A free, simple, and secure alternative to hardware wallets

[abandon-ability-able]

Hardware wallets seem to be the default suggestion for secure storage. I have two issues with this approach:

-It's difficult to verify what's actually implemented on the device. They're so niche, fragmented, and complex that I doubt there's enough verification

-Hardware wallets have only been around a few years. It's not clear how durable they are

Instead, I've been using my own software focused strategy that's simple enough to verify yourself. I figured I'd make it publicly available now

Here's the repo with code and more details, https://github.com/abandon-ability-able/electrumLiveCD

I'd appreciate any feedback

-AAA

[ABCbits]

-Hardware wallets have only been around a few years. It's not clear how durable they are

FYI, few hardware and it's company has been around for a decade.

I'd appreciate any feedback

I did not try to run it, but i have some question and feedback.

1. What is size of the result/ISO file?
2. How should we write result/ISO into USB drive? Simply with dd if=file.img of=/dev/sdX ?
3. Does it come with persistent storage, where we can store Electrum wallet file and other files?
4. It'd be great if the script create ISO file which run xterm or graphical interface automatically.

[ranochigo]

-It's difficult to verify what's actually implemented on the device. They're so niche, fragmented, and complex that I doubt there's enough verification

-Hardware wallets have only been around a few years. It's not clear how durable they are

Reputable hardware wallets are generally open sourced, save for sensitive components like the secure elements. They're pretty well audited as well. Hardware wallets are fairly durable from my personal experience, and they would offer similar or better redundancy as an air-gapped wallet as they would both rely on the user keeping a backup of the seeds.

Hardware wallets are often recommended for their ability to make it idiot-proof as well. Users don't have to be a rocket scientist to use it.

Tails is also a good alternative as well for livecd implementations.

[NeuroticFish]

electrumLiveCD

It looks to me like DIY with Electrum.
* The good part is that you'll probably have the latest Electrum on it.
* The bad part is that if somebody can follow those quick instructions, he probably was able to do it also without them

As a Windoze guy I am skeptical I could trust myself doing without mistake what I see there and I could trust the result.

On the other hand, I know I can use Tails OS for the same job, I know it has persistent storage (only!) if I want it, I know it can have internet only if I want it and it has simple and clear instructions on how to install it (although I tend to use it a bit different, just because I am lazy and I still want the latest when I play with it).

Plus, I can clearly say that since I don't have a separate computer for signing, using a separate USB stick with offline Electrum means a few reboots one may not like to do at every transaction. I've played with this kind of setup - yes, with Tails, not your ISO - and this year I decided to just go for a HW at Black Friday price.



TL;DR: HW is still better than this kind of setup; Tails OS looks easier/more reliable than your setup.


PS. Don't take me wrong, I do appreciate work and innovation, just please don't advertise this for more than it is.

[bitmover]

Hardware wallets seem to be the default suggestion for secure storage. I have two issues with this approach:

-It's difficult to verify what's actually implemented on the device. They're so niche, fragmented, and complex that I doubt there's enough verification

-Hardware wallets have only been around a few years. It's not clear how durable they are

Ledger and trezor are quite old and safe. 10+ years. No problems with security so far.

Personally, I use a hardware wallet. I recommend everyone to use. They are safe and cheap.

Your solution may be interesting,  but I don't recommend for life savings amounts. Hardware wallets are the way to go.

Ignore news about people losing money with HW. They are safe.

[DireWolfM14]

Hardware wallets seem to be the default suggestion for secure storage.

There's a good reason for that, and those reasons do indeed refute your reasoning below.

-It's difficult to verify what's actually implemented on the device. They're so niche, fragmented, and complex that I doubt there's enough verification

The open source hardware wallets are no more or less difficult to verify than any software wallet, they just require a different set of skills.  Anyone can crack open a case and use google to search for every piece of hardware attached to the PCB.  You don't even need to be an electrical engineer to figure out what those doohickies do.  The firm ware is often less complex than most software wallets to verify.

I'm not claiming to be an expert, but even novices like me can easily research which HW wallets are trustworthy.

-Hardware wallets have only been around a few years. It's not clear how durable they are

Trezor One has been around for since 2013, the Model T has been around since 2017.  Paper backups can last centuries.  The durability is hardly an issue.

