Re: [NEXT GEN ICO] HODLER ULTIMATE HARDWARE WALLET [350 COINS][HIGHEST SECURITY]
Well is not a lie, not every hardware is vulnerable but check this
http://lmgtfy.com/?q=ledger+trezor+vulnerability
So you can agree with me that address can be hijacked with Trezor, otherwise why it would display adress again? Eg. Legder Nano S is displaying few letters from address, it can be tricked by vanity address in similar letters. My point here is that the connection with PC is the weakest link, we do not have this link. Addresses cannot be hijacked at all. Using competitors device connected with PC requiring user to take special attention.
http://lmgtfy.com/?q=ledger+trezor+vulnerability
So you can agree with me that address can be hijacked with Trezor, otherwise why it would display adress again? Eg. Legder Nano S is displaying few letters from address, it can be tricked by vanity address in similar letters. My point here is that the connection with PC is the weakest link, we do not have this link. Addresses cannot be hijacked at all. Using competitors device connected with PC requiring user to take special attention.
And how exactly do you have protection against clipboard jacking with addresses sent through email, or a program that detects addresses in QR codes and replaces those? I don't see how requiring the user to double check is bad. I'm sorry if Marketing is getting in your way, but please do not use words like "Impossible", "Cannot at all", etc.
HODLER can be offline 100% of time, like Trezor or Ledger, the connection is only needed for couple of seconds when sending money.
You contradict yourself in that sentence.
Quote
What's the point of a cloud backup, if the user has to remember a password anyway? Forget about the cloud storage, and use a 24 word recovery seed instead.
Cloud is dedicated for storing encrypted blobs of IMPORTED wallets. These wallets can not be generated once again from seed while recovering backup, so we storing it safetly in cold storage. Blobs are generated in that way:Code:
generatedHashAsKey = sha256(seed).repeat(100000)
blob=aes256CBC_encrypt(generatedHashAsKey,importedPrivateKey)
And this blob is sent to cloud with point-to-point encryption. blob=aes256CBC_encrypt(generatedHashAsKey,importedPrivateKey)
With this storage, when you can recover imported wallets when eg. you lost your device.
How do you plan on allowing the user to verify that it is indeed encrypted properly? With such a complex system, it would be trivial to put a backdoor.
Luckily, there are many investors seeing the potential and supporting our product. We are happy to say that almost 1mln of HDL tokens has now been sold.
Congrats, assuming you aren't making up numbers.
Currently on the market you haven't got a wallet that allows taking and making payments anywhere, supports many coins and provides the most advanced levels of security. I need to state once again: the most important factors for us are security in connection with everyday functionality.
Ledger + cell phone? The "most advanced levels of security" should not have wallet data touching the cloud at all. I need to state once again:
