Pages:
Author

Topic: Square is considering making a hardware wallet for Bitcoin - page 2. (Read 4017 times)

legendary
Activity: 2730
Merit: 7065
in principle, every new competitor on the market should be viewed positively. be it in terms of hardware wallets or e.g. mining.
Regarding Square's hardware device, which is not a hardware wallet, the one positive thing is that another brand could take a look at it and decide it's useless. But they could draw inspiration from it and actually create something meaningful and safe. But since this device is meant to target newbies and first-time crypto users, I think it will succeed regardless of its drawbacks. Good marketing results in wonders.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
we need more alternatives and more decentralization!
Really?!
How much new hardware wallets do we really need, because we already have around 100 different models I think  Tongue
Bitkey wallet has nothing to do with decentralization, on contrary, and I can't look positive on every new crap that comes out in market, that is not normal behavior.

However, there is the small chance that either

1) They will not have the sales numbers they want and go back and for rev #2 make it with a screen and make it more private and.... Yeah, probably not going to happen.

And / or

2) Someone who knows how to make a good hardware wallet will take a look at this and go, yeah it's silly, but lets make one that does not look like a wallet but rather an oddball piece of art or whatever. Because if a quality known opensource wallet maker made something that looked like that I would think it would sell.

-Dave
hero member
Activity: 560
Merit: 1060
Really?!
How much new hardware wallets do we really need, because we already have around 100 different models I think  Tongue
Bitkey wallet has nothing to do with decentralization, on contrary, and I can't look positive on every new crap that comes out in market, that is not normal behavior.

Hey man. I understand your point, but why is it bad to introduce new options to the market? Apparently, if the arguments you posted are true, we will just not use it. I mean isn't it that simple? Perhaps you worry because new bitcoin holders may get caught in traps and don't learn the best practices. And this is acceptable, but a free market allows anyone to create a new idea, the future of which may be good or bad
legendary
Activity: 2212
Merit: 7064
we need more alternatives and more decentralization!
Really?!
How much new hardware wallets do we really need, because we already have around 100 different models I think  Tongue
Bitkey wallet has nothing to do with decentralization, on contrary, and I can't look positive on every new crap that comes out in market, that is not normal behavior.
hero member
Activity: 560
Merit: 1060
So I agree that being closed source is not optimal.
I also agree that anything internet for a hardware wallet is bad. This server side address verification that was mentioned above feels bad.
Finally I agree that producing a hardware wallet alongside a companion app doesn't necessarily mean it's better than other ones that don't have a companion app with the same brand.

However, feel free to laugh at me, but I am in love with the design. Having no monitor though... Feels awkward.
legendary
Activity: 3304
Merit: 8633
icarus-cards.eu
in principle, every new competitor on the market should be viewed positively. be it in terms of hardware wallets or e.g. mining.
we need more alternatives and more decentralization!
and how the source code may look like, that we can not know at first and only think of different scenarios

legendary
Activity: 2212
Merit: 7064
My main concern is beta units seem to be going out, but source code is nowhere to be found.
I am sure they are cooking something behind the scenes  Cheesy
Not that I like anything about Bitkey, except maybe unusual hexagonal shape.

My main concern is that even if we get the source code, we will see that the device is an insecure privacy nightmare, due to the software and hardware architecture they chose: no screen, server-side verification of addresses, and more. There is no way that (open-source or not) code will solve these glaring issues.
Perfect scenario for disaster, but some people probably decided to blindly trust Jack and his team.  Tongue
hero member
Activity: 924
Merit: 5943
not your keys, not your coins!
My main concern is beta units seem to be going out, but source code is nowhere to be found.
My main concern is that even if we get the source code, we will see that the device is an insecure privacy nightmare, due to the software and hardware architecture they chose: no screen, server-side verification of addresses, and more. There is no way that (open-source or not) code will solve these glaring issues.
member
Activity: 66
Merit: 128
My main concern is beta units seem to be going out, but source code is nowhere to be found.
legendary
Activity: 2212
Merit: 7064
Jack Dorsey and his company Block have started the first beta units of their new Bitcoin hardware wallet BITKEY.
Teaser image was posted on twitter by one of the beta testers who received this wallet, and we know that fingerprint scanner is optional.
I checked Bitkey website and they still offer only option to Join whitelist.


https://twitter.com/mcshane_writes/status/1709313340991004920
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
...
And since it will come up....
Yes, I will get one of these to play with, because I am a tech & crypto nerd. No I will not use it as a primary or secondary or even 5th HW wallet.

-Dave

Well I got a we did not choose you for our beta email.
Guess I will just have to wait to get the thing that I will put in the closet and never use that I will then sell years from now never having taken it out of the box.

I'm not an addict to these things I can quit at any time.....  https://bitcointalksearch.org/topic/the-why-is-davef-selling-all-this-stuff-all-of-a-sudden-post-5455887

-Dave
hero member
Activity: 924
Merit: 5943
not your keys, not your coins!
Hi all, I just published a pretty in-depth blog post about Bitkey. Would love any feedback.
http://zherbert.com/bitkey/
Good read, nice summary of many of the issues we had brought up here over the months in a way, with some added extra points.

I just archived it here, since I started archiving everything I deem important to keep online for a long time: https://archive.is/zj0GI
legendary
Activity: 2212
Merit: 7064
Hi all, I just published a pretty in-depth blog post about Bitkey. Would love any feedback.

http://zherbert.com/bitkey/
Great article on Bitkey aka Square aka Block wallet!

