previous article"Hardware Wallet - Open Source or Secure Chip? "
The article aroused extensive discussion, although we have explained with very clear logic "Why is open source a prerequisite for hardware wallets?" and "What is the purpose of a security chip?" ", but there are still many confused voices repeating "four legs are good, two legs are bad".
I have no choice but to say a few more words on this topic.
First of all, we have always emphasized that "the purpose of open source is to prove your innocence", and some people came out and said "open source is not necessarily safer", "the open source community may not be able to discover all your loopholes"..... .The question is, do we emphasize the word "safety" in this sentence? Can the people who come out to say these words come to conclusions such as "closed source is more secure" and "closed source can discover all loopholes"?
Whether it is safe or not, it is determined by the cold wallet solution, architecture, code, etc. If there is a problem, it is not safe whether your solution is open source or not, so security itself has nothing to do with whether it is open source or not, open source The purpose is not to be more secure.
We still have to emphasize once again that "the purpose of open source is to prove our innocence". We want to be safe, but the purpose of open source is not to be more secure. So, when we talk about this topic, please only discuss the four words "self-certified innocence".
On the point of self-proving innocence, closing the source is zero points, there is no way, innate logic determines that it can only be zero points, and no more points will work. However, some people will ask, "How can you prove that the firmware is the same as the open source code?", "I don't understand code, how can I verify that your code is not evil?"
Regarding this kind of problem, there have been countless discussions in the Bitcoin community since some people tried to make a hardware wallet at the beginning, and then Trezor made the first relatively complete hardware wallet solution. From the first generation Trezor, to Today's Bitshield and Blade hardware wallets have always been open source and verifiable. In other words, you can compile your own version of the firmware by yourself, and then compare the content with the official firmware, you will find that except for the signature of the official firmware, other places are exactly the same.
Of course, you can also flash your own packaged firmware to the hardware wallet and run your own version of the firmware. Due to different signatures, unofficial firmware will be displayed on the hardware wallet. In addition to firmware, if you are interested, you can even buy your own chips, make your own circuit boards, and make a hardware wallet yourself. In other words, you can even do everything yourself without relying on the hardware wallet project party at all. This is The meaning of open source.
It doesn't matter to those who can't read the code, because after all, there are still people who can read the code in this world, and they will read it for you, and you don't need to read it yourself. After I finish this sentence, some people may say again, "Those who can read the code may not necessarily be willing to read it." Don't worry, someone will watch it. There is a relationship in this world called "competitors". Doesn't Ledger just stare at Trezor's code every day? If there is a code-level vulnerability, Ledger must not shout to the world with a loudspeaker...
Well, at this point, you should be able to understand why I said "open source is to prove your innocence", and the content mentioned above, closed source is not even qualified to talk about it.
Now we continue to discuss "self-certification of innocence". In response to our last article, some people jumped out and said, "Security chips can also be partially open source, so can they also prove their innocence?"
Regarding this point, my answer is very simple, "Why are you talking so much nonsense? Then you are driving!". Why don't you open source yourself, and then preach all day long that "you can prove your innocence after the parts other than the security chip are open source"?
So, you are open source!
Here I can tell you how Ledger does it. Ledger uses dual chips. The main chip is the wallet function, and the security chip only does cryptography. Then the firmware in the main chip is open source. This method achieves "self-proving innocence" to a certain extent (not 100%, but it is also far better than closed-source ones). In other words, if you are interested, you can also make one yourself, using the same main chip and the same security chip, and then, using the main chip code open sourced by Ledger, you can basically make your own version of the hardware wallet . In other words, using this kind of solution, you can at least not completely trust the third party of the hardware wallet manufacturer, and of course you have to trust a security chip manufacturer, because the security chip may be sold to many industries, and the currency circle is only a part of it That's all, so the problem of third-party trust is not as serious as imagined.
At this point, everyone will understand that if a hardware wallet manufacturer cannot be 100% open source, at least it should work hard on the four words "self-certification of innocence", so that it can basically prove its innocence. If you can't prove your innocence and can't solve the problem of trusting a third party, then what's the difference between storing the coins in your hardware wallet and storing the coins in the exchange? Anyway, who doesn't believe in it?
So, if you really want to argue with us on the topic of "open source or secure chip", at least, please make it open source to the level of Ledger first, otherwise there is really nothing to talk about, and the only answer to you is "You are open source." !"
After talking about self-proving innocence, let's talk about "safety". Open source is the premise of hardware wallets, and security is the top priority of hardware wallets. At this point, various cold wallets on Bitcoin.org have made a lot of contributions, such as Trezor contributed the first complete hardware wallet solution, Bitai invented the QR code cold wallet and the extremely random TRNG true For the random number solution, Ledger innovatively designed a dual-chip architecture. All these contributions are working hard to help users protect assets more securely.
In the process of designing BITHD, we have also fully learned and borrowed from these excellent solutions. In order to allow users to easily use hardware cold wallets while ensuring safety, we have made a lot of meaningful optimizations and developed a lot of useful solutions. function of value.
It has been nearly seven years since Trezor’s program was born in 2013, and Bithd has a security history of more than three years since its birth. During these years, this architecture has not had any security incidents until today , helping countless users to keep a huge amount of digital currency assets, this is the real "safety", and the security history of so many years is still done under the condition of complete open source, this is the real sense of no need Trusted security.
Finally, I am glad to hear that an old brother company in the industry will also develop a new hardware wallet, which will also be re-developed based on the Trezor architecture. This is the second meaning of open source besides "self-certified innocence". The reason why Bithd’s official website will specifically thank Trezor and Bidinghang. It is precisely because of the open source of Trezor and Bidinghang that we can develop a more secure, better experience, and more functional Bithd hardware wallet faster and better. Today, you can see how many Bithd natively supports The multi-signature functions of currencies and Tokens (BTC, ETH, USDT-ERC20, USDT-Omni, EOS, BCH, LTC, All ERC20 Tokens, etc.), if there is no open source, it will be difficult for us to do this.
Thanks again to TREZOR, Bidinghang and the entire open source community.
Open source will make the ecology more prosperous and make products and services more open.
Let the open source come more violently!
