Pages:
Author

Topic: Square is considering making a hardware wallet for Bitcoin - page 3. (Read 4017 times)

legendary
Activity: 2212
Merit: 7064
Coinbase have already handed over plenty of customer information to various governments and authorities, which will definitely include all customer's withdrawal addresses. The difference now is as you point out - they can very easily get Block to hand over your cloud back ups and seize your coins directly out of your hardware wallet, just like they can do to Ledger Recover.
There is definite push for hardware wallets to start doing stuff like this and work with centralized exchanges.
It's not only Block and ledger wallet, in China they are doing the same thing with Safepal wallet and I am sure there will be more manufacturers joining ''the club''.
I just hope they all got a bit scared after people reacting furiously after ledger debacle.

Most other people really don't give a shit. They want to make money or they don't care about privacy and want to do other things with crypto.
Until it affects them on a personal level, than everyone is concerned.

For people who want to know what direction Block wallet is going you should check all their investors:
https://investors.block.xyz/overview/default.aspx
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
....When did we reach the point where a product completely and utterly trashing your privacy was irrelevant to the majority of users? And when did we reach the point where people are actually willing to pay to have their privacy trashed, such as with this or with Wasabi?

About 2 minutes after somebody noticed that you can make money trading BTC and selling BTC hardware and so on.
We (here) discussing privacy are in the minority, we are the people who spend hours thinking about and talking about BTC.

Most other people really don't give a shit. They want to make money or they don't care about privacy and want to do other things with crypto.

While leaving the wallet that shall not be mentioned out of it. People are worried about a lot of things, and those that care about privacy / anonymity will try to preserve theirs. Those that don't will not.
Same way those people who trade in an attempt to make a profit would not even think about doing anything like running their coins through a mixer / anonymization service since there are fees involved with that (however small) and that cuts into profits..... Same way you will NEVER see a real professional gambler drink while gambling. It makes you less sharp, where as those of us that go to casinos for fun....keep bringing me the free drinks till I can't drink no more....

-Dave
legendary
Activity: 2268
Merit: 18771
I'm reading Bitkey's blog post about this here (https://bitkey.build/coinbase-and-cash-app/), and I can't get over just how terrible this is for your privacy.

You link your Bitkey account to Coinbase and interact with Coinbase via Bitkey. Obviously you need to KYC at Coinbase so they already have all your personal details, and now you are handing them all your wallet addresses on a silver platter. This is the same Coinbase which actively run their own blockchain analysis subsidiary. The same Coinbase which freely hand customer data over the US and other governments. The same Coinbase which admitted selling user data to third parties for their own profits.

When did we reach the point where a product completely and utterly trashing your privacy was irrelevant to the majority of users? And when did we reach the point where people are actually willing to pay to have their privacy trashed, such as with this or with Wasabi?
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
Yo dawg, I heard you like third parties...

Shhhh, you were supposed to keep those parties secret.

Oh, 3rd parties. Wink



Anyway, what I find interesting too is that the 1st post in this thread is over 2 years ago, and they are just starting the open beta.
And to get in it asks a bunch of questions about what wallets you use and what you do with BTC / crypto.
What have they been doing for 2 years other then designing something that looks like a rock. Yeah, it's cool looking I'll give them that. But 2 YEARS?

-Dave
legendary
Activity: 2268
Merit: 18771
o_e_l_e_o  trigger warning below (didn't I tell you in another post to go outside and enjoy the weekend)....
Lol. Consider me triggered. At least everyone knows that Coinbase are a centralized third party, unlike Block lying about being "self custody" or Wasabi lying about being a "privacy" wallet.

So you will be able to link your fully KYCd Coinbase coins with your fully linked self custody wallet that links back to Block to have them keep a way of recovering your keys.
Yo dawg, I heard you like third parties...

I'll just leave this here:
Now I can only imagine hypothetical scenario with Coinbase getting attacked by US and other governments around the world, and they would have to give all customer information to authorities.
Coinbase have already handed over plenty of customer information to various governments and authorities, which will definitely include all customer's withdrawal addresses. The difference now is as you point out - they can very easily get Block to hand over your cloud back ups and seize your coins directly out of your hardware wallet, just like they can do to Ledger Recover.
legendary
Activity: 2212
Merit: 7064
So you will be able to link your fully KYCd Coinbase coins with your fully linked self custody wallet that links back to Block to have them keep a way of recovering your keys.

It's just like banking with Chase. But with crypto.
I wonder what could go wrong??  Probably nothing   Roll Eyes
Now I can only imagine hypothetical scenario with Coinbase getting attacked by US and other governments around the world, and they would have to give all customer information to authorities.
That means, there it zero privacy and custody of coins is questionable, because they can probably be seized much easier with all that personal data being in government hands.
Tough luck for all the people in places where Coinbase is not working, I guess no Block for them...  and nothing to lose.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
o_e_l_e_o  trigger warning below (didn't I tell you in another post to go outside and enjoy the weekend)....

