benma - BitBox Blog

Anti-Klepto erklärt: Wie die BitBox02 versteckte Seed-Extraktion verhindert

Die BitBox02 ist die erste Hardware-Wallet, die deine Coins gegen den heimtückischen “Nonce Covert Channel”-Angriff schützt, indem sie das Anti-Klepto-Protokoll unterstützt.

Bitcoin

Bitcoin Miniscript verstehen - Teil 3

Wir schreiben einen Miniscript-Parser und Analyseprogramm in Go

Bitcoin

Understanding Bitcoin Miniscript - Part III

Writing a Miniscript parser and analyzer in Go

Bitcoin

Bitcoin Miniscript verstehen - Teil 2

Im zweiten Teil der Miniscript-Serie schauen wir uns an, was Miniscript ist und wie es die Programmierung von Bitcoin-Skripten erleichtert

Bitcoin

Understanding Bitcoin Miniscript - Part II

In the second part of the Miniscript series, we look at what Miniscript is and how it makes Bitcoin scripting easier

Bitcoin

Bitcoin Miniscript verstehen - Teil 1

In diesem ersten Teil unserer Miniscript-Serie erklären wir, wie Bitcoin Script funktioniert und warum es in der Praxis schwierig zu verwenden ist

Bitcoin

Understanding Bitcoin Miniscript - Part I

In this first part of our Miniscript series, we explain how Bitcoin Script works and why it's difficult to use in practice

Security

Anti-klepto explained: how the BitBox02 protects you against leaking private keys

The BitBox02 is the first hardware wallet that offers protection against the nonce covert channel attack, by supporting a protocol called anti-klepto.

Security

Remote multisig theft attack on the Coldcard hardware wallet

tl;dr: When registering a multisig wallet in a Coldcard, the Coldcard did not verify that it is actually part of the multisig wallet. This allowed a malicious computer wallet

Security

Coldcard isolation bypass

Responsible disclosure of a Coldcard vulnerability that allows an attacker to spend your bitcoins when you think you are signing a testnet transaction.

Security

How nearly all personal hardware wallet multisig setups are insecure

If you use hardware wallets in a Bitcoin multisig setup, using a single computer to handle them, you are likely to be exposed to remote theft or ransom attacks.

Security

A ransom attack on Trezor's and KeepKey's passphrase handling

Responsible disclosure of a remote ransom attack on Trezor hardware wallets where users are vulnerable when entering the passphrase on the computer.

Security

Theft attack on Trezor Model T

Responsible disclosure of a vulnerability affecting Trezor Model T multisig wallets that allow theft of all funds of an account.