Topic: Square is considering making a hardware wallet for Bitcoin - page 8. (Read 4002 times)

Thanks for the update!

Yeah; that's very questionable. Essentially a classic strawman argument.
For usability, I find that giving customers two microSD cards and extremely easy instructions to follow ('pop it in and click a button'), as well as telling them to write those words on a securely stored piece of paper, is easy enough for anyone.
By the way, the 'original password manager' (paper book) that older people are ridiculed for, has been shown not to be as bad as you would expect. Writing down any type of 'secrets' and storing the paper holding them securely (for decades) is very natural to humans, even going back hundreds and thousands of years, so I don't see why the 2022 human should be too stupid to accomplish it.

It already begins with them sharing the customer data with their other (sub-)companies, which is standard business practice.. So far, I'd say: keep your hands off this device at any cost.

Integrating exchanges and API calls to all sorts of '' is something I've never understood.
Like Loyce, I'm a big fan of the KISS principle, so it's unbelievable to me how companies think they need to maximally dumb down their products, whilst at the same time throwing waterfalls of garbage at their customers such as myriads of shitcoins to choose from, as well as more often than not NFTs, leverage trading and all this sort of stuff.
This doesn't all need to exist in your wallet (if at all, but that's another question).

Most recent blog update: https://wallet.build/product-principles/

Still absolutely no information about how these recovery tools will work or where else your keys are going to be stored to allow recovery to happen...

Does say a couple of things I found interesting though:
I find it hard to believe that the people are Block honestly believe that most people are trying to memorize their seed phrase or have it written on a post-it note and stuck on their monitor, when every other hardware wallet in existence which uses seed phrases is very clear that it should be written down and stored somewhere safe, secure, and hidden. I suspect this is part of their marketing - sow the seed (no pun intended) that seed phrases are bad by focusing only on the most insecure way of using them, so their overly complicated 2-of-3 app/hardware/server solution seems better in comparison.

Sounds like a privacy nightmare.

It's not my scenario; it's one of their two aforementioned 'killer features' they've confirmed multiple times: you can set a threshold below which the hardware signer is not needed since they'll provide the second signature.
For higher amounts their server will deny to sign and you will need to use the hardware device. The idea is that if the phone gets stolen the thief can't spend all your funds.

Precisely. Either their solution requires you to back up a strong password, which is no different to backing up a secure seed phrase, in addition to being much more complicated to use and recover from, OR it is completely insecure and Block can steal all your coins at any time. Neither is good.

Even if you decide to never use their server and co-sign all your transactions with the hardware device, the initial set up of a 2-of-3 multi-sig requires all three devices to have the master public keys from the other two, meaning Block can still see all your addresses and transactions, even if you never interact with them (although I'm certain that their mobile app will connect to their servers and their servers alone, so even without the multi-sig set up they could still monitor everything you do).

In this scenario of yours, does the user still have access to his mobile app and device where the keys are stored or did he lose one/both of them? If it's a normal 2-out-of-3 multisig, Square's signature wouldn't even be needed. Having the control of how much the user is and isn't allowed to spend from his own money is another highlight in the long list of 'no thanks' for this product of theirs.

Well, it's possible this 'feature' will be dropped. Or opt-in or something. As you correctly say, it would be possible to build a system like this:
[1] setup normal 2-out-of-3 multisig
[2] they refuse to cosign for large amounts
---
^ this is the first 'killer feature' they want to implement

[3] they have an encrypted version of your two seeds (local encryption before sending & open source software could make this fairly trustable)
[4] if you lose your two seeds, they can give you those encrypted ones and you have to enter a password to decrypt them
---
^ this is the second 'killer feature'

However, [4] requires choosing and safely storing a strong password, which completely defies this whole concept that is based on the assumption that people don't want to write down and securely store a 12 word seed.

So technically, the two things they want to accomplish, are possible, but then the whole thing makes no sense. If there's no encryption at play, so no password to be written down, then it's not secure as they claim and they could steal all your funds at any time. So it wouldn't make sense either. This is the dilemma I keep talking about.

Another point to consider: We haven't talked about privacy yet, have we? If your wallet sends transactions to their server to be cosigned, especially if you also use other Square apps (they can share data amongst each other, even on iOS) and / or use the proposed exchange feature inside the wallet, all your transactions will be linked to your real life identity.

If they want to play the semantics game, technically even an exchange's hot wallet could be considered 'full control', claiming you can click the 'withdraw' button any time and nobody else, so you and only you have full control over those funds (I know, right? Utter bullshit.)

Me neither, nor am I defending that model. I am just making conclusions based on the things that have been revealed here about Square.

You have (full) control in the sense that you can move your coins without requesting permission (It sounds incredibly stupid even writing this when you are thinking about Bitcoin) from Square because you have two of the private keys. But you don't have full control when it comes to the sole custody of said keys and the coins they are supposed to protect.   

Agreed, but I really don't see how it can be anything else. If they can recover both your mobile key and your hardware key if you are to lose both devices, then they must be storing all three keys in some way. They might claim they are encrypted, that Block can't access them, and so on, but that will be impossible to verify and you are still left trusting a third party completely, both for their honesty and their technical competence in setting up their back end and security systems.

I don't consider shared control to be full control. Full control means that I, and I alone, have control over my coins. If you can unilaterally move my coins and therefore revoke my ability to access them, then I don't have full control over them.

Compare that with a traditional (non-Square) 2/3 multisig setup. If you lose 2 out of 3 private keys, is it possible for you to recover them by proving to a company that you are the legitimate owner? And if such a system exists, that means they store the keys as well "protected" behind some security questions, passwords, or PINs. If you lose 2 out of 3 private keys in a normal multisig, your coins are gone. If you do the same with Square's device, there is no need to worry. But we know what that means.

