Anti-exfil protocol can't be verified on multiple hardware wallets

Regarding the nonce side channel attacks detailed in posts like this one by Blockstream. Which references this mailing list by Pieter Wuille. The idea is to add another layer of protection against a malicious hardware wallet by requiring it to prove that it incorporates some randomness provided by the software wallet that is used to broadcast the signed transaction.

Comparing the anti-exfil protocol to deterministic nonce, Pieter says:

In case HW uses a deterministic algorithm, it is possible to protect against the MHW case by spot checking HW's behavior, by using an externally known secret/seed. However, we'd like to have better than just spot checking security, and for protection against side-channel attacks we may want something that keeps working even when randomness is used by HW.

But this is precisely what I like about the deterministic nonce. I can buy as many hardware wallets as I want to verify that they all produce the same signature. And even test it against some airgapped software wallets like Electrum. I can even write my own simplistic RFC6979-compliant wallet with python to verify the signature is the same.

  1. With deterministic nonce, there is no limit to the number of hardware and software wallets with which I can sign the same transaction to verify that the signature is the same. With anti-exfil, I am limited to only the single HW and the single SW used to broadcast the transaction and must hope that at least one is not compromised.
  2. The whole idea of hardware wallets is that we think of them as more secure than the software wallet/hot machine. So surely 2 hardware wallets (used to verify deterministic signature matches) is more secure than one hardware and one software wallet as mentioned in point #1?


from Recent Questions - Bitcoin Stack Exchange https://ift.tt/6nqhjYD
via IFTTT

Comments

Post a Comment

Popular posts from this blog

Do Kwon’s Detention Prolonged Until 2024 As Montenegro Responds To Extradition Requests

Image
According to an International Business Times report , Montenegro’s Supreme Court decided to extend the detention of TerraForm Labs founder and CEO Do Kwon until February 2024, following extradition requests from the United States and South Korea. Closed-Door Discussions Reveal Montenegro’s Plan For Do Kwon Initially set to be extradited to the US on December 15, Do Kwon’s fate turned when the Montenegrin High Court ruled to prolong his stay until February 15, 2024. The decision stems from charges related to the collapse of the TerraUSD stablecoin, which led to significant financial losses. The High Court had previously ordered Kwon’s extradition by Friday, but his defense team appealed the decision in the appellate court in Podgorica, the capital of Montenegro. The Montenegrin Court of Appeal confirmed that Kwon contested the High Court’s ruling, vehemently stating, “I do not submit to the court’s decision.” Recent reports indicate that Montenegro’s Justice Minister, Andrej Mil
Read more

Sam Bankman-Fried Trial Begins Tomorrow: 3 Reasons Ex-SEC Official Foresees Conviction

Image
The trial of Sam Bankman-Fried, the founder of cryptocurrency exchange FTX and hedge fund Alameda Research, is set to commence in New York on Tuesday, October 3.  This comes almost a year after the collapse of both FTX and Alameda Research. The events leading up to the trial paint a picture of alleged fraudulent activities and money laundering that caused significant damage to the businesses involved. Ex-SEC Official’s Bleak Prediction As Sam Bankman-Fried Trial Commences In a nutshell, Alameda Research purportedly took customer deposits from FTX and invested them in fictitious crypto tokens, which derived their value from the confidence in FTX’s operations.  When this confidence waned, FTX and Alameda Research suffered substantial losses, which many argue contributed to a broader disillusionment in the cryptocurrency industry.  Following an investigation, federal authorities uncovered numerous alleged crimes, leading to seven federal fraud and money-laundering charges against B
Read more

Ethereum Price Plummets 9% As Fed Chair Passes Hawkish Remarks

The crypto community has witnessed another price plunge after the just concluded Federal Reserve annual meeting. Many investors already anticipated a new turn in asset prices after Jerome Powell spoke on the approach to combat inflation. But from the turn of events, Powell tipped the scale against investors’ expectations. As a result, many cryptocurrencies and equities have already started a downward price trend. Ethereum (ETH) and many other cryptocurrencies have lost some August 25 price gains. After the meeting, ETH’s price tanked 9% and stood at $1555. But the bears continued to push the price lower. Some hours later, in the evening, ETH plummeted lower to $1478 before climbing up gradually.  Related Reading: Avalanche (AVAX) Tries Comeback, Unfazed By $2-B Market Cap Loss In Last 2 Weeks As of the time of writing, ETH is still in the reds on August 27. The price fluctuates between $1499 and $1505. The coin struggled to climb a bit higher than the August 26 lowest point of $147
Read more