Grin Hardware Wallet Development

Before hardware wallets we could use a plain old cold wallet procedure. Like back in the day with bitcoin I think you just installed the bitcoin client on an offline computer, generated your wallet, destroyed / deleted the offline computer.

I’m still not clear on whether this works with grin, like if you were to manually type in slatepacks back and forth from the offline wallet. Been meaning to try that.

This would be as or more secure than a hardware wallet and available to anyone with an old computer to use.

This doesn’t work with Grin, because the recipient (your ‘cold wallet’ in this case) would need to interactively sign to receive funds. So every time you send money to your cold wallet, you have to load it into your offline wallet and sign the transaction. Which, ofc makes it not cold anymore.

But if you typed the slatepack in that’s still pretty cold right? I just don’t know if the receiver wallet needs knowledge of the current chain state.

Yes, by typing slatepacks or scanning QRs, the system could remain fully airgapped.

Given the lack of community interest, I won’t pursue the idea. I am happy to explore HWW design and development if that changes.

I think it’s a great idea to have an open source hardware wallet for grin. Ledger is another example of how closed source is dangerous because companies cannot be trusted. I think the idea is worth pursuing, but don’t expect a lot of users in the first 20 years I guess.

1 Like

theoretically hw could precompute some data (eg. for 100 transactions), send them to you, you could import it to your wallet and you could create 100 transactions where you would send desirable amount to your cold storage without touching it. No wallet has this implemented yet, but i think it’s possible.

1 Like

@vegycslol I think there is not even a need to precompute, as long as the key derivation path is communicated to the hardware wallet.
To my understanding, a wallet can have only a public-key to interact with and scan the blockchain, while a connected hardware wallet can hold the privatekeys for signing. I think the hardware wallet needs to have no understanding whatsoever of the blockchain or the transaction, in order to sign a slate as long as the wallet knows which key derivation path to use for signing. Probably we need something similar like Bitcoins PSBT, so a slate with a bit of extra information, like which key derivation path to use for signing.

1 Like

Correct. With a hardware wallet there is no need to precompute. You could precompute for a cold wallet though.

I meant for cold storage yes, so to avoid interactivity

2 Likes

RSR can avoid the interactivity, or we use SRS with a wallet that only has the master public-key and in the last finalise step ask the user to sign with the hardware wallet.
In both case there is no interactivity for the hardware wallet/cold storage but it does require a linked online wallet that does know the blockchain and holds the master public-key.

Edit: Thanks to late locking both SRS and RSR need only one interaction round, but it is only air-gapped so no cold wallet where no interaction would be needed.

Please take a look at Passport from Foundation, its very inspiring.

Useful HWW overview:

3 Likes

Yeah, Passport is also a great starting point. I think perhaps the best.

I’m not currently putting any effort into this, because most people said this sort of project wasn’t valuable right now. I don’t want to put effort into speccing a HW wallet if only one person is interested, haha

1 Like

I only just checked the page of the Jade HWW. I thought you meant QR code with seed for signing, but I see it is just the backup seed words written in a QR code template, quite ingenious in simplicity in UI for recovering from seed. O, and camera QR code system for air-gapped transactions signing, and OMG, even OTP 2FA support. Me like this very much!
This HWW is very much in line with Grin philosophy and design wise it is what I envisioned as the ideal HWW. Also just watched this, quite simple but convincing to make trusting HWW trustless:

I added the block-stream Jade to the list of promising Open Source HWW’s, definitely an interesting one to explore and who knows, maybe one day to use to store our Grin.

I agree Jade is awesome, BUT it requires an always online/available backend service provider to unlock the wallet as part of their “virtual secure element” feature. As mentioned above, I’m not sure our community would desire that, and even if we did, I don’t know who would be able to commit the resources to that without prospect of return on investment. Pretty much CC would have to pay server costs, or it doesn’t make sense.

If you don’t use Jade’s “virtual secure element” approach, then you might as well use Foundation Passport as a starting point. Its basically the Jade, but with a real secure element and no need for servers

The tradeoff is:

  1. Foundation Passport - use trusted silicon, but no servers
  2. Blockstream Jade - don’t use trusted silicon, but require servers
3 Likes

The coolest thing about Passport, it is possible to test firmware at simulator, must have if you don’t have real device yet.

4 Likes

Personally I would love to see a Grin hardware wallet, fully open source, similar form factor as the blockstream Jade hardware wallet. The hardware only costs 27$, everyone could order the hardware and flash the software to get his/her air-gapped hardware wallet. Only cevat, this version has no secure element. There are slightly more expensive ones that do have a secure element for those who want it.

Probably large chunks of code from the Jade, such as the core libraries and moving QR can be reused.

2 Likes