Show Posts
Every time you are importing your private keys, or signing an address you are ultimately trusting the hardware which you are using. Even if you sign/import on a offline computer. You are still trusting the developers of the hardware which you are using. I don't think I'm completely crazy in thinking this is a genuine issue and should at least be discussed. There's been several companies which have spied on it's users through different means; Apple, dell and Microsoft are some of the biggest developers/manufacturers in the world and arguably the most 'trusted' in their field.
These hardware wallets which are very popular among the community today; Trezor and Ledger more specifically are seen as gods gift among the community and everyone believes they are 100% safe. But, can we really trust those behind the development? Can we trust that the government haven't got their hands in things? Please understand I'm not calling out the hardware wallets as scams or anything like that. I actually believe they are very user friendly and are a great storage option for a hot wallet which you need to access somewhat securely regularly.
But, these hardware wallets have been developed and manufactured by less renowned people than the companies mentioned above. Yet they were simply embraced by the community without any questions.
I'm just gong to quote some websites which I believe have concerns about this and hardware wallets too.
Quote from: bitslog
How much do you trust your hardware wallet?
When it comes down to how much you should trust your hardware, an issue that is becoming more popular nowadays, deterministic subliminal channel-free signature schemes seems to offer a great advantage. I’ve come to this conclusion while designing the Firmcoin and analyzing the possible adversaries for a hardware wallet. Even if you trust your private keys to your hardware wallet, you generally don’t trust it as much as giving the hardware wallet full Internet access. not even wireless communication. You provide the hardware wallet with a transaction to sign, and you get it signed. In the case of a Bitcoin hardware wallet, which uses ECDSA, the best you can have is a subliminal-free but interactive signing protocol, that still poses some risks.
When it comes down to how much you should trust your hardware, an issue that is becoming more popular nowadays, deterministic subliminal channel-free signature schemes seems to offer a great advantage. I’ve come to this conclusion while designing the Firmcoin and analyzing the possible adversaries for a hardware wallet. Even if you trust your private keys to your hardware wallet, you generally don’t trust it as much as giving the hardware wallet full Internet access. not even wireless communication. You provide the hardware wallet with a transaction to sign, and you get it signed. In the case of a Bitcoin hardware wallet, which uses ECDSA, the best you can have is a subliminal-free but interactive signing protocol, that still poses some risks.
Read more here: https://bitslog.wordpress.com/2014/06/09/deterministic-signatures-subliminal-channels-and-hardware-wallets/
Ultimately, I would like some discussion on the safety of using hardware wallets specifically or generating/importing/exporting private keys on them.
