Bitcoin Stack Exchange is a question and answer site for Bitcoin crypto-currency enthusiasts. It only takes a minute to sign up.
Sign up to join this communityAnybody can ask a question
Anybody can answer
The best answers are voted up and rise to the top
Asked
Viewed 238 times
Specifically two questions are interesting to me:
- Are private keys ever accessible?
- When are they generated and how can we know/prove this?
In more detail:
Is my understanding correct that even when connected to a computer with an internet connection the private keys are unaccessible and the only thing that can be seen is a signature/signed transaction? (let's take the Ledger Nano S as an example)
How can I know that the seed phrase I see is new and hasn't been seen by the manufacturer before? How can I be confident that when I get the seed phrase/access to the private key nobody else has before me?
Is my understanding correct that even when connected to a computer with an internet connection the private keys are unaccessible and the only thing that can be seen is a signature/signed transaction? (let's take the Ledger Nano S as an example)
Right, if you plug a hardware wallet/signer into a laptop your hardware wallet/signer will provide signatures when requested so that transactions can be constructed and broadcast but will not ever provide private keys to that laptop. The private keys stay on the hardware wallet/signer.
How can I know that the seed phrase I see is new and hasn't been seen by the manufacturer before? How can I be confident that when I get the seed phrase/access to the private key nobody else has before me?
You can generate a fresh seed phrase (or enter an existing one, Coldcard supports dice rolls) on the hardware wallet/signer but you are trusting the manufacturer that they haven't pre-loaded a set of seed phrases on the hardware wallet/signer. Hence it is important to buy directly from the manufacturer's website and not third party sellers who may have tampered with the hardware wallet/signer or be selling you a replica. One thing you may want to look into if this concerns you is multisignature or threshold schemes. This would allow you to use multiple different products and manufacturers and mitigate the risk of any one manufacturer being malicious. (They now wouldn't be able to spend your coins with knowledge of the seed on the device they sold you.) It does introduce complexity though so practise first on testnet/signet and make sure you understand what you are doing.
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments