"Specifically, it doesn’t support bitcoin — only ether and ERC20 tokens — which would be akin to your broker at Charles Schwab or Fidelity telling you that your 401(k) lets you invest in silver, copper and other metals but not gold." https://t.co/0P3TCI8E5b
Well, we know that the platform of ether is very satisfying knowing that they created a fast transaction and safer transaction than ever making their smart contract very popular. It actually makes me to deposit from gambling [site](https://to.crwd.cr/cm) so easy and can withdraw it also easily. Its good for payment method also without experiencing losing because its secure.
Galaxy App Store and Play aren't the same thing. The Galaxy store is Samsung exclusive stuff.
But Enjin Wallet, which is the supported connecting dapp for the S10 wallet available in the Galaxy store, supports BTC.
TEE = Trusted Execution Enclosures. AKA TrustZones, & Trusty zones. They are open standard of tiny disconnected computers within your smartphone, made for keeping malware away from their contents. Here's Android's version of it: [https://source.android.com/security/trusty](https://source.android.com/security/trusty)
Ledger actually does have a Beta going for their TEE zone "Trustlet" wallet... But not many phones support it. [https://www.ledgerwallet.com/beta/trustlet](https://www.ledgerwallet.com/beta/trustlet)
From your link:
>Currently all Trusty applications are developed by a single party and packaged with the Trusty kernel image. The entire image is signed and verified by the bootloader during boot. Third-party application development is not supported in Trusty at this time
Without third party applications, what Trusty can be used for is what is directly implemented out of the box.
Currently, the KeyMaster API in Trusty does not support ECDSA on the secp256k1 curve, and it does not support BIP32 either. Both of these would be needed for HD wallets. Without those, what exactly do you want? :/
You simply cannot have "hardware wallet"-like guarantees with an Android phone today (not that I think you can in an iPhone); not anywhere close.
For example, what Breadwallet does, upon which all their "hardware backed" key storage claims are based, is store an AES symmetric encryption key in there (the hardware keystore, using the KeyMaster API). This key is then used to encrypt/decrypt the seed words (through the secure API), whenever they are needed. The ciphertext and the IV are stored in SharedPreferences (application-private standard filesystem file, secured only with file permissions -- this is what most Android wallets use). Whenever the app needs to sign a transaction, or derive a key for an address, it calls into the KeyMaster API, decrypt the seed words, put the seed words in userspace memory, derive the child keys (BIP32) outside the secure environment, do the ECDSA signing outside the secure environment. What is being signed (the transaction; well sighash) is also constructed and shown to the user using the device display (outside the secure environment).
How does the KeyMaster API in the secure environment decide whether you can use an AES key it has, you might ask. Well, it knows which application created a key, and checks the asking process against that. That can be spoofed via a root exploit, or by any process running as root. What about the SharedPreferences that are application private that store the ciphertext, how can that be defeated? Well you just need to be root to change the filesystem permissions. So what do you need to defeat all protections? You need to be root! What do you need to defeat protections of other Android wallets that do not use the KeyMaster API? Same thing: root.
Why was the KeyMaster API even created then?! Well, it has different goals in mind. Its main objective is to prevent at all costs the extraction of the secret stored inside. The documentation even says so explicitly, that against a privileged (root) process, the guarantee it provides is keeping the secret safe: the attacker in that case can \_use\_ the key (e.g. to decrypt or sign something) but not extract the key itself. Note that in Breadwallet's case, the key is an AES key that in itself is not even that interesting, what an attacker would want is using the key to decrypt the seed words, which he can do.
I am not saying Breadwallet is doing anything wrong, nor that they could be doing it any better really; I've mainly singled them out because they have the loudest claims of doing it securely. In reality, it simply cannot be done securely on current smartphones. And Samsung could have changed this if they implemented ECDSA on secp256k1, and BIP32 in the secure environment.
But even that would not be as secure as a dedicated hardware wallet, for many reasons, the most obvious being that it would not have a dedicated trusted screen where you can check outputs.
Good info, thanks.
I hope no one here thought I was comparing a smartphone with a TEE to a hardware wallet. To date I've never used a TEE and keep all my savings on a hardware wallet.
I think what we, as a community, need to figure out is if TEE zones have a place for bitcoin wallets or not. Aren't they a real improvement for the smallish amounts we carry around on our smartphones?
>Samsung would quickly deny rumors that the S10 contained a baked-in hardware wallet. Well, the wallet definitely exists. It’s just missing a few features you might expect of a crypto wallet. Specifically, it doesn’t support bitcoin — only ether and ERC20 tokens — which would be akin to your broker at Charles Schwab or Fidelity telling you that your 401(k) lets you invest in silver, copper and other metals but not gold.
I've got trouble proving the authenticity that the footage in the video is from a US released S10. You obviously believe everything you see on the internet at face value which is why you were suprised by the revelation that there is no bitcoin wallet while I predicted it.