![]() ![]() Instead of plugging a hardware wallet into a computer, an air-gapped hardware wallet uses a companion software application installed on your computer that supports PSBTs (Partially Signed Bitcoin Transactions). public keys, aka addresses, for receiving coins). Such communication includes transactions as mentioned above, but also relatively large amounts of data for updating the firmware running on the hardware wallet or information about the wallet itself (e.g. Importantly, communication does and must exist. Any communication between the two devices needs to bridge the “air gap”, usually by physically exchanging an SD card, or scanning QR codes. ![]() With respect to cryptocurrency wallets, the term airgap has come to mean that a signing device like a hardware wallet (that protects the private signing keys) and a potentially insecure networked computer (that is used to create unsigned transactions and then broadcast the signed transactions) are physically isolated and not directly connected to each other. As famously demonstrated by the Stuxnet malware that sabotaged an Iranian uranium enrichment facility, not thoroughly inspecting the exchanged data can render security benefits moot, for nuclear factories or for cryptocurrency hardware wallets. The security of an air-gapped system fully relies on the fact that the exchanged data is not malicious or maliciously altered during transfer. This data, which bridges the “air gap”, is commonly transferred using USB flash drives. This is a powerful principle in general, but usually data still needs to be exchanged with network-connected devices for regular operations. Air-gapped computers are used in security-critical infrastructure, for instance. Reality check: would airgap have saved you from these exploits?Īirgap is a security measure that physically isolates a device from an untrusted network, like the internet, by removing all network interfaces. The myth of the unbeatable airgap security In this article, we document our findings and check airgap security promises against published vulnerabilities. Our conclusion is that air-gapped communication offers little-to-no added hardware wallet security while degrading the user experience. Air-gapped devices have been in the news, but we wanted to understand the actual security benefits and researched the topic in detail. ![]() Since we launched the BitBox02, we hear requests to support airgap operation: using the hardware wallet without plugging it into a computer or phone. ![]()
0 Comments
Leave a Reply. |