Nostr Web Client

i don’t think the current bitkey has the right security architecture. i have the device and i’ve been playing with it for the past few weeks now. i’m comfortable putting 0.1 btc on it, but i can’t say the same for 1 btc. it comes back to the same point: bitkey just doesn’t feel like full self-custody.

the key issue is that one key sits on the phone and is easily accessible to bitkey to spend funds, which is exactly why i’d never keep more on it than i can afford to lose. no key should live on my phone. if bitkey came with two pairs of hardware instead, and the third key still stayed on their server, i’d feel way more comfortable.

if you lose your hardware, you can use your phone together with the key on bitkey’s server to set up new hardware, which means the funds can be moved without your hardware device. in case this happens, i know there is a waiting period and some other security protocols, but the fact that it’s possible makes me question the device. doesn’t matter how that happens, as long as it can happen and that’s the core of the problem.

Big Barry Bitcoin 7mo ago

Did you consider that the code is open source?

I think it may not be reproducible and if that is the case, I 100% agree but if not then it is just a sophisticated hot wallet imo with 2 hot keys.

I imagine that Bitkey keeps their remote keys on secure elements, so it's not a break in and grab situation, but they could have a bug in some time period created by the hacker that effectively allows an attacker to spoof a request to sign a transaction making the server work for them.

Still, there is a significant amount of obstacles for a third party hacker.

Reply to this note

Please Login to reply.

Discussion

bitcoinlimit 7mo ago

this device isn’t for people who can read the code. anyone who can write or audit code use other self custody techniques and devices. the device is for non-tech users and guess what, they can’t read the code. 😂

nostr:nevent1qvzqqqqqqypzqrvhh6h9vl7we8r9wncudmmpym4fd82fjtp3nrj3crav2tzjwjs5qqsvut4v4u2x3wm8dc9g4fsyv8vt7v5hteh423nnsxw2fwcryu5clysh9et6f

Judge Hardcase 7mo ago

I think open source software can provide enormous peace of mind when you're in control of downloading, verifying, and installing specific software. I'm not so sure this is nearly as applicable for mobile apps. I mean, supposedly the respective App Stores verify author signatures... but even so, I don't feel like I have much hope for knowing what it is that even gets installed with each update.

I don't think it's a reasonable ask to expect Bitkey users to keep tabs on the state of the software that's running on their phones (open source or not) - especially when the whole point of using a Bitkey is so they don't even have to worry about keeping track of a few seed words.

Big Barry Bitcoin 7mo ago

Fair. You can download the breakglass app in a verifiable way, but not the normal operational app. Last I checked*