Open xrviv opened 9 months ago
spiros3p
commented
9 months ago hi, as a buyer of the X1 and S1, that requests sounds awesome. I am really looking forward for more eyes to have a look at the source code of these devices before I can safely recommend them to my friends and fmaily
adam22adee
commented
9 months ago I too am a buyer of the X1. I would be very pleased if you could publish what wallet scrutiny is asking for. I trust their opinion and I am sure many other people would purchase the X1 if it received a 12/12 score on https://walletscrutiny.com/
daic11
commented
8 months ago I also confirm that the build is impossible due to the lack of the MAKEFILE. There are also no instruction about the enviroment variables/docker container required to make build possible. Please update the repo with the building instruction. It looks like a random folder from the desktop:)
Hope you will update the repo thank you!
P.S.: there is a lack of coin management in your last 1.0.5 firmware version. You can't remove addresses/coins that you added through the Safepal app. So please modify. There are also bluetooth connection problems with IOS (it connects randomly).
Thank you.
stevexyz
commented
7 months ago Hello!
Fellow bitcoiner. We are a bitcoin project at walletscrutiny.com that looks into source-available Bitcoin apps and wallets. We found that the SafePalX1 does not have the following:
1. Build instructions 2. Release/TagsWe would like to invite you to kindly include this. It would help us re-build if possible from the source code and then conduct verification procedures.
We appreciate your response!
@xrviv what confirms you that this account and repositories are managed by the real producer (safepal) of the device? (I didn't find any link on their website, but maybe I missed it)
the (little) activity present here seems not consistent/coherent to the claims of the real company, or at least suspicious
xrviv
commented
7 months ago Fair point @stevexyz. I will investigate further.
xrviv
commented
6 months ago @xrviv what confirms you that this account and repositories are managed by the real producer (safepal) of the device? (I didn't find any link on their website, but maybe I missed it)
the (little) activity present here seems not consistent/coherent to the claims of the real company, or at least suspicious
Here are some links, mostly from their blog:
Digging deeper into some history, it appears that they've went from not source-available to source-available and perhaps, back again.
https://www.reddit.com/r/safePal/comments/klvzmb/any_chance_safepal_will_go_open_source/
Given that its firmware upgrades continue on, up to March 21, 2024, and because this is not reflected in this repository, I would have to change our assessment to "not source-available" on walletscrutiny.com
daic11
commented
6 months ago Given that its firmware upgrades continue on, up to March 21, 2024, and because this is not reflected in this repository, I would have to change our assessment to "not source-available" on walletscrutiny.com
Why they advertise themself as an "The first open-source bluetooth hardware wallet by SafePal" so they misleading their customers. People could buy their product based on this advert. Their app is closed-source, the firmware is closed-source.
Why do they do this to their customers and do they have the right to do it?
stevexyz
commented
6 months ago Crypto is all about removing "trust" from the equation. Closed sources are taking it back in. But the behaviour of this company doesn't seem to scream for it.
Keeqler
commented
6 months ago @hwdev-safepal @SafePalWallet I hope you're not pretending you can't see this.
xrviv
commented
6 months ago Given that its firmware upgrades continue on, up to March 21, 2024, and because this is not reflected in this repository, I would have to change our assessment to "not source-available" on walletscrutiny.com
Why they advertise themself as an "The first open-source bluetooth hardware wallet by SafePal" so they misleading their customers. People could buy their product based on this advert. Their app is closed-source, the firmware is closed-source.
Why do they do this to their customers and do they have the right to do it?
If you are an owner of the device, it would help others by sharing your opinion on walletscrutiny.com.
The url for the safepalx1 is https://walletscrutiny.com/hardware/safepalx1/
Giszmo
commented
6 months ago @Keeqler I had worked for a bitcoin wallet as the maintainer and the public repo was very much an afterthought. We updated it with the releases but didn't look much into the issue tracker. That said, it's not trust inducing to do so.
daic11
commented
6 months ago @Keeqler I had worked for a bitcoin wallet as the maintainer and the public repo was very much an afterthought. We updated it with the releases but didn't look much into the issue tracker. That said, it's not trust inducing to do so.
Yeah, they just ignore issues, lol :)
Gabrieltk5
commented
6 months ago Great job you are doing guys. Hope soon the company will fix this issues and make X1 model open source code again. I asked SafePal about this issues via
https://safepalsupport.zendesk.com/hc/en-us/requests/new?ticket_form_id=360001760732
And they answered me in 1 day the following:
“Thank you very much for reaching out to SafePal! These infos should be updated soon on github. Appreciate your understanding and patience dear user. Best regards, Jack SafePal Support Team”
I think it would be good if everyone uses this channel to ask for fixing this issues, so they will be aware of the problem and stop just ignoring.
Gabrieltk5
commented
6 months ago There was a firmware update uploaded 2 days ago.
daic11
commented
6 months ago There was a firmware update uploaded 2 days ago.
Yeah but still no instructions how to build hehe
xrviv
commented
6 months ago There was a firmware update uploaded 2 days ago.
It would be helpful if they could provide the necessary build instructions. At walletscrutiny.com, we encounter several frameworks, which can get quite complicated since there are more than 6000+ bitcoin android apps and several hundreds of hardware devices.
We would appreciate this, thank you.
thecryptoangel
commented
4 months ago SafePal X1 is full opensource, wallet scrutiny is apparently wrong, as the SafePal devs released the source code : https://github.com/SafePalWallet/safepal-x1
daic11
commented
4 months ago SafePal X1 is full opensource, wallet scrutiny is apparently wrong, as the SafePal devs released the source code : https://github.com/SafePalWallet/safepal-x1
So, why you misleading others about "opensource"? There are no source for the firmware but random folders with random files without any build instructions and that's the main issue.
ghost
commented
4 months ago Great job you are doing guys. Hope soon the company will fix this issues and make X1 model open source code again. I asked SafePal about this issues via
https://safepalsupport.zendesk.com/hc/en-us/requests/new?ticket_form_id=360001760732
And they answered me in 1 day the following:
“Thank you very much for reaching out to SafePal! These infos should be updated soon on github. Appreciate your understanding and patience dear user. Best regards, Jack SafePal Support Team”
I think it would be good if everyone uses this channel to ask for fixing this issues, so they will be aware of the problem and stop just ignoring.
I did this and Safepal support is adamant that it is open source already.
xrviv
commented
4 months ago Hello, Danny here from WalletScrutiny, we have updated our verdict to "Failed to Build from Source (FTBFS)" due to the lack of build instructions and release/tags.
Explanation: We try to compile the published source code using the published build instructions into a binary. If that fails, we might try to work around issues but if we consistently fail to build the app, we give it this verdict and open an issue in the issue tracker of the provider to hopefully verify their app later.
The update >> https://gitlab.com/walletscrutiny/walletScrutinyCom/-/merge_requests/710
stevexyz
commented
4 months ago Hello, Danny here from WalletScrutiny, we have updated our verdict to "Failed to Build from Source (FTBFS)" due to the lack of build instructions and release/tags.
How you can say that these are sources? Some post above @daic11 was naming the content here "random files": how can you disprove it? There is at least part of the content matching to something? Or is it possible to install even a part on some device and verify something with it?
Personally I think that no source available and failed to build have the same semantic in this context. If you agree @xrviv probably at wallet scrutiny you should merge both states into something that explain better the situation, since from an outside perspective failed to build seems less severe, and maybe even depicting incompetence of the person that want to build it instead of the missing things...
daic11
commented
4 months ago Hello, Danny here from WalletScrutiny, we have updated our verdict to "Failed to Build from Source (FTBFS)" due to the lack of build instructions and release/tags.
How you can say that these are sources? Some post above @daic11 was naming the content here "random files": how can you disprove it? There is at least part of the content matching to something? Or is it possible to install even a part on some device and verify something with it?
Personally I think that no source available and failed to build have the same semantic in this context. If you agree @xrviv probably at wallet scrutiny you should merge both states into something that explain better the situation, since from an outside perspective failed to build seems less severe, and maybe even depicting incompetence of the person that want to build it instead of the missing things...
Yeah agree, there are no proofs that the code posted is even connected with Safepal X1.
