Re: [bitcoin-dev] Hardware Wallet Standard

public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed

From: Jonas Schnelli <dev@jonasschnelli•ch>
To: Marek Palatinus <marek@palatinus•cz>,
	Bitcoin Protocol Discussion
	<bitcoin-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] Hardware Wallet Standard
Date: Thu, 18 Aug 2016 08:54:04 +0200	[thread overview]
Message-ID: <57B55B8C.1070001@jonasschnelli.ch> (raw)
In-Reply-To: <CAJna-HhQred_E7PYRFmgzb_0gd2b+4qsFOWEGqBjfzX1PbhyxQ@mail.gmail.com>

[-- Attachment #1.1: Type: text/plain, Size: 2872 bytes --]

Hi

> I fundamentally disagree with the concept of driving signing workflow by
> the wallet software. Wallet software does not know in advance all data
> necessary for the signer to do the job. As Jochen mentioned above,
> Segwit vs Non-segwit use cases are a good example, but there may be many.

I think this is easily solvable. The required data to verify and sign a
(standard) bitcoin transaction (including P2WSH multi-sig) is manageable.

IMO what a signing devices requires in order to sign a (standard)
transaction:
-> serialized tx
-> serialized tx of the inputs
-> scriptPubKey of the inputs
-> inputs redeem-Scripts
-> input amounts
-> position of the change output any maybe its keypath
-> cosigners pubkeys for inputs and changeaddress

This seems to be manageable for a 1 round communication?
Or do I miss something?

> Currently the TREZOR protocol works like device is a server and wallet
> is a client calling methods on it. It's like: "Sign this for me,
> please", "Ok, give me this information", "Here it is", "Now I need this
> another piece".... "There is the signature". Wallet does not know in
> advance what will go next, and it is for sake of simplicity. I'm quite
> happy with the protocol so far.

I think multiple rounds would still be possible with a clever design.
Although I could imaging that >95% of the users transaction would
require only a single "shot".

Whats the benefits of the multiple rounds communication? Would a single
round result in to many data transported?

Passing a 300kb chunk (assuming a large transaction) over a URI scheme
requires a couple of milliseconds on standard Smartphones or PCs.

> Considering the difference in between current hardware, I really don't
> think it is possible to find any minimal URI-based API good enough for
> communicating with all vendors. What I see more likely is some 3rd party
> libraries (JS, C++, Python, ...) defining high-level API and
> implementing hardware-specific protocols and transports as plugins. That
> way vendors are not limited by strict standard and application
> developers and services can integrate wide range of hardware wallets
> easily. However, this can be done already and we do not need any
> standardization process (yet).

The URI-based API allows transmitting data of multiple megabytes while
there is no need for...
* dependencies of any form (library, etc.)
* library support for a particular language
* platform that supports the dependencies of the library (like USBHID,
not supported by iOS)

Can you elaborate what benefits you would get from the library approach
and how the library API would be different form the proposed URI-scheme?

How would the library approach work on mobile platforms? Would USB be
the only supported hardware communication layer?

Thanks
--
</jonas>

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

next prev parent reply	other threads:[~2016-08-18  6:54 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-08-16 14:10 Jonas Schnelli
2016-08-16 14:48 ` Pavol Rusnak
2016-08-16 15:13   ` Jonas Schnelli
2016-08-16 15:21     ` Pavol Rusnak
2016-08-16 17:48 ` Jochen Hoenicke
2016-08-17  0:25   ` Thomas Kerin
2016-08-17  7:24     ` Jonas Schnelli
2016-08-17  7:40       ` Nicolas Bacca
2016-08-17 10:13       ` Dana L. Coe
2016-08-17 11:34         ` Jonas Schnelli
2016-08-17 17:06           ` Marek Palatinus
2016-08-18  6:54             ` Jonas Schnelli [this message]
2016-08-18  9:15               ` Marek Palatinus
2016-08-18  9:35                 ` Jonas Schnelli
2016-08-18  9:43                   ` Marek Palatinus
2016-08-18  9:49                     ` Jonas Schnelli
2016-08-18 10:23                       ` Nicolas Bacca
2016-08-24 10:31                         ` Thomas Kerin
2016-08-16 19:22 ` Luke Dashjr
2016-08-17  0:03   ` Thomas Daede
2016-08-16 23:36 ` Aiqin Li
2016-08-17  0:14   ` Peter Todd
2016-08-17  7:27     ` Nicolas Bacca
2016-08-17 18:36     ` Bryan Bishop
2016-08-22 16:50 ` Moral Agent
2016-08-28 23:14   ` Corey Haddad

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=57B55B8C.1070001@jonasschnelli.ch \
    --to=dev@jonasschnelli$(echo .)ch \
    --cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
    --cc=marek@palatinus$(echo .)cz \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox