Topic: Suggest me a secure and open-source hardware wallet. (Read 198 times)

Hahaha, no worries. I think we should have a misunderstanding here. However, I just want to say that even when banks access data from the Secure Chip, we don't have a problem because we already trust them with our funds. So we have to trust them anyway. But for Bitcoin or crypto wallets, we can't trust them the same way if wallet manufacturers could read data from the secure chip. Will you believe any hardware wallet manufacturer if you know that they could access data from a secure chip? I don't think so.

Bro, we aren't fighting here or making arguments. I am just trying to learn proper knowledge about secure chip safety. I may have less knowledge about secure chips, but we can learn from the discussion. As I said above, it doesn't matter whether the bank chip or the software is open or closed source. They are centralised, which means we trust them when we are using their service. Bitcoin is decentralised; the hardware wallet should be fully non-custodial here, so we don't need to trust any third party. When the firmware is open source, then we can (developers) read it, and we don't need to trust them.

Anyway, I am convinced of Trezor Safe 3 and have already placed an order. I hope I will receive it soon.

Still, I will keep this thread open for discussion.

You have no clue what you are talking about do you? 
What the heck is decentralised non-custodial secure chip?
That exist only in your dreams 


Open Source doesn't mean that something is centralized or decentralized.
You are mixing apples and cucumbers, so you better stop here my friend... this is getting really hilarious...

I am not sure why you are comparing a centralised chip with a decentralised and non-custodial secure chip. Both are different; credit card chips won't be open source because they are centralized. When you get a credit card, you already trust them. But for a hardware wallet, this isn't a fact. Do you know private keys would be revealed from the Secure Element Chip through a firmware update? If you don't know, then search for it. The manufacturer could reveal the stored data to Secure Chip through a firmware update if they want it. This is the reason I am leaving the Ledger wallet. But the good thing is that Trezo firmware is open source, and if they implement something like revealing private keys through firmware updates, then the community could detect it.

So most likely, I am going to order Trezor Safe 3, which is universal.

I don't know if SeedSigner uses encrypted QRs, but I use Krux, which is like a deluxe SeedSigner.  Krux lets you create encrypted seed QRs, and that's an awesome feature because it means if somebody finds your seed QR, they won't be able to read it.  Without the decryption password (or passphrase if you want) it's unreadable.  That's an amazing feature.  If SeedSigner doesn't have it yet, I have to assume they'll add it.

Check out Krux.  It's fantastic.

It's still not open source, that is a big difference.
This reminds me on what Coldcard is doing with their source code  

Did you (Passport Foundation) sign any NDA with Microchip?

This has nothing to do with the chip. This is specifically a software framework to interact with the chip. Like an SDK. Of course it's open source.

Microchip, for example, offers a similar SDK for their secure elements (like the 608b) called "cryptoauthlib" (https://github.com/MicrochipTech/cryptoauthlib). All code is viewable and they have a basic copyright that doesn't restrict its use (except that it must be used with Microchip products).

This Infineon chip used by Trezor is absolutely no more open than any other competing chip, except that Trezor purchases it without signing an NDA. That's it.

Are you saying  this is not true?
This is official github page for this secure element:
https://github.com/Infineon/optiga-trust-m

https://github.com/Infineon/optiga-trust-m/blob/develop/LICENSE

It is not related with Trezor, but github clearly shows that Optiga Trust M secure element have MIT open source license code, and that can be confirmed.
Firmware for Trezor was already open source, so I really don't see any issue here.

What makes you say that? There is literally nothing open source about this chip, nor any secure element, nor any MCU or processor used in any hardware wallet or computing device.

To my understanding, Trezor just made some claims about being able to publicly disclose vulnerabilities because they didn't sign an NDA with the manufacturer.

