Nostr Web Client

The “air gap barrier” isn’t broken lol. The computer is sending instructions (in the form of amount/address) and the hardware wallet is responding. I’m just saying add a nonce to those instructions.

Ademan 2y ago 💬 1

If the HW device doesn't simply use the provided nonce as-is (seems undesirable due to sensitivity of nonces), can't the HW device still grind it's portion of the nonce to exfil?

It seems like an extra round of communication is unavoidable? (but likely worthwhile!)

Reply to this note

Please Login to reply.

Discussion

Matt Corallo 2y ago

Nope! The magic of XOR (or pre-committed EC points) is that neither gets a “part” but rather the full thing is random if either input is fully random.