mg.lol/blog/badusb-cables/

For security reason, cards we are selling through our shop are "locked" to prevent any malware installation while in transit.
BUT, as everything is open source, we are also selling blank javacard that you can buy and load by yourself.
One applet at a time can run on the chip. And yes, if you want to load the Seedkeeper applet for testing purpose, then erase it and load the Satodime one or the Satochip one, you can.
Check out our compatible Javacard: https://satochip.io/product/satochip-diy-and-developer-card/

Regarding the card reader, you are completly right. But that's the exact same thing with every hardware that needs to be connected to the computer:
- USB cable can onboard a malware as well as bluethoot communication.
We are selling our own chip card reader because we can trust this hardware. But as you said, it is and will be a major concern in regards of the global security. Just as any other connection: people has to be careful.

Regarding your first statement, Seedkeeper is not only a memory. It encrypts and stores your secrets within a dedicated element, tamper-proof. With a piece of paper, the biggest problem is not really the material itself but the fact that the seed is usually written in plain text. Thus if someone finds it, he got it. But indeed, the seed is something you dont have to deal on a daily basis. But that's also a problem because when you need it, maybe the time has passed and you cant remember where you put your seedphrase 

Regarding the iOS part, yes it is. Apple does allow NFC enabled app since iOS 14 released back in 2020. But you are right, before this date, it was barely impossible to use the NFC with an iPhone.

This means that in theory I could just erase wipe out my Seedkeeper card, and load it with open source code provided for Satochip or Satodime?

Chip card readers could be serious problem and single point of failure for your product, for example I recently heard a news about card readers that came with malware infected drivers.
I didn't know that there is list of approved card readers, so anything that was not approved or certified could have some code hidden inside of them.
Even approved card readers can have some government installed backdoor, so I have hard time trusting any of them.
Is the card reader you are selling approved or not, and what kind of code it's using?
https://krebsonsecurity.com/2022/05/when-your-smart-id-card-reader-comes-with-malware/

I was mostly referring to the seedkeeper; I don't really get the benefits of doing a seed word backup on a smartcard instead of laminated paper. Since restoring seeds is something you typically do so rarely that the convenience of a smartcard is not really needed. Manually typing them in in those rare occasions is totally enough, in my opinion.

Is this technologically (API-wise) possible on iOS? Since I believe no NFC-capable wallet exists so far that works with iOS, does it? Therefore I assumed it's a kind of software limitation by Apple. But I can definitely be wrong on this; I don't have a lot of knowledge on this topic.
The question arises whether you trust a smartcard's secure element more than your phone's, but I am sure that 'mobile' will be the most useful application for such a device. Since as I said before, as soon as you carry even a tiny purse or a bag, like when carrying a laptop with you, you already have enough space and carrying capability for something like Trezor or Passport. These things are already tiny, but obviously don't fit in a wallet. So I don't see a need for smartcard cryptowallets unless you're in a situation where you only carry your wallet and phone, and nothing else.

Sorry for the late reply, very busy weeks...

Satochip is a pure hardware wallet, you generate a new seed or import and existing one. Card is protected by a PIN code.
Your keys, your coins. It's a personnal storage for crypto-currencies and other crypto assets.

Satodime is more like a cold storage, you don't have to deal with a seed, a password or a PIN code. Everything is done by the chip and you can use a mobile app to load and check the wallet's balance.
It's not a personal product, more like a gift card. Best product to orange pill someone or for crypto newcomers.

Seedkeeper is purely designed to store sensitive information. Secured by a PIN code.
You can use it to initialize a Satochip card or save an existing seed. It's useful to add an extra security layer and as a backup of your metal plate.

The 3 products share the same hardware and the same chip. Changes come from the code which is open source.

---

-> Our products are also great in combination with existing one... Such Ledger or Trezor. You can have a Satochip card as a backup or as a "traveller" hardware wallet while you keep your Ledger in the bank safe.

---

Seedkeeper is "offline". If you generate a masterseed "on chip", it's completly air-gapped. Meaning the hosting computer, neither the user is able to see it.
Of course, if you use our Seedkeeper-tool to generate a new seed or import an existing one and your computer has a keylogger, you might be compromised.

You can store any seed on the device.

Cards are made out of PVC like your ATM card.

If you forgot your PIN code, you wont be able to recover it. It's a security measure. But Seedkeeper-Tool comes with a one click backup solution. So you can initialize several Seedkeeper cards with different PIN code and import the same backup on each one.

