TLDR;
Develop a Nash app for the Ledger hardware wallets that encrypts the individual keys within each users keyfile, the user is then required to decrypt each key using the Ledger-Nash app each time a transaction needs to be signed. Now when the users credentials and OTP are compromised an attacker only has access to a keyfile full of encrypted keys and will have to buy a $5 wrench and be in the same physical location as the user and their hardware wallet to gain access to their funds.
The team has already stated that the hardware wallets currently available don’t support private key generation using the same methodology that Nash does and although we’ve got support for OTP 2FA and @canesin has already indicated the team plan to support U2F using Yubkey or something similar here and here I think there might be a middle-ground alternative.
Trezor has a password management solution that uses the hardware wallet to encrypt a keyfile that stores all your passwords, within that keyfile each password is individually encrypted so for a user to access their password they must first use their Trezor to decrypt the keyfile and then a second time to decrypt the individual password they want to use.
I think it’s possible for Nash to apply a similar solution; if I understand correctly Nash keeps an encrypted copy of each users keys which is only decrypted in the users browser when they interact with the exchange. Following the same pattern explained above Nash could allow the user to use a hardware wallet to encrypt the individual keys within the keyfile. The user would then be required to use their hardware wallet to decrypt the necessary key each time a transaction requires signing, once signed the decrypted key is then removed from memory. Assuming the user’s machine is compromised when they login to Nash an attacker would have access to a decrypted copy of the keyfile however if each key is individually encrypted using the users hardware wallet an attacker would only be able to access decrypted keys if the user attempts to sign a transaction.
Trezor doesn’t seem to be very open to collaborating with third parties however Ledger is quite open to having third parties develop apps for their wallets. I’m aware that Bitcoin support is the number one priority right now and agree that the team should be pushing for that goal as quickly as possible but when the team does have some time I think it’s worth allocating some to developing a “Nash” app for the Nano S/X.
I like your idea!
Having no hardware wallet support feels a bit unusual for me as well.
I am used to use a hardware wallet and I feel very safe with it.
To be honest I tried switcheo the other day to compare it to nash and I absolutely liked it how easy it was to trade using my ledger nano s.
Lets see what the future of nash shows up. hw support is maybe not the highest prio but for a lot of users for sure an argument of using a platform or not.
Before the end of the year our second iteration of Nash’s Zero-knowledge key management will be available. It will use modern new cryptography on secure multi party computation (MPC) to provide a software alternative that is more secure than hardware wallets such as current versions of Ledger or Trezor because even if the user is hacked or is physically compromised the system will be secure and able to enforce a user defined security policy.
I don’t have enough idea on quantum computing being a threat to crypto. But experts like you might have though through it. Does your solution resistant to such threats as well ?
If at all it is a real threat,I understand that before crypto there would be lots of other conventional systems that would be affected.
I raise this question because there are already quantum resistant crypto networks and would like to know if we have that in mind as well.
cool MPC threshold-sig … …people keep under-estimating the importance of this
One question i DO have
I understand my phone sig is recoverable if device lost BUT
what if my thumb or face gets damaged/altered…? i wont be able to recover keys from master decryption key
Awesome! Are the second iteration and Bitcoin support mutually exclusive / are being developed in parallel i.e. can we expect to see both by the end of the year?
The sad thing about this is the fact that 99% of Nash’s future user base will not understand any of the amazing tech that operating behind the scenes or how hard it was to create this tech.
Yes, Nash will be more secure, faster, advanced. But in most cases, nobody will know.
Doubt it @CypherInvestor, he’s an anarchist and has expressed his disdain of governments and regulations many times. Since Nash is essentially a regulated DEX and an actual business, I don’t think it passes their purity test.
the whole point is they wont even know they are using blockchain … ur just giving them a far better/more cost effective experience than their bank…with tonnes more products
Shame really, I agree with most of what he says but he’s a little too far off centre on some topics, wish he had more of a balanced view for some things. He’s literally spoken about making UI/UX a seamless experience where users can just “swipe to send” just like his mother with her first email. Nash is moving towards that future removing the need for a hardware wallet, shame if his ideology kept him from appreciating Nash’s contribution to the space.
Yeah man, I’ve certainly enjoyed some of his talks and his contributions to this space can’t be overstated. I think because he grew up in a country during economic and political turmoil it influenced his ideological beliefs which is very anti-banks anti-governments. So in his mind Bitcoin is the antithesis to that type of system. Personally I think it’s wrong and Blockchain can work in conjunction with legacy systems and is the only way to bring this tech to the masses. Expecting businesses not to de-risk operations is very close-minded.
Hey guys @CryptoMange and @CypherInvestor, I don’t quite agree with your verdict on Andreas Antonopoulos. Yes he is sort of anarchist and not pro powerful, controlling governments, but that doesn’t make him irrational.
He still has to face and comply with government regulations from day to day. He still makes use of visas (a government document) for his many travels around the world.
I think it is wrong to conclude that he will not appreciate what Nash has achieved and is achieving simply because Nash tries as much as possible to comply with regulators.
In my opinion, Nash does not seek compliance for the sake of it.
I assume that, when necessary, Nash would even challenge certain laws that are vague or simply limiting and outdated.
The philosophy behind non-custodial exchanges is very central to what Andreas preaches and I think he, more than most, would appreciate what Nash is building. Would really like to see Nash engage him at some point in the future.
I hope your right and I’m wrong on this one I’d be very happy to be proven wrong and for Andreas to appreciate what Nash is doing for the space.
One can hope…
Anyone who’s passionate about this space and the values of crypto should be excited for what Nash is trying to bring. Now, we still don’t have all the details and what compromises will be made for BTC trading but if it’s anything like the team is alluding to then it’d be very appalling not to see any established influencers talk about it. I guess Nash could become like a litmus test to see which influencers uphold the values of self-custody.
Coming back to Andreas, would be great if he went into technical details about Nash. The technology behind Bitcoin trading will settle very similarly to the lightning network (so I’ve heard) so should be close to home for him.
Whether the underlying tech behind Nash’s non-custodial trading is close to the lightning network or not shouldn’t affect anyone’s level of interest in it.
The real issue is whether it works and is comparable to the ease of trading on a CEX.
If you can develop a system that is more secure than a Ledger wallet then that would be absolutly game changing. One of my biggest concerns with hardware wallets is losing the recovery phrase or being physically forced to give that up. If nash can solve this there would be no reason to use anything else.