dom5684 (OP)
Newbie
Offline
Activity: 22
Merit: 20
|
|
August 31, 2021, 02:46:49 AM |
|
Ledger Nano S; are seed phrases actually randomly generated? Could they rug pull everybody? I'm running Bitcoin Core on a Raspberry PI, would it be recommended/more secure to transfer coins to this wallet? Can a Raspberry PI get compromised and hacked? (I only use it to run the OS)
Thank you for your time
|
|
|
|
ranochigo
Legendary
Offline
Activity: 3038
Merit: 4420
Crypto Swap Exchange
|
|
August 31, 2021, 03:30:56 AM |
|
Yes. Ledger uses multiple sources of entropy to generate it. IIRC, you can see the functions within their github firmware source code.
It depends on your threat model. If you're at the stage where you aren't confident of eliminating your threat surface or have proper security habits, then it would be far better to be using a hardware wallet. They are dummy proof and designed to eliminate the attack vectors for the regular Joe.
A Raspberry Pi can definitely be compromised, more so if the user cannot maintain an airgap between the device and the internet.
|
|
|
|
NeuroticFish
Legendary
Offline
Activity: 3850
Merit: 6583
Looking for campaign manager? Contact icopress!
|
|
August 31, 2021, 06:08:58 AM |
|
I'm running Bitcoin Core on a Raspberry PI, would it be recommended/more secure to transfer coins to this wallet? Can a Raspberry PI get compromised and hacked? (I only use it to run the OS)
Anything connected to internet can, at least in theory, get hacked or at least attempted (brute force check and if the setup/passwords are weak, get in). One discussion on this matter is on Pi forums, it may be helpful to read this and that. So I agree with the previous post, a hardware wallet is a better option. Another direction would be to invest much more time and understand/master all the details for a properly airgapped cold wallet; but that's not for beginners.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18746
|
|
August 31, 2021, 08:25:26 AM |
|
Alternatively to the replies above, if you are only concerned about the seed phrase that your Ledger device is generating for you, then you have two other options available to you while continuing to use the Ledger device. You could extend your seed phrase with a custom passphrase while you choose yourself. If you make it long and complex enough, then even someone with full knowledge of your seed phrase would not be able to discover your wallet or steal your coins. Your other option is to generate your own seed phrase using a manual source of entropy such as flipping a coin 256 times, converting it in to the corresponding words, and then importing that in to your Ledger wallet.
If your Raspberry Pi is connected to the internet, then no, it would not be more secure. If your Raspberry Pi is permanently airgapped, then it may be either more or less secure, depending on how you set it up and use it. Although I personally like airgapped cold storage, there are a lot more ways to go wrong and make fatal errors with them than there are with hardware wallets.
|
|
|
|
ranochigo
Legendary
Offline
Activity: 3038
Merit: 4420
Crypto Swap Exchange
|
|
August 31, 2021, 08:49:52 AM |
|
Alternatively to the replies above, if you are only concerned about the seed phrase that your Ledger device is generating for you, then you have two other options available to you while continuing to use the Ledger device.
Your other option is to generate your own seed phrase using a manual source of entropy such as flipping a coin 256 times, converting it in to the corresponding words, and then importing that in to your Ledger wallet.
It is actually quite important to state that this only applies if you are sure that Ledger isn't intentionally trying to compromise your security, but rather only acts as a safeguard against a wrongly implemented CSPRNG. If Ledger wants to actually compromise your seeds, they won't limit themselves to just compromising the RNG, that would be fairly covert but to intentionally include loopholes within the device itself. There are far more avenues for Ledger to compromise your device, and most people don't have the technical expertise or ability to check it as well. It all boils down to; do you trust that someone else would be actively checking for any loopholes, do you trust that they won't turn rogue and do you trust that their external audits are transparent and done in a comprehensive manner.
|
|
|
|
dkbit98
Legendary
Offline
Activity: 2408
Merit: 7560
|
|
August 31, 2021, 11:48:49 AM |
|
Could they rug pull everybody?
They can stop production and their node at any time, and I will give you one example of Cobo hardware wallet. They stopped production and decided to pursue their custodial wallet, so now everyone with Cobo HW will have to connect with Cobo custodial wallet, making HW devices useless. Few developers branched out and created new company with different name for hardware devices, but this makes old Cobo wallet devices worthless now. Ledger is closed source and who knows what crap is hidden in their code. I'm running Bitcoin Core on a Raspberry PI, would it be recommended/more secure to transfer coins to this wallet? Can a Raspberry PI get compromised and hacked?
Anything can be hacked but most times it is caused by users making a mistake. Raspberry Pi should be just fine if you know what you are doing, and I would always choose than more than a ledger.
|
|
|
|
HCP
Legendary
Offline
Activity: 2086
Merit: 4361
<insert witty quote here>
|
|
September 01, 2021, 11:43:54 PM |
|
Ledger Nano S; are seed phrases actually randomly generated?
They appear to be... when I first got mine, I did a basic test by generating about 100 different seeds (yes, I reset it that many times). Granted, they could easily have a list of 1000000 seeds etc... but the fact that there are literally millions of customers and none of them have ever been another persons seeds means the company would need to ensure each device was somehow programmed to give unique sets of seeds. Could they rug pull everybody?
Theoretically... yes. Just like almost any other wallet you choose to use that you didn't compile yourself after having the code thoroughly vetted. I'm running Bitcoin Core on a Raspberry PI, would it be recommended/more secure to transfer coins to this wallet?
Debatable... A lot of it comes down to how you setup both the Ledger and Pi... and how you manage backups and day to day usage of them. The only losses from a Ledger that I am aware of, have involved people entering their seeds into phishing websites or compromised software clients. It's basically the equivalent of giving someone your wallet.dat and password. There are pros and cons to both setups... you'd need to figure out your specific use-case and then decide which solution matches that best. Can a Raspberry PI get compromised and hacked?
Yes.
|
|
|
|
cryptomaxsun
Legendary
Offline
Activity: 2744
Merit: 1387
Ukrainians will resist
|
|
September 03, 2021, 05:05:23 AM |
|
The security of storing funds on any wallets is an integrated approach. And it is determined by the weakest link. And the weakest link is the user. You just need to improve your technical literacy. This is an ongoing process. And for storing cryptocurrency, it is better to use a separate computer with a Linux operating system. And this computer is not to be used for other purposes.
|
❘|❘ Cлaвa Укpaинe! ❘|❘ Glory to Ukraine! ❘|❘ ❘|❘ КaPФaгeн дoлжeн быть paзpyшeн ❘|❘
|
|
|
LoyceV
Legendary
Offline
Activity: 3486
Merit: 17644
Thick-Skinned Gang Leader and Golden Feather 2021
|
|
September 03, 2021, 07:50:56 AM |
|
They appear to be... when I first got mine, I did a basic test by generating about 100 different seeds (yes, I reset it that many times). Granted, they could easily have a list of 1000000 seeds etc... but the fact that there are literally millions of customers and none of them have ever been another persons seeds means the company would need to ensure each device was somehow programmed to give unique sets of seeds. Couldn't they base each seed on the devices' serial number? That way each device would generate seeds in a specific pre-defined order, so the manufacturer knows exactly which seeds are generated first. I know it's unlikely, but it's also something I can't verify.
|
| | Peach BTC bitcoin | │ | Buy and Sell Bitcoin P2P | │ | . .
▄▄███████▄▄ ▄██████████████▄ ▄███████████████████▄ ▄█████████████████████▄ ▄███████████████████████▄ █████████████████████████ █████████████████████████ █████████████████████████ ▀███████████████████████▀ ▀█████████████████████▀ ▀███████████████████▀ ▀███████████████▀ ▀▀███████▀▀
▀▀▀▀███████▀▀▀▀ | | EUROPE | AFRICA LATIN AMERICA | | | ▄▀▀▀ █ █ █ █ █ █ █ █ █ █ █ ▀▄▄▄ |
███████▄█ ███████▀ ██▄▄▄▄▄░▄▄▄▄▄ █████████████▀ ▐███████████▌ ▐███████████▌ █████████████▄ ██████████████ ███▀███▀▀███▀ | . Download on the App Store | ▀▀▀▄ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▀ | ▄▀▀▀ █ █ █ █ █ █ █ █ █ █ █ ▀▄▄▄ |
▄██▄ ██████▄ █████████▄ ████████████▄ ███████████████ ████████████▀ █████████▀ ██████▀ ▀██▀ | . GET IT ON Google Play | ▀▀▀▄ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▀ |
|
|
|
ranochigo
Legendary
Offline
Activity: 3038
Merit: 4420
Crypto Swap Exchange
|
|
September 03, 2021, 07:57:23 AM |
|
Couldn't they base each seed on the devices' serial number? That way each device would generate seeds in a specific pre-defined order, so the manufacturer knows exactly which seeds are generated first.
You can always implement a flawed RNG during the generation or intentionally make it predictable such that while the seeds are random, it isn't random enough. Given a compromise in the entropy by the manufacturer, it is far easier for a rogue manufacturer to bruteforce them. The manufacturer doesn't necessarily have to know the sequence for which they're generated, just sufficient information to be able to bruteforce them. I'd just say that this would probably be extremely unlikely to happen. Most people don't have the capacity to identify it at all, so they can always ship one with a compromised pre-loaded firmware and bootloader, but the same goes for literally any other device that you want to have.
|
|
|
|
n0nce
|
|
September 03, 2021, 11:39:58 AM |
|
They appear to be... when I first got mine, I did a basic test by generating about 100 different seeds (yes, I reset it that many times). Granted, they could easily have a list of 1000000 seeds etc... but the fact that there are literally millions of customers and none of them have ever been another persons seeds means the company would need to ensure each device was somehow programmed to give unique sets of seeds. Couldn't they base each seed on the devices' serial number? That way each device would generate seeds in a specific pre-defined order, so the manufacturer knows exactly which seeds are generated first. I know it's unlikely, but it's also something I can't verify. This is now going off-topic, but I'm wondering if there are any hardware wallets which come without firmware, and allow you to compile it yourself from e.g. a GitHub repo, and flash it yourself. The closest thing so far, especially for just cold storage, is this project I've found: https://seedsigner.com/They have a few demo videos on their Twitter: https://twitter.com/SeedSignerYou create the seed yourself using your own entropy, with open source code and hardware and store it on paper (or metal however you like). The device has no storage and is airgapped. It can import the private key via QR code and sign transactions.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18746
|
|
September 04, 2021, 08:44:21 AM |
|
That's a cool project, but I wouldn't call it a hardware wallet or even cold storage, since it doesn't actually store anything. All it is really providing is a way to safely sign transactions from a paper wallet without having a full airgapped computer on which to import your seed phrase or private key. This is now going off-topic, but I'm wondering if there are any hardware wallets which come without firmware, and allow you to compile it yourself from e.g. a GitHub repo, and flash it yourself. I'm not aware of any which come without any firmware, but there are some such as Trezor which have open source firmware which you can download and build yourself: https://wiki.trezor.io/Developers_guide:Deterministic_firmware_buildHonestly, I think if you reach the point where you are going through the entire code of the hardware wallet yourself (which is the only way to be sure it is only doing what you want it to do), then you might be better off switching to airgapped and encrypted cold storage, since you clearly have the knowledge to do so in a safe and secure manner. Half the point of hardware wallets are to be newbie friendly and easy to use without having much technical knowledge.
|
|
|
|
n0nce
|
|
September 04, 2021, 09:25:27 AM |
|
That's a cool project, but I wouldn't call it a hardware wallet or even cold storage, since it doesn't actually store anything. All it is really providing is a way to safely sign transactions from a paper wallet without having a full airgapped computer on which to import your seed phrase or private key.
That's correct, sorry for wrong wording And for sure, an actual hardware wallet is much more practical in day to day use. On the other hand, for that use case, I would argue that mobile apps aren't that bad either. Nowadays, at least on Apple devices, stuff like app passwords (probably also seed of mobile wallets) are stored in a secure element, similar to the one you find in hardware wallets. And you're quite unlikely to lose your phone since it's used every day. Also you usually do encrypted backups and even a single backup is enough to restore the full wallet balance of a mobile wallet in the future. Honestly, I think if you reach the point where you are going through the entire code of the hardware wallet yourself (which is the only way to be sure it is only doing what you want it to do), then you might be better off switching to airgapped and encrypted cold storage, since you clearly have the knowledge to do so in a safe and secure manner. Half the point of hardware wallets are to be newbie friendly and easy to use without having much technical knowledge.
I agree partly. Since it's open source and one of the best known wallets, by now tons of embedded security researchers probably checked it for bugs and exploitable parts of code. So even a person that can't code, can rely on the 'decentralized' knowledge and experience of the bitcoin developer and research community when a project is open source. Of course, it's needed to recompile from source and flash it yourself so you can be sure you're not running a modified version of the code. Of course, airgapped cold storage would be the next step, hence I recommended to have a look at that signing device, which basically allows one to use the cold-stored, fully offline wallet to sign a transaction from time to time and also aids in the creation of that wallet.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18746
|
|
September 04, 2021, 09:54:48 AM Merited by LoyceV (4), n0nce (4) |
|
On the other hand, for that use case, I would argue that mobile apps aren't that bad either. Nowadays, at least on Apple devices, stuff like app passwords (probably also seed of mobile wallets) are stored in a secure element, similar to the one you find in hardware wallets. And you're quite unlikely to lose your phone since it's used every day. Also you usually do encrypted backups and even a single backup is enough to restore the full wallet balance of a mobile wallet in the future. Mobile apps are far inferior to hardware wallet, in my opinion. Sure, maybe the apps themselves are open source and well designed, and maybe they are encrypted when not in use, but you also need to consider all the other things going on on a mobile device. They can suffer from clipboard malware, just like computers can. There are other apps which can read your files or monitor your keyboard input which could steal your wallet file or any seed phrase you enter. Encrypted backups can be encrypted with insecure passwords, or encrypted in a flawed manner, or leak unencrypted information, or be stored on cloud servers, and so on, all of which can lead to loss of funds. That's not to say I don't use a mobile wallets. I do, for small daily spending amounts of bitcoin which I can afford to lose. But I would never store the amounts I store on a hardware wallet on a mobile wallet. Of course, airgapped cold storage would be the next step, hence I recommended to have a look at that signing device, which basically allows one to use the cold-stored, fully offline wallet to sign a transaction from time to time and also aids in the creation of that wallet. If you have a encrypted airgapped wallet, then you don't need that device. You can sign transactions just fine on your airgapped computer and then move them to an online computer to broadcast them. This device is only really useful when you have paper or other non-digital cold storage and you don't have a safe computer to import them to. It is, after all, just a Raspberry Pi behind the scenes, so it essentially is just a simplified airgapped computer but without any persistent storage.
|
|
|
|
joniboini
Legendary
Offline
Activity: 2366
Merit: 1805
|
|
September 06, 2021, 08:24:05 PM |
|
would you recommend Cold Card?
There are a few discussions about it in the past, such as https://bitcointalk.org/index.php?topic=5033058.0. I suggest you browse the HW sections and read reviews of other HW too. Just keep in mind that some info might be outdated since some of the threads are 1-2 years old.
|
| CHIPS.GG | | | ▄▄███████▄▄ ▄████▀▀▀▀▀▀▀████▄ ▄███▀░▄░▀▀▀▀▀░▄░▀███▄ ▄███░▄▀░░░░░░░░░▀▄░███▄ ▄███░▄░░░▄█████▄░░░▄░███▄ ███░▄▀░░░███████░░░▀▄░███ ███░█░░░▀▀▀▀▀░░░▀░░░█░███ ███░▀▄░▄▀░▄██▄▄░▀▄░▄▀░███ ▀███░▀░▀▄██▀░▀██▄▀░▀░███▀ ▀███░▀▄░░░░░░░░░▄▀░███▀ ▀███▄░▀░▄▄▄▄▄░▀░▄███▀ ▀████▄▄▄▄▄▄▄████▀ █████████████████████████ | | ▄▄███████▄▄ ▄███████████████▄ ▄█▀▀▀▄█████████▄▀▀▀█▄ ▄██████▀▄█▄▄▄█▄▀██████▄ ▄████████▄█████▄████████▄ ████████▄███████▄████████ ███████▄█████████▄███████ ███▄▄▀▀█▀▀█████▀▀█▀▀▄▄███ ▀█████████▀▀██▀█████████▀ ▀█████████████████████▀ ▀███████████████████▀ ▀████▄▄███▄▄████▀ ████████████████████████ | | 3000+ UNIQUE GAMES | | | 12+ CURRENCIES ACCEPTED | | | VIP REWARD PROGRAM | | ◥ | Play Now |
|
|
|
ranochigo
Legendary
Offline
Activity: 3038
Merit: 4420
Crypto Swap Exchange
|
|
September 07, 2021, 03:57:36 AM |
|
All in all, from what I understand, an open source cold wallet seems to be the most secure option; would you recommend Cold Card?
I've been using ColdCard for quite a while, no problems or complains with it so far. I find ColdCard far more competent than Ledger and Trezor, in terms of the packaging and generally how they manage their products. Ledger and Trezor had pretty bad breaches and existing vulnerabilities respectively, so I didn't choose to go there. If you'd like, there is an option to make it an air-gap as well. You can use the microSD card to transfer unsigned PSBT in and a signed PSBT out, getting the best of both world. Most secure elements are not open source, because they have NDA governing them. I consider the reliability of the company more important than how open source it is, because where security is concerned, security by obscurity is quite important as well.
|
|
|
|
|