|
December 13, 2014, 01:52:29 PM |
|
i was interested in reading about the 'ledger' hardware wallet.. up until i started reading abot the google chrome requirements..... and having to use a UI involving going to ledger wallets website...
GRRRR.. mega face palm..
when will any hardware wallet make something truly offline where the result is simply a signed transaction that can be copied locally and then pasted into a broswer.
with all of these web based UI's i can see weaknesses, i already pointed out a couple to trezor, to which they changed their 'bridge' from being a browser extension to being a proper self contained .exe
athough 'ledger' is more secure that standard webwallets, i still do not think that ledger or trezor are the 100% secure storage.
the ultimate solution is where mining pools and explorer services, even bitcoin merchants have an API so that anyone can psh a signed TX through. that way people are not relient on a single online service to handle their bitcoins.
EG if ledgerwallet.com was being DDOSed then people cannot simply paste a signed TX into blockchain.info or eligius's Push TX API straight from their computer. instead they would need to download electrum or something else to then import the privkey seed and then rely on electrums servers to be functional.
a true hardware wallet should not be reliant on any particular online service at all. and i cannot wait till the day that i can easily email, sms or even morsecode a signed TX to a friend, or any random one of 1000 web services to then have my bitcoin tx on the network. after all what if ledgerwallet.com is not around after september 2015, seeing as they only bought the domain for just 1 year licence...
the most single point of failure is in the 'single point'
|