Have there been any documented incidents of a “nonce covert channel attack”? How does ColdCard address this?
https://bitbox.swiss/blog/how-almost-all-hardware-wallets-can-steal-your-seed/
Discussion
How about #trezor ?
I’d like to know that too bc I was just about to buy a Cold Card and now I wonder if I should get the Jade.
Oh boy. I read Nonce in a very different way at first...
I thought we countered that by doing 100 dice rolls... and a passphrase?
AFAIK that doesn’t help. It’s about the device generating a non random nonce to slowly leak the private key with each transaction.
In coldcard terms, that leaves
1. Remaining air gapped at all times
2. Generating new keys and moving your coins every few months/years depending on what you estimate 'slowly leak' to be and how many transactions you make.
Are my Bitcoins safe?
It's hard to prove that this attack has been used in the past. Since the attack needs a few dozens signatures to work, wallets that have not been used to send many transactions should be safe.
👀 👇 #security #bitcoin #wallet
nostr:note1wd2d5j3asntdxzaya4tez68kgvvtc7lu7ehj90c4qq33rzshundsnvf9de
Hmm…what say you nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 ?