Hardware wallet question

[Charles-Tim]

Please, do not mind my question.

Normally, it has been revealed that it is still possible for hardware wallets to be vulnerable to malware, especially when connecting it through the means of USB to a computer, which means hardware wallet users should still be careful of malware. I will appreciate the following questions to be answered.

1. How about ledger nano x which support bluetooth, can it be affected by malware through bluetooth while performing online transaction?
2. Is it possible for hardware wallet to remain totally offline, while using another wallet as watch-only wallet in a way the hardware wallet will be used offline only for signing through the means of QR code?

[1714767214]

1714767214

[1714767214]

1714767214

[1714767214]

1714767214

[TryNinja]

1. How about ledger nano x which support bluetooth, can it be affected by malware through bluetooth while performing online transaction?

Even if it does, that's not an issue.

Let's imagine that somehow a malware or malicious third party manages to modify the data transfered through bluetooth from your PC to the HW. You create a transaction sending 1 BTC to 1Abc... and the malware modifies it to send 1 BTC to 1Xyz...

You still need to accept and sign the transaction on the device before it's actually sent. You can see on the device that the address doesn't match and cancel it. The same thing can happen on your Nano S when using it through the USB cable. There are no restrictions to which software can create a fake/adulterated transaction and ask for a confirmation (to be signed).

2. Is it possible for hardware wallet to remain totally offline, while using another wallet as watch-only wallet in a way the hardware wallet will be used offline only for signing through the means of QR code?

They are totally offline. That's the point of a hardware wallet. All it does is receive an unsigned transaction from your PC/phone through bluetooth, an USB cable or even a QR code, sign the transaction and send it back for you to broadcast through your connected device.

[DaveF]

2. Is it possible for hardware wallet to remain totally offline, while using another wallet as watch-only wallet in a way the hardware wallet will be used offline only for signing through the means of QR code?

The coldcard wallet has a microsd slot, you can create a transaction on a PC, copy it to the microsd, put it in the coldcard and sign it.
You then put the card back in your PC and broadcast the signature. Takes a bit more time then using the USB cable but it does work.

For the ultra paranoid they also make an adapter that lets you run the coldcard from a 9V battery so you never have to plug it into anything.

More discussion about hardware wallets:  https://bitcointalk.org/index.php?board=261.0

-Dave

[bob123]

1. How about ledger nano x which support bluetooth, can it be affected by malware through bluetooth while performing online transaction?

You compare it to any others hardware wallets way to move unsigned transactions onto the hardware wallet and the signed one to the broadcasting device.
The one big difference is that it is a wireless technology.

So generally speaking, the risk is larger since an adversary doesn't have to be right in between your hardware wallet and your broadcasting device (e.g. with a manipulated usb cable or by compromising your device), but within a few meters.
This only really plays a role when there is a vulnerability in how the hardware wallet handles (weird) requests etc.

So theoretically, yes. The attack surface and therefore the risk is larger.
But practically this is / should be negligible.

2. Is it possible for hardware wallet to remain totally offline, while using another wallet as watch-only wallet in a way the hardware wallet will be used offline only for signing through the means of QR code?

It depends on how you move the unsigned/signed transactions between the HW wallet and the broadcasting device.

If it has an inbuilt camera, yes.
If via USB from an offline device, yes (but not using QR's).
If via USB from an online device, not so. Remember that the HW wallet never really is online, but also isn't completely offline when plugged into an online device.

[o_e_l_e_o]

Ledger made a good post regarding the security of their Bluetooth connection here: https://www.ledger.com/ledger-nano-x-bluetooth-security-model-of-a-wireless-hardware-wallet

Essentially, when you pair your Ledger with your phone over Bluetooth, you must confirm matching numbers on each device, which will then establish an encrypted channel between them to prevent anyone intercepting any transaction details which are broadcast between them. Even if someone did manage to MITM attack the Bluetooth connection, the most which could be achieved would be to alter an unsigned transaction, but you would still be able to check the transaction on the screen of the Ledger and you would still need to physically press buttons to confirm or reject it.

In terms of keeping a hardware wallet completely airgapped, yes, it is entirely possible by pairing with a wallet such as Electrum. Pair your hardware wallet with Electrum on an airgapped device, export the master public key to an internet enabled device to create a watch only wallet. Create transaction on watch only wallet, transfer to airgapped device via QR code or removable storage, connect hardware wallet to airgapped device to sign transaction, transfer back to watch only wallet, broadcast.

[Charles-Tim]

2. Is it possible for hardware wallet to remain totally offline, while using another wallet as watch-only wallet in a way the hardware wallet will be used offline only for signing through the means of QR code?

The coldcard wallet has a microsd slot, you can create a transaction on a PC, copy it to the microsd, put it in the coldcard and sign it.
You then put the card back in your PC and broadcast the signature. Takes a bit more time then using the USB cable but it does work.

For the ultra paranoid they also make an adapter that lets you run the coldcard from a 9V battery so you never have to plug it into anything.

Thanks for the above link, also your reply and others makes me also understand how coldcard could be used as airgapped also. I like this method also with the comment of o_e_l_e_o.

In terms of keeping a hardware wallet completely airgapped, yes, it is entirely possible by pairing with a wallet such as Electrum. Pair your hardware wallet with Electrum on an airgapped device, export the master public key to an internet enabled device to create a watch only wallet. Create transaction on watch only wallet, transfer to airgapped device via QR code or removable storage, connect hardware wallet to airgapped device to sign transaction, transfer back to watch only wallet, broadcast.

This is somehow complicated and complex, but the way you explained it is very understandable, I think this is one of the best way to be safe online, I want a way private key will stay offline forever which I believe should be a good reason of buying hardware wallet, and making me to feel secure and safe that no attacker can bypass my hardware wallet protection. I really like QR code to be involved in signing a transaction which makes it less complex and also no malware will be able to bypass it.

[o_e_l_e_o]

I want a way private key will stay offline forever which I believe should be a good reason of buying hardware wallet, and making me to feel secure and safe that no attacker can bypass my hardware wallet protection.

If you are going use a permanently airgapped computer to interact with your hardware wallet at all times, then you pretty much don't need a hardware wallet. The whole point of a good hardware wallet is that you can connect it to any computer, even one filled with malware, and your private keys remain safely stored on the secure element of the hardware wallet and never exposed to the internet or malware. If you don't trust that process (which is entirely fair) and want to use an airgapped computer for everything, then the hardware wallet doesn't really add anything that can't be achieved for free.

Take an old device, completely remove any hardware which allows it to have any wireless connectivity of any sort (Wifi, Bluetooth, etc.), wipe it and install a clean Linux distro of your choice, set up whole disk encryption, and then put a verified copy of Electrum on it.

[bob123]

If you don't trust that process (which is entirely fair) and want to use an airgapped computer for everything, then the hardware wallet doesn't really add anything that can't be achieved for free.

Except for protection against physical attacks i.e. tampering.
This would be especially interesting in an evil maid scenario where someone has access to the hardware within a short timeframe more than once.

While using hard drive encryption and integrity checks already protect against most attack vectors, there are still some specific ones which can leak the private keys from an air-gapped device.
A hardware wallets adds another layer of protection.


Obviously this scenario only needs to be considered in rare scenarios (e.g. lots of money being stored + people can gain access to the hardware).

[o_e_l_e_o]

A hardware wallets adds another layer of protection.

It doesn't add a layer of protection to an encrypted airgapped device - it replaces one.

With an encrypted airgapped device, your seed/private keys are stored on that device. With a hardware wallet paired with an encrypted airgapped device, your seed/private keys are stored on the hardware wallet. The encrypted airgapped device is simply hosting your wallet file, which is useless without the hardware wallet attached.

With that in mind, you need to decide which you think is safer. We know there exists at least one attack which can reliably and quickly extract the entire seed phrase and private keys from a hardware wallet. Given that these devices are relatively new, relatively niche, and often closed source, I would be very surprised if there are not more vulnerabilities discovered in the future. Conversely, open source encryption software has been around for far longer, been tested under far more rigorous conditions, and if used correctly we know can protect against even state or global adversaries.

[bob123]

We know there exists at least one attack which can reliably and quickly extract the entire seed phrase and private keys from a hardware wallet.

And since the ANT catalog got leaked, we know that the NSA has more than a handful ways to extract data from air-gapped devices.

It doesn't add a layer of protection to an encrypted airgapped device - it replaces one.

Not necessarily.

With hardware access to the cold storage, tampering attacks are possible.
And this means that without verifying the hardware each time, you run the (admittedly low) chance of leaking private keys by simply just decrypting them.

With a HW wallet, a malicious actor would not only need to manipulate the hardware of the HW wallet (since the software on the air-gapped device can verify the integrity of it), but also the air-gapped device.

This obviously is based on the premise, that it is not possible to simply extract the private keys from the HW wallet. Further my first assumption was an evil maid scenario with repeatedly short access to the hardware.


Spending more time thinking about this, i'd say a 2-of-2 multisig would be the best option here.