From 451b169644f7b06eaec2a84b8e9b8b5717697e76 Mon Sep 17 00:00:00 2001 From: Elliott Jin Date: Sat, 16 Jan 2021 16:04:08 -0800 Subject: [PATCH] cleanup for coldcard offline address verification --- _pages/known-issues/hardware/coldcard.md | 12 ------------ _pages/setup-wallets/coldcard-advanced.md | 13 +------------ _pages/setup-wallets/coldcard.md | 16 ++++++++++------ _pages/verify-receive-address/index.md | 2 +- 4 files changed, 12 insertions(+), 31 deletions(-) diff --git a/_pages/known-issues/hardware/coldcard.md b/_pages/known-issues/hardware/coldcard.md index 7c0f17e..9ce424d 100644 --- a/_pages/known-issues/hardware/coldcard.md +++ b/_pages/known-issues/hardware/coldcard.md @@ -2,19 +2,10 @@ title: Coldcard --- -#### Verifying a Receiving Address Breaks Airgap -[Coldcard doesn't currently support address exploration with an airgap](https://github.com/Coldcard/firmware/pull/25). -In order to verify a receive address on a coldcard you must significantly weaken your airgap and plug the Coldcard into your laptop via USB port! - -We expect they'll release this feature in the future, but the recommendation for now is to use Cobo Vault as the primary device when it comes to [verifying receive addresses](/verify-receive-address/). -Advanced users can pursue [various mitigation strategies](/verify-receive-address/coldcard-advanced). - #### SD Card "Airgap" While better than a USB port, SD cards are not a perfect airgap. [Stuxnet](https://en.wikipedia.org/wiki/Stuxnet) proved that the NSA was capable of jumping a USB-drive airgap to harm the Iranian nuclear reactor program. -{% include hw/wired_airgap.md %}Coldcard requires a USB connection only to perform address verification (see above for related issues). - #### Small Screen This makes it hard to manually verify addresses / public key info, and impossible to display QR codes (to minimize using the SD card). @@ -32,9 +23,6 @@ That said, Coldcard firmware is fully open so users can compile it themselves if This hardware wallet was launched by forking some of Trezor's open-source code. That said, it is very actively maintained and has many new features since then (some that Trezor has not been updated to support). -{% include hw/udev.md %} -Fixing the airgap on receive address verification would eliminate this issue altogether. - {% include hw/python.md %} {% include hw/encouragement.md %} diff --git a/_pages/setup-wallets/coldcard-advanced.md b/_pages/setup-wallets/coldcard-advanced.md index 45afd57..39c33a5 100644 --- a/_pages/setup-wallets/coldcard-advanced.md +++ b/_pages/setup-wallets/coldcard-advanced.md @@ -22,18 +22,7 @@ Note that the whole benefit of this option (vs the previous one) is that you act ## Improve Coldcard Airgap #### Power Source -Instead of connecting the Coldcard to your laptop for power: - -* Use a portable battery pack (best) -* Use a wall outlet -* Use a [charge-only (no-data) USB cable](https://www.amazon.com/PortaPow-Specialised-3-3ft-20AWG-Charge/dp/B00RQ5AZ6Q) -* Use a [USB condom](https://www.amazon.com/PortaPow-3rd-Gen-Data-Blocker/dp/B00QRRZ2QM) on a regular USB cable - -#### Use A Dedicated Device for Address Exploration -[Coldcard doesn't currently support address exploration with an airgap](https://github.com/Coldcard/firmware/pull/25). -In order to verify a receive address on a coldcard you must significantly weaken your airgap and plug the Coldcard into your laptop via USB port. - -For more mitigations see [Coldcard Advanced Address Verification](/verify-receive-address/coldcard-advanced). +If the only available power source is a computer or a [possibly compromised charging port](https://en.wikipedia.org/wiki/Juice_jacking), using a [charge-only (no-data) USB cable](https://www.amazon.com/PortaPow-Specialised-3-3ft-20AWG-Charge/dp/B00RQ5AZ6Q) or a [USB condom](https://www.amazon.com/PortaPow-3rd-Gen-Data-Blocker/dp/B00QRRZ2QM) on a regular USB cable can help mitigate the risk of weakening the airgap. #### SD Card Interactivity Each time an SD card is taken from your computer to your Coldcard it can theoretically introduce malware onto the Coldcard (a failure where the malware is said to have "jumped your airgap"). diff --git a/_pages/setup-wallets/coldcard.md b/_pages/setup-wallets/coldcard.md index e89f428..2274186 100644 --- a/_pages/setup-wallets/coldcard.md +++ b/_pages/setup-wallets/coldcard.md @@ -2,26 +2,30 @@ title: Setup Coldcard --- +We recommend powering your Coldcard using a portable battery pack (best) or a wall outlet, instead of a computer, because we want to maintain as much of an "airgap" as possible. + +Communication between your computer and Coldcard should only happen by manually transferring data over a microSD card. + ## Update Your Firmware -Follow the steps on Coldcard's website: +Follow the steps on Coldcard's website: ## Setup Wallet -Follow the steps on Coldcard's website: +Follow the steps on Coldcard's website: [TODO]: add more instructions for generating seed, setting PIN, etc ## Export Public Key Info to Computer via MicroSD -1. Insert a microSD into Coldcard and then select: `Settings` > `Multisig Wallets` > `Export XPUB`. +1. Insert a microSD into Coldcard and then select: `Settings` > `Multisig Wallets` > `Export XPUB`. ![](/assets/img/setup-coldcard-export-pubkey.jpg){:width="70%" class="border_image"} -1. Remove the microSD card from your Coldcard and put it in your computer's card reader. +1. Remove the microSD card from your Coldcard and put it in your computer's card reader. -1. On Specter-Desktop: Click `+ Add new device` > `Choose files` and select the exported file from the SD card: +1. On Specter-Desktop: Click `+ Add new device` > `Choose files` and select the exported file from the SD card: ![](/assets/img/setup-coldcard-specter-scan.jpg){:width="70%" class="border_image"} -1. Give your device a name (e.g. `Coldcard`) and click `Continue`. +1. Give your device a name (e.g. `Coldcard`) and click `Continue`. ![](/assets/img/setup-coldcard-specter-scanned.jpg){:width="70%" class="border_image"} diff --git a/_pages/verify-receive-address/index.md b/_pages/verify-receive-address/index.md index f22089c..5f88547 100644 --- a/_pages/verify-receive-address/index.md +++ b/_pages/verify-receive-address/index.md @@ -6,7 +6,7 @@ It is **essential** to be sure you control a bitcoin address before you use it t **In order to securely receive funds, you must verify a given receive address on at least a quorum (`m` in `m-of-n`) of your trusted displays.** In the default case, this means you would check on **both** your Cobo Vault **and** your Coldcard. -This is both annoying -- the two devices should be kept in different physical locations -- and, in the case of Coldcard, mildly frustrating as [they don't currently support address exploration with an airgap](/known-issues/hardware/coldcard#verifying-a-receiving-address-breaks-airgap). +Unfortunately, this step can be inconvenient, as the two devices should be kept in different physical locations. Once you have verified your address on a quorum of devices, it is safe to give that address out to a payee. Advanced users can mitigate some of these issues by following [these steps](/verify-receive-address/advanced).