Author

Topic: Why do we trust hardware wallet manufacturers? (Read 746 times)

legendary
Activity: 3346
Merit: 3130
October 07, 2018, 07:39:16 PM
#38

I have recently bought a hardware wallet. (Ledger Nano S)

This made me think about the reasons why I should trust my life savings
to these companies? They write software that I cannot understand and I
trust other people to verify that the software that they wrote is 100% safe.

Why do I trust the people who "verified" that code? I have no idea what
their motivation is and if I can trust them.

The only answer that I could get, was that the honesty and the trust
would benefit the group and the community that was using this
technology.


Well,you cantrust them because you know who are those providers, in the case where your bitcoins disappear then you know who to blame, but remember hardware wallets are vulnerables too.

The problem here is if some one get access to your hardware wallet and take your bitcoins, you could think the ones who thief those coins was the wallet creators because they create your private key, but at end we can see tons of vulns on the move.
newbie
Activity: 6
Merit: 4
Peter Todd has a good talk on this

Slévárna: HARDWARE WALLET THREATS AND VULNERABILITIES - Peter Todd

Paralelní Polis
Streamed live on Oct 6, 2018

https://www.youtube.com/watch?v=r1qBuj_sco4

copper member
Activity: 2338
Merit: 4543
Join the world-leading crypto sportsbook NOW!
I wonder about the physical bitcoins as well.  It wouldn't be hard for those who make the coins to keep a list of all the private keys they have generated and etched onto the coin.  I fear that one day we may all wake up and find our physical bitcoins are worth nothing more than the weight of the material from which they are made.

I think the only way to truly be secure is to create the private key using an off-line PC, engrave it onto a piece of material that will withstand any natural disaster, while keeping it safe from prying eyes, and do it all yourself.

legendary
Activity: 3682
Merit: 1580
Wallets like Electrum has incorporated hardware wallets into their software. The trust goes to the contributors of Electrum instead of the hardware wallet developers in this case.

electrum has incorporated plugins that interface with hardware wallets but the wallets themselves hold the seed. they could still be backdoored. electrum can't protect you in that case nor does it guarantee that hardware wallets you use are not backdoored.
member
Activity: 294
Merit: 10
World’s First Decentralized ICO Platform
That's a valid question. But the thing is, we have to trust someone. True, there's no 100 percent security, but we have no choice but to trust it. Many people think that if something is being used by millions that means it must be trustable. Millions of people can't be wrong at the same time, right?
jr. member
Activity: 73
Merit: 8

I have recently bought a hardware wallet. (Ledger Nano S)

This made me think about the reasons why I should trust my life savings
to these companies? They write software that I cannot understand and I
trust other people to verify that the software that they wrote is 100% safe.

Why do I trust the people who "verified" that code? I have no idea what
their motivation is and if I can trust them.

The only answer that I could get, was that the honesty and the trust
would benefit the group and the community that was using this
technology.


Trust is something more than a relationship between a person and a company, and without it, just nothing . If you don't trust companies like ledger nano it is possible not to enter this market. The company cares about your safety and gives its guarantees, I do not see any concerns in hardware wallets.
First, when you use it for the first time, you must set a PIN to protect your device from unwanted intrusion. Soon you will receive an initial password that you can use to create your personal keys that no one will ever know except you.
You will use the device screen to create the initial password. If a hacker has access to your computer screen, he could copy the initial password. This is why the initial password is displayed on the device screen, not on the computer.
The Ledger Wallet Nano S is equipped with a display and buttons for control. This allows you to take advantage of the additional factor of authentication directly from the device. That is, it allows you to set and enter security data, bypassing the computer and thus providing protection against phishing.hardware wallet application data is stored on a secure element inside the device
full member
Activity: 350
Merit: 100

I have recently bought a hardware wallet. (Ledger Nano S)

This made me think about the reasons why I should trust my life savings
to these companies? They write software that I cannot understand and I
trust other people to verify that the software that they wrote is 100% safe.

Why do I trust the people who "verified" that code? I have no idea what
their motivation is and if I can trust them.

The only answer that I could get, was that the honesty and the trust
would benefit the group and the community that was using this
technology.

