MIME-Version: 1.0
In-Reply-To: <20160817001407.GA6571@fedora-21-dvm>
References: <57B31EBC.1030806@jonasschnelli.ch>
	<0501f5c2-611c-53c1-5fd1-d4da5ba5137b@gmail.com>
	<20160817001407.GA6571@fedora-21-dvm>
From: Bryan Bishop <kanzure@gmail.com>
Date: Wed, 17 Aug 2016 13:36:38 -0500
Message-ID: <CABaSBawL29aRF5aJ9jbshBU+FSzOPGYj0EaETawi7ttXewTAsg@mail.gmail.com>
To: Peter Todd <pete@petertodd.org>, 
	Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>,
	Bryan Bishop <kanzure@gmail.com>
Content-Type: multipart/alternative; boundary=001a113e4c12ff0f00053a48be57
Subject: Re: [bitcoin-dev] Hardware Wallet Standard
Precedence: list

--001a113e4c12ff0f00053a48be57
Content-Type: text/plain; charset=UTF-8

On Tue, Aug 16, 2016 at 7:14 PM, Peter Todd via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:

> The other serious problem - and this is a problem with smartcards in
> general
> anyway - is that without Bitcoin-specific logic you're just signing
> blindly; we
> recently saw the problems with that with the Bitfinex/BitGo hack. And even
> then, without a screen most of the hardware wallets in are still just
> signing
> blindly, with at best hard-to-use limits on maximum funds moved
> per-transaction. Also note how even hardware wallets with a screen, like
> Trezor, aren't yet able to authenticate who you are paying.
>

"Welcome to my threat model."

In multisig scenarios, there must be a different "trust root" for each key.
For example, storing two private keys next to each other on the same web
server is broken because if one key is compromised it is infinitely trivial
to compromise the second key. Using multiple web servers is also broken if
the two servers are controlled by the same AWS keys or same "help me get my
servers back" support email request to whatever single sign-on service is
used. In some cases, it can be better to write software such that
transaction data is served at a particular location, and another
security-critical step is responsible for downloading that data from the
first machine, rather than the first computer directly pushing (with
authentication credentials in place for the attacker to compromise) the
data to the second computer.

I recommend using hardware security modules (HSMs). It's important to have
a public, reviewed bitcoin standard for hardware wallets, especially HSMs.
I expect this is something that the entire industry has a tremendous
interest in following and contributing to, which could even lead to
additional resources contributed (or at the very least, more detailed
requirements) towards libconsensus work.

Instead of signing any bitcoin transaction that the hardware wallet is
given, the hardware should be responsible for running bitcoin validation
rules and business logic, which I recommend for everyone, not only
businesses. Without running business logic and bitcoin validation rules,
the actual bitcoin history on the blockchain could be a very different
reality from what the hardware thinks is happening. Using a different
out-of-band communication channel, the hardware could query for information
from another database in another trust root, which would be useful for
business logic to validate against.

As for a screen, I consider that somewhat limited because you only get text
output (and I don't know if I can reasonably suggest QR codes here). With a
screen, you are limited to text output, which can compromise privacy of the
device's operations and info about the wallet owner. An alternative would
be to have a dedicated port that is responsibly only for sending out data
encrypted to the key of the wallet owner, to report information such as
whatever the hardware's transaction planner has decided, or to report about
the state of the device, state of the bitcoin validation rules, or any
accounting details, etc. Additionally, even a signed transaction should be
encrypted to the key of the device owner because a signed transaction can
be harmless as long as the owner still has the ability to control whether
the signed transaction is broadcasted to the network. It's "separation of
concerns" for transaction signing and decrypting a signed transaction
should be unrelated and uncoupled.

Also I am eager to see what the community proposes regarding signed and
authenticated payment requests.

((insert here general promotional statement regarding the value of reusable
checklists used during every signing ritual ceremony))

- Bryan
http://heybryan.org/
1 512 203 0507

--001a113e4c12ff0f00053a48be57
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote">On T=
ue, Aug 16, 2016 at 7:14 PM, Peter Todd via bitcoin-dev <span dir=3D"ltr">&=
lt;<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D"_blan=
k">bitcoin-dev@lists.linuxfoundation.org</a>&gt;</span> wrote:<br><blockquo=
te class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left-widt=
h:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-le=
ft:1ex"><div id=3D":itg" class=3D"">The other serious problem - and this is=
 a problem with smartcards in general<br>
anyway - is that without Bitcoin-specific logic you&#39;re just signing bli=
ndly; we<br>
recently saw the problems with that with the Bitfinex/BitGo hack. And even<=
br>
then, without a screen most of the hardware wallets in are still just signi=
ng<br>
blindly, with at best hard-to-use limits on maximum funds moved<br>
per-transaction. Also note how even hardware wallets with a screen, like<br=
>
Trezor, aren&#39;t yet able to authenticate who you are paying.<br></div></=
blockquote></div><div class=3D"gmail_extra"><br>&quot;Welcome to my threat =
model.&quot;<br><br></div><div class=3D"gmail_extra">In multisig scenarios,=
 there must be a different &quot;trust root&quot; for each key. For example=
, storing two private keys next to each other on the same web server is bro=
ken because if one key is compromised it is infinitely trivial to compromis=
e the second key. Using multiple web servers is also broken if the two serv=
ers are controlled by the same AWS keys or same &quot;help me get my server=
s back&quot; support email request to whatever single sign-on service is us=
ed. In some cases, it can be better to write software such that transaction=
 data is served at a particular location, and another security-critical ste=
p is responsible for downloading that data from the first machine, rather t=
han the first computer directly pushing (with authentication credentials in=
 place for the attacker to compromise) the data to the second computer.<br>=
</div><div class=3D"gmail_extra"><br></div></div><div class=3D"gmail_extra"=
>I recommend using hardware security modules (HSMs). It&#39;s important to =
have a public, reviewed bitcoin standard for hardware wallets, especially H=
SMs. I expect this is something that the entire industry has a tremendous i=
nterest in following and contributing to, which could even lead to addition=
al resources contributed (or at the very least, more detailed requirements)=
 towards libconsensus work.<br><br>Instead of signing any bitcoin transacti=
on that the hardware wallet is given, the hardware should be responsible fo=
r running bitcoin validation rules and business logic, which I recommend fo=
r everyone, not only businesses. Without running business logic and bitcoin=
 validation rules, the actual bitcoin history on the blockchain could be a =
very different reality from what the hardware thinks is happening. Using a =
different out-of-band communication channel, the hardware could query for i=
nformation from another database in another trust root, which would be usef=
ul for business logic to validate against.</div><div class=3D"gmail_extra">=
<br></div><div class=3D"gmail_extra">As for a screen, I consider that somew=
hat limited because you only get text output (and I don&#39;t know if I can=
 reasonably suggest QR codes here). With a screen, you are limited to text =
output, which can compromise privacy of the device&#39;s operations and inf=
o about the wallet owner. An alternative would be to have a dedicated port =
that is responsibly only for sending out data encrypted to the key of the w=
allet owner, to report information such as whatever the hardware&#39;s tran=
saction planner has decided, or to report about the state of the device, st=
ate of the bitcoin validation rules, or any accounting details, etc. Additi=
onally, even a signed transaction should be encrypted to the key of the dev=
ice owner because a signed transaction can be harmless as long as the owner=
 still has the ability to control whether the signed transaction is broadca=
sted to the network. It&#39;s &quot;separation of concerns&quot; for transa=
ction signing and decrypting a signed transaction should be unrelated and u=
ncoupled.<br><br>Also I am eager to see what the community proposes regardi=
ng signed and authenticated payment requests.<br><br>((insert here general =
promotional statement regarding the value of reusable checklists used durin=
g every signing ritual ceremony))<br><br></div><div class=3D"gmail_extra"><=
div class=3D"gmail_signature" data-smartmail=3D"gmail_signature">- Bryan<br=
><a href=3D"http://heybryan.org/" target=3D"_blank">http://heybryan.org/</a=
><br>1 512 203 0507</div>
</div></div>

--001a113e4c12ff0f00053a48be57--