Instead, I've been using my own software focused strategy that's simple enough to verify yourself. I figured I'd make it publicly available now

Here's the repo with code and more details, https://github.com/abandon-ability-able/electrumLiveCD

I'd appreciate any feedback

-AAA

I commend you with taking initiative to come up with something better.  But realistically, any software wallet coupled with an on-line system is vulnerable, and any software wallet coupled with an off-line system can be used as safely and securely as a hardware wallet.

[zabzob]

-Hardware wallets have only been around a few years. It's not clear how durable they are

I've had my Trezor One for several years. Don't use it as much as I used to, but I'm always amazed when I pull it out of the drawer and plug it in, and it's still working as good as new. I would expect a minimalist hardware wallet to be more durable than other devices like phones, laptops etc. Fewer parts means fewer things to go wrong. I expect my Trezor one to go on working for another decade and more.

[ABCbits]

Ignore news about people losing money with HW. They are safe.

Or rather, most HW are safe enough. There are few questionable HW out there, either due to fake security claim (e.g. Bitfi from John Mcafee), hard/impossible to backup and restore without their server/closed-source software or lying about their transparency/being open-source.

Instead, I've been using my own software focused strategy that's simple enough to verify yourself. I figured I'd make it publicly available now

Here's the repo with code and more details, https://github.com/abandon-ability-able/electrumLiveCD

I'd appreciate any feedback

-AAA

I commend you with taking initiative to come up with something better.  But realistically, any software wallet coupled with an on-line system is vulnerable, and any software wallet coupled with an off-line system can be used as safely and securely as a hardware wallet.

Good point, although his guide only require online machine/system when creating the ISO.

[satscraper]

Here's the repo with code and more details, https://github.com/abandon-ability-able/electrumLiveCD

I'd appreciate any feedback

Can not get what is difference between your approach and ^{let's say}   cold electrum on Tails.

 Regarding HW, I don't share your view on all of such devices. The code used by Passport 2  wallet ^{for instance} is open source and besides, this HW wallet utilizes Avalanche known to provide the true randomness for entropy, while you are  still relying on PRNG. Thus, I would rather trust Passport 2 in this respect.  

[ranochigo]

Regarding HW, I don't share your view on all of such devices. The code used by Passport 2  wallet ^{for instance} is open source and besides, this HW wallet utilizes Avalanche known to provide true randomness for entropy, while you are  still relying on PRNG. Thus, I would rather trust Passport 2 in this respect.  

That is not true. Electrum seeds the randomness from urandom within your OS which is a CSPRNG, not a PRNG. No one should be using PRNG and no wallet should be capable of implementing it. TRNG is a good to have, CSPRNG is sufficient.

[satscraper]

Regarding HW, I don't share your view on all of such devices. The code used by Passport 2  wallet ^{for instance} is open source and besides, this HW wallet utilizes Avalanche known to provide true randomness for entropy, while you are  still relying on PRNG. Thus, I would rather trust Passport 2 in this respect.  

That is not true. Electrum seeds the randomness from urandom within your OS which is a CSPRNG, not a PRNG. No one should be using PRNG and no wallet should be capable of implementing it. TRNG is a good to have, CSPRNG is sufficient.

I know that electrum utilizes urandom.

To make things easier I was not going into such details, For me   CSPRNG and PRNG are from the same class of  generators i.e that one that doesn't not provide true random numbers.

Regarding sufficiency of _CSPRNG... who knows, prefix to PRNG doesnt change anything  ^ultimately; pseudo is pseudo no matter what prefix accompanies it. Random physical processes are much better in this respect.

[dkbit98]

-It's difficult to verify what's actually implemented on the device. They're so niche, fragmented, and complex that I doubt there's enough verification

This is not true at all.
There are many open source hardware wallets, some even have open source hardware and they have open schematics for everything.
In reality you don't even know how you toaster at home works, let alone anything more complex.

-Hardware wallets have only been around a few years. It's not clear how durable they are

What does durability have to do with anything?
Hardware wallets are not meant to be like g-shock watches, that is why we use stainless steel and titanium for seed backups.

Instead, I've been using my own software focused strategy that's simple enough to verify yourself. I figured I'd make it publicly available now

That is a great way to mess up everything, and you can't compare this with hardware wallet.
You just invented wheel all over again, but you forgot that someone already invented it a long time ago.
There are a bunch of linux live OS with electrum wallet.

PS
btw CD is less durable than most hardware wallets.

[abandon-ability-able]

Thanks everyone for the feedback

I put up a warning on the repo and set it up to autolaunch electrum on boot. I also uploaded an iso under releases on github

Yes, this approach is similar to running electrum in Tails OS on an offline. But it doesn't include any extra software, just electrum. Partly I do this since I already use nix for other projects, so this was simple for me to do. I'm much more comfortable with software than hardware and don't want to learn how to verify hardware. The durability point was relatively minor, but I don't want to re-buy specialized hardware when it breaks while I always have old computers lying around

You can still use a TRNG to generate the seed words with this if you want

[NotATether]

You know, you can simply set up a Tails USB stick along with a portable Electum binary to achieve the same effect.

Trezor One has been around for since 2013, the Model T has been around since 2017.  Paper backups can last centuries.  The durability is hardly an issue.

Availability is an issue, however.

These devices are more like cars or ASICs being produced rather than consumer electronic devices like PCs and phones.

Only a few thousand are made each year because the market is small. Not millions of them.

That means it gets harder to find a Model T or a One as the years go by, and you may not trust newer models of a particular hardware wallet brand (Ledger is a great example of this - I would use a Nano S, but not watever it is they've announced a couple months ago).

[Lucius]

Availability is an issue, however.
These devices are more like cars or ASICs being produced rather than consumer electronic devices like PCs and phones.
Only a few thousand are made each year because the market is small. Not millions of them.

I don't know the real production/sales data if they are available at all - but I think it is a much larger number than a few thousand units of these popular manufacturers such as Trezor&Ledger. As an example, I will mention the limited edition Trezor Safe 5 which was released in 2100 units and sold out within a week.

That means it gets harder to find a Model T or a One as the years go by, and you may not trust newer models of a particular hardware wallet brand (Ledger is a great example of this - I would use a Nano S, but not watever it is they've announced a couple months ago).

If the manufacturer has gained the trust of consumers over the years and if it produces open source devices, then there is no reason to distrust - because why would an older model deserve more trust than a newer one? However, I think that times have changed and that we cannot classify hardware wallets into a general category - there are devices that are air-gapped and communicate with the online UI using QR codes or memory cards - and those that use a cable with a USB connection.

Personally, it doesn't make any sense to store private keys that store large values ​​on what could be called hot hardware wallets - especially on those that share these same private keys with third parties with (or without) permission.

[virasog]

Hardware wallets seem to be the default suggestion for secure storage. I have two issues with this approach:

-It's difficult to verify what's actually implemented on the device. They're so niche, fragmented, and complex that I doubt there's enough verification

-Hardware wallets have only been around a few years. It's not clear how durable they are

Instead, I've been using my own software focused strategy that's simple enough to verify yourself. I figured I'd make it publicly available now

Here's the repo with code and more details, https://github.com/abandon-ability-able/electrumLiveCD

I'd appreciate any feedback

-AAA

I do not get what you have to offer through electrumLiveCD ? It would have been much better if you would have explained it with the help of images or any video tutorial link.

Hardware wallets are still very reliable provided you bought them from the official source so they are not tempered and also you should only considered the open source ones. Trezor is one of the best one out there. If anyone doesn't have resources to buy the Hardware wallet, they can develop a cold storage through USB using Tails OS.

[Forsyth Jones]

I don't see the need for this. The idea is interesting, but downloading tailsOS on an air-gapped computer doesn't seem that difficult and already provides a considerable level of security, as long as all precautions are followed.

Personally, I find DIY air-gapped hardware wallets more valuable (some may or may not be air-gapped), such as Krux, which can be downloaded as software and implemented on specific hardware like the Maix Amigo. Other options include Specter DIY, Jade DIY and so on.

You can check out all the USB, air-gapped, and even Bluetooth-connected (less recommended) hardware wallet options at https://thebitcoinhole.com/hardware-wallets  where you can also compare the features of each model.

Additionally, since many people mentioned Trezor, it's secure enough for most beginner and intermediate users. I've had the Model T since 2019, and it still works perfectly. Like any electronic device, it may stop working one day, which is why I keep an offline backup in stainless steel to protect it from natural hazards.

Hardware wallets provide a well-structured step-by-step guide for beginners, but they aren't idiot proof. That's why awareness and knowledge are crucial. There's no point in having a secure device if you store your backup words in a .txt file online, for example.