Author: Bryan Bishop 2016-08-17 18:36:38
Published on: 2016-08-17T18:36:38+00:00
Peter Todd, a contributor to Bitcoin-dev, has raised concerns over the use of smartcards in hardware wallets that are used to store bitcoins. Blindly signing transactions and moving funds per-transaction can lead to problems, as was seen with the Bitfinex/BitGo hack. Todd recommends using hardware security modules (HSMs) instead of smartcards; HSMs do not blindly sign transactions, but run bitcoin validation rules and business logic, which can prevent any discrepancies between the actual bitcoin history on the blockchain and what the hardware wallet thinks is happening. Additionally, Todd suggests the use of an out-of-band communication channel for business logic to validate against and encryption of signed transactions to the key of the device owner. Lastly, he is curious to see what the community proposes regarding signed and authenticated payment requests.
Updated on: 2023-06-11T19:41:34.270753+00:00