minexmr2.com/openhww/
OpenHWW: Dedicated OpenBSD Laptop As Hardware Wallet
Reddit is digging it's own grave. After nearly 6 years, I'm off to https://monero.town, a privacy preserving alternative to Reddit.
This is the key question! It's touched a bit on the site, but for sure I'll add the whole section devoted to it in a week or two (with new screenshots and first build instructions).
Pedantically said, what I invent, is a Hardware Wallet:
- Hardware, because it is a completely isolated, separate device with disabled spying firmware (Intel ME, AMD PSP, etc.). Also ARM dashboards like Raspberry PI can be used as well, because their ARM chips are too simple to have ME or even are completely open source.
- Wallet, because the software installed is fully dedicated to serve the Special Purposes Only (crypto-financial operations). Customer can't download, install something else (it could be forced only under root with extra tribal dances: I'll plan to disable pkg_add).
Monerod, included in a standard install, is a part of an official Monero CLI wallet, and by downloading the whole blockchain (maybe pruned), customer achieves the ultimate possible level of security. Also note that lightweight Feather Wallet (that works exactly like Bitcoin Electrum) is also working!
Noobs can be confused, but they do misunderstand the most fundamental concepts of crypto security. We need to popularize it them. For example, a notion of Security By Isolation. Most noobs' problems come from a total lack of isolation. They share their home PC among a family, browse the Internet, download and install games... then insert a hardware wallet in their dirty PC. And as a cherry picking, they trust to proprietary hardware wallet and their poor known manufacturers. If Intel has made ME, what else to expect from tiny merchants.
It even includes Firefox! Claimed as secure because it runs as a different user but if you want something like this imo you'd be better off running Qubes where everything has its own VM.
edit: also if I may, I don't really get the emphasis on building from source when using a boxed solution with a bunch of software and scripts under the wallet that you just downloaded. does it at least use the deterministic build processes for those wallets so hashes can be compared?
PS. OpenBSD comes with vmctl, it is a tool like Docker or Qubes VMs. You can jail Firefox inside a VM then connect to their GUI desktop via tigervnc. But I believe, it is too paranoid. Separate user and separate disk partition for Firefox is more than sufficient, given OpenBSD paranoid approach to the application address spaces.
- Qubes is a good solution, top 2 after OpenBSD. OpenBSD is ultimate top 1, on a separate device with disabled Intel ME. Note, the whole graphical environment of OpenBSD can be as compact as some 700Mb. Also as far as I know, you typically can't port Qubes onto weak ARMs (except M1 family). OpenBSD has a long success story on weak ARMs as cheap as $40.
- Deterministic builds are the good thing. But to have the same trust as self-build from sources, customers have to rebuild the apps occasionally, time to time, not all the apps, randomly selected, etc. This idea needs a further research.
Nothing against OpenBSD, I just don't feel like user account separation is a very high bar when we're talking about wallets + a browser. I would hope for something at least on the level of a jail or container. And yeah, Qubes has pretty high system requirements with all the virtualization. Or just, I'm not sure why it would need a browser at all. Hopefully it at least ships with locked down security settings on the browser itself.
On the second point, what I'm saying is Monero GUI/CLI and feather both already have deterministic build processes. If your users are using some script that ships with the system to compile, don't really understand it, and then get binaries with hashes that don't match the official binaries, is that really more secure for them?
But to do the deterministic build on OpenBSD, I think you would need to run a full virtual machine inside.
- Ok, we jail the fox :)
- They have deterministic builds for Linux, etc. If I can contribute to their GitHub project, I'll establish the deterministic builds on their repository in the future. But for earlier stages of the project, I believe, automated install script is simple enough and human-readable to verify quickly.
Awesome, I know BSD is pretty secure but web browser makes me paranoid heh
Gotcha, that's my bad, I didn't realize that only the CLI had deterministic BSD builds, and FreeBSD at that. It's been awhile since I used any BSD but I'm guessing Open/FreeBSD don't have compatible binaries.
Could you expand on why you believe OpenBSD to be better than Qubes?
FAQ section has been added to the project's site.
Or Tails
FAQ section has been added to the project's site.
I'll add a FAQ to the site for sure.
In few words, OpenBSD is designed from (almost) scratch to focus on computer security, only two remote vulnerabilities per whole lifetime. Also it is extremely lightweight, and can run on Raspberry Pi or other ARM dashboards. Also, system administration of OpenBSD is much more simple. Consider OpenBSD as old school Linux with all the shit purged out.
Welcome to OpenHWW project. Official Monero CLI wallet, Monero Feather wallet, Bitcoin Electrum wallet have been ported and work great on OpenBSD. Also they work through Tor. What another wallets do you need? Whitepaper and first screenshots are available on the site right now (Official Monero CLI wallet).