Avatar
bitcoinlimit 7mo ago

i don’t think the current bitkey has the right security architecture. i have the device and i’ve been playing with it for the past few weeks now. i’m comfortable putting 0.1 btc on it, but i can’t say the same for 1 btc. it comes back to the same point: bitkey just doesn’t feel like full self-custody.

the key issue is that one key sits on the phone and is easily accessible to bitkey to spend funds, which is exactly why i’d never keep more on it than i can afford to lose. no key should live on my phone. if bitkey came with two pairs of hardware instead, and the third key still stayed on their server, i’d feel way more comfortable.

if you lose your hardware, you can use your phone together with the key on bitkey’s server to set up new hardware, which means the funds can be moved without your hardware device. in case this happens, i know there is a waiting period and some other security protocols, but the fact that it’s possible makes me question the device. doesn’t matter how that happens, as long as it can happen and that’s the core of the problem.

Reply to this note

Please Login to reply.

Discussion

Avatar
modulo 7mo ago

Agree completely. Keys should not be in an internet connected device for any material wealth.

Avatar
Tuvok 7mo ago

is learning cold storage of your sats so difficult ?

i even got a problem with signers connecting with usb cable

to the computer, so the bitkey is nothing for me too

okay maybe for small amounts but i can also connect a jade

to my phone or a trezor nowadays

Avatar
Big Barry Bitcoin 7mo ago

Did you consider that the code is open source?

I think it may not be reproducible and if that is the case, I 100% agree but if not then it is just a sophisticated hot wallet imo with 2 hot keys.

I imagine that Bitkey keeps their remote keys on secure elements, so it's not a break in and grab situation, but they could have a bug in some time period created by the hacker that effectively allows an attacker to spoof a request to sign a transaction making the server work for them.

Still, there is a significant amount of obstacles for a third party hacker.

Avatar
Judge Hardcase 7mo ago

I think open source software can provide enormous peace of mind when you're in control of downloading, verifying, and installing specific software. I'm not so sure this is nearly as applicable for mobile apps. I mean, supposedly the respective App Stores verify author signatures... but even so, I don't feel like I have much hope for knowing what it is that even gets installed with each update.

I don't think it's a reasonable ask to expect Bitkey users to keep tabs on the state of the software that's running on their phones (open source or not) - especially when the whole point of using a Bitkey is so they don't even have to worry about keeping track of a few seed words.

Avatar
Big Barry Bitcoin 7mo ago

Fair. You can download the breakglass app in a verifiable way, but not the normal operational app. Last I checked*

Avatar
thepurpose 7mo ago

#yestr

Avatar
Judge Hardcase 7mo ago

Agreed. At the very least, no single vendor ought to be the source of generating more than 1 key... certainly not the same vendor as the source for generating all 3 keys.

Avatar
CryptoScams Relief Fund 7mo ago

lnbc9280740n1p5r0ejmpp5xmtr4789ws8smvz0p220aesx92eqmpfmvju84fger9e92ue488xqdqqcqzzsxqyz5vqsp5g3cmwv64k7qec7ehmyvm7ract88rpqpafxagftmj8rtghftcxcjq9qxpqysgqd6t5wcnww2m9ran55d6z8suzutsre94jgcptyc5am7pkts3j94kx0r9l6ecm8vdeh5nxhkswv3v24ysw6m0ynsas9hg2h2qa5c2rjycpapx9ut