Pavol Rusnak [ARCHIVE] on Nostr: 📅 Original date posted:2013-11-16 📝 Original message:On 17/11/13 01:42, Timo ...
📅 Original date posted:2013-11-16
📝 Original message:On 17/11/13 01:42, Timo Hanke wrote:
> p.s. The question about auditing entropy would only apply to the generator,
> not the wallet. Is it yet documented how Trezor proves that external
> entropy was used?
We'll probably use the most straightforward way:
a) trezor prints entropy A on a display (probably in hex format, this
step is triggered by sending a special flag in initialize message)
b) trezor receives entropy B from external source
c) trezor creates sha256(A + B) and uses that as a seed
d) trezor prints used seed on a display (probably in BIP39 format)
e) user can check on a trusted computer that everything was ok
(note that steps b-d are the same regardless of whether the special flag
was set)
--
Best Regards / S pozdravom,
Pavol Rusnak <stick at gk2.sk>
📝 Original message:On 17/11/13 01:42, Timo Hanke wrote:
> p.s. The question about auditing entropy would only apply to the generator,
> not the wallet. Is it yet documented how Trezor proves that external
> entropy was used?
We'll probably use the most straightforward way:
a) trezor prints entropy A on a display (probably in hex format, this
step is triggered by sending a special flag in initialize message)
b) trezor receives entropy B from external source
c) trezor creates sha256(A + B) and uses that as a seed
d) trezor prints used seed on a display (probably in BIP39 format)
e) user can check on a trusted computer that everything was ok
(note that steps b-d are the same regardless of whether the special flag
was set)
--
Best Regards / S pozdravom,
Pavol Rusnak <stick at gk2.sk>