This seems to have been put out there with very little discussion anyplace:

https://www.coinbase.com/blog/announcing-a-global-partnership-with-blocks-bitkey-wallet
Quote
Today we are excited to announce an international partnership spanning 6 continents with Bitkey, the self-custody bitcoin wallet built by Block, which includes a mobile app, a hardware device and a set of recovery tools. Bitkey’s mission is to empower the next 100 million people to truly own and manage their money with bitcoin, without the friction and anxiety that has historically existed around the transition to self-custody and true ownership. This alliance is a key step towards our goal of powering the bitcoin economy.

Coinbase Pay offers a simple and secure way for users to fund their accounts with crypto within apps, wallets, or marketplaces. By accepting your users’ preferred payment methods already saved in their Coinbase accounts, users enjoy seamless fiat-to-crypto onramps and businesses benefit from increased conversion rates and product adoption.

In parallel, we are looking forward to Bitkey's global beta program which also launches sign ups today. Customers participating in the global beta program will see a game-changing feature that allows you to effortlessly move your bitcoin from centralized exchanges to the secure Bitkey self-custody wallet.

So you will be able to link your fully KYCd Coinbase coins with your fully linked self custody wallet that links back to Block to have them keep a way of recovering your keys.

It's just like banking with Chase. But with crypto.

-Dave
legendary
Activity: 2268
Merit: 18771
But their system doesn't prevent that, either, right?
Nope, unless you are using their convoluted system to sign a message on a Bitkey hardware wallet to transfer to their server for verification and then have their server send the address directly to me. Although all that actually does is shift the attack surface from your phone/computer to Bitkey's server, which I imagine would become a very attractive target for attackers since they could potentially intercept and alter thousands of addresses at once.

And of course let's not forget that all of this (signing messages to prove they haven't been altered) can already be achieved trivially easily without the involvement of any third parties.
hero member
Activity: 924
Merit: 5943
not your keys, not your coins!
This decision was either really, really dumb or actually purposefully evil.
They explain in that third post that since a screen doesn't provide protection against the address or transaction being altered somewhere else than on the user's device or the hardware wallet, then screens are pointless. For example, if you send me an address to pay you some bitcoin, a screen on my hardware wallet does nothing to prevent clipboard malware on your computer from altering that address before I receive it.
But their system doesn't prevent that, either, right? So by their own logic, any address checking system is pointless (no matter if it's display-based or sketchy-centralized-server-based)?
legendary
Activity: 2268
Merit: 18771
This decision was either really, really dumb or actually purposefully evil.
They explain in that third post that since a screen doesn't provide protection against the address or transaction being altered somewhere else than on the user's device or the hardware wallet, then screens are pointless. For example, if you send me an address to pay you some bitcoin, a screen on my hardware wallet does nothing to prevent clipboard malware on your computer from altering that address before I receive it. Which of course is true, but also completely misses the point. It's like saying "Well, a seat belt won't save my life if my engine bursts in to flames and explodes, so why bother wearing one at all?"

Just because something doesn't protect against all attack vectors doesn't mean it is pointless. Which they then discover by having to engineer a ridiculous system which requires the input of a centralized server in order for a user to simply verify an address.
hero member
Activity: 924
Merit: 5943
not your keys, not your coins!
But a newcomer who just went through a lengthy, complex setup process for a self-custody product might not immediately get around to finding a really safe place or format for the seed phrase they wrote down - if they know they should do that in the first place.
In what world is writing down 12 worlds on a piece of paper either lengthy or complex? I can't wait to see how quick and easy their set up process is, given that you need to download an app, register an account, verify your identity, set up and link the hardware device, link it all to an online server, and then set up social recovery with a number of "trusted" contacts. You can do all that in less than the 30 seconds it takes me to write down and double check a seed phrase? Roll Eyes
You know what? Let's do a new topic with a challenge: who can write down and verify a 12-word seed phrase the fastest. This way we will have some hard numbers to compare against whenever someone claims they have a faster and more convenient seed phrase backup solution. Wink
Inspired by LoyceV's private key writing test..

