Replying to Avatar Matt Corallo

They bothered to implement anti-exfil (provably random nonces). This means that a malicious firmware or even malicious hardware wallet can’t steal your coin! For every other hardware wallet, you’re blindly trusting Amazon/UPS/five factories in China/the webserver you got the firmware from/etc/etc. The idea that none of these parties have anyone working there who might want to go steal people’s coin is absurd, frankly.
Avatar
calle 1y ago

Gotcha, sounds like that should be common practice.

More on that in their blog:

Anti-Klepto protocol

To solve this, Shift Crypto and Blockstream developed Anti-Klepto. Instead of solely relying on the randomness that the hardware wallet provides for the nonce, additional randomness is provided by the host device. This prevents the hardware wallet firmware from manipulating the nonce in a way so that it contains hidden data.

https://bitbox.swiss/blog/how-almost-all-hardware-wallets-can-steal-your-seed/

Reply to this note

Please Login to reply.

Discussion

No replies yet.