---

Well, of course the card can be lost, damaged or destroyed. But what I mean behind this sentence is: a paper is easily damageable; by the UV of the sun, by a wet surrounding air or just lost because it's a small piece of paper. Furthermore, your seed is usually written in plain text. That's why we dont recommand to store a seed on a sheet of paper (and for example, Ledger still sells its hardware wallet with a "seed paper card" to allow you to write your seed down").

But the card is waterproof and shock proof. It can be heat and cold resistant. And the secure element is tamper proof.

Regarding the card customization, you can already do it for the Satochip and the Satodime cards... We will soon launch the customization module for the Seedkeeper one.
Just like your favorite T-Shirt, you can download your own picture and customize the front and the back of the card.

"The way information is stored on a similar map makes me once again think that there is no ideal way to store seed-phrase." I agree 100% with you. There is no "best way" to store a seed. But some tools/products are a bit safer/better than other.

---

Hey  

Our products are all NFC compatible. Our card are equiped with NFC antenna and work like a charm when using a NFC reader.
For example, our Satodime card can be read on your mobile phone while using our app. That's really important for us because you can esaily check if a keyslot is sealed or unsealed and check the balance. Even on street while dealing some sats for a watch.  

We are selling chip card readers because: 1) we have not release mobile app (and thus NFC communication) for Satochip and Seedkeeper products (not yet). 2) NFC reader are very expansive. Much more than a chip card reader.

"Using NFC for hardware wallets and seed words could mean opening new can full of worms, and I wouldn't be surprised if scammers find a way to abuse it soon." I dont get your point.
NFC is really secure. And even if you try to scan and skim a NFC card, you wont be able to perform any sensitive action as it will require the PIN code.

---

You are right. Our "NFC' mobile application protfolio is weak at the moment. We only have the Satodime Tool on Android.
But we are working on the iOS version and the mobile app for Seedkeeper. We can easily imagine to integrate Seedkeeper with Blue Wallet or Muun Wallet (non custodials soft wallet). And when a user want to create a new wallet, he can just tap his Seedkeeper and the seed is store within the card. It's easy and straight forward. It will be easier for newcomers to start with such software wallet as they would'nt have to deal with the seed. -Store in a dedicated device and forget -

I totally missed that they have NFC; then it might actually be a pretty cool device to use in conjunction with a phone, since more phones have NFC than PCs or laptops. It would also be relatively inconspicuous quickly holding a card to the back of your phone even in public spaces. I'm generally not a fan of NFC or other wireless technologies on hardware wallets, but in this form factor and for this application (small amounts for usage on the go) it could actually make sense.
But if I understand correctly, unfortunately their software only runs on desktop OSes - missed opportunity in my opinion. If I can carry a laptop, I can also carry a Foundation Passport.

Minimum you can use is 4 characters and people tend to use minimal pin if they can.
If I use paper or metal backup I can always add additional protection with one or more passphrases, and I am not sure how that works with Satochip products.

This could be alternative option but I don't think all of their card wallets and products work with NFC technology, that is why they are offering big readers.
Using NFC for hardware wallets and seed words could mean opening new can full of worms, and I wouldn't be surprised if scammers find a way to abuse it soon.
This is similar like wireless, it even has small miniature antenna inside chip, but it's with shorter range.

what I'm worried about this if there are users who have the one way without any backup, and the results are different when trying to restore the seed. Maybe better if Seedkeeper can use another backup, which has another one in Stainless steel. but still, when must connect to a PC, I still doubt it is better than another one the same like we can keep it on USB disk with encrypted which more than cheap than Seedkeeper.

It's risk from fire

You have a point, but you can also use it with laptops that already have built-in NFC chips.

It uses "several plastic PVC layers ^{[it's in the latter part of the page]}".

Since they put an emphasis on memorizing it correctly, I strongly believe there's no way to achieve such a thing.

Your card can't be lost, damaged (have you tested the influence of electromagnetic fields and other influences of the surrounding world on the safety of information on the memory module) or destroyed (how is a plastic card better protected from burning compared to paper?)

I would add here the ability to randomize the appearance of card. For example, to apply an image as a gift or to give the appearance of a bonus card of any store in order to disguise it.

The way information is stored on a similar map makes me once again think that there is no ideal way to store seed-phrase. There will always be vulnerabilities in any method and the choice of how to store it, for example, on paper, metal or such a card, will depend on your goals and preferences. It is possible that some investors will want to store their seeds on such cards.

I don't see why not. I doubt the Seedkeeper checks the validity of the seeds, and it really shouldn't. Especially those you import yourself. Look at it as a paper wallet where you can write down anything you want. If you write the words down correctly, you are good. If not, you might lose your coins if you didn't make a simple mistake that can be solved by bruteforcing.