With regards to security (Ledger Nano) Your confidential data is never exposed, It is secured inside a strongly isolated environment locked by a PIN CODE.
Your accounts as well are backed up on a recovery sheet, Easy restoration on any ledger device or compatible wallets.
hero member
Activity: 1680
Merit: 655
Because they are legally liable if you have prove that they have some kind of breach of security regarding your wallet. Hardware wallets like Trezor and Ledger are real companies which have a juridical personality. Any kind of wrong doing like tampering their own device will make them liable. And if that happens you could easily find them, as them being real companies will be hard to run away with your money unlike fake investment scams happening in the internet. I am not saying that they will run away with our money but knowing that they physically exist and are registered companies I myself know that my money is safe with their product.
hero member
Activity: 2730
Merit: 632
For all services you need in life and you can't provide them by yourself you have to trust someone. Banks, insurance, health services, the lady that cleans your apartement, it's all based on trust. So it's with hardware wallets manufactures.
No one isn't saying that 100% safety exists and that you are not taking certain risk but those wallets are proven and trusted and by now as far as I'm informed no one has reported any kind of abuse.
For sure the risk is there but those companies wont risk up their reputation.Why would they waste up their profitable business as of now for just a simple flaw of their wallets? Trust is indeed needed but doubts on storing up your long term or big amount of coins in there cant really be avoided but for now they are still trustable.
Just be sure you do purchase on direct to company or legitimate resellers not into just random dude in the net.
legendary
Activity: 2912
Merit: 1068
WOLF.BET - Provably Fair Crypto Casino
For all services you need in life and you can't provide them by yourself you have to trust someone. Banks, insurance, health services, the lady that cleans your apartement, it's all based on trust. So it's with hardware wallets manufactures.
No one isn't saying that 100% safety exists and that you are not taking certain risk but those wallets are proven and trusted and by now as far as I'm informed no one has reported any kind of abuse.
legendary
Activity: 3122
Merit: 2178
Playgram - The Telegram Casino
But you could never be 100% sure someone, somewhere down the line hasn't tampered with the device/product in question.

The most common supply line attack vector is a third party reseller making a copy of the original seed of your hardware wallet. This is easily thwarted by reinitializing your freshly received hardware wallet with a mnemonic of your own choosing, using the BIP-0039 wordlist.

Hardware wallet firmware is cryptographically signed and can not be overridden with malicious firmware without the hardware wallet alerting its owner -- at least that's the case with the Trezor, I assume it's the same with Ledger but I'm unfamiliar with their hardware.

Of course there's no such thing as 100% security, but I'd still argue that most hardware wallets are reasonably tamper-proof. (note: The hard- and software part, that is. As mentioned above, the original seed phrase cards are fairly easy to tamper with, I assume)
drm
legendary
Activity: 1176
Merit: 1005

I have recently bought a hardware wallet. (Ledger Nano S)

This made me think about the reasons why I should trust my life savings
to these companies? They write software that I cannot understand and I
trust other people to verify that the software that they wrote is 100% safe.

Why do I trust the people who "verified" that code? I have no idea what
their motivation is and if I can trust them.

The only answer that I could get, was that the honesty and the trust
would benefit the group and the community that was using this
technology.

If you had programming experience then you could look at the source code of the software of your hardware wallet. The source code is publicly available on GitHub, which allows anyone to verify it. And we also trust hardware wallets producers because at the moment there is no evidence that hardware wallets are unsafe. If this were otherwise, then there would be no trust.

But you could never be 100% sure someone, somewhere down the line hasn't tampered with the device/product in question.
member
Activity: 504
Merit: 19

I have recently bought a hardware wallet. (Ledger Nano S)

This made me think about the reasons why I should trust my life savings
to these companies? They write software that I cannot understand and I
trust other people to verify that the software that they wrote is 100% safe.

Why do I trust the people who "verified" that code? I have no idea what
their motivation is and if I can trust them.

The only answer that I could get, was that the honesty and the trust
would benefit the group and the community that was using this
technology.

