[ZIP 305] Best practices for hardware wallets supporting Sapling and Orchard #346
Labels
has ZIP stub
Sapling
Interacts with Sapling design, spec, or implementation
ZIP idea
ZIP number assigned
Milestone
Document how a hardware wallet (that has a trusted path to the user) should construct or verify transactions in order to protect its user, as far as possible, against attacks from the untrusted computer.
In the general case we have a hardware wallet, an untrusted computer, a delegated prover, a user, and a network connection, something like this:
The h/w wallet should not trust the computer or the prover with spend authority, and should not allow a transaction confirmed by the user on the wallet's UI to be malleated while remaining valid. Similarly the computer should not trust the prover with spend authority (this is automatic when the computer is not trusted with that authority), or ability to malleate the intended transaction.
We believe that the Sapling design supports this without requiring the h/w wallet to be able to either prove or verify Spend or Output proofs. A h/w wallet should only need to implement:
The text was updated successfully, but these errors were encountered: