Hardware security is very hard. Unlike software, hardware is rarely open source and has many more parts. Each part, in turn can be from a different vendor with all sorts of opportunities for the part to get compromised. Yet hardware devices have to keep secrets secure and doing that can be very hard.
The standard that many in the hardware industry have come to is something called secure elements. These are chips that are certified by some entity which have been tested against certain types of attacks and can secure the secret. The idea is to modularize the security of the entire device by keeping the secret on the chip and not let the rest of the device know about it.
It’s a great idea, but in practice, this can lead to some problems, as Trezor has pointed out. The certification bodies generally are not on the side of the consumer, but are on the side of the chip vendors as they are the ones that pay them. As a result, Trezor found some vulnerabilities in certain secure element chips but can’t talk about it due to the NDA they’ve signed. The incentives are pretty badly misaligned and as they point out, this is causing users to have a false sense of security about what these chips can do.
As a result, Trezor has taken the interesting step of creating an open-sourced security chip. This will be done through the creation of a new company specifically tasked with creating the chip: Tropic Square. They’ll invite critique and test the chip as to make the better and more secure. This sort of transparency in a hardware project is a very welcome development and I hope that this level of disclosure can become more standard going forward.
Earlier this week, a very early coinbase transaction output was spent, probably to an exchange. I wrote a story explaining why the coins from February 2009 moving probably wasn’t Satoshi or Patoshi or whoever it was that has a bunch of early unspent coins.
Unchained Capital has announced an open source multisig wallet coordinator called Caravan. This is badly needed in a space that has way too few working multisig implementations despite the plethora of “standards” to support it. The coordinator has nice features like coin control and support for many different hardware wallets.
Casa has a new product that removes the need for writing down or securing seeds. The innovation here is that they allow for automatic key rotation. That is, if one of the keys gets compromised, it can be rotated out using their software, which is really slick. I’m still concerned, however, at the prospect of them controlling enough keys that a government authority, such as a court, can order them to move my Bitcoins against my wishes.
John Cantrell has announced Juggernaut, a lightning-based messaging app. This is based on the fact that the Lightning network is decentralized by nature and that routing is already something nodes know how to do without a central hub. The UI looks easy to use and such a development, especially with end-to-end encryption is a very welcome innovation. I’ve always thought of the lightning network as something that would develop as a result of lots of payments. This application may very well take lightning in a different direction, causing people to create lightning nodes to get guaranteed privacy rather than get this as a nice to have on to pay someone.
Economics, Engineering, Etc
Arthur Hayes of BitMex has an irreverent and entertaining take on institutions and Bitcoin. A lot of it doesn’t make sense without knowing trader lingo, but the main takeaways for me were these: 1. Paul Tudor Jones getting into Bitcoin is a great signal. 2. This should lead to a contango in Bitcoin futures on CME because institutions won’t want to deal with Bitcoin custody. 3. Bitcoin is currently heterodox but will become orthodox soon enough. I got great insights into how fund managers think and how they strive to be average.
tBTC, which is an Ethereum network BTC coin substitute, had a pretty significant bug. Essentially, their smart contract couldn’t parse non-segwit addresses. They had to stop deposits using their master key. Unfortunately, the lack of rigor in the writing of smart contracts is all too common in Ethereum as their smart contract language makes creating bugs all too easy. Like many “defi” products, this one is lacking in decentralization and pretty dangerous to your finances.
Steem has seized $5M worth of Steem from its users after a controversial hard fork of Steem to Hive. The seizure is not a surprise as these belonged to many of the people that led the hard fork and were considered by Justin Sun as the ones responsible. Binance put out a bizarre press release in which they argue that what Justin Sun has done is bad for the users, but at the same time, they have no choice but to follow the hard fork because its users wouldn’t otherwise be able to withdraw their Steem.
BlockFi has had a massive security breach. While no Bitcoins were lost, personal information was. This is not a good sign, but at least they’ve come clean. As always with custodial services, be very careful entrusting any Bitcoins on them as your funds are not safe.
ZCash has a really small anonymity set and that means its transactions aren’t really that private. An academic paper formalizes this. In essence, the set of transparent transactions keeps growing while the shielded ones don’t increase very much. This is probably due to the complexity of creating shielded transactions on ZCash. Without the shielded transactions, ZCash is nothing more than an old clone of Bitcoin and its price seems to reflect it.
Here’s my show from Monday where I went through last week’s newsletter. A also read through and provided commentary on Nick Szabo’s classic, Trusted Third Parties are Security Holes. I talked about my article on old coins being moved and other things on Tone’s channel. There’s a short video where I talk about competing moneys. Lastly, I had a spirited debate about the government bailouts with Qiao Wang here.
Fiat delenda est