Topic: Square is considering making a hardware wallet for Bitcoin - page 3. (Read 4002 times)

There is definite push for hardware wallets to start doing stuff like this and work with centralized exchanges.
It's not only Block and ledger wallet, in China they are doing the same thing with Safepal wallet and I am sure there will be more manufacturers joining ''the club''.
I just hope they all got a bit scared after people reacting furiously after ledger debacle.

Until it affects them on a personal level, than everyone is concerned.

For people who want to know what direction Block wallet is going you should check all their investors:
https://investors.block.xyz/overview/default.aspx

About 2 minutes after somebody noticed that you can make money trading BTC and selling BTC hardware and so on.
We (here) discussing privacy are in the minority, we are the people who spend hours thinking about and talking about BTC.

Most other people really don't give a shit. They want to make money or they don't care about privacy and want to do other things with crypto.

While leaving the wallet that shall not be mentioned out of it. People are worried about a lot of things, and those that care about privacy / anonymity will try to preserve theirs. Those that don't will not.
Same way those people who trade in an attempt to make a profit would not even think about doing anything like running their coins through a mixer / anonymization service since there are fees involved with that (however small) and that cuts into profits..... Same way you will NEVER see a real professional gambler drink while gambling. It makes you less sharp, where as those of us that go to casinos for fun....keep bringing me the free drinks till I can't drink no more....

-Dave

I'm reading Bitkey's blog post about this here (https://bitkey.build/coinbase-and-cash-app/), and I can't get over just how terrible this is for your privacy.

You link your Bitkey account to Coinbase and interact with Coinbase via Bitkey. Obviously you need to KYC at Coinbase so they already have all your personal details, and now you are handing them all your wallet addresses on a silver platter. This is the same Coinbase which actively run their own blockchain analysis subsidiary. The same Coinbase which freely hand customer data over the US and other governments. The same Coinbase which admitted selling user data to third parties for their own profits.

When did we reach the point where a product completely and utterly trashing your privacy was irrelevant to the majority of users? And when did we reach the point where people are actually willing to pay to have their privacy trashed, such as with this or with Wasabi?

Shhhh, you were supposed to keep those parties secret.

Oh, 3rd parties.

---

Anyway, what I find interesting too is that the 1st post in this thread is over 2 years ago, and they are just starting the open beta.
And to get in it asks a bunch of questions about what wallets you use and what you do with BTC / crypto.
What have they been doing for 2 years other then designing something that looks like a rock. Yeah, it's cool looking I'll give them that. But 2 YEARS?

-Dave

Lol. Consider me triggered. At least everyone knows that Coinbase are a centralized third party, unlike Block lying about being "self custody" or Wasabi lying about being a "privacy" wallet.

Yo dawg, I heard you like third parties...

I'll just leave this here:
Coinbase have already handed over plenty of customer information to various governments and authorities, which will definitely include all customer's withdrawal addresses. The difference now is as you point out - they can very easily get Block to hand over your cloud back ups and seize your coins directly out of your hardware wallet, just like they can do to Ledger Recover.

I wonder what could go wrong??  Probably nothing  
Now I can only imagine hypothetical scenario with Coinbase getting attacked by US and other governments around the world, and they would have to give all customer information to authorities.
That means, there it zero privacy and custody of coins is questionable, because they can probably be seized much easier with all that personal data being in government hands.
Tough luck for all the people in places where Coinbase is not working, I guess no Block for them...  and nothing to lose.

o_e_l_e_o  trigger warning below (didn't I tell you in another post to go outside and enjoy the weekend)....

This seems to have been put out there with very little discussion anyplace:

https://www.coinbase.com/blog/announcing-a-global-partnership-with-blocks-bitkey-wallet

So you will be able to link your fully KYCd Coinbase coins with your fully linked self custody wallet that links back to Block to have them keep a way of recovering your keys.

It's just like banking with Chase. But with crypto.

-Dave

Nope, unless you are using their convoluted system to sign a message on a Bitkey hardware wallet to transfer to their server for verification and then have their server send the address directly to me. Although all that actually does is shift the attack surface from your phone/computer to Bitkey's server, which I imagine would become a very attractive target for attackers since they could potentially intercept and alter thousands of addresses at once.

And of course let's not forget that all of this (signing messages to prove they haven't been altered) can already be achieved trivially easily without the involvement of any third parties.

But their system doesn't prevent that, either, right? So by their own logic, any address checking system is pointless (no matter if it's display-based or sketchy-centralized-server-based)?

They explain in that third post that since a screen doesn't provide protection against the address or transaction being altered somewhere else than on the user's device or the hardware wallet, then screens are pointless. For example, if you send me an address to pay you some bitcoin, a screen on my hardware wallet does nothing to prevent clipboard malware on your computer from altering that address before I receive it. Which of course is true, but also completely misses the point. It's like saying "Well, a seat belt won't save my life if my engine bursts in to flames and explodes, so why bother wearing one at all?"

Just because something doesn't protect against all attack vectors doesn't mean it is pointless. Which they then discover by having to engineer a ridiculous system which requires the input of a centralized server in order for a user to simply verify an address.

You know what? Let's do a new topic with a challenge: who can write down and verify a 12-word seed phrase the fastest. This way we will have some hard numbers to compare against whenever someone claims they have a faster and more convenient seed phrase backup solution.
Inspired by LoyceV's private key writing test..

That's sooo bad! Never would I have envisioned such a bad solution for a screen-less hardware wallet ^(?). If you have to resort to this, why not just spend the extra few cents in materials and add a small screen? That's so beyond me.
Companies put little screens on all sorts of things that don't even need one (like toys, back side of phones -- this goes way back to flip phones with outer screen -- and more). And here, in the very application that really needs one, for whatever reason they are pitching, users don't get one.
This decision was either really, really dumb or actually purposefully evil.

