Oddbean new post about login | logout Secure elements and hardware wallets Why are secure elements used in Hardware Wallets? Plain and simple for UX. If your encryption depends on a numerical PIN of a few digits you are screwed. The secure element adds a layer of encryption so that in case you can extract the seed from the chip you can not attack it by brute force. If you use a sufficiently strong passphrase or if hardware wallets allow you to enter a password for encryption, there would be no need for secure elements, it's all about UX. On the other hand, in cryptography you should never trust. Secure elements are a black box, and by contract you can't even publish their vulnerabilities. What's the point of using encryption if you're trusting a third party? that's useless. It is true that there are solutions like coldcard where two secure elements are used so you don't have to trust them, but I still think it's stupid, I don't care about the UX, I want my bitcoins to be safe. When you understand this, you realize how stupid the hardware wallet industry is.
Good morning. Recommendations for the teck illiterate?
Use only hardware wallets with no secure element but be clear on how to make them non-vulnerable. - Jade (not vulnerable) - trezor T (vulnerable, must use passphrase or enable sd protection) - Next trezor with tropic chip (open hardware)
So cold card is a bust?
No, but it just doesn't meet my standards.
What exactly is the secure element. I don't understand how it works
Let's say that a secure element is like a safe that in theory cannot be hacked, but this is false, its robustness is based on obfuscation. For the customer it means that you have to trust it.
Totally get you, but it's still better than the counter party risk normies are facing with custodians, HWW aren't perfect but it gives the average person a UI they can wrap their heads around
What do you suggest for someone who doesn't know anything about security to do long term cold storage?
Never trust a hardware wallet They can die at anytime Print out your 12 words and put them in a save or on encrypted drive
I understand but anyway it’s better to have a cold hardware wallet than a hot software wallet. Whether a secure element or not and how it is used is a good question. But saying the HW wallet industry is stupid is not a good way to elevate the débat.
It's a stupid industry for the mere fact of having to rely on a secure element to safeguard people's savings. First grade cryptography.
It is as if in the Nazi's enigma machine they told you to trust their secure element, a black box of a private company that assures you that it encrypts it and that they can not decipher it, simply because this company says so, and if I find a vulnerability in the secure element I can not say it, I have to continue with a vulnerable machine, I do not think that the Nazis would accept it. Cryptography has to be totally transparent to know that it cannot be broken, it has always been like that and it is the military method, hence the NSA or NIST for example, make the algorithms public and want them to be used, to be tested. No one would trust a closed algorithm and even less that depends on closed hardware.
Ok but the question is: “Would you live in a world where you don’t want to have to trust no one ?” I understand the need of transparency but a world where you are alone is not a world where I want to live.
So, a stateless signing device avoids that trust completly, right? At the cost of UX because you have to Input the seed for each signing Session.
Exactly, but you add the problem of having the seed available, in that case always use passphrase.
Any hardware wallets that are not computer or device dependent?
bullshit
You are an idiot 😂
Secure elements add a layer of physical protection by isolating cryptographic functionality into separate hardware that has been hardened against side channel attacks.
I started with $1000 and invested it with my coach, who helped me earn $6k in just 6 hours. This experience has been completely legitimate and safe, and I highly recommend investing with my coach. @coachalex0 Contact him now to start earning and see the amazing results for yourself!