On Wed, Aug 17, 2016 at 09:36:02AM +1000, Aiqin Li via bitcoin-dev wrote: > Out of curiosity, what is the technical reason a normal ECC-enabled > smart-card cannot be used for the hardware signing component of a wallet > app? (Since if it can, its standardization must have been discussed.) > > Debian wiki gives a list of such cards with related opensource software to > access them.
I'm not aware of any ECC-enabled smart-cards that can sign the specific curve that Bitcoin uses, not to mention the fact that those smartcards generally only speak higher level protocols than raw signature generation, precluding the signing of bitcoin transactions. The other serious problem - and this is a problem with smartcards in general anyway - is that without Bitcoin-specific logic you're just signing blindly; we recently saw the problems with that with the Bitfinex/BitGo hack. And even then, without a screen most of the hardware wallets in are still just signing blindly, with at best hard-to-use limits on maximum funds moved per-transaction. Also note how even hardware wallets with a screen, like Trezor, aren't yet able to authenticate who you are paying. -- https://petertodd.org 'peter'[:-1]@petertodd.org
signature.asc
Description: Digital signature
_______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