For me this is not a real hardware wallet and adding open source label won't change anything in my opinion.
I can't add more detailed review until I test actual device or read feedback from other security experts, but initially I don't like anything about Bitkey, except maybe it's octagonal shape.
Surveillance Nightmare is the right word from your article, and what else can we expect form billionaire who claims he supports bitcoin... remember what Elon Musk did with his Tesla stunt.
I don't trust Jack Dorsey and his products in same way like I don't trust anything coming from Elon Musk.
legendary
Activity: 2268
Merit: 18771
Would love any feedback.
I think your article is spot on. I've raised pretty much all of the exact same points you have at various times over the last few years in this thread:

The hardware wallet will not have a screen, meaning it cannot generate or display a seed phrase, cannot show transaction details for double checking, and cannot show a receiving address for verification. That's not a hardware wallet; that's a 2FA device.


Just because something doesn't protect against all attack vectors doesn't mean it is pointless.


Basically, every time you want to send or receive coins, your hardware wallet has to sign the sending or receiving address and then transmit that signed message to Block's servers, where they will verify the address has not been tampered with, and then send that address back to the relevant party to be used. The obvious flaws are that Block can spy on literally everything you do and that you have absolutely zero security from a bad actor in Block sending a malicious address. The less obvious flaws are that you now can't make transactions or even generate a new receiving address if Block's servers are down, and it opens a new attack vector for man-in-the-middle attacks if you rely on Block's servers telling you what addresses to use.



I think there are other fairly concerning aspects to this device you didn't touch on, such as their social recovery, which is just as easily fooled or attacked as Ledger's KYC based recovery service. The part of your article that I hadn't considered is the privacy implications for anyone else. As you point out, if I want to send money to a Bitkey user then I have to visit the Bitkey website in order to obtain their address, giving Bitkey the capability to link my transaction to my device identifiers, browser fingerprint, and IP address. That's utterly horrendous.

Guess I won't be transacting with anyone who uses this wallet, just as I don't transact with any merchant who uses BitPay.
member
Activity: 66
Merit: 128
Hi all, I just published a pretty in-depth blog post about Bitkey. Would love any feedback.

http://zherbert.com/bitkey/
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
You know that character from the Simpsons that points the finger and yells, ha-ha?

Nelson Muntz  (and no I didn't have to google that)

But, according to them and they really have no reason to lie since they are a public company and can have their records audited.
Coinbase has 56 million registered users, Gemini has 13 million (and I'm sure there is a ton of overlap but still) that puts us in the very small minority.

The main issue are people like me. I did not know better and gave up my privacy years ago, and without a hell of a lot of work there is no way I am getting it back.
So, I preach one things to others while doing something different myself.

Would I change if I could, yes. But as I posted a while ago, I'm over 50, there are a ton of things that can be traced back to me so at this point I put it under lost cause and move on.

And since it will come up....
Yes, I will get one of these to play with, because I am a tech & crypto nerd. No I will not use it as a primary or secondary or even 5th HW wallet.

-Dave

legendary
Activity: 2730
Merit: 7065
When did we reach the point where a product completely and utterly trashing your privacy was irrelevant to the majority of users? And when did we reach the point where people are actually willing to pay to have their privacy trashed, such as with this or with Wasabi?
You have to realize that the majority of people entering the crypto space care very little about what you just said. You know that character from the Simpsons that points the finger and yells, ha-ha? You are the one they are pointing the finger at. Not your personally, but privacy-advocates. A simple way to make money and ultimately see more of those $ signs will always beat taking the longer route that requires more time and effort. 
member
Activity: 115
Merit: 322
Hi. I added Bitkey to my website where I compare more than 30 different hardware wallets: https://thebitcoinhole.com/.
There are still lots of questions about the wallet, so the info is not complete. I plan to add the missing info as soon as more official info is released.
legendary
Activity: 2212
Merit: 7064
They just opened Bitkey beta, so don't apply Roll Eyes
Something is telling me people are going to pay for this ''free'' device with their personal information and addresses, and you will receive it ONLY if you get selected....
Again, we now have notorious Recovery feature confirmed in Bitkey wallet.

Quote
Beta customers will receive a free Bitkey hardware device, mobile app and recovery tools in case they lose their phone or hardware
If selected, you'll be one of the very first customers to try the product - before it's publicly available

Quote
Fingerprint sensor — unlock and authenticate your hardware device, and authorize spending limits, recovery tools and security settings   Yes   Yes
PIN authentication — an alternative to the fingerprint to unlock your hardware if you prefer not to use biometrics   Yes   Yes
Recovery Tools      
Mobile recovery — recover your bitcoin if you lose or replace your phone   Yes   Yes
Hardware recovery — recover your bitcoin if you lose your hardware   Yes   Yes
Mobile + hardware recovery — recover your bitcoin if you lose both your phone and hardware at the same time   No   Yes

Source:
https://bitkey.build/beta/

Archived:
https://web.archive.org/web/20230622202653/https://bitkey.build/beta/
legendary
Activity: 2268
Merit: 18771
There is definite push for hardware wallets to start doing stuff like this and work with centralized exchanges.
Almost every major hardware wallet is already doing such things, implementing KYC requiring exchanges, swaps, credit cards, or whatever, in to their wallet software. This general trend is part of the reason I moved away from hardware wallets altogether, and more recent events from the likes of Trezor and Ledger have only solidified my decision over time.

I say almost, because there is one notable exception which seems to genuine care about privacy and security - Passport. Here is one of the Passport devs discussing implementing new features in Bisq: https://github.com/bisq-network/bisq/discussions/6726.

Until it affects them on a personal level, than everyone is concerned.
And by then it is too late. I still can't get over how many people were absolutely astounded that the likes of Celsius and Voyager were gambling their money with no safety nets or collateral, despite their Terms of Service saying that this is exactly what they would do and it being pointed out multiple times on every online community. People simply didn't care until it was too late, and now they've lost everything. Just like people will use Ledger Recover or Bitkey's cloud and social recovery, and won't care until they lose everything.
Pages:
Jump to: