Signing keys for firmware usually can't be rotated at all since they're burned into fuses so that's another case where a more traditional HSM is the best option since existing keys need to be migrated. Android app signing keys were similar, but they've finally added key rotation.
-
-
I really like the
@nitrokey - code has been audited by@cure53berlin so that is a huge plus in my book, and there's tons of eyes on the code as@linuxfoundation maintainers use them as well. Nothing against@Trezor - they are an incredible company and I use their devices for btc2 replies 0 retweets 0 likes -
Replying to @RobertSpigler @DanielMicay and
Entering a password on device (like you mention) is a big plus for Trezor though, as is their open CPU. (What smart card does nitrokey use?)
1 reply 0 retweets 0 likes -
Replying to @RobertSpigler @nitrokey and
I find the recovery model to be the biggest advantage of the approach based on deterministic wallet design. The hardware wallet generates a high entropy seed, displays it as a recovery phrase and you can write it down, store it and recover without exposing it to the computer.
2 replies 1 retweet 1 like -
Replying to @DanielMicay @RobertSpigler and
I need backups for my keys. For a traditional HSM, that means I need to generate them on my computer, back them up onto cold storage and import them onto the HSM. If I ever need to do recovery, I need to expose them to a general purpose computer again too. That's problematic.
2 replies 1 retweet 3 likes -
Replying to @DanielMicay @RobertSpigler and
Why? You can use a completely non-connected computer, even wipe or physically destroy it afterwards if needed. Risk only arises if there's an exfil channel available after the restore op.
1 reply 0 retweets 0 likes -
Replying to @RichFelker @RobertSpigler and
It's an issue for the initial key generation rather than just recovery since you're forced to do it on a computer and trust that it's generating the keys properly due to needing to back them up onto cold storage. It's very difficult to wipe all state on a general purpose PC too.
3 replies 0 retweets 2 likes -
Replying to @DanielMicay @RichFelker and
I greatly prefer only trusting only the HSM and having a physical backup of the seed recorded directly from it. The approach to passphrases is also really nice. Trezor *only* stores the seed, not any state for wallets, SSH/GPG keys, etc. which are derived from seed + passphrase.
1 reply 0 retweets 1 like -
Replying to @DanielMicay @RichFelker and
If it dies, I can do recovery on a new one (or a compatible implementation) by entering my recovery seed into it directly and I'll have back all of my wallets and keys. I also really like that I could quite feasibly memorize a recovery seed since it's 12 / 18 / 24 common words.
1 reply 0 retweets 1 like -
Replying to @DanielMicay @RichFelker and
Satoshi Labs (Trezor) got the recovery seed and deterministic wallet approach standardized, so there are a lot of compatible options available. The trezor-agent project providing SSH / GPG support also appears to support some other devices like Ledger models too.
1 reply 0 retweets 0 likes
If I wanted to transport keys across a border, I'm confident that I could memorize a 12 word recovery phrase, which is the 128-bit security level. Bitcoin and ed25519 have an 128-bit security level anyway. Using 24 words is useful to split physical backups into two pieces though.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.