bitcoin-dev

Overview of anti-covert-channel signing techniques

Overview of anti-covert-channel signing techniques

Original Postby Dustin Dettmer

Posted on: March 23, 2020 14:38 UTC

Pieter Wuille suggests in an email that when both hardware and software are compromised, security is impossible since all entities are controlled by the same party.

However, he states that splitting the software over two stages can greatly increase security if both hardware and software are compromised. Pieter suggests several ways to achieve this including exporting xpubs before receiving, generating and exporting withdrawal transactions offline, verifying transactions against the same xpubs using external software, and uploading transactions. He believes that these measures mitigate all leak vectors besides k/R hacking and prechosen entropy. Additionally, he provides a link to an external tool he created for this purpose on GitHub called Gatekeeper and expresses interest in adding k commitments if best practices are established for it.