Subnostr

anti-exfil protocol by Blockstream.

https://github.com/BlockstreamResearch/secp256k1-zkp/blob/d22774e248c703a191049b78f8d04f37d6fcfa05/include/secp256k1_ecdsa_s2c.h

Everything Blockstream does is opensource, I have never understood the hatred of the community towards blockstream, I guess ignorance is very bold.

As notes:

- Jade is fully opensource, both hardware, software and firmware.

- Because of this you can build your own Jade (DIY) avoiding supply chain issues.

- It solves the problem of secure elements through a multi-signature pin system.

- If you don't understand how such a multi-signature pin system works and you are fucking paranoid, you can build your own oracle server. This doesn't really make any sense if you understand how blockstream's oracle server works, other than blockstream may stop providing service.

- Jade is really inexpensive compared to other competitors.

- You can do air-gapped transactions.

- For those who criticize Bluetooth you can disable it through firmware so that it is totally inoperative due to the lack of low level driver.

Honestly, Jade is a HWW made for the community and by cryptographers and not for profit (in my opinion), blockstream does crazy things that don't exactly benefit their pockets (also in my opinion), that's why I don't understand many times the hate that is poured against them.

Here you have the instructions to make your own Jade:

https://github.com/Blockstream/Jade/tree/master/diy

GLACA 1y ago

How does it stack against nostr:npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl that is also open source and can be built from scratch ?

Reply to this note

Please Login to reply.

Discussion

Zaikaboy 1y ago

Plus one my friend

nostr:nevent1qqs0kel9e48x2fvqsg6chj26tpgq8eznnenkt8pd3lt06fsa0stxd6cppemhxue69uhkummn9ekx7mp0qgsp3a2278ssckah5d2x3v8k9v546y350ypun72h8rgxtjztau2q9mcrqsqqqqqpwa44jj

Cyph3rp9nk 1y ago

Jade if you operate in air-gapped mode is exactly the same as seedsigner.

I personally don't like this mode because it makes me have the seed available.

If you operate by USB it is like a trezor, but without vulnerabilities, that is, you can not extract the seed due to its multi-signature system that encrypts the seed with the pin and a secret hosted on blockstream servers.

GLACA 1y ago

So the seed is stored, encrypted and pin protected on their servers? Need to read about it. Sounds weird.

Cyph3rp9nk 1y ago

No, the seed is encrypted with PIN (Local) + secret (Blockstream Server).

The seed is stored locally on the Jade.

What does this do? If you extract the seed from the chip and try to brute force attack it, it will be useless, because apart from the pin, you need the secret (256 bits) stored in the blockstream server.

So they would have to hack also the Blockstream server and have your jade and also know the pin.

On the other hand the blockstream server can not do anything, it is only a shared secret, the blockstream server at no time access to the Jade.

https://help.blockstream.com/hc/en-us/articles/9639949755673-How-does-Blockstream-Jade-s-oracle-enforced-PIN-protection-work

GLACA 1y ago

So this needs internet connection to Blockstream servers and they need to work. If they go down? What happens? How do you unlock the secret? Passphrase?

Cyph3rp9nk 1y ago

Correct, in case blockstream stops giving service you would only have to restore the seed in another wallet or operate in the other mode that Jade has which is air-gapped (like seedsigner).

There is no risk of loss of funds.

On the other hand you can set up your own server:

https://help.blockstream.com/hc/en-us/articles/12800132096793-Set-up-a-personal-blind-oracle

You also have it on Umbrel:

https://apps.umbrel.com/app/blockstream-blind-oracle

GLACA 1y ago

Pretty cool system.