If you had programming experience then you could look at the source code of the software of your hardware wallet. The source code is publicly available on GitHub, which allows anyone to verify it. And we also trust hardware wallets producers because at the moment there is no evidence that hardware wallets are unsafe. If this were otherwise, then there would be no trust.
legendary
Activity: 1624
Merit: 2481
Because is the trust of the source code instruction set. Machine code inside the data its called source code.

Hardware wallets which use a secure element (e.g. ledger nano s) are not completely open source.
This is simply due to the fact that those chips are mostly available to developer/manufacturer only.

Most of the hardware is under CDA. Ledger simply is not allowed to disclose how they interact with the element.

The majority of the source code is on github. But unfortunately not completely.
newbie
Activity: 36
Merit: 0
Official TREZOR firmware is signed by the SatoshiLabs master key. Installing unofficial firmware on the TREZOR is possible, but doing so will wipe the device storage and TREZOR will show a warning every time it starts. Reprogramming the bootloader is impossible because all TREZORs ship with their secure programming fuse blown.

You still have your seed phrase, so your coins are safe.
newbie
Activity: 70
Merit: 0
Ledger Wallet is a special case of an HD-purse that stores private keys and signs transactions on a separate, secure device. Those. no programs, no servers have access to the keys themselves, they just give the original data and get the result with permission of the one who presses the hardware confirmation button - there is no software way from the computer to unblock the wallet or confirm the transaction (conspiracy theories about bookmarks in the wallet we leave aside).
sr. member
Activity: 377
Merit: 282
Finis coronat opus
This made me think about the reasons why I should trust my life savings
to these companies? They write software that I cannot understand and I
trust other people to verify that the software that they wrote is 100% safe.

Why do I trust the people who "verified" that code? I have no idea what
their motivation is and if I can trust them.

This is what our life consists of. We must believe to someone because noone can check everything by himself. You must trust to engineers which build your car, to engineers check airplane which you use to fly. To doctors, to police officers, to coders.
BUT! What differ good things from bad? It's transparency. It means that you can check everything by yourself or 3rd part. In codding we call it "open source".
Your advantage in that opportunity. You can do it. Or hire people who could do it.
legendary
Activity: 1904
Merit: 1074
I don't. You shouldn't neither. There were HW wallet scams before on ebay. Check this out:
https://www.reddit.com/r/CryptoCurrency/comments/7oeik2/warning_if_youve_bought_a_ledger_wallet_where_the/

I never understood the need for a hardware wallet anyway. All you need is a piece of paper. If you can't secure a piece of paper then just quit. A properly generated paper wallet is the most secure wallet you can ever get.

Questioning the core wallet or your operating system (as long as its not a cracked version and freshly installed) is just being paranoiac btw.

You have to be crazy to buy a Hardware wallet from someone on eBay or Amazon and not directly from Ledger. Paper wallets

is not the solution for non-techies, because it is way too technical for them. {The risky part is when you have to sweep those

coins to use it} .... I like paper wallets and I do use them for cold storage, but they also carry a level of risk. If your only

option is paper wallets, then I would recommend that you divide your coins into smaller amounts and transfer them onto

multiple wallets. {it is just easier to use and less risky, if you quickly need to use a small amount}  Wink
legendary
Activity: 3276
Merit: 2442
I don't. You shouldn't neither. There were HW wallet scams before on ebay. Check this out:
https://www.reddit.com/r/CryptoCurrency/comments/7oeik2/warning_if_youve_bought_a_ledger_wallet_where_the/

I never understood the need for a hardware wallet anyway. All you need is a piece of paper. If you can't secure a piece of paper then just quit. A properly generated paper wallet is the most secure wallet you can ever get.

Questioning the core wallet or your operating system (as long as its not a cracked version and freshly installed) is just being paranoiac btw.
legendary
Activity: 1904
Merit: 1074
give me bitcoin Grin

This is not the appropriate thread for begging bitcoins. Work your ass out and you would get your share.

Why do you trust your bank account not to be hacked, or the ATM not to mess up your balance? Even if you don't understand it, it was built by people that understand better than you do.

Therefore your money is safer with them, than it is with yourself.

Because bank is secured and got their insurance that whatever you left on banks, you could get it on banks. So as Ledger Nano, but you are ONLY the one who is responsible for your assets, whatever you lose, you are the one responsible for it and nobody would recover it for you.

