Bleibt die Passphrase bei Ledger erhalten, wenn Sie sie auf einen Pin setzen?
- Dieses Thema hat 5 Antworten sowie 1 Teilnehmer und wurde zuletzt vor vor 1 Jahr, 6 Monaten von
aktualisiert.
-
Beiträge
-
-
-
I had the same question so I asked ledger engineers. the answer I got is:
No, it does not store the bip39 passphrase. Instead, it stores the result of the hashing of the bip39 entropy (also called the mnemonic / recovery / seed phrase) with the bip39 passphrase. The result of this „hashing“ is a 512-bit number known in the standard as the bip39 seed. That is basically the master bip39 root private key from which all other private keys are derived.
So the bip39 passphrase itself is not stored, what is stored is the internal 512-bit bip39 seed that is obtained from it being hashed with the 24-word phrase.
-
When you link a passphrase with a pin, your passphrase is used right after you type it into the device to alter the master key derived from your seed words into a new master key that is associated with that pin.
Then the passphrase is forgotten, but that doesn’t matter anymore.
The master key from which all private keys are derived is what matters.As you may have noticed, not all wallets do this.
Other wallets make you type it every time and it’s kind of a pain, or at the least, it does not encourage the use of a long/secure passphrase.
Some wallet makers actually market having to type your passphrase each time you use it as a „feature“ that mitigate their devices‘ vulnerability to physical key extraction attacks.
But really it’s just piling on a bad user interaction flow on top of a weak hardware design. -
-
>does it mean the Ledger device „remember“ your passphrase in this case?
I couldn’t think of any way it could spare you the trouble of typing out the passphrase unless it got saved on the device. Personally, I wouldn’t take that risk – especially now that it’s apparent that Ledger can extract private keys stored on its hardware devices.
-
-
- Du musst angemeldet sein, um auf dieses Thema antworten zu können.