[bitcoin-dev] Overview of anti-covert-channel signing techniques
crypto at timruffing.de
Tue Mar 24 07:49:38 UTC 2020
That sounds interesting but I can't follow your email to be honest.
On Mon, 2020-03-23 at 07:38 -0700, Dustin Dettmer via bitcoin-dev
> This mitigates, I believe, all leak vectors besides k/R hacking and
> prechosen entropy.
Hm, so what vectors is this supposed to mitigate? Leaking through the
generated public keys? Anything else?
Here are a few questions:
- What are you trying to achieve? You seem to describe how you get
from the setup to the goal in four steps but I don't understand what
the setup is or what the goal is. (What's a storage solution?)
- "all SW being compromised" do you mean "SW and HW compromised"? Note
that SW and HW are parties in Pieter's writeup, not just abbreviations
for software and hardware.
- Where are the two stages? You mention four steps.
- Where do you run the external software? On a second SW? Is this the
- Do you use unhardened derivation?
- What's a k commitment?
More information about the bitcoin-dev