Bitcoin Forum
May 28, 2024, 03:41:17 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Bitcoin / Hardware wallets / Is this scheme for multisig audit of Trezor + Coldcard ok? on: April 13, 2021, 04:34:25 PM
My plan is to make a multisig between coldcard and trezor. I want to audit and verify that I indeed own the 2 keys of these wallets, using a raspberry pi zero (no wifi/bluetooth by definition) on a very old HDMI tv with no internet either, and using a virtual keyboard and simply a mouse on the pi zero.

These are the possible risks I want to mitigate:

 - The wallets can have a malicious random number generator. 

 - The wallets can generate address for keys that are not mine

To eliminate the risk of the trezor generating a private key I don't own, I'm gonna put its key on the raspberry pi zero and see that it generates the same master pubkey and shown in trezor. This proves I own this key, but it might be a kew that someone already owns. No problem, that's why I'm doing multisig.

On the coldcard, I'll generate a seed using dices, and then verify on the raspberry pi that those dice rolls indeed generate the private key shown by coldcard. This proves that I own a private key that no one owns, because it was generated using dices.

Now that I have 2 private keys that I own, and at least one of them I'm the only owner, I can create a multisig wallet on Electrum or maybe BlueWallet. I'll annotate the first 10 addresses generated by the software wallet, and verify if they match on the coldcard and on the trezor. If the 3 show the same 10 set of addresses, I can consider these addresses safe for receiving Bitcoin.


I'll then receive some Bitcoin on one address, erase both wallets, restore them with the private keys, and then try to spend this Bitcoin, just to make sure I really owned the coins.

What are the possible problems I can encounter? Am I forgetting something important?

PS: I know that if the trezor has a malicious random number generator and it creates a private key that not only myself own, this is a privacy leak, but not a problem. And it's a privacy leak only when I spend from this address, revealing the public key on the blockchain.

I also plan to use just PBST air-gapped transactions on Coldcard, and a trusted computer to broadcast.
2  Economy / Economics / How can my country lose money if I send bitcoins away? on: February 19, 2016, 09:49:28 PM
How is it bad for my country if I send my bitcoins to another one without telling them? The amount of money in the economy of my country will remain the same, so I don't see how it can be a lost.
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!