Have you ever lost any money linked to your online banking or credit cards? The Banks will rather pay their expensive

lawyers to fight you, than re-imbursing you for your losses. In the rare occasion when they do reimburse you, you have to

sign confidentiality documents not to reveal any information about the pay-out. The pay-out is also much less than your

losses.

I would much rather be in control of my own finances with a dodgy hardware wallet, than having to go through that again.

They make YOU feel like a thief, when you are the victim of the crime.  Angry
full member
Activity: 602
Merit: 103
give me bitcoin Grin

This is not the appropriate thread for begging bitcoins. Work your ass out and you would get your share.

Why do you trust your bank account not to be hacked, or the ATM not to mess up your balance? Even if you don't understand it, it was built by people that understand better than you do.

Therefore your money is safer with them, than it is with yourself.

Because bank is secured and got their insurance that whatever you left on banks, you could get it on banks. So as Ledger Nano, but you are ONLY the one who is responsible for your assets, whatever you lose, you are the one responsible for it and nobody would recover it for you.
legendary
Activity: 1288
Merit: 1087
like others have said i choose to trust the crypto hive mind to unearth these problems on my behalf and that's a much, much, much more powerful beast than your own knowledge or that of one individual whose opinions you rate.

if there is such a thing as a vested interest, it's making sure hardware wallets are as safe as they can be. it's in the extreme interest of what must be millions of people by now.


Why do you trust your bank account not to be hacked, or the ATM not to mess up your balance? Even if you don't understand it, it was built by people that understand better than you do.

Therefore your money is safer with them, than it is with yourself.

i'm not sure how valid that is. everything about banking is hidden and if they really screw up you're theoretically still in safe hands, that's why people trust it. that's not the case with hardware wallets. you have to rely on the creators and the people who pick their efforts apart too because everyone's ass is hanging on the line. it's then down to you to choose your course of action. no one's gonna save you.
sr. member
Activity: 1106
Merit: 252
Dextrust.org #Defi

I have recently bought a hardware wallet. (Ledger Nano S)

This made me think about the reasons why I should trust my life savings
to these companies? They write software that I cannot understand and I
trust other people to verify that the software that they wrote is 100% safe.

Why do I trust the people who "verified" that code? I have no idea what
their motivation is and if I can trust them.

The only answer that I could get, was that the honesty and the trust
would benefit the group and the community that was using this
technology.

your question is almost the same as what I want to ask others who understand about hardware wallet.
I also want to have it, but I do not understand about hardware  wallet
sr. member
Activity: 476
Merit: 314
But if you see the amount of users of the airplanes, desktops, bitcoin core wallet and compare with the amount of users of the hardware wallets, how big is the number of people that studied about the risks  and how big is the number of developers that checked inside the hardware wallets (remember that the ledger and trezor are not open-hardware), im not defending that the hadware wallets are not safe and we need to  verify every single componet of the wallet, im trying to say that the hardware wallets are on the few explored world of crypos where we see a different type of trap every day.
legendary
Activity: 1624
Merit: 2481
You can also keep the private key offline on a computer with the ethernet and wifi and bluetooth adapters physically removed, then use it to sign transactions offline. Then copy them manually to a 'live' computer. The problem is, when you make things complicated like this, your risk of losing money due to a screw-up can be larger than your risk of being hacked.

Physically removing network interfaces is a good step to ensure the device is really airgapped.
But i disagree with a higher risk due to screw-ups. If the seed/private keys are backed up properly i don't see a higher chance in losing funds compared to a
desktop wallet running on an everyday-pc.

While i agree that there indeed is a risk in screwing up i think that with proper back ups (which everyone should have, regardless of storing type) this risk can be compensated.
newbie
Activity: 26
Merit: 9
There's no reason to trust the developer of a hardware wallet any more than there is to trust the developers of software wallets. The difference is that however well meaning the developers are, a software wallet is inherently insecure. A hardware wallet, running on an entirely 'known' system, should be considerably more secure. If the developers are dishonest then all bets are off - even if the source code checks out.

You can also keep the private key offline on a computer with the ethernet and wifi and bluetooth adapters physically removed, then use it to sign transactions offline. Then copy them manually to a 'live' computer. The problem is, when you make things complicated like this, your risk of losing money due to a screw-up can be larger than your risk of being hacked.
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
Oh, FFS, if you don't like a hardware wallet, just use paper, it's even more secure if you do it right? Tongue

This was a legitimate question from a newbie and deserve a legitimate answer. Some people in 3rd world countries will spend 50% of their monthly earnings on a hardware wallet like this and should get value for their money and the peace of mind that it is as secure as it is advertised.

The "if you do it right" part of your statement is very important. There are not a lot of newbies who knows how to do this in the most secure manner < air gapped computer and what not>  and that is why they are placing that trust into 3rd party hardware wallet providers hands.

Paper wallets can be your worst nightmare when you do it wrong and it is more suitable for long-term storage. Hardware wallets is a lot safer and more practical for daily use. 

Let's be a bit more understanding and supportive to these newbies.  Wink
legendary
Activity: 3570
Merit: 1959
Oh, FFS, if you don't like a hardware wallet, just use paper, it's even more secure if you do it right? Tongue
member
Activity: 672
Merit: 12
In our daily life we are using so many technical machines / hardware / software.  Whatever we are using is developed / invented / manufactured by others.  We are traveling by air, train, road transport.  First we have to trust the engineers who made aircraft, rails, buses, cars.  Then we are having trust on the pilots, drivers that they will carry us safe to our destination. Do we know anything about airoplane.  I think 99.99% of us do not know it's technicalities even the pilot flying the machine may not be having complete knowledge about the plane.  Pilot is just having knowledge how to fly it and primary issues related to it.  But we are blindly trusting him.
In the same way we are trusting service providers like Banks, insurance companies, health centers, doctors.  While paying premium to insurance company we are paying just because we have faith in them that in case of need they will repay the insured amount.  While getting surgical operations from surgeon we have to 100% surrender ourselves to the  doctors for the operation required.  In many of the operations we are first given medicines to make us unconscious only after that operation is done.
So without having trust we will not be able to avail and enjoy the facilities provided by others.
In above case transactions must be secured by password.  One time password option may also be opted as an additional security.  Authenticator app if generated in mobile will give additional security. 
hero member
Activity: 672
Merit: 526
In open source projects, such as the majority of wallets, you may think that the reward for finding a flaw in these projects is very high. You do not have to trust the honesty of all those who have technical knowledge. You can rely on greed. In addition, since most of the world lives in an open environment and all those who own Bitcoin are in communities where when a failure occurs, they can scream for the community. And quickly this failure will be known by everyone.
But the best thing about Bitcoin is that you do not have to use a hardware wallet if you do not feel secure. You can use a paperwallet, pendrive. A wallet like Electrum etc.
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
I also think it has a lot to do with reputation. If you want to grow into a multi Billion dollar business, you will have to build a strong trust relationship with your customers. One big mistake will destroy all the hard work that was done to establish this business.

We are not talking about the little "Mom and Dad" business here. These companies have a lot to lose, if they fail.
https://techcrunch.com/2018/01/18/ledger-raises-another-70-million-to-become-the-leader-in-cryptocurrency-hardware-wallets/

Reputation is the secret to their success, so they will use all the resources they have to build a trusted Brand. The competition to become the industry leader is very competitive.
legendary
Activity: 3472
Merit: 4801
Why do you trust banks with your money? Oh wait, I don't, and I don't trust online or other wallets either.

I don't see what's wrong with a password protected Bitcoin core wallet. I think that is the most trustworthy, but that's just an instinctive reaction on my part.

But the OP question still remains.

Why do you trust the Bitcoin Core wallet?
Why do you trust the operating system that you are running your Bitcoin Core wallet on?
Why do you trust the hardware that your operating system is running on?
Why do you trust the mathematical functions of ECDSA and SHA?

I think the important question that the OP was asking is...

"If I do not have the technical expertise to know exactly what the software and hardware are doing, then how can I be certain that those who do have the technical expertise aren't lying to me?"

The security of open source relies on the concept that hiding the true nature of the thing requires that ALL TECHNICALLY CAPABLE people in the ENTIRE WORLD will collude to hide the behavior of the thing from ALL TECHNICALLY INCAPABLE people.  If even 1 single technically capable person refuses to collude with all the other technically capable people, then that one person can reveal the true nature of the thing to all the technically incapable people.
legendary
Activity: 2814
Merit: 2472
https://JetCash.com
Why do you trust banks with your money? Oh wait, I don't, and I don't trust online or other wallets either.

I don't see what's wrong with a password protected Bitcoin core wallet. I think that is the most trustworthy, but that's just an instinctive reaction on my part.
legendary
Activity: 3374
Merit: 3095
Playbet.io - Crypto Casino and Sportsbook
Honestly to me, I don't trust any wallet or even the hardware wallet. Since everything in bitcoin needs internet to be able to operate. There is still possible that those hardware wallets or desktop wallet or any wallet with high trusted reviews it's not guaranteed 100% that they are safe, but it still depends on you how you protect your wallet.

Anyway, hardware wallets are good for offline use and it is called the 2nd layer of authentication before you can send any amount of coins from your hardware wallet.

Hardware wallet is safe 90% I don't give 100% because I heard someone said that hacker was stolen bitcoin. If you know trezor wallet it is one of the hardware wallets competitors by ledger nano. Time ago a trezor wallet is hackable, but developers release the latest firmware and fix the issue about trezor wallet and now I don't hear any customer complains about their wallet. However, I'm not still satisfied to trust them

In that time I lose faith in hardware wallets because even hardware wallets can be hackable. So, now I don't trust them.

You are still lucky that you bought a ledger nano s as of now I see good reviews about this wallet and I think they are safe not 100% but you secured just follow the safety guidelines.

If you really wanted to verify 1 of the hardware wallet like ledger nano s and if you are not satisfied with the answer from a manufacturer, then you need to hire a programmer just to verify the program is safe or not.

For me testing them with your own you can verify that your wallet is safe, then if you still experience bad issue about hardware wallet in the future it means that wallet is not safe and your security level is low.

So for me electrum wallet is enough just add your password as your 2nd layer of authentication and save your seed phrase in the safety place and you are safe. This is just what I experience and I am using that wallet for a long time that until now I can guarantee you that electrum wallet is safe. I test them a lot even I don't exactly know what inside the electrum program, but I always scan them before I install if it is clean or not. This is just your alternative if ever you wanted to switch to electrum, but you can stay to use ledger nano s even I don't know what is program inside for me they are safe because I don't hear any customers complaint.
legendary
Activity: 1904
Merit: 1074
This is from the Ledger FAQ :

Ledger's hardware wallets are architectured around "secure elements" or secure chips. This is the same technology that

you find in chip and PIN payment cards or SIM cards.
These chips bring guarantees against physical attacks and raise the

level of security of your private keys. It is a industry standard.

The software is also Open Source : https://github.com/LedgerHQ/ledger-nano-s

sr. member
Activity: 1081
Merit: 309
I love technology.
If you can't verify the source code, the only way to stay safe is trust the people and community who already verify the source code.

This. You have to remember that this applies to anything in life. Why do we trust strangers when asking restaurant advice? Same applies here.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
It's the same question; How do you trust the people who develop desktop wallets?

If you can't review the code for the hardware wallets, you probably didn't review the code for the desktop wallets that you've used either. If you want to be more specific and thorough, you didn't review the source code for your operating system either. There is certainly no way to be 100% safe if you can't review and build everything yourself.

Wallets like Electrum has incorporated hardware wallets into their software. The trust goes to the contributors of Electrum instead of the hardware wallet developers in this case.
jr. member
Activity: 47
Merit: 12

I have recently bought a hardware wallet. (Ledger Nano S)

This made me think about the reasons why I should trust my life savings
to these companies? They write software that I cannot understand and I
trust other people to verify that the software that they wrote is 100% safe.

Why do I trust the people who "verified" that code? I have no idea what
their motivation is and if I can trust them.

The only answer that I could get, was that the honesty and the trust
would benefit the group and the community that was using this
technology.
Jump to: