Oddbean new post about | logout
matt | 1 years ago (raw) | root | parent | reply | flag +1 
 The “air gap barrier” isn’t broken lol. The computer is sending instructions (in the form of amount/address) and the hardware wallet is responding. I’m just saying add a nonce to those instructions.
NVK | 1 years ago (raw) | root | parent | reply | flag 
 🙄
Ademan | 1 years ago (raw) | root | parent | reply | flag 
 If the HW device doesn't simply use the provided nonce as-is (seems undesirable due to sensitivity of nonces), can't the HW device still grind it's portion of the nonce to exfil?

It seems like an extra round of communication is unavoidable? (but likely worthwhile!)
matt | 1 years ago (raw) | root | parent | reply | flag 
 Nope! The magic of XOR (or pre-committed EC points) is that neither gets a “part” but rather the full thing is random if either input is fully random.