Topic: Square is considering making a hardware wallet for Bitcoin - page 7. (Read 4002 times)

The Android version of Electrum doesn't support hardware wallets. During the creation process, there is no option to pair it with a hardware wallet. Regarding PSBTs, I have never tested it personally, but since Electrum for Android allows for scanning of QR codes, I am guessing that it should work. 

That's a good point! Green doesn't have Square's whole recovery problem (allowing to recover after losing 2 keys) - this is about security.
But what about privacy? Is there a way they (or Electrum) can implement 2FA without knowing about every single one of your addresses (and transactions) or not?

Do you know whether Electrum on Android supports hardware wallets or exporting and importing PSBTs in general? Being able to do so would also be handy if someone had a PC-based airgap setup (keys on old offline PC).

Blockstream Green used to be known as GreenAddress until Blockstream acquired it and made it their own. I think the difference here between this and whatever Block are making is that Blockstream are open that they only hold one key and therefore cannot access your funds. If you lose your other two keys, then you lose your wallet. This is obviously in contrast to Block, who say if you lose your other two keys then they can somehow manage to recover them.

In terms of your question about mobile wallets, I would just stick to Electrum. If you want to use it easily but not very privately, just install and run. If you want to go a bit more technical but a lot more private, point it towards your own Electrum server.

I might be focusing too much on semantics here, but it looks like an optional feature to me based on how they said it. We offer you the option to use Multisig Shield... etc., etc. Maybe it works in a different way as well. I am just guessing here, I am not agreeing with any type of shared custody.

With the Multisig Shield, the user seems to have access to two signing keys while Blockstream keeps one. That's similar to what Electrum does with its 2FA. It's an optional feature that you don't have to use. And even if you do, you can still recover your coins and get access to your bitcoins since you have 2 out of 3 signing keys. 

I just had a glance at Blockstream Green wallet, since it's one of the reproducible mobile wallets on https://walletscrutiny.com/.
Apparently, Blockstream actually invented shared self-custody, before Block??


Has anyone looked into this further? It seems like a similar concept where you need to cosign using a second factor, but their server is what enforces this and ultimately cosigns, after you present ownership of the second factor.
For example, has anyone had a look whether all transactions are sent to the server (massive privacy issue) and whether there are other problems with the wallet?

I'm telling you guys, the number of wallets that I can safely recommend nowadays is so tiny..
Especially for mobile. How hard can it be to make a Bitcoin wallet that actually follows Bitcoin core principles?

I get it that in some fields, all the software that's available is super complex and has more features than what the majority needs; thus, there's a market for a more convenient, even though maybe less privacy-friendly alternative.
But...
[1] This is Bitcoin. Its whole purpose is to leave the responsibility with the user and let them be their own bank. With both the risks and the benefits that this entails.
[2] The situation I described above, was over 10 years ago - when Bitcoin Core was the only wallet around. I totally agree that it's not possible for every person on the world to download the whole blockchain and lots are willing to offer up some privacy to be able to use Bitcoin. That's why Electrum came around and became so popular (and still is till today).

But aren't there enough 'convenient, but not totally private' wallets around by now? At a certain points, no one is better than another and just looks a little different. I believe we've reached a point where simply bringing Bitcoin Core to mobile would be a huge revolution.

Yeah, that's him.  Not a fan, as you can tell.  Sorry to start slinging mud in this thread, but HE started it. 


Brilliant.  I think you just coined the term for the next generation of Hardware Wallet Shysters.

I'm loving the technical understanding with which this thread is able to call out their bullshit word by word..



How about this for a name: The 'trust me, bro' wallet by Block / Square?

In the beginning, I assumed that the whole thing was still in draft phase ('good enough to attract investors') and 'we'll figure out the technicalities later'. But by now they should have an idea if what they envision is possible and if not, adjust their promises accordingly. Mistakes are human, and honesty is crucial.

---

This one's for you Pmalek, 'shared self-custody' - that's too funny!

Square just invented shared self-custody. You are in custody of your keys, but they have custody of your keys as well.

Unless the userbase they are targeting starts asking such questions, they probably won't do that. It will be interesting to observe how this approach of theirs has been received by their community members. If the feedback is positive and people only have good things to say about what Square is doing, it will just give them the needed motivation to keep pushing forward. 

Absolutely, and I can't really believe that this is what is underpinning Block's entire security schematic, but there is simply no way for them to be able to help a user recover the key from either their phone or their hardware device without Block having access to those keys in some form.

This is what it all boils down to. A self-custody wallet that requires complete trust in a third party, which is not a self-custody wallet at all.

It would be great if they could actually just reveal how their recovery mechanism will actually work, but each additional little bit of information they leak out over time are doing nothing to change my mind that I will never be using nor recommending this wallet.

Yeah, obviously. They know that what they are saying is not true. But they want the potential users to feel as stupid as possible by telling them you can't do that. You don't know how to. You are going to make a mistake. Your only choice is trusting us with our new revolutionary innovations that will make your life easier.

I'm not following; is this about Jack Dorsey? I honestly have no idea about him except being Twitter CEO and Square founder.

An account- / password-based system that encrypts the seeds and then uploads all of them to Square may potentially be sold as viable alternative to simple 12 or 24 seed phrases, because it abstracts away the importance of the password (in this case as important as an actual Bitcoin seed phrase!!) and lets them recommend customers to store it in their password manager like every other password.

It would - again - be a very bad scheme with low security and no benefit compared to just storing the seed phrase yourself.

