Two Heads Are Better than OneCheap Security Enhancement for Every Hardware Wallet Setup
Whether it’s a TREZOR, Ledger, COLDCARD or any other hardware wallet, it (hopefully) uses techniques or devices (such as a “secure element”) to make it difficult for an attacker with physical access to the hardware wallet to extract your seed words. Single-board computer (SBC) -based devices, like my Raspberry Pi-based Rudefox Burrow, which lack such provisions, should not be used to store your seed words or keys. In fact, I configured the Burrow with a read-only file system, rendering it “memory-less” or “stateless”, in order to prevent the user from storing his seed phrase on the device.
This does not mean that such SBC devices have no role to play in the Bitcoin Custody ecosystem. In fact, I would argue that (in addition to their essential role in Bitcoin-node self-hosting) they have a significant role to play in creating a properly audited hardware-wallet solution. The Burrow can mitigate threats of a supply-chain or key generation attack at very little cost by (1) allowing you to generate seed words audited by you and by (2) enabling you to audit addresses generated by your hardware wallet.Not your Entropy, Not your Seed
Do you use a hardware wallet? How were your seed words generated? Perhaps you simply took the first set of words provided to you by the hardware wallet, trusting it used a suitable entropy source. If you are a more advanced user, perhaps you entered dice rolls or a randomly selected piece of data into your hardware wallet. Still, how can you be sure the resulting seed words are derived from those dice rolls? How can you rule out being the victim of a bait-and-switch? Certainly when dealing with larger holdings of Bitcoin, I would sleep better at night if I had more transparency into this process.
In a previous post, I covered how the Burrow can assist you in creating your seed words using a process that leaves you conf...