|
|
|
|
|
|
by lxgr
1292 days ago
|
|
|
> with a normal security module I control the inputs and outputs In the threat model that hardware wallets address, you don't, though. Your computer could be running malware that swaps your desired target address with that of the attacker, for example. In that sense, they go beyond (low-level) HSMs by introducing a trusted user interface so that you can verify what you sign. However, they arguably also fall short of really solving that problem: What are you going to compare the destination address to, if you can't trust your computer to correctly display it? |
|
|