The third post is particularly interesting. After two previous posts talking about how seed phrases are super complicated and risky and their solution is going to be super simple, they have come up with the most over-complicated design possible to justify not having a screen on their wallet. Basically, every time you want to send or receive coins, your hardware wallet has to sign the sending or receiving address and then transmit that signed message to Block's servers, where they will verify the address has not been tampered with, and then send that address back to the relevant party to be used.
That's sooo bad! Never would I have envisioned such a bad solution for a screen-less hardware wallet (?). If you have to resort to this, why not just spend the extra few cents in materials and add a small screen? That's so beyond me.
Companies put little screens on all sorts of things that don't even need one (like toys, back side of phones -- this goes way back to flip phones with outer screen -- and more). And here, in the very application that really needs one, for whatever reason they are pitching, users don't get one. Grin
This decision was either really, really dumb or actually purposefully evil.
legendary
Activity: 2268
Merit: 18771
On the back of Ledger's recent debacle, seems like a good time to bump this thread given this wallet is also based on relying on third parties to store your back ups.

Three new blog posts were published last week: https://bitkey.build/

The first post says nothing of any real note, apart from reminding people just how difficult it is to store a seed phrase. Roll Eyes

The second one is filled with increasing amounts of nonsense:

But a newcomer who just went through a lengthy, complex setup process for a self-custody product might not immediately get around to finding a really safe place or format for the seed phrase they wrote down - if they know they should do that in the first place.
In what world is writing down 12 worlds on a piece of paper either lengthy or complex? I can't wait to see how quick and easy their set up process is, given that you need to download an app, register an account, verify your identity, set up and link the hardware device, link it all to an online server, and then set up social recovery with a number of "trusted" contacts. You can do all that in less than the 30 seconds it takes me to write down and double check a seed phrase? Roll Eyes

And there are so many ways for people to get tricked with seed phrases, from social engineering to phishing to schemes that trick people into using an attacker-provided seed phrase during wallet setup.
So they want to protect against social engineering and phishing by implementing social recovery which is possibly the highest risk method when it comes to protecting against social engineering and phishing. Ok. Roll Eyes

They often disingenuously compare the worst practices with seed phrases against best practices with their device. People can be social engineered for the seed phrase, but apparently not for their social recovery system? They talk about how people back up seed phrases to the cloud, and that makes them insecure. And what is stopping someone backing up their Bitkey account details to the cloud as well? Or how people leave their seed phrase lying around where it could be found, but apparently no one ever does this with their phone or hardware device?

The third post is particularly interesting. After two previous posts talking about how seed phrases are super complicated and risky and their solution is going to be super simple, they have come up with the most over-complicated design possible to justify not having a screen on their wallet. Basically, every time you want to send or receive coins, your hardware wallet has to sign the sending or receiving address and then transmit that signed message to Block's servers, where they will verify the address has not been tampered with, and then send that address back to the relevant party to be used. The obvious flaws are that Block can spy on literally everything you do and that you have absolutely zero security from a bad actor in Block sending a malicious address. The less obvious flaws are that you now can't make transactions or even generate a new receiving address if Block's servers are down, and it opens a new attack vector for man-in-the-middle attacks if you rely on Block's servers telling you what addresses to use.

But don't forget guys, it's far simpler than just writing down 12 words!
hero member
Activity: 924
Merit: 5943
not your keys, not your coins!
They are creating what people like not what is good for the people.
And for that, we should heavily criticize them.. Wink As well as pointing this out and making it very clear to any potential customers. Education is key.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
The problem is mental conditioning. From a few pages up in this thread:

...Writing down any type of 'secrets' and storing the paper holding them securely (for decades) is very natural to humans, even going back hundreds and thousands of years, so I don't see why the 2022 human should be too stupid to accomplish it....

Leaving out all the other comments as to why I don't like this device, I will actually give them a small pass on this.

For 20+ years now businesses have been conditioning people not to write down passwords for security reasons and that if you forget your password to your bank or whatever there is a way to recover it. So on one hand we have 2+ decades of oh you lost information, here it is. On the other side we now have sorry you lost a few words out of 24 word seed, sucks to be you your BTC is gone forever.

Many other reasons not to like them, this is one of the smaller ones.

-Dave

There are people out there in their 20s who have never even stepped foot inside a bank. They have a checking account and savings account and so on and never interacted with another human about it. All online and all usernames and passwords recoverable. Same with brokerage accounts that could have hundreds of thousands of dollars. Never met a human who worked there. How do you convince them that they have to do that?

They are creating what people like not what is good for the people.

-Dave


legendary
Activity: 2730
Merit: 7065
Also, why the hell would anyone want a recovery service that runs on their servers? I want a seed phrase which is under my control and my control only. Not some third party nonsense.
Because of the incredible difficulty of generating a seed yourself, taking a pen and a piece of paper, and writing down a set of words. Are you out of your mind, who does that?
Square is creating a solution to get you away from traditional ways of moving money by using none of the foundations that were established with the introduction of bitcoin.   
legendary
Activity: 2268
Merit: 18771
You can say that this is bad, but this will not stop their customers from using this device.
I don't disagree with you, that there are lots of people who will think that this is a good thing and who will absolutely buy this device.

But it is a triumph of marketing on behalf of companies such as Block and centralized exchanges that they have convinced people that they are too stupid/careless to be able to safely write down 12 words and keep them safe, and that they need to trust third parties with their coins, keys, seed phrases, or recovery processed instead. The whole point of bitcoin is that you don't need to rely on third parties.
legendary
Activity: 1792
Merit: 1296
Playbet.io - Crypto Casino and Sportsbook
New update was released on Block website wallet.build with weird title sayin Why We Want To Fail Right Now.
They started sending Block devices to employees for internal beta testing, finding bugs and sending feedback, but they claim developing is not yet finished and there is room for improvement.
Over next few weeks Block plans to give employees over 200 hardware wallets and allow early access to the mobile app, this will include 19 countries with Andoid and iOS devices.
In next months testing results should be released in public and testing will expand to external larger group.
https://wallet.build/why-we-want-to-fail-right-now/
The odd headline seems to imply that the firm is willing to screw up during the testing phase in order to prevent future troubles when users buy the product. In general, this is logical and this is a simple marketing slogan, as if hinting that in the future they will be all right. But will it be?


This sentence from the second paragraph really does sum this whole thing up very well:

With a product that involves hardware, a mobile app, a public web presence, online purchase flow, recovery services that run on our servers, and so many other internal components, there’s a lot of surface area to cover as we validate our implementation.
That is an awful lot of things that could go wrong, a large attack surface, and lots of capacity for bugs and vulnerabilities. Compare to a standard hardware wallet which you can use with any open source software such as Electrum, and does not have any of this extraneous bloatware that Block are tacking on.

Also, why the hell would anyone want a recovery service that runs on their servers? I want a seed phrase which is under my control and my control only. Not some third party nonsense.

~snip
What you don't need doesn't mean others don't.
I fully agree with your position, but Block users will have a lot of newbies who want to be able to recover lost seed phrases. Even on this forum, from time to time there are topics on the issue of the possibility of recovering seed-phrases and keys. Square started this whole story for a reason, and they have long analyzed the needs of potential customers. The key of which is access to lost seed phrases. They just give people what they want. You can say that this is bad, but this will not stop their customers from using this device.
legendary
Activity: 2268
Merit: 18771
This sentence from the second paragraph really does sum this whole thing up very well:

With a product that involves hardware, a mobile app, a public web presence, online purchase flow, recovery services that run on our servers, and so many other internal components, there’s a lot of surface area to cover as we validate our implementation.
That is an awful lot of things that could go wrong, a large attack surface, and lots of capacity for bugs and vulnerabilities. Compare to a standard hardware wallet which you can use with any open source software such as Electrum, and does not have any of this extraneous bloatware that Block are tacking on.

Also, why the hell would anyone want a recovery service that runs on their servers? I want a seed phrase which is under my control and my control only. Not some third party nonsense.

Quote
many of our internal beta customers are storing their bitcoin on custodial exchanges today
Exactly the kind of people you want designing and building a new hardware wallet, then. Roll Eyes Roll Eyes
legendary
Activity: 2212
Merit: 7064
New update was released on Block website wallet.build with weird title sayin Why We Want To Fail Right Now.
They started sending Block devices to employees for internal beta testing, finding bugs and sending feedback, but they claim developing is not yet finished and there is room for improvement.
Over next few weeks Block plans to give employees over 200 hardware wallets and allow early access to the mobile app, this will include 19 countries with Andoid and iOS devices.
In next months testing results should be released in public and testing will expand to external larger group.
https://wallet.build/why-we-want-to-fail-right-now/
legendary
Activity: 2268
Merit: 18771
Depending on if, when, and how full RBF gets implemented with the next Bitcoin Core release, it might be easy to doublespend the transaction back to yourself. But that depends on too many factors out of your control: how many nodes opt-in for Full RBF, how many pools do it, and will the Block app have an option to cancel/doublespend a transaction back to yourself. o_e_l_e_o is a better person to talk to about such scenarios.
I don't think such a scenario is even worth entertaining, because it would be fundamentally ridiculous scenario to be in where you are having to restore your hardware wallet to a different device to double spend your own transaction to try to recover your coins. The fact that such a ridiculous scenario is even a possibility (since there is no screen on the hardware device so therefore no way to verify what you are actually signing before you sign it) should be enough to tell you that you don't want to to use this device.

I fail to see what advantages this screenless hardware devices has over a simple 2FA hardware key such as the YubiKey. With both you cannot send a transaction without it, and both are unable to provide the ability to independently verify your transaction prior to signing. The YubiKey will likely end up being significantly cheaper, though, as will all your transactions since they won't be 2-of-3 multi-sig. And of course with your own 2FA set up, you can back up your wallet properly using a seed phrase and not some crazy scheme based on a third party account and social contacts.
Pages:
Jump to: