Due to the complicated nature of it, all of them either skip over xpub verification, cannot perform it due to a lack of hardware wallet support, or simply do it incorrectly.
BITSAFE 2ND GENERATION HARDWARE WALLET HOW TO
There are plenty of tutorials about how to set up multisig with hardware wallets. If your computer was safe to use, there would be little reason to use hardware wallets in the first place. Hardware wallets' main value proposition is to protect against this. My standard assumption is that your computer is already compromised. The scope of this post is limited to setups where you use multiple hardware wallets and handle them using a single computer (or mobile phone). * The xpubs of the cosigners in order to prevent an attacker from swapping them This post is an in-depth look at this small, but hugely important point of the original article: Your hardware wallet should verify, or let you verify, the following information provided by the untrusted computer: Our blog post summarizing them is one of our most popular posts. Back when we first evaluated how to properly add multisig support, we stumbled across numerous pitfalls and security issues related to how people use hardware wallets to secure their coins in a multisig setup.
Unfortunately, one weak hardware wallet can compromise the whole setup. a serious vulnerability in one of involved wallets. In reality, it often achieves the opposite when it comes to remote attacks.Ĭombining hardware wallets from multiple vendors is a popular strategy to minimize the risk of a single point of failure, e.g. Multisig using multiple hardware wallets is often used as a security upgrade for personal funds previously held in a single-signature wallet.
0 kommentar(er)
