With the present {hardware} wallets, there’s AFAIK no method for a buyer to confirm if the HW pockets certainly generates safe, personal addresses. All checks truly simply use numerous strategies to confirm the firmware and {hardware} integrity which make hacks tougher however not unimaginable. However nonetheless, you may’t say if the HW pockets simply doesn’t emulate the unique software program whereas it does different issues. Even when the firmware is open supply, you may’t say if the code you see is certainly working on the {hardware}. And even if you modify the code and add it to the pockets, you continue to cannot make sure if the add truly rewrites the firmware, or in case your code is simply interpreted someway to imitate your code however nonetheless managed by an attacker’s firmware.
A minimum of, there are these potential assault vectors that the compromised HW wallets can do and software program cannot detect them:
- Seed is not going to be randomly generated. As an alternative, some pre-generated seed (or considered one of) identified to the attacker might be displayed. There is no such thing as a method for the shopper to confirm it, because the HW pockets generates it utterly (and the software program doesn’t even see it).
- The seed is random however the derived addresses (and xpubs) usually are not derived from the seed. As an alternative, some attacker’s pre-generated addresses are used. As a result of the shopper does not know the seed (and it clearly mustn’t know), it could possibly’t confirm if the derivation is appropriate. Passphrases don’t assist both; one other set of compromised addresses might be displayed as nicely and the shopper cannot confirm it.
The primary problem comes from BIP39, and the second problem comes from BIP32, broadly used requirements. Are there every other requirements/proposals that tackle these two weaknesses? Like producing part of the randomness on the shopper and implementing its utilization within the derived addresses.
My aim is to be secure till each HW and SW are faux. The present state is we’re secure if and provided that the HW is just not faux and real SW can not help.
Are my ideas cheap? Is that this an issue?
