[Bitcoin-development] Securing hardware wallets

2014-03-30 Thread devrandom 
I would like to solicit feedback on a whitepaper I wrote about securing
hardware wallets even if the hardware or software is compromised.  Let's
consider turning this into a BIP.

Abstract: With wide adoption hardware wallets present a very tempting
target. Once enough wealth is controlled by a specific hardware wallet
model, attacking the supply chain of the wallet becomes attractive.
Malware could be inserted in hardware or software. The random seed could
be generated in a way that is predictable to the attacker or the seed
could be leaked.

The paper describes a way for a "Warden" computer to manage a hardware
wallet in a way that protects the resulting private keys from
compromise.

https://github.com/devrandom/btc-papers/blob/master/hardware-wallet-security.md

-- 
Miron / devrandom




--
___
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development

Re: [Bitcoin-development] BIP 70 refund field

2014-03-30 Thread Andreas Schildbach 
I'd prefer 3 months to 2 just because a quarter of year is a more common
timespan.

But of course its just paint shedding, so 2 sounds good for me too (-:


On 03/29/2014 02:29 PM, Mike Hearn wrote:
> So how about we say two months? That way it's easy for merchants to
> comply with the EU DSD and we keep RAM usage in check until we come up
> with a more sophisticated refund scheme.
> 
> There's another issue with BIP 70 and refunds that I noticed. The
> PaymentRequest doesn't specify whether refunds are possible. So wallets
> have to either never submit refund data, or always submit it even if it
> makes no sense. Because setting things up to get refunds has a non-zero
> cost for the sender, it'd help if we could optimise it away for
> merchants that simply refuse to issue refunds for whatever reason.
> 
> 
> 
> On Sat, Mar 29, 2014 at 10:27 AM, Roy Badami  > wrote:
> 
> On Fri, Mar 28, 2014 at 09:56:57PM +0100, Andreas Schildbach wrote:
> > On 03/28/2014 07:19 PM, Mike Hearn wrote:
> >
> > >> Ok, why don't fix this in the spec for now, by defining a fixed
> expiry
> > >> time. In the EU, most products are covered by a 2 years
> warranty, so it
> > >> seems appropriate to pick 2.5 years (30 months) -- allowing for
> some
> > >> time to ship the product back and forth.
> > >
> > > Yeah I was thinking something like that on the walk home. But 2
> years is
> > > a long time. Do we have enough RAM for that?
> >
> > It depends on usage stats, script size, etc...
> >
> > > Plus warranties usually
> > > result in the defective goods being replaced rather than a monetary
> > > refund, right?
> >
> > Usually yes. The next smaller "unit of time" in Germany would be two
> > weeks, the so-called "Fernabsatzgesetz". It allows you to send back
> > mail-orders and usually you want the money back. Don't know if
> that made
> > it into EU law or how it applies to other countries.
> 
> It's EU law, but the Distance Selling Directive only says "at least
> seven days", so the exact period probably varies by country (in the UK
> it is 7 days).
> 
> But the clock only starts ticking when you receive the goods, and the
> Distance Selling Directive allows the supplier 30 days "to execute the
> order" (I *think* the 30 days always has to include shipping, because
> for consumer contracts title doesn't pass until the goods are
> delivered, so the order wouldn't be considered complete until then).
> 
> So I think latest possible deadline for returning the goods for refund
> could be up to 30 days to execute the order plus "at least 7 days"
> (with some countries allowing more).  Plus, conceivably, shipping
> time, if some member states have chosen to interpret the 30 day
> execution differently.
> 
> So I think this adds up to "a couple of months, give or take".  In
> practice, though, even a couple of months is a bit on the short time.
> What if the goods are delayed.  How many people have had miner orders
> outstanding for the best part of a year?
> 
> roy
> 
> 
> 
> --
> ___
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> 
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
> 
> 
> 
> 
> --
> 
> 
> 
> ___
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
> 



--
___
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development