Not 100% sure which cryptocurrencies you want to hold on ur new hardware wallet but you should check out Bitbox02.
There is a bitcoin only-version and a multi edition. You can check the supported coins/token here: https://bitbox.swiss/coins/

The advantages are that they are fully open-source, have a secure chip and they come with a native desktop app. (like Ledger Live)
The only negative criticism for people who want to store various altcoins on it is the limited support for coins/tokens. But this is because the focus is really on the security of the wallet.

Bitbox02 has a lot of benefits like coin control, Tor support... and its super user-friendly! It costs like around $150 but worth every penny.

Does this mean that anyone who comes into possession of the QR code can load the seed on any other device or only on SeedSigner? I admit that the idea that the device itself has nothing in it that could enable a potential thief to hack it sounds very good, but is there an option to protect the seed with a passphrase in case someone does find the backup?

I say this with all due respect:  The problem you're having is that you don't know what you're talking about.  You see the term "secure element" and think it means things it doesn't.  The secure element chips you're referring to are for saving your keys, etc, in the device.  Want a REALLY safe device?  Use one that doesn't have a secure element at all, because the device never saves your seed.  If the device gets stolen, there's nothing on it for a thief to get.

Check out SeedSigner.  When you first set up SeedSigner, the device will guide you through the steps to create a SeedQR on paper, by hand.  SeedSigner doesn't save your seed in the device.  When you turn it off, your seed is erased.  This means, each time you use SeedSigner, you scan your SeedQR to load your seed on the device.  Loading a seed on SeedSigner is easier than entering a PIN to unlock a traditional hardware wallet.  Oh, and I should mention that SeedSigner has no PIN to lock the device since there's nothing on the device to lock.

It's a brilliant setup.  And it's all entirely open source.

Dude I already told you that everything in Trezor3 is OPEN SOURCE including secure element, so I don't know what more do you want? Some certificate approval?
btw you are using devices with closed source chips all the time in your credit cards, smartphones, computers, etc.

Safest option is to stop using bitcoin, hardware wallets and all modern technology.

Thanks for your valuable input. Trezor was my first choice since I intend to move to another wallet rather than the Ledger hardware wallet. But my concern is about secure chips. Since the secure chip stores private keys, I am not sure if the manufacturer could reveal the private keys from the secure chip. I have to find more information about Trezor Secure Chip before jumping into it. I know all hardware devices wouldn't suit everyone since everyone's needs are different. I hope I can have a better solution.

Yes, Trezor 3 Safe is using open source secure element model Infineon OPTIGA Trust M, and that can be verified.
Most of the other brands are using secure elements that are closed source.

Keystone is sadly still not open source wallet, but they promised to release source code in November, so let's see.
I heard several complains about them, but compared to other available hardware wallets they are not so bad.

Based on what you wrote I think that Trezor 3 Safe is currently best available hardware wallet for you.
It's open source, small size, not expensive device, and it can support bitcoin with other altcoins.
Note that all wallets have pros and cons, there is not one wallet that is best for everyone.

Currently, I have been using Ledger X. We know Ledger is a trusted hardware wallet manufacturer. But lately I don't have enough faith in Ledger when it's a matter of storing a large amount. I am not saying Ledger isn't trusted due to my faith. Its just my personal feel about Ledger due to its closed source. More importantly, their backup service is one of the worst things in crypto, though it's not mandatory. Backup our seed with a third party for a hardware wallet won't make it secure anymore.

So here is my concern: I want to move to a new secure, smart, and open-source hardware wallet. And I want to know about the secure chip used by Ledger. Lately, even Trezor started using Secure Chip. So with a secure chip, can we trust that the wallet is safe and doesn't have a chance of being drained by the manufacturer?

I need a multi-currency hardware wallet that is secure, smart, and open-source, price really doesn't matter. One of my choices is Keystone due to their wallet design, especially the fingerprint system. But it seems they used three secure chips, and I am not much aware of whether the manufacturer can drain wallets somehow through the secure chips.

Please suggest details and why you think I should buy this. Please don't send the list to compare wallet, just suggest best one.