Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Project Development
Merits 5 from 1 user
Re: Would you be willing to flip coin / roll dice 256 times for security of funds?
by
ashfame
on 14/08/2020, 12:36:21 UTC
⭐ Merited by Paperweight (5)
Quote from: Paperweight on August 06, 2020, 08:54:11 AM
The question is moot because the Linux OS and firmware running on the Raspberry Pi can just keylog your private key anyway, or transparently use its own when it comes time to actually generating your public key, or choose its own nonce values when signing, or any number of things. You either trust it or you don't. And when you're known to trust it then you can become a target of whoever makes it. That's why Trezor makes their own hardware. https://wiki.trezor.io/Security

How do you input/output transactions with this device? How do you back up your keys?

I hate to be a downer though, so here's some comic relief https://dilbert.com/strip/2001-10-25

Allow me to explain the architecture of the entire system & I would love for you to criticize that. Assume my intentions to be malicious for the purpose of criticism without worrying about offending me. You can forget about this question altogether, as I realized instead of aiding the user to generate mnemonic phrase in "bring your own entropy" method, its much better to do that process completely offline. So that's what I recommend now and I will provide community vetted instructions for the same.

Here is how it looks: https://imgur.com/a/JYQjrVG

Ok, so for the architecture, I am using a Raspberry Pi with a custom linux OS and the device never touches any network whatsoever, this acts as your cold storage solution. It stays offline for its entire life. Even all the Proof-Of-Concepts air-gapped attacks I came across in my research are rendered useless here as it has no speakers, no fans hence it has no medium via which malicious software can even attempt to leak out the sensitive information. The sensitive information is not stored on the device at all. You have the option of ejecting the bootable media (SD card) before you choose to use the vault app (software), so that it has no storage media to write to.

The vault app is quite simple - It has generate / import option when it starts since it never stores anything. Also make physical theft of the device useless. You always import your mnemonic any time you want to use your vault and it generates xpub keys and shows QR code which you import on the wallet software which is either a hosted service or you run it locally. You use this wallet app for all purposes of monitoring your funds, generating addresses for receiving funds & start the process of signing a transaction. All communication happens via QR codes, which can be read by a third party software at any time to see what data is being transmitted.

Now two kinds of attack that are possible on a system are:
1) Generate false crypto information (xpub keys), which can be verified from the source code
2) Stealing crypto sensitive information (mnemonic phrase or private key) which by architecture and communication medium severely limits the attack vector. Much more secure than relying on a USB/Bluetooth communication layer.

Its a free, open source DIY (self assembled) crypto vault that gives you great security at a very affordable price of ~$65
That's what my goal of the project is. Happy to discuss this further & looking forward to your criticism Smiley