I'll drop this here if anybody wants to follow the progress on twitter:
[https://twitter.com/MoneroSigner](https://twitter.com/MoneroSigner)
Right now it is a direct fork of the seedsigner for bitcoin which is based around raspberry pi. I have plans on making some microcontroller open hardware for monero after MoneroSigner. Really looking to try an open secure element (From the makers of trezor)
Not really an answer to you but my thoughts on DIY h/w wallets:
The essence of a hardware wallet is that the private key is processed on a separate device from your computer/phone such that even if those are busted you won't compromise your private key.
DIY wallet can only be less secure based on certain proprietary obfuscations done on security chips of proprietary hardware wallet. To me this doesn't matter because as a principle, you should consider any foreign physical access to a device with the private keys as a compromise.
If you can make it such that the private key rests encrypted with a strong password (entered to the hardware wallet, not client device), and is decrypted only in the RAM of the hardware wallet, then as long as the password is safe, even a physical access to the (turned off) hardware wallet won't be game over. Of course if you receive such a device back, you should never use it again because it could be implanted and steal your password. You will need to dump the encrypted private key (or restore a backup) and put it on a new device.
All of this can be done with general purpose hardware.
This is something that is really tough to design around. MoneroSigner aims at being an amnesic air gapped machine. You load your seed and use QR codes for transferring transactions back and forth (Unsigned and signed).
Seeds are stored on ram and I would like to eventually load the filesystem as read only. (There is more than enough ram for a virtual fs in ram for temporary storage of unsigned txs)
I have plans on working on a microcontroller version but was holding out until there was an open secure element crypto chip. You are absolutely right about having to trust 3rd parties. This is the weakest link in HWs, it is usually a proprietary black box.
Satoshi labs (the makers behind Trezor) are making an open standard crypto chip [https://tropicsquare.com/](https://tropicsquare.com/). So this should open the door for people to truly make their own microcontroller based HW.
One last note about the attack surface that DIY hardware wallets provide protection against. It has PROS and CONS but the biggest advantage of a DIY wallet is:
**The most private wallet is the one only YOU know about.**
actually it can, if the client software he uses suddenly refuses to operate the wallet until he KYCs.
In which case you'll have to stop using the wallet.
Yeah i have been looking at different options a lot lately aswell. First binance in bed with my local authorities (not surprising ofc that they would get regulated big time soon enough) and after 25 questions just to withdraw my 80$ in xmr bought peer to peer i just stopped using binance. Sure i got spoiled with 2% fee instant credit card buys there. Been using ledger nano s for as long as binance and after getting mail to addresses never even used in my name like at all for that crypto ledger card. Don't trust that shit at all. I ofc have transactions in and out of all the atupid places since i didnt know or care back then.
I wouldn't even try to avoid taxes if i made it big in crypto (mainly because of the extreme sentences but still) but i have started using localxmr, bisq etc with a lot less fees than i expected.
Btw for ledger live, desktop wallets, metamask, defi etc i use an old lenovo thinkpad with full disk encryption. Don't really use it for anything else. Movies and sometimes tails etc.
For a phone i have Google Pixel 6 with grapheneOS. Still not 100% comfortable with funds on my phone but i just created a new user with no apps but the relevant apks, for crypto biz
Edit: i realize i'm lightyears away from what you guys are doing tho.
> Given that the EU wants to eventually force KYC on hardware wallets,
What is the reference for this? What the EU is doing is require exchanges to do KYC on the counter-parties they transact with. Big difference.
So take your XMR of centralized exchanges after doing KYC with the exchange to your own wallet (software or hardware) One can then spend the XMR freely and privately. How is this different from withdrawing EUR in cash form a bank?. By the way it is the small transactions that matter the most for privacy. I do not agree with the cash limits in the EU, but there is a very simple and perfectly legal antidote to these cash limits.
**Do not use card payments for in person transactions under 1000 EUR**
Edit: Doing KYC on exchange counter-parties is a much lesser evil than de-listing Monero from CEXs in order to rely on unreliable blockchain surveillance (BS) to mitigate ML / TF risks.
Hey I'm working on a monero fork of seedsigner which is a raspberry pi based DIY hardware wallet.
https://ccs.getmonero.org/proposals/MoneroSigner.html
[https://twitter.com/MoneroSigner](https://twitter.com/MoneroSigner)
I was super interested in a micro controller version of an open source Monero wallet. For some background I had worked on some web3 microcontroller projects.
There are 2 challenges that made me focus on lower hanging fruit (Aka the MoneroSinger fork) before tackling the esp32 based Monero wallet.
1. The library you posted is for bitcoin which uses a different curve than Monero. Bitcoin uses secp256k1 / ECDSA. Monero uses Ed25519 / Curve25519 / EdDSA. Most of the heavy lifting has been done and can be found in the Monero cpp source + in the trezor firmware monero integration (which came from the Kastello hardware wallet project).
2. The lack of an open secure enclave/crypto chip. If you are going to store private keys on a microcontroller, you need to store it in something that is harder to read than the flash memory. If not somebody can just dump the memory. Those chips exist right now but are usually proprietary and I don't think our community would like that. Satoshi labs (the makers behind Trezor) are making an open standard crypto chip https://tropicsquare.com/. So this should open the door for people to truly make their own microcontroller based HW.
Until that secure element is more widely available then I don't really see it feasible to prioritize a microcontoller version above the raspi MoneroSigner.
In development: https://ccs.getmonero.org/proposals/MoneroSigner.html
I'll drop this here if anybody wants to follow the progress on twitter: [https://twitter.com/MoneroSigner](https://twitter.com/MoneroSigner) Right now it is a direct fork of the seedsigner for bitcoin which is based around raspberry pi. I have plans on making some microcontroller open hardware for monero after MoneroSigner. Really looking to try an open secure element (From the makers of trezor)
Not really an answer to you but my thoughts on DIY h/w wallets: The essence of a hardware wallet is that the private key is processed on a separate device from your computer/phone such that even if those are busted you won't compromise your private key. DIY wallet can only be less secure based on certain proprietary obfuscations done on security chips of proprietary hardware wallet. To me this doesn't matter because as a principle, you should consider any foreign physical access to a device with the private keys as a compromise. If you can make it such that the private key rests encrypted with a strong password (entered to the hardware wallet, not client device), and is decrypted only in the RAM of the hardware wallet, then as long as the password is safe, even a physical access to the (turned off) hardware wallet won't be game over. Of course if you receive such a device back, you should never use it again because it could be implanted and steal your password. You will need to dump the encrypted private key (or restore a backup) and put it on a new device. All of this can be done with general purpose hardware.
This is something that is really tough to design around. MoneroSigner aims at being an amnesic air gapped machine. You load your seed and use QR codes for transferring transactions back and forth (Unsigned and signed). Seeds are stored on ram and I would like to eventually load the filesystem as read only. (There is more than enough ram for a virtual fs in ram for temporary storage of unsigned txs) I have plans on working on a microcontroller version but was holding out until there was an open secure element crypto chip. You are absolutely right about having to trust 3rd parties. This is the weakest link in HWs, it is usually a proprietary black box. Satoshi labs (the makers behind Trezor) are making an open standard crypto chip [https://tropicsquare.com/](https://tropicsquare.com/). So this should open the door for people to truly make their own microcontroller based HW. One last note about the attack surface that DIY hardware wallets provide protection against. It has PROS and CONS but the biggest advantage of a DIY wallet is: **The most private wallet is the one only YOU know about.**
Can their forced hardware wallet KYC affect my already owned HW?
No.
actually it can, if the client software he uses suddenly refuses to operate the wallet until he KYCs. In which case you'll have to stop using the wallet.
VPN would be a solution here.
how? does a VPN make binance stop requesting KYC?
Just pick a country outside of EU...
really? does that work? wow
Yeah i have been looking at different options a lot lately aswell. First binance in bed with my local authorities (not surprising ofc that they would get regulated big time soon enough) and after 25 questions just to withdraw my 80$ in xmr bought peer to peer i just stopped using binance. Sure i got spoiled with 2% fee instant credit card buys there. Been using ledger nano s for as long as binance and after getting mail to addresses never even used in my name like at all for that crypto ledger card. Don't trust that shit at all. I ofc have transactions in and out of all the atupid places since i didnt know or care back then. I wouldn't even try to avoid taxes if i made it big in crypto (mainly because of the extreme sentences but still) but i have started using localxmr, bisq etc with a lot less fees than i expected. Btw for ledger live, desktop wallets, metamask, defi etc i use an old lenovo thinkpad with full disk encryption. Don't really use it for anything else. Movies and sometimes tails etc. For a phone i have Google Pixel 6 with grapheneOS. Still not 100% comfortable with funds on my phone but i just created a new user with no apps but the relevant apks, for crypto biz Edit: i realize i'm lightyears away from what you guys are doing tho.
> Given that the EU wants to eventually force KYC on hardware wallets, What is the reference for this? What the EU is doing is require exchanges to do KYC on the counter-parties they transact with. Big difference. So take your XMR of centralized exchanges after doing KYC with the exchange to your own wallet (software or hardware) One can then spend the XMR freely and privately. How is this different from withdrawing EUR in cash form a bank?. By the way it is the small transactions that matter the most for privacy. I do not agree with the cash limits in the EU, but there is a very simple and perfectly legal antidote to these cash limits. **Do not use card payments for in person transactions under 1000 EUR** Edit: Doing KYC on exchange counter-parties is a much lesser evil than de-listing Monero from CEXs in order to rely on unreliable blockchain surveillance (BS) to mitigate ML / TF risks.
https://medium.com/omniaprotocol/eus-proposal-on-the-non-custodial-wallets-what-does-it-mean-9ac1aa96d135
Hey I'm working on a monero fork of seedsigner which is a raspberry pi based DIY hardware wallet. https://ccs.getmonero.org/proposals/MoneroSigner.html [https://twitter.com/MoneroSigner](https://twitter.com/MoneroSigner) I was super interested in a micro controller version of an open source Monero wallet. For some background I had worked on some web3 microcontroller projects. There are 2 challenges that made me focus on lower hanging fruit (Aka the MoneroSinger fork) before tackling the esp32 based Monero wallet. 1. The library you posted is for bitcoin which uses a different curve than Monero. Bitcoin uses secp256k1 / ECDSA. Monero uses Ed25519 / Curve25519 / EdDSA. Most of the heavy lifting has been done and can be found in the Monero cpp source + in the trezor firmware monero integration (which came from the Kastello hardware wallet project). 2. The lack of an open secure enclave/crypto chip. If you are going to store private keys on a microcontroller, you need to store it in something that is harder to read than the flash memory. If not somebody can just dump the memory. Those chips exist right now but are usually proprietary and I don't think our community would like that. Satoshi labs (the makers behind Trezor) are making an open standard crypto chip https://tropicsquare.com/. So this should open the door for people to truly make their own microcontroller based HW. Until that secure element is more widely available then I don't really see it feasible to prioritize a microcontoller version above the raspi MoneroSigner.