Two Heads Are Better than One
Cheap Security Enhancement for Every Hardware Wallet Setup
Whether it’s a TREZOR, Ledger, COLDCARD or any other hardware wallet, it (hopefully) uses techniques or devices (such as a “secure element”) to make it difficult for an attacker with physical access to the hardware wallet to extract your seed words. Single-board computer (SBC) -based devices, like my Raspberry Pi-based Rudefox Burrow, which lack such provisions, should not be used to store your seed words or keys. In fact, I configured the Burrow with a read-only file system, rendering it “memory-less” or “stateless”, in order to prevent the user from storing his seed phrase on the device.
This does not mean that such SBC devices have no role to play in the Bitcoin Custody ecosystem. In fact, I would argue that (in addition to their essential role in Bitcoin-node self-hosting) they have a significant role to play in creating a properly audited hardware-wallet solution. The Burrow can mitigate threats of a supply-chain or key generation attack at very little cost by (1) allowing you to generate seed words audited by you and by (2) enabling you to audit addresses generated by your hardware wallet.
Not your Entropy, Not your Seed
Do you use a hardware wallet? How were your seed words generated? Perhaps you simply took the first set of words provided to you by the hardware wallet, trusting it used a suitable entropy source. If you are a more advanced user, perhaps you entered dice rolls or a randomly selected piece of data into your hardware wallet. Still, how can you be sure the resulting seed words are derived from those dice rolls? How can you rule out being the victim of a bait-and-switch? Certainly when dealing with larger holdings of Bitcoin, I would sleep better at night if I had more transparency into this process.
In a previous post, I covered how the Burrow can assist you in creating your seed words using a process that leaves you confident of their uniqueness and high-entropy. You can then use your audited seed to initialize (or “Restore”) a hardware-wallet and finally rest assured that it contains a set of seed words that you originated.
Are You My Address?
The ability to audit doesn’t stop at the seed words though. You have probably been taking hardware wallet-generated addresses at face value as well. Yes, it is certainly true that the very act of entering your seed words into a hardware wallet presupposes a certain level of trust in the hardware, firmware and manufacturer, depending on the specifics of the hardware wallet. However, perhaps an attacker (even the manufacturer?) finds it difficult to access the seed words on your hardware wallet, but easy to plant an address for you to use? There is also the frightening possibility that even an honest hardware wallet contains a bug causing it to generate a dead-end-address, leading you to send your Bitcoins off into the void?
The Burrow can help us do better by providing us with a secure and easy means to audit the addresses generated by the hardware wallet and verify that the addresses are indeed derived from our seed words. Simply use the Burrow to derive the first several addresses of your wallet and match them up against those provided by the hardware wallet. While you could use a tool like Ian Coleman’s excellent Mnemonic Code Converter for this, you might not want to as it would require you to either enter your seed into a hot device (bad idea!) or go through the hassle of getting such a tool onto an air-gapped, sanitized, secure device.
But Who Audits the Auditor?
But perhaps the Burrow contains malicious code or a bug! I’m a nice guy, but you don’t know me! You shouldn’t rely on me! Well, therein lies the beauty of this “auditor pair” approach. Security solutions that call for experts often use pairs of experts to audit each other. Just as the Burrow audits the hardware wallet, the hardware wallet audits the Burrow. Insofar as the hardware wallet and the Burrow are independent of one another, if the set of addresses match then you have enormous confidence in the integrity of the generated addresses. In effect, the Burrow and the hardware wallet are performing a joint audit on their independently generated work.
Don’t trust either of them alone — use each to verify the other.
There’s a Place for Us
The Rudefox Burrow is a cheap way to add confidence in your hardware wallet solution which, incidentally, does not add to “process fatigue” (because you only perform the audit during the initial setup), and does not require a routine extra effort. So, follow me on Twitter to find out when I release the Burrow and the code (I expect to do it soon™) or reach out via Twitter DM and I’ll coach you through creating a tailored solution that suits your individual needs and doesn’t rely on trusting me or anyone else.