Show Posts
I'm not sure to whom you are critical of.
No bad blood, but to further contribute to this thread:
I think you are well aware that Cobo and Keystone are now completely different companies.
Yes, I'm aware and sorry for the troublesome time Lixin/team must have experienced behind the scenes. And giving advice to transfer the seed from a wallet of another manufacturer, which in theory could be deliberately compromised, on Keystone wallet surprises me. For the same reason, Cobo refused Keystone to sign the migration firmware for wallets with its logo, so as not to spoil its reputation in case of problems.
Are you saying Keystone or Cobo has/had bad intentions? Either way, you shouldn't have used Cobo Vault in the first place and on the other hand need to decide if you want to use Keystone (which I was trying to do so by asking my questions). Topic on signing firmware has a bad taste but unfortunately this practice seems to be common sense in public companies. In addition, for what I've understood of Lixin's explanations (twitter/blog) Cobo as a company and Lixin/team operated like they where two seperate parties. Cobo funded. Lixin/team developed.
Topic on moving seeds: What I was initially confused about is why Lixin suggest moving funds. I wasn't reading his initial post correctly. Namely, that some specific coins are not supported on their Keystone backend / app. In case of multi-coin usage (and only having coins on supported derivations), I think putting an existing (and well-tested) mnemonic into a new Keystone device is far superior than creating a new/seperate one and actually moving funds. Creating a new mnemonic means you have to again generate it in an untrusted manner, test integrity and functionality. Also, you have to handle it logistically (e.g. new seed plate). And move the funds. I don't understand your claim... What does the seed have to do with the actual usage of the device (which for altcoins, probably should be a well-maintained one like Lixins product)?
In the bitcoin-only case, looking at the source code, it seems that Keystone and Cobo are quite the same for now. In practice, if you're fine using the old features (QR, SD slot, etc) one could still use Cobo Vault for a long time. Even though that doens't mean buying a Keystone now is unreasonable: you support the development/fund of their new endeavour.
It surprises me even more that such a question is asked by a rather seriously knowledgeable user who, in the above question, describes the theoretical possibility of compromising private keys using signed transactions.
In addition to everything, you are new to this forum and for what purpose did you appear here and where you were before I do not understand?
All this leads to bad thoughts.
I also want to warn Lixin to be careful, not everyone is friendly on this forum, and every random word of yours can be used against you.
If I had bad intentions asking these questions it simply wouldn't matter (beauty of bitcoin and opensource). Satoshi only appeared for a short time as well. You don't have to trust him. Moreover, it's not like I'm asking for Lixin's seed...In addition to everything, you are new to this forum and for what purpose did you appear here and where you were before I do not understand?
All this leads to bad thoughts.
I also want to warn Lixin to be careful, not everyone is friendly on this forum, and every random word of yours can be used against you.
You have found the right sources.
Actually there are 2 ways of doing Bitcoin's cryptographic signature.
The first one is called the non-deterministic way. In this way, each signing will pick a random number k. Then run the signing algorithm with this k. As each time the k is different, so the results are different but they are all valid results. Actually this is the original way of doing ECDSA signing.
The second one is called the deterministic way. In this way, k is "derived" from the message you are signing. With that being said, if you sign the same piece of message each time, k is the same (deterministic). So you will get the same result. This is a newer implementation of ECDSA and it's defined by RFC6879.
We are using the original implementation.
Thank you, I learned a lot from this. I tried it again with my Cobo Vault testing device.Actually there are 2 ways of doing Bitcoin's cryptographic signature.
The first one is called the non-deterministic way. In this way, each signing will pick a random number k. Then run the signing algorithm with this k. As each time the k is different, so the results are different but they are all valid results. Actually this is the original way of doing ECDSA signing.
The second one is called the deterministic way. In this way, k is "derived" from the message you are signing. With that being said, if you sign the same piece of message each time, k is the same (deterministic). So you will get the same result. This is a newer implementation of ECDSA and it's defined by RFC6879.
We are using the original implementation.
This time, I did sign a exact same PSBT multiple times with Cobo Vault and can confirm, sig differs!
Although, this does not verify the source of provided RNG is sufficient (in general) it mitigates a lot of trust in a potential advisory.
Non-deterministic / deterministic, maybe in further iterations the User can decide by himself?
I think here Aaron means that you can verify each different results by writing some code or using some 3rd party tool like https://8gwifi.org/ecsignverify.jsp
Thanks.It's suggested that Cobo Vault users use Cobo's own companion app to move these coins to other wallets before using the companion app we offer.
2. Friend of mine uses Cobo Vault together with the Shitcoin App. If I advise him buying buying a Keystone, why move the Coins? Can't he just put the Cobo-Seed into a Keystone-Device and use that with the Keystone App?Your friend should move these coins to other other wallets before he imports Cobo's seed into Keystone.
3. Liking the idea for a cyperpunk device, how do you plan to maintain Support for the Keystone Device one would buy today?
Thanks! (Please forgive me if I don't fully understand your question.)Cypherpunk version would be a parallel product to the normal version we are selling now. I can't see any conflict between releasing Cypherpunk version and maintaining the current version.
Thanks for the Discussion and thanks for answering my questions.
PS, Lixin, lots of respect for handling this situation like you do! If you find the time would be happy to hear more of you on podcasts. Keep going <3
