Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Development & Technical Discussion
Re: Why I Am Not Using Hardware Wallet For Cold Storage
by
Dorky
on 06/08/2017, 03:28:49 UTC
Quote from: ranochigo on August 04, 2017, 02:53:43 PM
You can't criticise them if you cannot find any fault with them. How are you going to be generating the keys with 100% security if you do not wish to verify the source code? No wallet will ever be safe for you then. You can only generate it by hand.

Alright, sure. Don't use Windows. Don't use any wallet generator. Just generate by hand. And proceed to digitally-encrypt the private keys like I suggested. If you want hardcore, then learn programming and write your own encryption program too for the job.

I don't really understand where you got that inference from. I merely said that the derivation method can be known. You can get the private keys from the seeds=getting your gold from the paper that holds your gold without any restriction at all.

I mean, if you generate a bunch of private keys thru seeds, and then derive the private keys from the seeds thru some source code, and encrypt them...
Or generate a bunch of private keys thru seeds and encrypt them, and if you want to know the private keys you use a source code to do the derivation...
You are making it an additional hassle compare to just...
Generate a bunch of private keys, and encrypt them.

You may just encrypt the seeds and save yourself the hassle. But then you are not really being responsible.

Wait... Didn't you mention that hardware wallets are flawed because you are depending on a third party to generate it for you? I think you misunderstood something.

I wasn't using some hardware wallet to do the generation. Just desktop ones that allow import and export features so I can backup the keys. And I did this with an offline, formatted 2nd computer. Hardware wallets were never programmed for exporting the private keys out. You are literally stuck with the hardware wallet. You may send your bitcoin to another wallet but that defeats the purpose. And writing a source code to derive the keys from the seeds isn't really the intention of hardware wallet companies anyway, or else they are simply complicating things.

Of course. I didn't say everyone SHOULD write their own OS in the first place, I don't even expect anyone using Bitcoin to be able to. If you love your privacy and security, you would be having thousands of private keys whenever you spend the coin. Isn't a 12 word seed way easier?

No. a 12-word seed (much less a 24-word one) is NOT way easier. That's your subjective opinion. I have given an example in my steemit article why that is so. You are not being objective. Besides, using those seeds allows easier brute force hacking because they are all dictionary words with all small caps (do you realize this?).

You uh, forgot to cover the way to spend your coins. Of course I can craft a transaction at the moment when you decrypt your encrypted rar file to send the coins to my address.

My method is for cold storage only. And I have already explained how to cover my trace partially when it's time to spend. Go re-read my article again. And I never lay claim that my method (nor any hardware wallet) can cover any trace, which is why that's not one of my points of argument. But then there are "free" washers around that can easily do the job when it's time.