Reading through their blog posts and Twitter accounts, it sounds very much like you can recover either the phone or the hardware wallet (or even both) just by using some as-of-yet unknown recovery tools. This necessitates them storing all three keys. The only way I can see this being possible with them still being able to claim they only have access to one key (without just outright lying) is for them to store your other two keys but encrypted. The only way this would (kind of) work* is if those keys were encrypted by a client set password, but then you still have the problem of if the client forgets the password. Which then leads us back to square one of how they can promise recovery if the client loses/forgets everything. The only way I can see this happening (client loses phone, loses hardware wallet, forgets account password and can still recover their wallet) is via KYC. And don't even get me started on that.

And don't even start to tell me that all this is somehow simpler than me typing 12 words in to a new wallet.

*I mean, not really work at all, since we would have absolutely no way of verifying that they were encrypted, encrypted securely, and that Block couldn't access them, even if that's what they claimed.

I just find it ironic that some bloated-ego blowhard who tried, (and failed) to lecture us on "misinformation," ending up wrong more often than not, and trying to prevent open discourse which would allow people to make up their mind still thinks so highly of himself that, once again he's trying to protect us from ourselves.  And, to do so, he's spreading misinformation.

Even if it was the best hardware wallet on the market I wouldn't give that shitforbrains a single penny of my money.

If I remember correctly, there was another (unrelated) service (wallet?) in the past that claimed you had 'self-custody', since you could display, backup and restore your seed words, but also access your account (which included the seed) using an email and password login.
This means that you did have 'full self control over the funds', but they did, too!

I'm not saying Square is doing this, just saying it wouldn't be the first time..

Nevertheless, I think you might be onto something.  It's not beyond a company with that kind of ego to decide the general public are not to be trusted with their own security.  Yet they keep digging in, and continue to use phrases like "self-custody" and "self-serve recovery."

This is from the latest post on their blog;

I just thought real hard and came up with an idea on how the highlighted part may be solved.

It's certainly not a good one and would make the device look even worse, but be technically correct. Hear me out:
[1] One key on Square server
[2] One key on hardware signer
[3] One key on the phone -- but -- not actually on the phone, but in an app on that phone, which is just a software client for essentially an online wallet

This way, if you lose phone and signer, you login to your account on a new phone or on your PC; then together with key number 1, you can restore the multisig wallet.

Besides the obviously flawed nature of online wallets (not your keys), this would also actually put 2 out of 3 keys on their server, as obviously this 'email + password' account will be on their server.
But it's the only way I see their 2 following statements working together:

• It's a 2-out-of-3 multisig setup.
• Quote from: https://wallet.build/how-the-wallet-works/
  If you lose your hardware device, or lose both your phone and your hardware device, there will be ways for you to recover your wallet based on the security settings you’ve defined when you set up your wallet.

Here's the issue:

They are creating a 2-of-3 of multi-sig set up. They state that there will be one key is on your mobile app, one key in your hardware wallet, and one key on their servers. However, they also state that if you lose your phone you can recover your app using your hardware wallet and your online account, and if you lose your hardware wallet, you can recover this via your app and your online account. They also state that if you lose both your phone and hardware wallet, you will still be able to recover your wallet via your online account:


Now, these two positions are mutually exclusive. They cannot claim that they are only storing one of your private keys on their server, but then also state that if you lose both the private keys you are storing that you will be able to recover them from their servers. They cannot be able to provide a back up of two of the keys if they aren't storing either of them. Which means either they are lying, deliberately trying to pull the wool over the eyes of users who don't understand this, or they haven't actually figured out how any of this is going to work yet.

I find it pretty disingenuous that they keep pushing this recoverability as a big selling point while providing absolutely zero details on how it actually works.

She did mention that their hexagonal shape HW components are part of the recovery process in case someone loses their phone ^{[at 14:51]}, but I'm going to argue that it's a lot easier to lose those tiny HW components than the phone itself!

Leaving out all the other comments as to why I don't like this device, I will actually give them a small pass on this.

For 20+ years now businesses have been conditioning people not to write down passwords for security reasons and that if you forget your password to your bank or whatever there is a way to recover it. So on one hand we have 2+ decades of oh you lost information, here it is. On the other side we now have sorry you lost a few words out of 24 word seed, sucks to be you your BTC is gone forever.

Many other reasons not to like them, this is one of the smaller ones.

-Dave

I've now stumbled across this video from Consensus 2022, again with Lindsey Grossman as we saw in a previous video. Skip to 12:42.

She says that all software and hardware wallets are "very difficult to use" and "anxiety producing". She again repeats this nonsense that people are "remembering" their 12 or 24 word seed phrase, comparing it to people forgetting passwords. I suspect this strawman is going to be a large part of their marketing to users who simply don't know any better. (And still no information about recovery. Almost likely they are keeping this part deliberately hidden?)

Yeah, I said as much on this post: https://bitcointalksearch.org/topic/m.59309830

I just don't follow what they are trying to do here. They say writing down 12 words is too complicated and they want to make something simpler. So they create a wallet which requires two devices, an app (with presumable a PIN or password), an online account (with an email and password), will require the user to set up these three things and manage the interplay between them, will likely require KYC or some form of identity verification for their recovery tools, and will be filled with integrations to "exchanges, other wallets, traditional financial institutions, and payments providers" (no doubt meaning the app will be filled with ads, affiliate links, and loads of unnecessary features like swapping bitcoin to shitcoins, staking/lending, etc.)

I just don't see how any of this is simpler.