Why Nostr? What is Njump?
2023-06-07 17:52:54
in reply to

Peter Todd [ARCHIVE] on Nostr: šŸ“… Original date posted:2016-08-16 šŸ“ Original message:On Wed, Aug 17, 2016 at ...

šŸ“… Original date posted:2016-08-16
šŸ“ Original message:On Wed, Aug 17, 2016 at 09:36:02AM +1000, Aiqin Li via bitcoin-dev wrote:
> Out of curiosity, what is the technical reason a normal ECC-enabled
> smart-card cannot be used for the hardware signing component of a wallet
> app? (Since if it can, its standardization must have been discussed.)
>
> Debian wiki gives a list of such cards with related opensource software to
> access them.

I'm not aware of any ECC-enabled smart-cards that can sign the specific curve
that Bitcoin uses, not to mention the fact that those smartcards generally only
speak higher level protocols than raw signature generation, precluding the
signing of bitcoin transactions.

The other serious problem - and this is a problem with smartcards in general
anyway - is that without Bitcoin-specific logic you're just signing blindly; we
recently saw the problems with that with the Bitfinex/BitGo hack. And even
then, without a screen most of the hardware wallets in are still just signing
blindly, with at best hard-to-use limits on maximum funds moved
per-transaction. Also note how even hardware wallets with a screen, like
Trezor, aren't yet able to authenticate who you are paying.

--
https://petertodd.org 'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160816/29699c7e/attachment.sig>;
Author Public Key
npub1m230cem2yh3mtdzkg32qhj73uytgkyg5ylxsu083n3tpjnajxx4qqa2np2