RE: Trezor Review: Stop Blindly Trusting Hardware Wallets

You are viewing a single comment's thread from:

Trezor Review: Stop Blindly Trusting Hardware Wallets

in tezor •  3 months ago 

Cold signing transactions on an offline device seems like the way to go. It would be pretty much impossible to broadcast a private key from an offline device.

It becomes quite clear to me that generating the master keys themselves becomes the most obvious attack vector. If someone gets tricked into downloading bogus software the attacker can know what the master password is going to be before it even exists.

It is my belief that I should create a system that allows you to create the master seed dynamically with your own brain power, rather than relying on some "random" algorithm. I guess we could call this a proof-of-brain solution.

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Fascinating discussion this, and @practicalthought -

I guess if you combined @edicted's method in combination with a newly configured machine when you download you'd have max security.

Otherwise I guess you're left with the option of simply keeping your coins on a multitude of exchanges.

Posted Using LeoFinance