You probably will have full control, meaning access to 2/3 signing keys if they go for a 2/3 multisig. The thing they aren't telling you is they will have full control as well. Shared full control of private keys.

It would honestly be kind of disappointing, because other plans and projects from them don't sound too bad, as I remarked earlier. For instance, having a new ASIC manufacturer around would always be great to see, but if they were really to sell such a misleading product at the same time, it would be hard to support such a company.
I guess it really remains to be seen because any info we have and get from them, even now, months later, is still super unclear.

Or, option 3, they know fine well that they will be storing all your keys in some form and therefore have complete control over your coins, but as Pmalek says, they are counting on the fact that their target audience won't understand this and are being deliberately misleading with their marketing when they say that you will have full control over your funds.

I know, but as Leo says in below quote, it makes no sense. It's easier to write 12 words; people write and protect important information on paper since forever. It's not hard, it's known and intuitive and there's little that can go wrong.


Honestly, when they first announced the device, the information available was so vague that I also thought 'they have an idea / pitch right now that makes no technical sense'. There were contradictions and other issues we talked about in the first pages of this thread. It's not gotten much clearer by now and the things they keep claiming sound and feel mostly like 'yeah, that's good enough to get some investors'. But I'm not certain they've figured out the rough architecture of the system by now.

The wallet is supposedly recoverable even if you lose your phone and the device, so there's no need for either at all. Anyone with basic knowledge of Bitcoin can understand this. Then it's just an online wallet with extra steps. But at the same time they claim that it's not just an online wallet. So it remains to be seen if and what they'll come up with, but honestly if you go for simplicity, there's nothing really much better than a software wallet and maybe a support person to talk to. As soon as you introduce extra hardware it gets more complicated than without it.

I think there are some good companies, but they are those who really embrace the Bitcoin spirit, open source and everything that comes with it. Compare Lightning Labs' LND (tons of marketing, performance issues, hindering development of privacy stuff like bolt12, trying to develop own / proprietary stuff) against Blockstream's Core Lightning (little marketing, runs on any hardware, lots of community contributions, modular, ...). For me, you already feel a difference if you compare LL people to Blockstream's Adam Back, of course long-time forum user here as well.

These are exactly the contradictions I'm talking about. They either have massive miscommunications between each other, or they don't yet actually know how they want to implement the whole thing.

Which will be impossible to verify since we do not have access to their back end to verify anything that they say. Even the entire set up process could be insecure and expose your keys before you even set up the back up. And even if they don't actually have access to it, it still leaves it open to attack.

Maybe they should recommend users write that down on paper then so they don't lose it, since it is so important. And make sure it is a very strong password. 12 random words should do it.

Pulling something out of the air in terms of the recovery if you loose every device I can see them storing it in a way that they don't have access to but you do. Kind of the way the lastpass / and other password managers do it.

But it would still rely on the user knowing username & password & some other form of data. That would make it vulnerable to the $5 wrench attack. Unless there is another failsafe. Something like you need to wait "X" days before it's recovered. Still FAR from perfect or even a good idea.

-Dave

We already have very trusted hw wallet manufacturers and their products work perfectly. I don't see any value making another hw wallet tbh. But then I don't understand why people still get into the restaurant business while they are already at every corner neither.


I don't think Jack knows that much about hw wallets. I don't even think he understands crypto completely. He is definitely not an expert but has lots of money so...

I know mate, but the thing is, you are telling it to the wrong crowd. I am not going to be their customer and I don't see anyone else who regularly frequents this board to become one either.

And that's another thing. Those who will be tricked into purchasing this hardware device, won't have any clue of what satoshi wanted with the creation of Bitcoin. They will see Bitcoin as that new fancy kind of money that you buy today, and when you sell it in a year, you get more USD for it. Not to mention that if you verify your identity and submit your documents, the exchange gives you an extra $10 for free. It's awesome. 

According to this page - https://wallet.build/how-the-wallet-works/ - the wallet is a 2-of-3 multi-sig with one key stored on the mobile app, one on the hardware device, and one on the cloud. This allows a user to spend small amounts using only their mobile app (by signing with mobile key and cloud key), but require the mobile app and hardware device for larger spends (as the user can specify an amount above which Block will refuse to co-sign transactions from the mobile app, therefore requiring the hardware key instead).

However, the same page also says this:

If you lose 2 out of 3 keys, but then Block can somehow magically recover access to your coins, then although they say they only store one key they must be storing at least another key and therefore have complete access to your coins at any time.

Yes, but as I said, this isn't a matter of simplicity, but responsibility. It really can't go more simple than writing down 12 words. You don't make it more simple by handing out your custody to Square, you're just ignoring the downsides. Despite the fact that such service doesn't make sense, it's plainly ironic to use bitcoin that way. Satoshi's turning in his grave. 

Can't look forward 'til the first Square's keys' breaching.

And with an account owned by someone else, you just have to enter your username and a password or maybe your email or a scan of your fingerprint and you are in. If you forget any of your data, you just ask Square and they will be happy to help in contrast to non-custodial Bitcoin solutions (bad Bitcoin, get down), where you have to go through the horrors of writing with your own hand. Yuck! When given a choice between the two, the average halfwit would rather not do or learn anything. 

But this isn't a matter of simplicity. With a non-custodial wallet, you just have to write down a seed phrase; it doesn't go more simple than that. Besides, if you're going to do something, do it right. If, say, they want to convince the people use bitcoin, they should just leave some links to educate themselves. There are lots of excellent sources to begin with.

But, that's not what they want. The existence of this recovery service displays that they put their sales above their project's fundamentals. They don't want educated clients. They're a business, trying to sell their new product to their followers, most of which have no idea of what they're paying for.