Hardware wallets still aren't secure, and they never will be. Use paper wallets

[Welsh]

Obviously the best way to mitigate a wrench attack is to maintain your privacy wo you don't become a target, but I've often wondered what the best way to survive it would be provided the attacker has already overcome that first step.

Unless they know for a fact your wallet set up (which is incredibly unlikely), then there is no real difference in using multi-sig and just telling them you are using multi-sig. However, if they are willing to physically attack you for money, is having everything you own locked away in multi-sig wallets really the best way to go? Perhaps you actually want to have some bitcoin available you can hand over for your own sake. Also, there's nothing really stopping them from forcing you to tell them where you've stored all your multi-sig keys instead of the keys themselves.

Good point. For an example of this if you were to get robbed on the street of your cash you would likely be willing to give up some pocket change to prevent any harm being done, but you're not exactly giving away your whole bank account. This is why I truly believe in having multiple wallets to store your funds. Everyone has their own tolerance of risk, and I don't really keep anything more than a few Bitcoin in my wallets at a time, and this will likely evolve as the Bitcoin price changes.

[1714818197]

1714818197

[o_e_l_e_o]

This is why I truly believe in having multiple wallets to store your funds.

Agreed. I use a mobile wallet for a few hundred dollars worth of bitcoin, which I carry around daily. I know it is far from being secure, but it's an amount I can easily afford to lose and an amount I would happily give to an attacker to prevent any physical harm to myself. The amount in that wallet is in no way linked to my main cold storage via blockchain analysis. My various cold storage wallets are also in no way linked, are of various types (hardware, paper, old laptop which has been airgapped), and are all stored separately.

[DaveF]

Speaking about Vulnerabilities found in hardware wallets:

Trezor found this one:
Details of the OLED Vulnerability and its Mitigation

This article describes an information leak discovered in the OLED display used by hardware wallets, including Trezor One. We want to explain how this side-channel attack works and what measurements we took to mitigate the threat. This attack affects only the Trezor One; Trezor Model T is immune to this attack thanks to its entirely different display.

The attack requires device owners to use USB equipment that has been physically manipulated by an attacker. In other situations, users are not impacted.
There is no evidence that any malicious actors ever exploited this vulnerability.
The latest firmware v1.8.2, now available for Trezor One, mitigates the issue.

What we learnt from this story?

• Hardware wallets aren't magical items granting eternal security
• (Gullible)Users are the weakest links in the security mechanism
• You can patch (some) hardware defect or weak spots with software
• White hats are here to help

Not to dis trezor but they did not discover it. Christian Reitter did he disclosed it to them and other people who used oled also..

https://blog.coinkite.com/noise-troll/

And so far it's not proven and just about impossible to exploit. And lets be serious. If someone can compromise your USB port or cable on the PC you are using for your BTC you're screwed anyway.

Hmmmm, I have access to your usb. Let's do this incredibly complicated almost impossible hack...or just emulate a keyboard and type whatever the hell I want.....

-Dave

[btbrae]

Paper wallets aren't secure either

[Stedsm]

Good point. For an example of this if you were to get robbed on the street of your cash you would likely be willing to give up some pocket change to prevent any harm being done, but you're not exactly giving away your whole bank account. This is why I truly believe in having multiple wallets to store your funds. Everyone has their own tolerance of risk, and I don't really keep anything more than a few Bitcoin in my wallets at a time, and this will likely evolve as the Bitcoin price changes.

Yeah, great thought actually. Some people (including me) put a blind trust on few of the reputed exchanges as well to store their extremely valuable coins there without even thinking once about the risks it pertains. I've had a very brief discussion over these things and I've also learnt that distribution of wealth is one major factor we need to understand very carefully and apply too after being known to it. The hackers won't ask us whether they should take partial money out of our pockets or full, it's the same as those criminals who put gun over your head asking you to give whatever you've got, but even they won't wait for you to transfer money from your bank to theirs due to the fear of getting traced down. After this article read, I will not be able to believe even hardware wallets which many users were praising about.

For my convenience, I've just created some offline paper wallets that I'll be storing in very small steel boxes each and be kept at a safe place as well as I also keep a check every now and then, just to make sure I don't lose anything.

A question here:

If I've kept my coins in a hardware and that hardware either blasts off or gets destroyed anyhow (talking about these Ledger and Trezor thing), will I be able to ever regain them?

[DaveF]

A question here:

If I've kept my coins in a hardware and that hardware either blasts off or gets destroyed anyhow (talking about these Ledger and Trezor thing), will I be able to ever regain them?

So long as you have your seed phrase yes you can recover what you need. Those words are the key to everything.

Which when you think about it brings us back to paper wallets. If you wrote it down then although not a long alpha-numeric private key its still something very important that is on paper.

-Dave

[Pmalek]

A question here:

If I've kept my coins in a hardware and that hardware either blasts off or gets destroyed anyhow (talking about these Ledger and Trezor thing), will I be able to ever regain them?