On the back of Ledger's recent debacle, seems like a good time to bump this thread given this wallet is also based on relying on third parties to store your back ups.

Three new blog posts were published last week: https://bitkey.build/

The first post says nothing of any real note, apart from reminding people just how difficult it is to store a seed phrase.

The second one is filled with increasing amounts of nonsense:

In what world is writing down 12 worlds on a piece of paper either lengthy or complex? I can't wait to see how quick and easy their set up process is, given that you need to download an app, register an account, verify your identity, set up and link the hardware device, link it all to an online server, and then set up social recovery with a number of "trusted" contacts. You can do all that in less than the 30 seconds it takes me to write down and double check a seed phrase?

So they want to protect against social engineering and phishing by implementing social recovery which is possibly the highest risk method when it comes to protecting against social engineering and phishing. Ok.

They often disingenuously compare the worst practices with seed phrases against best practices with their device. People can be social engineered for the seed phrase, but apparently not for their social recovery system? They talk about how people back up seed phrases to the cloud, and that makes them insecure. And what is stopping someone backing up their Bitkey account details to the cloud as well? Or how people leave their seed phrase lying around where it could be found, but apparently no one ever does this with their phone or hardware device?

The third post is particularly interesting. After two previous posts talking about how seed phrases are super complicated and risky and their solution is going to be super simple, they have come up with the most over-complicated design possible to justify not having a screen on their wallet. Basically, every time you want to send or receive coins, your hardware wallet has to sign the sending or receiving address and then transmit that signed message to Block's servers, where they will verify the address has not been tampered with, and then send that address back to the relevant party to be used. The obvious flaws are that Block can spy on literally everything you do and that you have absolutely zero security from a bad actor in Block sending a malicious address. The less obvious flaws are that you now can't make transactions or even generate a new receiving address if Block's servers are down, and it opens a new attack vector for man-in-the-middle attacks if you rely on Block's servers telling you what addresses to use.

But don't forget guys, it's far simpler than just writing down 12 words!

And for that, we should heavily criticize them.. As well as pointing this out and making it very clear to any potential customers. Education is key.

The problem is mental conditioning. From a few pages up in this thread:


There are people out there in their 20s who have never even stepped foot inside a bank. They have a checking account and savings account and so on and never interacted with another human about it. All online and all usernames and passwords recoverable. Same with brokerage accounts that could have hundreds of thousands of dollars. Never met a human who worked there. How do you convince them that they have to do that?

They are creating what people like not what is good for the people.

-Dave

Because of the incredible difficulty of generating a seed yourself, taking a pen and a piece of paper, and writing down a set of words. Are you out of your mind, who does that?
Square is creating a solution to get you away from traditional ways of moving money by using none of the foundations that were established with the introduction of bitcoin.   

I don't disagree with you, that there are lots of people who will think that this is a good thing and who will absolutely buy this device.

But it is a triumph of marketing on behalf of companies such as Block and centralized exchanges that they have convinced people that they are too stupid/careless to be able to safely write down 12 words and keep them safe, and that they need to trust third parties with their coins, keys, seed phrases, or recovery processed instead. The whole point of bitcoin is that you don't need to rely on third parties.

The odd headline seems to imply that the firm is willing to screw up during the testing phase in order to prevent future troubles when users buy the product. In general, this is logical and this is a simple marketing slogan, as if hinting that in the future they will be all right. But will it be?


What you don't need doesn't mean others don't.
I fully agree with your position, but Block users will have a lot of newbies who want to be able to recover lost seed phrases. Even on this forum, from time to time there are topics on the issue of the possibility of recovering seed-phrases and keys. Square started this whole story for a reason, and they have long analyzed the needs of potential customers. The key of which is access to lost seed phrases. They just give people what they want. You can say that this is bad, but this will not stop their customers from using this device.

This sentence from the second paragraph really does sum this whole thing up very well:

That is an awful lot of things that could go wrong, a large attack surface, and lots of capacity for bugs and vulnerabilities. Compare to a standard hardware wallet which you can use with any open source software such as Electrum, and does not have any of this extraneous bloatware that Block are tacking on.

Also, why the hell would anyone want a recovery service that runs on their servers? I want a seed phrase which is under my control and my control only. Not some third party nonsense.

Exactly the kind of people you want designing and building a new hardware wallet, then.

New update was released on Block website wallet.build with weird title sayin Why We Want To Fail Right Now.
They started sending Block devices to employees for internal beta testing, finding bugs and sending feedback, but they claim developing is not yet finished and there is room for improvement.
Over next few weeks Block plans to give employees over 200 hardware wallets and allow early access to the mobile app, this will include 19 countries with Andoid and iOS devices.
In next months testing results should be released in public and testing will expand to external larger group.
https://wallet.build/why-we-want-to-fail-right-now/

I don't think such a scenario is even worth entertaining, because it would be fundamentally ridiculous scenario to be in where you are having to restore your hardware wallet to a different device to double spend your own transaction to try to recover your coins. The fact that such a ridiculous scenario is even a possibility (since there is no screen on the hardware device so therefore no way to verify what you are actually signing before you sign it) should be enough to tell you that you don't want to to use this device.

I fail to see what advantages this screenless hardware devices has over a simple 2FA hardware key such as the YubiKey. With both you cannot send a transaction without it, and both are unable to provide the ability to independently verify your transaction prior to signing. The YubiKey will likely end up being significantly cheaper, though, as will all your transactions since they won't be 2-of-3 multi-sig. And of course with your own 2FA set up, you can back up your wallet properly using a seed phrase and not some crazy scheme based on a third party account and social contacts.