Sign up to save your podcasts
Or
Share BR073 - Security Challenges in Bitcoin Hardware Wallets: A Technical Overview ft. Lloyd Fournier, Craig Raw, Rob Hamilton, odudex & NVK
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
BR073 - Security Challenges in Bitcoin Hardware Wallets: A Technical Overview ft. Lloyd Fournier, Craig Raw, Rob Hamilton, odudex & NVK
I'm joined by guests Lloyd Fournier, Craig Raw, Rob Hamilton and odudex to discuss bitcoin wallets and signers.
Housekeeping
Discussion Topics
Housekeeping
- Calling for guests to join a ham radio panel. Email [email protected] if you are interested.
- Keep the audience questions coming! Send boosts or email questions to [email protected].
- Check out the previous episode if you want to understand more about Dark Skippy
Discussion Topics
- 00:04:40 KRUX/DIY Frost devices
- 00:17:39 DOS ware/Hardware wallets
- 00:29:53 PSBT Protocol
- 00:40:57 UX Security Tradeoffs
- 00:48:09 Hardware Signers
- 00:54:52 Battle between Push for better UX & More Security
- 01:16:35 Key generation protocol
- 01:53:53 Feature Request to Sparrow wallet
- "Geographically distributed multisig is probably the best self custody model today. But specifically what kinds of places are suitable for storing private key material internationally or even just away from your home territory? Many people do not have high trust family/friends that live in different areas and I am skeptical of the privacy and security bank safety deposit boxes." - Densest_Sprite0R
- "How have best practices evolved as we migrate from ecdsa to Schnorr it terms of interactivity / uptime that then therefore reshapes UX? e.g concurrent sessions, nonce counters, etc" - Vivek
- "Are you aware of any known attack methods to add malicious code to an sd card with out any physical access to it? Like with some type of radio frequency attack etc…?" - Kidwarp
- "Explain if you could why the anti exfil protocols don’t work air-gapped." 🙏🏻 - @basisbtc
- "Ask your esteemed panel what the solution to all these problems is and why it is miniscript." - Coinjoined Chris ⚡
- "How does the seed leak stuff work - the nonce signature stuff was not explained easy / detailed enough for us noobs? Is it just publishing encoded information somehow? Would it make any kind of difference if you use a passphrase?" - M4v1
- "If you’ve got 3 mk4s(or 3 separate vendors) all running same compromised darkskippy software but in a 2 of 3 Multisig? Still same risk / elevated risk or multisig set up negates? How about a single sig with weak passphrase" - wim
- I'd love to hear some of your favorite ways that a pwned hardware signer can steal funds that do not involve DarkSkippy (or similar). - Rearden
- Website: https://bitcoin.review/Podcast
- Substack: https://substack.bitcoin.review/
- Twitter: https://twitter.com/bitcoinreviewhq
- NVK Twitter: https://twitter.com/nvk
- Telegram: https://t.me/BitcoinReviewPod
- Email: [email protected]
- Nostr & LN:⚡[email protected] (not an email!)
- Full show notes: https://bitcoin.review/podcast/episode-73
View all episodes
By Bitcoin.Review
4.9
1616 ratings
I'm joined by guests Lloyd Fournier, Craig Raw, Rob Hamilton and odudex to discuss bitcoin wallets and signers.
Housekeeping
Discussion Topics
Housekeeping
- Calling for guests to join a ham radio panel. Email [email protected] if you are interested.
- Keep the audience questions coming! Send boosts or email questions to [email protected].
- Check out the previous episode if you want to understand more about Dark Skippy
Discussion Topics
- 00:04:40 KRUX/DIY Frost devices
- 00:17:39 DOS ware/Hardware wallets
- 00:29:53 PSBT Protocol
- 00:40:57 UX Security Tradeoffs
- 00:48:09 Hardware Signers
- 00:54:52 Battle between Push for better UX & More Security
- 01:16:35 Key generation protocol
- 01:53:53 Feature Request to Sparrow wallet
- "Geographically distributed multisig is probably the best self custody model today. But specifically what kinds of places are suitable for storing private key material internationally or even just away from your home territory? Many people do not have high trust family/friends that live in different areas and I am skeptical of the privacy and security bank safety deposit boxes." - Densest_Sprite0R
- "How have best practices evolved as we migrate from ecdsa to Schnorr it terms of interactivity / uptime that then therefore reshapes UX? e.g concurrent sessions, nonce counters, etc" - Vivek
- "Are you aware of any known attack methods to add malicious code to an sd card with out any physical access to it? Like with some type of radio frequency attack etc…?" - Kidwarp
- "Explain if you could why the anti exfil protocols don’t work air-gapped." 🙏🏻 - @basisbtc
- "Ask your esteemed panel what the solution to all these problems is and why it is miniscript." - Coinjoined Chris ⚡
- "How does the seed leak stuff work - the nonce signature stuff was not explained easy / detailed enough for us noobs? Is it just publishing encoded information somehow? Would it make any kind of difference if you use a passphrase?" - M4v1
- "If you’ve got 3 mk4s(or 3 separate vendors) all running same compromised darkskippy software but in a 2 of 3 Multisig? Still same risk / elevated risk or multisig set up negates? How about a single sig with weak passphrase" - wim
- I'd love to hear some of your favorite ways that a pwned hardware signer can steal funds that do not involve DarkSkippy (or similar). - Rearden
- Website: https://bitcoin.review/Podcast
- Substack: https://substack.bitcoin.review/
- Twitter: https://twitter.com/bitcoinreviewhq
- NVK Twitter: https://twitter.com/nvk
- Telegram: https://t.me/BitcoinReviewPod
- Email: [email protected]
- Nostr & LN:⚡[email protected] (not an email!)
- Full show notes: https://bitcoin.review/podcast/episode-73
More shows like Bitcoin.Review Podcast with NVK & Guests
View all
TFTC: A Bitcoin Podcast
775 Listeners
The Pomp Podcast
1,847 Listeners
The Jack Mallers Show
120 Listeners