Here is what happened to me yesterday.

I was moving some bitcoins to my Nano S. There was a new update to the Ledger Live app and I installed it. I wanted to check the Account Manager if there were any updates to my installed apps. After clicking on the Account Manager on Ledger Live my hardware wallet wiped itself clean! It just restarted, I never experienced it before. I thought that it got broken at first.

I disconnected and reconnected it again and it showed me the welcome screen you usually see the first time you set it up. Press both buttons to start the setup etc... I had to reconfigure it with my seed and set it up again. Very weird indeed.

I am not sure if this was a bug, some hardware failure or if it has anything to do with the update I performed.

[DaveF]

you can never be 100% sure however they are the 2 safest forms of custody i know, the same paper wallets are more or less secure as long as they don't be transfer to other wallets, their creation(paper wallet) is very complex and requires a lot of attention to avoid make a mistake...

And they also need..everyone all together...repeat after me:

AN OFFLINE COMPUTER.

Be it an old PC, Mac, desktop, laptop whatever.
Make sure it's not hooked to any network in any way.
You want to print plug in a USB cable.
No Wi-Fi, no cabled network, no network.

Now, keep in mind I am talking generating wallets for significant amounts of BTC that you are putting into storage for a while.
A little bit (more or less what you would keep on your phone for quick payments) you don't have to go though all of this.

Want to put 25BTC for a year or two? Spend the time and do it right.
Want to put .01 so when you spend what you have on your phone you have quick access to more, probably don't need to be as secure.
Your own risk amounts will vary.

-Dave

[Welsh]

Agreed. I use a mobile wallet for a few hundred dollars worth of bitcoin, which I carry around daily. I know it is far from being secure, but it's an amount I can easily afford to lose and an amount I would happily give to an attacker to prevent any physical harm to myself. The amount in that wallet is in no way linked to my main cold storage via blockchain analysis. My various cold storage wallets are also in no way linked, are of various types (hardware, paper, old laptop which has been airgapped), and are all stored separately.

I don't even know how much is in my cold storage as I haven't accessed it in a number of years. Although, I don't actually own a mobile wallet due to my precautions when dealing with anything mobile. I do have a wallet which stores a few hundred stored on my a computer which isn't regularly accessed. I'm not the type of Bitcoin fanatic which trades or sends transactions regularly though.

[vapourminer]

I was moving some bitcoins to my Nano S. There was a new update to the Ledger Live app and I installed it. I wanted to check the Account Manager if there were any updates to my installed apps. After clicking on the Account Manager on Ledger Live my hardware wallet wiped itself clean! It just restarted, I never experienced it before. I thought that it got broken at first.

I disconnected and reconnected it again and it showed me the welcome screen you usually see the first time you set it up. Press both buttons to start the setup etc... I had to reconfigure it with my seed and set it up again. Very weird indeed.

I am not sure if this was a bug, some hardware failure or if it has anything to do with the update I performed.

this is a drawback to most hardware wallets. occasionally an update will wipe the device, although the readme for the update will mention this. my trezor had one update like that, and they gave plenty of warning 1st.

that being said you should always verify the seed before any update on anything. thats a given. bad cable, power glitch, whatever.. things happen.

i always put aside a bit of time before a hardware wallet update. usually goes fine but you never know.

[Chris!]

Obviously the best way to mitigate a wrench attack is to maintain your privacy wo you don't become a target, but I've often wondered what the best way to survive it would be provided the attacker has already overcome that first step.

Unless they know for a fact your wallet set up (which is incredibly unlikely), then there is no real difference in using multi-sig and just telling them you are using multi-sig. However, if they are willing to physically attack you for money, is having everything you own locked away in multi-sig wallets really the best way to go? Perhaps you actually want to have some bitcoin available you can hand over for your own sake. Also, there's nothing really stopping them from forcing you to tell them where you've stored all your multi-sig keys instead of the keys themselves.

Good point. For an example of this if you were to get robbed on the street of your cash you would likely be willing to give up some pocket change to prevent any harm being done, but you're not exactly giving away your whole bank account. This is why I truly believe in having multiple wallets to store your funds. Everyone has their own tolerance of risk, and I don't really keep anything more than a few Bitcoin in my wallets at a time, and this will likely evolve as the Bitcoin price changes.

But if my leather wallet is empty, it's not like I'm going to get shot because they think I have $1000 stored somewhere else on my person. The mugger would run away. It's only a significant risk if they're planning the attack against you for a long time.

My paper wallets aren't secure either

FTFY

[o_e_l_e_o]

I don't even know how much is in my cold storage as I haven't accessed it in a number of years.

Smart. Attackers can't know how much you are holding if you don't know how much you are holding. Perhaps this is the best way to protect against $5 wrench attacks.

But if my leather wallet is empty, it's not like I'm going to get shot because they think I have $1000 stored somewhere else on my person. The mugger would run away.

Sure, but physical attacks with the aim of stealing bitcoin aren't happening by approaching random people on the street in the spur of the moment. The attack is targeted and planned, and the attacker usually knows the victim is holding a significant amount of bitcoin. Often they are home invasions, or fake meetups under the pretense of trading. If you initially refuse to hand over any bitcoin or wallet details, the attacker is unlikely to just say "Oh well" and leave.

[crwth]

But if my leather wallet is empty, it's not like I'm going to get shot because they think I have $1000 stored somewhere else on my person. The mugger would run away.

Sure, but physical attacks with the aim of stealing bitcoin aren't happening by approaching random people on the street in the spur of the moment. The attack is targeted and planned, and the attacker usually knows the victim is holding a significant amount of bitcoin. Often they are home invasions, or fake meetups under the pretense of trading. If you initially refuse to hand over any bitcoin or wallet details, the attacker is unlikely to just say "Oh well" and leave.

What if this happens: Everybody in the world now uses cryptocurrency, whether it's bitcoin or not, it's widely applied. For sure there are criminals lurking and attacking innocent people. We are definitely not there yet but who knows, it's a great thing to think about. Imagine the move "In Time". Where time was the currency, but it's cryptocurrency. Or maybe it's the blockchain they are using? Lol

[michael_97]

Indeed paper wallet is a better option than a hardware wallet.

[Boriss]

Indeed paper wallet is a better option than a hardware wallet.

Paper wallet is just that, piece of paper it cannot function without other part, and that is the main problem, it's not suitable for most people. And also main question is "better for what exactly" > storing, using, or both, or neither of that?

I would say its nice thing  to create and load it with some BTC and after that gift it to someone that you want educate how crypto works.

[PrimeNumber7]

I don't even know how much is in my cold storage as I haven't accessed it in a number of years.

Smart. Attackers can't know how much you are holding if you don't know how much you are holding. Perhaps this is the best way to protect against $5 wrench attacks.

Sure they could. An attacker could use blockchain analysis to reasonably conclude a lower bound of how much coin a person is holding. An attacker could use a set of known facts to conclude a person is holding a large amount of coin. Feigning ignorance is not going to stop you from getting robbed.

Sure, but physical attacks with the aim of stealing bitcoin aren't happening by approaching random people on the street in the spur of the moment. The attack is targeted and planned, and the attacker usually knows the victim is holding a significant amount of bitcoin. Often they are home invasions, or fake meetups under the pretense of trading. <>

Unless you are involved in these types of attacks, you do not have any way of knowing this. These types of attacks are not well publicized.

[Pmalek]

Sure they could. An attacker could use blockchain analysis to reasonably conclude a lower bound of how much coin a person is holding. An attacker could use a set of known facts to conclude a person is holding a large amount of coin.

If your coins are spread around in different wallets and these addresses are not public and can't be connected to your real name it is safe to assume that you would be safe. How would someone discover that a certain number of addresses belong to John Smith from Denver, Colorado?

[o_e_l_e_o]

Sure, but physical attacks with the aim of stealing bitcoin aren't happening by approaching random people on the street in the spur of the moment. The attack is targeted and planned, and the attacker usually knows the victim is holding a significant amount of bitcoin. Often they are home invasions, or fake meetups under the pretense of trading.

Unless you are involved in these types of attacks, you do not have any way of knowing this. These types of attacks are not well publicized.

You don't need to be involved in bitcoin attacks to realize that approaching random members of the public and threatening them to "hand over their bitcoin" isn't exactly going to net you high returns. Bitcoin attacks are planned in advance. I would also direct you to this page: https://github.com/jlopp/physical-bitcoin-attacks. Sure, many are not publicized, but of the ones which are, the majority take place within a building (usually a home or a predetermined meeting point), or sometimes within a vehicle. More rarely the victim is abducted.

These attacks are not akin to a mugger approaching a random person on the street, and running if they don't have anything of value on their immediate person.

[Stedsm]

@o_e_l_e_o,
I've heard somewhere about a virtual chip that can be inserted in a human body anywhere (most probably wrist) and they can generate invoices and even send/receive Bitcoins through the same. If that's true, even if the attackers know that "this guy is having Bitcoins" but are unsure where did he store them, how will they plan and attack such person? If such a device can be stored in us, why can't we have some sort of device stored in our body too that can alarm Police by sending them necessary details like our live location as well as a message like "Emergency, need help, stuck somewhere!" that we may use by just tapping that area in our body whenever such scenario takes place?

[o_e_l_e_o]

If that's true, even if the attackers know that "this guy is having Bitcoins" but are unsure where did he store them, how will they plan and attack such person?

I assume the same way they would attack anyone they know is storing bitcoin but they don't know how or where: Physically.

If such a device can be stored in us, why can't we have some sort of device stored in our body too that can alarm Police by sending them necessary details like our live location as well as a message like "Emergency, need help, stuck somewhere!" that we may use by just tapping that area in our body whenever such scenario takes place?

Don't see why not, but I would assume something like that could be fairly easily countered by an attacker using a cell phone jammer or similar device.