I have a security question that has been bugging me.
When a wallet broadcasts a Bitcoin transaction, we trust it's only sending the signature and transaction data. But how can we be certain that frag...
There are different ways to solve this.
In my opinion, the first is that the device firmware must be open source so everyone can verify it and reproduce builds, ensuring users get the correct firmware. Without this, any of the other solutions are probably worthless.
In addition, Trezor firmware generates signing nonces deterministically using RFC 6979, which is one of the mitigations.
In my opinion, the first is that the device firmware must be open source so everyone can verify it and reproduce builds, ensuring users get the correct firmware. Without this, any of the other solutions are probably worthless.
In addition, Trezor firmware generates signing nonces deterministically using RFC 6979, which is one of the mitigations.
1
