If your Private Key's are compromised by manufacturer's of hardware wallet's !!

[dvndr007]

As we know Private keys are generated only Once on every hardware wallet while setting up.

We can't generate it many times or as we want, if that fixed one generation of key while setting up every hardware wallet are already compromised?

How do we trust anything or anyone that it's a complete random generation, we are not in it we are trusting manufacturer's? It's like trusting third party? If any force make them cheat on it how can we protect ourself because people are trusting hardware wallets blindly thinking its 100% safe many have lifetime saving's on it !!  

There maybe possibilities of having loopholes while connecting to software's how can we trust it if they are created under any force?

How manufacturer's come out of these issue's ? what should be the next invention to protect crypto for getting more decentralised.

Questioning is the only right way, we should focus on appreciating questions to bring crypto to next level.


^{_{Disclaimer: OP is not attacking or blaming anyone, it's just a question nothing else.}}    

[1714912116]

1714912116

[1714912116]

1714912116

[1714912116]

1714912116

[1714912116]

1714912116

[Pmalek]

Why do you bring this question up only for hardware wallets? When we are speaking of trust, why would you trust Bitcoin Core, Electrum, or any of the developers who has ever worked on Bitcoin including Satoshi?

Use open-source and verifiable software. Check the source code personally if you know how to. If you don't, you have no other choice but to trust that others have done it. The more people that have done independent reviews, the better. But for must people who have no idea how computer code works, you have no other source but to trust what other security experts have checked and reported.   

[PawGo]

There maybe possibilities of having loopholes while connecting to software's how can we trust it if they are created under any force?

How manufacturer's come out of these issue's ? what should be the next invention to protect crypto for getting more decentralised.

"decentralised"?
Why does it worry you?
Do you wonder if ATM producer created a backdoor in the machine and may steal your money?
Do you wonder if airbag in your car will be launched correctly? (Yes, I know Tanaka case)

At the end they are producers/sellers - and no-one will buy compromised devices. That's why they fix issues, they publish firmware updates etc.

[dkbit98]

As we know Private keys are generated only Once on every hardware wallet while setting up.

This is not exactly true, because you can generate new seed words as many times as you want if you reset your hardware wallet.
You can even import keys that you generated yourself, that can be much more secure and it won't be connected with flaws or random generation by devices.

How do we trust anything or anyone that it's a complete random generation, we are not in it we are trusting manufacturer's? It's like trusting third party?

Seed word generation in hardware wallets can be a issue but you are never exposing them to internet or broadcasting back to developers or anyone else (unless you received hacked malicious device.)
You don't have to trust anyone and you can use dices or cards to generate your own BIP39 words and them import that in your hardware wallet.
Each hardware wallet is doing entropy in different way and you can read more about that in one of my topics:
https://bitcointalk.org/index.php?topic=5317199.0

There maybe possibilities of having loopholes while connecting to software's how can we trust it if they are created under any force?

Nobody is forcing you to buy those devices or to trust anyone, but you can always choose open source hardware wallet projects that have been tested by security experts.
If you know the code you can always check everything yourself, but let's be realistic hardware wallets are no different from any other devices you use everyday like stupidphones for example.

[Lucius]

How do we trust anything or anyone that it's a complete random generation, we are not in it we are trusting manufacturer's? It's like trusting third party? If any force make them cheat on it how can we protect ourself because people are trusting hardware wallets blindly thinking its 100% safe many have lifetime saving's on it !!

While it may seem paranoid, no one should be trusted blindly, no matter what reputation they have. I have repeatedly written publicly that people live in delusion believing that hardware wallets provide some absolute security, because there is always the possibility that someone will find some critical vulnerability that is unknown at the moment.

I am not technically competent to say whether it is possible for some HW manufacturers to have some kind of backdoor through which they can seamlessly communicate with their devices and maybe even in some sophisticated way get hold of sensitive information. I can only say that it is wrong to believe that something is completely impenetrable just because someone says it.

[Beparanf]

As we know Private keys are generated only Once on every hardware wallet while setting up.

We can't generate it many times as we want, if that fixed one generation of key while setting up every hardware wallet are already compromised?

How do we trust anything or anyone that it's a complete random generation, we are not in it we are trusting manufacturer's? It's like trusting third party? If any force make them cheat on it how can we protect ourself because people are trusting hardware wallets blindly thinking its 100% safe many have lifetime saving's on it !!  

There maybe possibilities of having loopholes while connecting to software's how can we trust it if they are created under any force?

How manufacturer's come out of these issue's ? what should be the next invention to protect crypto for getting more decentralised.

Questioning is the only right way, we should focus on appreciating questions to bring crypto to next level.


^{_{Disclaimer: OP is not attacking or blaming anyone, it's just a question nothing else.}}    

Manufacturer of hardware wallet use open source code so everyone can verify it. Hardware wallet company like trezor and ledger are both license company in there own respective company with doxxed owner. Do you think they will gamble there own reputation while they already have a successful business on hardware wallet industry? You better not get paranoid there product is already proven many times. The idea of decentralized cryptocurrency is solely relying on trust, You should not here at the first place if you can't trust.

[dkbit98]

Manufacturer of hardware wallet use open source code so everyone can verify it. Hardware wallet company like trezor and ledger are both license company in there own respective company with doxxed owner.

Please don't post false and wrong information, and nobody cares if some hardware wallet company is respective or licensed.
Ledger any many other hardware wallets like Safepal and CoolWallet are closed source and you can't verify anything there.

Open Source Hardware wallets:

• Trezor
• Bitbox
• Passport
• Jade
• Satochip
• Keepkey
• Keystone

Note that open source doesn't mean that wallet is more secure or better, but it means that code can be verified and checked by security experts.

[o_e_l_e_o]

As we know Private keys are generated only Once on every hardware wallet while setting up.

We can't generate it many times as we want, if that fixed one generation of key while setting up every hardware wallet are already compromised?

That's not true. You can generate as many seed phrases on your hardware wallet as you like. If your hardware wallet only allows you to generate a single seed phrase, or even worse already has a seed phrase generated on it by the time you receive it, then I would throw it in the trash immediately.

How do we trust anything or anyone that it's a complete random generation, we are not in it we are trusting manufacturer's? It's like trusting third party?

By using open source software which you can personally review the code so you know what it is doing. If that's not enough for you, then you are going to have to build your own device from scratch so you know what the hardware is doing as well. If that's not enough for you, then (and far easier) will be to generate your own 256 bits of entropy by flipping a coin and manually turning that in to a seed phrase.

[DaveF]

....
Note that open source doesn't mean that wallet is more secure or better, but it means that code can be verified and checked by security experts.

As the log4j vulnerability pointed out yet again, sometimes open source just means a lot more people miss the flaws then a just a few.

"decentralised"?
Why does it worry you?
Do you wonder if ATM producer created a backdoor in the machine and may steal your money?
Do you wonder if airbag in your car will be launched correctly? (Yes, I know Tanaka case)

At the end they are producers/sellers - and no-one will buy compromised devices. That's why they fix issues, they publish firmware updates etc.

Slightly different because if an ATM manufacturer steals your money your bank will probably eventually get it back to you and then put in an insurance claim and get it back from the operator of the ATM network the certified the machine.
And
The Takata airbags DID work as promised at 1st, it took a while for them to start to degrade and turn into grenadebags instead of airbags. Which is kind of like the log4j issue I mentioned above. Even with a lot of money and engineers looking at it, Takata fucked up big time.


Eliminating the fact that it could be abused, and I thought of it while posting this so I did not think in through all the way. Would you (any of us) be willing to pay more for a hardware wallet with some form of insurance. From an actual major company, that if the wallet if compromised and funds are lost through the manufacturers fault, the users get some or all of their funds back? How much of a premium would you pay if any?

As I said, I thought of it while posting so I might be be missing something obvious.

-Dave

[dvndr007]

9 out of 10 never reset their wallets, how many times you reset your wallet being practical I dont want to mess with it until you are experimenting, seed phrase is very important its private key there should be an option to choose seed manually instead random generation should be kept optional.

In case of private keys we should not trust anyone !!
 



   

[NeuroticFish]

As we know Private keys are generated only Once on every hardware wallet while setting up.

You know it wrong. A proper hardware wallet allows you reset to a new seed as many times as you want.

However, your point is somewhat correct. A hardware wallet can have loophole and the seed be created in a way they can easily find it.
Most go by trusting the manufacturer, since they may not want to risk their business and a massive lawsuit if they do fishy things.

However, the best way to fight that is use open source hardware wallet. Then you can expect that many smart people will review it.
And yet some hardware wallets are closed source...



My opinion is that if you get to have such amount of bitcoin you fear the hardware wallet company may steal them from you, the best call is to make your own cold storage.

[dvndr007]

For some people 100$ are like millions and for some millions are nothing its not about how much HW wallets are about holding, I bought a new person in crypto he wants me to setup a HW wallet and then he question how can i trust this secret key when someone else is telling it I want to create it manually and there is no option to do so. I said for now you have to trust them, its new yet soon you can do it manually too.

If there is way to do so please share a link or wallets providing this type of facilities.   

[ranochigo]

For some people 100$ are like millions and for some millions are nothing its not about how much HW wallets are about holding, I bought a new person in crypto he wants me to setup a HW wallet and then he question how can i trust this secret key when someone else is telling it I want to create it manually and there is no option to do so. I said for now you have to trust them, its new yet soon you can do it manually too.

If there is way to do so please share a link or wallets providing this type of facilities.   

The gist of your question here is that you choose not to trust anyone else. Then, you probably shouldn't trust your own computer either. Most of your OS and firmware are not open source and are known to have backdoors previously. If you don't trust independent audits or the source code of the hardware wallet, then I would urge you to just do it by hand, because by your logic, nothing is safe.

Your hardware wallet should be new and direct from the manufacturer with unopened seal. If you don't want to trust the manufacturer, you can use a pen and pencil, create your private keys, make your own transactions and broadcast it. Hardware wallet manufacturers have a reputation to uphold, the fact that any possible backdoors would destroy their business is a sufficient deterrence. If you don't trust their entropy, use your own. Otherwise, this topic has been discussed to death and the conclusion is almost always, if you don't trust them then don't use them. There is no way to mitigate your irrational fear if you can't feasibly construct your own hardware wallet from scratch.

[NeuroticFish]

For some people 100$ are like millions and for some millions are nothing its not about how much HW wallets are about holding, I bought a new person in crypto he wants me to setup a HW wallet and then he question how can i trust this secret key when someone else is telling it I want to create it manually and there is no option to do so. I said for now you have to trust them, its new yet soon you can do it manually too.

If there is way to do so please share a link or wallets providing this type of facilities.   

If it's you who bought the HW from manufacturer and you did reset it yourself (on my HW you can enter incorrect pin 3 times and will reset, asking whether you want to enter old seed or want the device generate a new one) you should be good. Just the seed has to stay safe, offline, and only for your eyes only. (And make sure you've written down the latest seed!)

If you have It background, you can, instead of HW, use cold storage. Then you will know exactly what you do, but it will be way less convenient to use.

[o_e_l_e_o]

there should be an option to choose seed manually instead random generation should be kept optional.

This is a terrible idea. You should never choose words manually to create a seed phrase, as the seed phrase you create will have very low entropy and be very insecure. If you do not trust any piece of technology to generate a seed phrase randomly, then you should create your own entropy using 256 coin flips like I said above and encode that in to a seed phrase, not just manually pick words you think are somehow "random".

If there is way to do so please share a link or wallets providing this type of facilities.

User Coding Enthusiast has made this tool to make generating a seed phrase from coin flips easier: https://bitcointalk.org/index.php?topic=5373505.0
However, once again, it requires you to trust the code he has written is not just delivering you a pre-generated seed phrase. If you cannot read the code for your wallet, then you probably won't be able to read the code for this either.

I would also caution that if you are planning to generate your own seed phrase using coin flips, you really need to know what you are doing since there are many many more ways you can mess up, create an insecure seed phrase, accidentally expose your seed phrase, lock your coins in addresses you can't access, and so on. This is why the vast majority of people don't do this and simply use reputable software or hardware wallets.

[dkbit98]

...  

You are writing so much nonsensical shit with your broken english language that my head is about to explode understanding what the writer wanted to say  

In case of private keys we should not trust anyone !!

Please include yourself in your anyone's list, it's very practical.

[o_e_l_e_o]

Please include yourself in your anyone's list, it's very practical.

It's the ultimate in plausible deniability. I cannot reveal how many coins I own or where my seed phrases are backed up because I don't know myself!

[Pmalek]

Eliminating the fact that it could be abused, and I thought of it while posting this so I did not think in through all the way. Would you (any of us) be willing to pay more for a hardware wallet with some form of insurance. From an actual major company, that if the wallet if compromised and funds are lost through the manufacturers fault, the users get some or all of their funds back?

How to prove to the insurance company how much crypto was stored on the device? Let's say you can no longer access it for whatever reason to check and provide them with the needed proof. The insurance company would want an insight into your portfolio. If the manufacturer cooperates with the insurance company, we are back on the question of trust. Will they be keeping logs of your portfolio to send to the insurance company in case problems arise? Will you have to do that? Maybe I am approaching it from the wrong angle. 

[o_e_l_e_o]

Maybe I am approaching it from the wrong angle.

I don't think you are. The insurance company will obviously need to know what they are insuring. I initially figured that this would simply require the user to share all of their master public keys with the insurance company, but this is not the case. Ignoring the massive privacy implications of doing this, this wouldn't work since the insurance company would have no proof that the master public keys you have shared with them are actually derived from your seed phrase and stored on your hardware wallet. Even signing messages would only prove ownership, and would not prove that the keys were stored on the hardware wallet.

Even if you found some way to prove that the keys were stored on the hardware wallet, then again there is no way to prove that you haven't duplicated those keys to another wallet. The only way round this I can think of is for the hardware wallet to come pre-initialized, and have no way for the user to access their seed phrase or private keys. This is obviously completely unacceptable, completely insecure, and provides zero back ups, so no one would ever use it.

[witcher_sense]

how can i trust this secret key when someone else is telling it I want to create it manually and there is no option to do so. I said for now you have to trust them, its new yet soon you can do it manually too.

If there is way to do so please share a link or wallets providing this type of facilities.   

There are some relatively reputable hardware wallets that allow you to generate your seed manually instead of having to trust built-in true random number generators. For example, in Coldcard, there is an option to generate seeds using dice rolls, coin flips, a combination of both these methods, or a combination of all manual methods with the hardware wallet's own RNG. Upon each roll, you will be shown a hash of the result of each roll, which you can verify manually (not for your actual seed but for testing purposes) by following this guide: https://coldcard.com/docs/verifying-dice-roll-math

As for passphrases (sometimes incorrectly called a 25th word), you can generate them easily with dice rolls completely offline without needing to download any software or buy any hardware. For example, you can download some of the wordlists presented here https://www.eff.org/deeplinks/2016/07/new-wordlists-random-passphrases and generate your random passphrase using a set of multicolored dice.