Jump to content
TiffanyHayden

Working on a new hardware wallet for XRP

Recommended Posts

What about implementing secp256k1 signatures on ordinary smart cards or USB tokens? Or maybe just create a Ripple software wallet that uses one of the existing smartcards with secp256k1 support?

I doubt there's a significant market for any Ripple specific hardware.

Share this post


Link to post
Share on other sites
20 minutes ago, TiffanyHayden said:

Hey guys. I'm working on a new hardware wallet (along with an extremely sexy cryptographer who you may or may not know) and I'm soliciting input.  I searched online to see what people like/dislike about the Trezor, Ledger Nano S , and KeepKey. These are some of the comments I found: 

 

Trezor pros: Reputation, can also act as a password manager, has an advanced recovery feature, open source firmware, open to community development, supports passphrases

Trezor cons: Needs better protected hardware, poorly implemented STMicrochips, multiple wallets required for different currencies and the selection is limited

 

Nano pros: Better casing (more durable), downloadable wallet and not just a website to go to, app is similar to Trezor, but has a "sleeker" and more intuitive design, cheaper price, large selection of wallets for other currencies

Nano cons: Lack of support for passphrases, firmware not open source, use of secure element chip that is only available under NDA is controversial, the cable that comes with the Nano often doesn't work

 

KeepKey pros: (KeepKey is actually a port of the TREZOR’s code and firmware.) Large digital screen, metal body. ShapeShift recently acquired KeepKey and plans to allow users to trade assets over the ShapeShift API, which can be reached from KeepKey’s interface.

KeepKey cons: Hasn’t earned enough “reputation points” yet. Communicates exclusively with Google Chrome. Complaints about poor customer service.

 

I'd love to know if you have anything to add or any other suggestions in general. 

Thanks!

Are you familiar with the soon to be released Bitquence "universal wallet"?

 

Clipboard02.jpg

Share this post


Link to post
Share on other sites
1 hour ago, TiffanyHayden said:

I'd love to know if you have anything to add or any other suggestions in general. 

Hi Tiffany, If your new hardware wallet could be compatible with the Bitgo individual wallet (when they get around to adding xrp) would be awesome. Best wishes with your project. 

Share this post


Link to post
Share on other sites

Can someone explain me the advantages of hardware wallet w.r.t. cold wallet?
I see more safety point of failure in the hardware wallet.

Is the advantage to hold multiple currencies?

Share this post


Link to post
Share on other sites
12 minutes ago, tulo said:

Can someone explain me the advantages of hardware wallet w.r.t. cold wallet?
I see more safety point of failure in the hardware wallet.

Is the advantage to hold multiple currencies?

 

Secret key (or private key) is stored in a hardware wallet and it never touches e.g. any computer that is connected to the internet. Theoretically they could be seen as one of the methods for implementing cold storage (other method is e.g. a paper wallet), although they could be still connected to the online computer (via USB port).

 

 

 

Share this post


Link to post
Share on other sites
47 minutes ago, T8493 said:

Secret key (or private key) is stored in a hardware wallet and it never touches e.g. any computer that is connected to the internet. Theoretically they could be seen as one of the methods for implementing cold storage (other method is e.g. a paper wallet), although they could be still connected to the online computer (via USB port).

Even with an offline generated wallet you have the same properties.
Who guarantee that the hardware wallet have proper hardware and software implementation? (https://medium.com/@Zero404Cool/trezor-security-glitches-reveal-your-private-keys-761eeab03ff8).

Also I don't get how the recovery seed works...how can recover all the info?

Edited by tulo

Share this post


Link to post
Share on other sites

I don't know much about the current state of hardware wallets but I think it's important to make sure the hardware is trustable and very failsafe, even longterm.
So perhaps you can differentiate by having some kind of powersurge protection / extremely longlife highgrade hardware components / extremely solid build quality / perhaps (if possible) able to withstand a fire and electromagnetic radiation / perhaps some redundant components (like we sometimes see with firmware/BIOS chips).

Also it's important people can trust the device; opensource firmware (and being able to verify the hashes or content), (physical) firmware upgrade/overwrite protection, opensource drivers/software and if implemented; a very secure updater so we don't have teamviewer-like update problems by rogue DNS servers etc.

Personally; the feeling of having a trustable 80386 processor instead of modern usb stick that often fails. Best case: an almost indestroyable thing that always works. That more of less can replace keys written on paper or carved in stone. Maybe it can be specialised in 2 usecases (?): one indestructable thing just for longterm storing the keys (no display, extremely solid), one for doing daily transactions (with display / tx confirmation button). Just some brainstorming here. I have no idea, but could a camera like in Rabobanks's authentication/signing device make things easier some way (??)

Anyway, good luck with the project

Edit: maybe there is interest in 3 uses:
1) very longterm and reliable storage of very high (bullion-like) value like bitcoin usecase / gold usecase / longterm banking account
2) midterm storage of high value like a regular banking account
3) shortterm storage of lower value, with lot of ease for payments. Just like your regular reallife wallet with paper money / coins, which you fill at ATM's by withdrawing money from your banking account to real money. When i go on the streets i like to have some real money, but not too much of course. if i lose my wallet, the damage is managable. i want to pay quickly where ever i am. that's why i carry a real wallet with money. if it's empty i withdraw money from my regular banking accounts. someone that wants to store value for a long time, like with gold, i assume wants to make sure it's stored very securely, and is less bothered about entering a long password or whatever steps are necessary for a transaction.

I have no idea about the above things and the pro/con's, but maybe it can inspire a bit.

Edited by edwin90

Share this post


Link to post
Share on other sites
14 minutes ago, tulo said:

Who guarantee that the hardware wallet have proper hardware and software implementation?

No one basically. You must trust the company that makes them.

 

14 minutes ago, tulo said:

Also I don't get how the recovery seed works...how can recover all the info?

You can recover it on another device OR use special program that converts your recovery seed to (probably) a Ripple private key and can then sign a transaction.

 

Share this post


Link to post
Share on other sites
Guest
20 minutes ago, tulo said:

Also I don't get how the recovery seed works...how can recover all the info?

All the info is actually on the Ripple Consensus Ledger...   the recovery will just get you back to having the secret key inside the device.

 

Share this post


Link to post
Share on other sites
4 minutes ago, T8493 said:

You can recover it on another device OR use special program that converts your recovery seed to (probably) a Ripple private key and can then sign a transaction.

 

Are they storing info in their servers?

To go back to the topic:

  • The design is also important for me. Ledger nano S is quite elegant w.r.t. others.
  • I'd like an implantable device, such that none can steal it (I know I'm asking too much)
  • A little screen as ledger nano S is quite good to have (if that is implantable, it can be traded with morse-code vibrations under the skin :lol:).
  • Safety is number one priority of course. Both hardware and software.
  • The automatic connection to shapeshift is actually a pretty damn good idea, so you can hold one currency and pay with many of them. If only ILP was active...

Share this post


Link to post
Share on other sites
6 minutes ago, Tinyaccount said:

All the info is actually on the Ripple Consensus Ledger...   the recovery will just get you back to having the secret key inside the device.

 

How can the recovery seed store the secret info? It's far smaller code...

Share this post


Link to post
Share on other sites
Guest
16 minutes ago, tulo said:

How can the recovery seed store the secret info? It's far smaller code...

I don't have one...  but I thought it asked you to record a series of words as the recovery seed.  Plenty of length there to rebuild it...

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...