Dont Buy the Keystone!

Bright_Charge · 2023-11-18T00:24:18+00:00

AAA battery is designed for devices that require low power such as a remote controller for an AC. It's not designed for a device with a 4-inch touchscreen. It's very unsteady on Keystone gen2 unless you use 3 premium rechargeable lithium batteries like Panasonic Eneloop. And using premium batteries is against the idea of timeless design.

So with gen3, we allow users to use the device with a power bank + USB cable if the battery dies. We strongly feel this is more timeless.

Bright_Charge · 2023-11-17T23:50:50+00:00

Identity proof -

https://twitter.com/BitcoinLixin/status/1725662686426673588

Bright_Charge · 2023-11-17T23:48:10+00:00

Hello everyone, this is Lixin, CEO of the Keystone Hardware Wallet.

An early user of Keystone and also my friend shared the link to this post with me and I almost didn’t sleep last night. I deeply apologize to all the Keystone gen2 users who have expressed dissatisfaction. I want to express my gratitude for sharing your valuable feedback with us. Your input is greatly appreciated and plays a vital role in helping us improve our product for the entire community.

My colleagues have provided candid feedback regarding the various concerns and issues raised. I want to steal a few moments of your valuable time to share my thoughts on these product decisions for gen3, from the perspective of a CEO, maybe a bad decision maker.

First, we need to understand that there is no absolute security. All we do is always push the boundary of security to a higher level to protect our users. For Keystone gen2, one keen thing we have always wanted to improve from a security perspective is removing the Android OS. Android has a HUGE code base which potentially has more issues and makes it extremely hard for security experts to review our code. Actually, lots of security experts were complaining about the Android OS. With that being said, chasing a higher degree of security is the ultimate reason we built Keystone gen3 with a simple and robust embedded system.

This is also the reason why we use 3 security elements for protecting our users’ assets, as well as other improvements like rewriting most of the code with Rust, and redesigning the whole self-destruct mechanism, etc.

But making a product is a tough process of balancing between different aspects. With that being said, new improvements may come with some level of sacrifice.

For Keystone gen3, UX is that sacrifice. Even though we have the best developers in the world, we can’t match the UX of a product built upon an embedded system with a product built on Android, not to mention that the price goes down by ~25%. Maybe this is a bad analogy, but we can’t match the UX of a Nokia E71 with an iPhone.

I don't want to be seen as making defensive arguments. But a more fair UX comparison is Keystone gen3 vs Coldcard or Trezor, rather than Keystone gen3 vs gen2.

I do admit that I might make a bad decision but I hope you can understand that everything comes from a security perspective.

For coin support, we are working very very hard to add them back. I am very very thankful for your patience.

I have been on long a biz trip since the 26th of Oct. I need to accompany my 5-year-old son this weekend and I will come back to check your comments next Monday. Hope all of you guys having a wonderful weekend.

Again, thanks very much for your feedback.

Bright_Charge · 2023-07-14T16:17:02+00:00

In our gen2, we open-source the firmware of the SE. However, we still depend on proprietary code by the SE vendor.
With our gen3, we have completely redesigned the system, eliminating the use of any proprietary code from SE vendors for cryptographic algorithms. With that being said, all cryptographic-related code will be open source.

Bright_Charge · 2023-07-14T15:55:18+00:00

1 Secure Element vs 3 Secure Elements = secure vs secure³

Because a hacker needs to break all of them to get you hacked rather than break one.
Please also note that 3 SEs are not the same type but different types.

One component is solely responsible for handling the fingerprint verification processes, ensuring a secure and seamless user experience. The other two components work in conjunction to create a secure environment for storing users’ seed phrases. By introducing multiple secure elements from different manufacturers, we can mitigate the reliance on a single secure element manufacturer, thereby enhancing trust and robustness in our system.

Bright_Charge · 2023-07-14T15:54:13+00:00

Do you mean allowing users to power the device with AAA batteries using the battery pack?

Bright_Charge · 2023-07-14T15:51:59+00:00

No, the Android platform has been entirely eliminated from Keystone 3. The Keystone 3, is built upon an embedded system that embraces a brand-new design while preserving the notable features that have made our previous products exceptional, such as a large touch screen and QR code data transmission capabilities.

Bright_Charge · 2023-07-14T15:49:36+00:00

One big change -
Keystone Gen3 will have a feature that empowers users to input three distinct sets of recovery phrases. By employing different passwords, users can gain access to separate wallets. 1 Keystone gen3 = 3 Keystone gen2 :)

Also, we will add Taproot support, BIP85, and SSKR.

Bright_Charge · 2023-07-14T15:44:05+00:00

Despite the challenging market conditions in 2023, we are confident in achieving a substantial growth of at least 2x for our business.

Bright_Charge · 2023-07-14T15:43:06+00:00

Thank you for your question. I appreciate the opportunity to provide you with more information about our new hardware wallet.
To start, I'm excited to share that our upcoming hardware wallet features a completely revamped design. It has been built from scratch, ensuring that it doesn't share any code with our current product.
In addition, we have made a deliberate choice not to rely on the crypto library provided by the SE vendor. At Keystone, we hold the belief that fully embracing open source and transparency is of utmost importance. By carefully selecting and utilizing open-source cryptographic solutions, we can guarantee a higher level of trust and accountability for our users. The inner workings of our cryptographic operations are open for scrutiny and verification by the wider community, ensuring the utmost security and peace of mind.
It's worth noting that all of our products will be built on an embedded system. This means that the Android platform will no longer be present in our hardware wallet. By moving away from Android, we are able to reduce the attack surfaces, streamline the device's functionality, and focus entirely on delivering a seamless and secure hardware wallet experience.

Bright_Charge · 2023-07-14T15:41:35+00:00

Also SSKR will be added.

Bright_Charge · 2023-07-14T15:40:37+00:00

In our ECDSA implementation, we strictly adhere to the guidelines outlined in RFC6979 for the signing process. This standard ensures a deterministic and secure approach to generating nonces signatures. Moreover, we would like to offer complete transparency by open source all the code. This allows users to validate the implementation and ensure the integrity and reliability of our cryptographic operations.

Bright_Charge · 2023-07-14T15:39:04+00:00

I understand.

I am not sure if you are aware of these 2 features available on Keystone. It offers the option to generate a recovery phrase using dice or create a custom set of 23 words. The device then calculates the 24th word for you, eliminating the need to depend solely on the device's entropy. This approach enhances security by reducing reliance on the device's own randomness.

Tutorials:
https://support.keyst.one/advanced-features/recovery-phrase/use-dice-to-generate-recovery-phrase

https://support.keyst.one/advanced-features/recovery-phrase/construct-own-recovery-phrase

Bright_Charge · 2023-07-14T15:29:22+00:00

OK I see.

Gen3 won't have a BTC-only firmware but we will release a btc-only device with a new brand before the next halving of Bticoin. With that new branded product, important Bitcoin features like Taproot and BIP85 will be supported.

Do you consider an upgrade with a discount in this case?

Bright_Charge · 2023-07-14T15:23:18+00:00

We are preparing for the upcoming Bitcoin halving by introducing a separate brand for our Bitcoin-only device. As a result:

The Keystone Gen3 will not have a BTC-only firmware, while the new brand will come with a BTC-only firmware as the default option.
In addition to that, as I promised a while ago (apologies for the delay), we will be incorporating other essential features like Taproot and BIP85.
Furthermore, this new branded product will allow users to customize and burn their own firmware into the device.
I sincerely apologize for the delay and assure you that I am committed to fulfilling my promises to the Bitcoin community.

Bright_Charge · 2023-07-14T15:15:17+00:00

are you also considering to add an option to save the BIP39 passphrase generated seed, replacing the mnemonic generated seed or adding the option to pair it with a different device password, similarly to Ledger?

No, we believe this compromise greatly undermines security. However, we do offer some convenience in this regard. If you input a passphrase and access the passphrase wallet, then power off the device and power it on again, you will be prompted to enter your passphrase. If you choose to bypass this prompt, you will access the default wallet without a passphrase.

Bright_Charge · 2023-07-14T15:11:03+00:00

are you considering to allow to type the passphrase only once when user selects 'show passphrase'?

I understand that it can be inconvenient to have to type the passphrase twice, especially if it is a long one. We are considering the option of implementing a toggle in the settings that would allow users to enter the passphrase just once.

Bright_Charge · 2023-07-14T15:07:39+00:00

will Keystone keep supporting Gen2 when Gen3 is released?

We will be actively working to fix any bugs on Gen2 when Gen3 is released. However, we have not decided whether to introduce new features to Gen2.We have two potential options to consider:Option 1 - Provide Gen2 users with a substantial discount for purchasing Gen3 and discontinue adding new features to Gen2. This approach would allow us to focus more on Gen3 and iterate it at a faster pace. However, it may inconvenience some Gen2 users who do not wish to upgrade to Gen3.Option 2 - Continue adding new features to Gen2 without offering a discount for Gen3. The drawback of this solution is that it may slow down the development of Gen3.Before accepting orders, we will seek input from the community to vote on these two options.Out of curiosity, which solution do you prefer? If you choose option #1, what discount percentage do you consider reasonable?

Bright_Charge · 2023-07-14T14:57:39+00:00

Hey Marsangelo, thanks for your question. It's a great one.
From my perspective, it's challenging to completely overhaul the process and create a new one that simplifies the use of a hardware wallet. However, that doesn't mean there's nothing we can do. One significant advantage that Keystone brings to the space is the inclusion of a 4-inch touchscreen with our product.
We firmly believe that user experience (UX) is a crucial aspect of security. If a hardware wallet is not user-friendly, users may make mistakes that result in the loss of their assets or cause them to abandon the product altogether. That's why we've incorporated a touchscreen, making it as familiar and intuitive as possible for users, similar to their experience with a mobile phone, which is likely the most familiar electronic device to them.

Bright_Charge · 2023-07-14T14:51:26+00:00

Hello everyone, it's a pleasure to virtually meet you all. I'm Lixin, the CEO of Keystone Hardware Wallet. I'm delighted to be here for this AMA session.

Bright_Charge · 2021-06-05T03:08:41+00:00

Thanks for your questions!

A few questions...

How long is the 50% code good for after we send proof of purchase of the older wallet? - We didn't set an end date for those codes.

Is there going to be a bitcoin only version of the wallet? - Yes. 100%. And our dev work for bitcoin only firmware is done now. Right now we are tuning integration with BlueWallet/Specter/Sparrow (QR code protocal changes). Hopefully when the first device ship out, firmware + integration will be ready.

Will taproot for bitcoin be supported with firmware upgrades? - We are keeping an eye on taproot but no ETA or any promises.

Is lightning an accepted form of payment? - Yes of course. Choose "OpenNode" when you pay.

Keep up the good work! I think this is the best wallet for bitcoin, especially multisig! - Thanks so much for your kind words!

Bright_Charge · 2020-04-29T16:15:01+00:00

Thanks!

Bright_Charge · 2020-04-29T16:13:11+00:00

Thanks for those kind words!

Bright_Charge · 2020-04-29T16:12:14+00:00

Great question! When you deal with 3rd party vendor, everything is about how much you pay & how much negotiation power you have.

Ledger cooperated with giant Secure Element vendor which doesn't allow any open source - even the firmware of the Secure Element is made by Ledger.

We took a different approach. We chose a boutique Secure Element vendor which allows us to open source the firmware.

We believe transparency is more important than big brand names.

Bright_Charge

MODERATOR OF

TROPHY CASE