Leo Wandersleb on Nostr: It's more nuanced. But yes, public source code is the minimum requirement to trust a ...
It's more nuanced. But yes, public source code is the minimum requirement to trust a product that's built to manage great wealth.
Open source is better than public source as competing teams using the same code is the best way to have adversarial thinkers checking every line that goes into the repository.
Public source is better than closed source or course.
But with hardware wallets one aspect that bothers me is that the user has to trust what is on the device when he receives it.
Trezor ships their devices "without firmware" but not without bootloader, so what if that bootloader isn't exactly what they claim it is? Could it patch any bootloader and firmware updates the user puts on the device in transit?
kiwilamb (npub1a3x…x0r7) brought my attention to "Cardware Wallet" which advertises the inability to update the firmware as a security feature. 🤨 is it though? Bitcoin is not static. Do you want a hardware wallet that will never be able to use new features? This wallet brags about LN capability which I would assume to be a much faster moving field than base layer Bitcoin. But the fundamental issue is that the user probably cannot audit what software he's actually running as it comes pre-installed on the device. But it's open source. Or so they say.
Open source is better than public source as competing teams using the same code is the best way to have adversarial thinkers checking every line that goes into the repository.
Public source is better than closed source or course.
But with hardware wallets one aspect that bothers me is that the user has to trust what is on the device when he receives it.
Trezor ships their devices "without firmware" but not without bootloader, so what if that bootloader isn't exactly what they claim it is? Could it patch any bootloader and firmware updates the user puts on the device in transit?
kiwilamb (npub1a3x…x0r7) brought my attention to "Cardware Wallet" which advertises the inability to update the firmware as a security feature. 🤨 is it though? Bitcoin is not static. Do you want a hardware wallet that will never be able to use new features? This wallet brags about LN capability which I would assume to be a much faster moving field than base layer Bitcoin. But the fundamental issue is that the user probably cannot audit what software he's actually running as it comes pre-installed on the device. But it's open source. Or so they say.