xrviv
commented
4 months ago We should wait for the developers to answer this - I'm not the appropriate party to respond to these queries. Just a quick tree summary:
firmware
│ └── App
│ ├── PlatApi
│ │ ├── inc
│ │ │ ├── libddi.h
│ │ │ └── plat_api.h
│ │ └── src
│ │ └── libddi.c
│ └── PlatSrc
│ ├── core
│ │ ├── include
│ │ │ ├── utils
│ │ │ │ └── defines.h
│ │ │ └── wallet
│ │ │ └── qr_pack.h
│ │ └── wallet
│ │ └── qr_pack.c
│ ├── include
│ │ ├── coin
│ │ │ ├── coin_adapter_hw.h
│ │ │ └── coin_util_hw.h
│ │ ├── misc
│ │ │ ├── config.h
│ │ │ ├── device.h
│ │ │ ├── global.h
│ │ │ ├── plat_config_wallet.h
│ │ │ ├── platform.h
│ │ │ ├── resource.h
│ │ │ └── settings.h
│ │ ├── storage
│ │ │ ├── storage_manager.h
│ │ │ └── update.h
│ │ ├── wallet
│ │ │ ├── active_util.h
│ │ │ ├── passwd_util.h
│ │ │ ├── pvt_util.h
│ │ │ ├── secure_api.h
│ │ │ ├── wallet_adapter_hw.h
│ │ │ ├── wallet_manager.h
│ │ │ ├── wallet_util_hw.h
│ │ │ └── words_util.h
│ │ ├── widget
│ │ │ └── cdr_widgets.h
│ │ └── window
│ │ ├── AddressTypeWin.h
│ │ ├── BtProcWin.h
│ │ ├── BtRecvCode.h
│ │ ├── CoinDetailWin.h
│ │ ├── CoinsWin.h
│ │ ├── ConfirmSeedWord.h
│ │ ├── dynamic_win.h
│ │ ├── GuideWin.h
│ │ ├── MultiAddressWin.h
│ │ ├── Passphrase.h
│ │ ├── ReceiveAddrList.h
│ │ ├── SettingWin.h
│ │ ├── TxShowWin.h
│ │ └── VerifyWin.h
│ └── src
│ ├── coin
│ │ ├── Aptos
│ │ │ └── aptos_sign_view.c
│ │ ├── Binance
│ │ │ ├── bnc_cancel_view.c
│ │ │ ├── bnc_delegate_view.c
│ │ │ ├── bnc_order_view.c
│ │ │ └── bnc_sign_view.c
│ │ ├── Bitcoin
│ │ │ └── bitcoin_sign_view.c
│ │ ├── Cardano
│ │ │ └── cardano_sign_view.c
│ │ ├── Ckb
│ │ │ └── ckb_sign_view.c
│ │ ├── coin_adapter_hw.c
│ │ ├── coin_util_hw.c
│ │ ├── Cosmos
│ │ │ └── cosmos_sign_view.c
│ │ ├── Custmsg
│ │ │ └── custmsg_sign_view.c
│ │ ├── Ethereum
│ │ │ └── eth_sign_view.c
│ │ ├── Harmony
│ │ │ └── harmony_sign_view.c
│ │ ├── Inj
│ │ │ └── inj_sign_view.c
│ │ ├── Near
│ │ │ └── near_sign_view.c
│ │ ├── Neo
│ │ │ └── neo_sign_view.c
│ │ ├── Polkadot
│ │ │ └── polkadot_sign_view.c
│ │ ├── Ripple
│ │ │ └── xrp_sign_view.c
│ │ ├── Solana
│ │ │ └── solana_sign_view.c
│ │ ├── Stellar
│ │ │ └── xlm_sign_view.c
│ │ ├── Sui
│ │ │ └── sui_sign_view.c
│ │ ├── Theta
│ │ │ └── theta_sign_view.c
│ │ ├── Ton
│ │ │ └── ton_sign_view.c
│ │ ├── Tron
│ │ │ └── tron_sign_view.c
│ │ └── VeChain
│ │ └── vet_sign_view.c
│ ├── misc
│ │ ├── config.c
│ │ ├── device.c
│ │ ├── global.c
│ │ ├── resource.c
│ │ └── settings.c
│ ├── wallet
│ │ ├── active_util.c
│ │ ├── passwd_util.c
│ │ ├── secure_api.c
│ │ ├── wallet_manager.c
│ │ └── wallet_util_hw.c
│ ├── widget
│ │ └── showQrWindow.c
│ └── window
│ ├── AddressTypeWin.c
│ ├── AppMain.c
│ ├── BtProcWin.c
│ ├── BtRecvCode.c
│ ├── CoinDetailWin.c
│ ├── CoinsWin.c
│ ├── ConfirmSeedWord.c
│ ├── dynamic_win.c
│ ├── GuideWin.c
│ ├── MultiAddressWin.c
│ ├── Passphrase.c
│ ├── ReceiveAddrList.c
│ ├── SettingWin.c
│ ├── TxShowWin.c
│ └── VerifyWin.c
├── LICENSE
└── README.md
45 directories, 94 filesFor instance we have bitcoin_sign_view.c under safepal-x1/firmware/App/PlatSrc/src/coin/Bitcoin
Its functions:
It parses and validates Bitcoin transaction data from a BitcoinSignRequest structure. Checks for valid inputs and outputs, ensuring proper transaction structure. Calculates total input value, output value, change value, and transaction fee.
Note this:
"Creates a dynamic view for displaying transaction details to the user." Formats and adds various transaction elements (total amount, recipient addresses, fee, etc.) to the view.
Multi-Coin Support: Handles different coin types, including Bitcoin and its testnet. Supports BRC20 tokens and NFTs on the Bitcoin network.
Special Transaction Types: Handles special cases like BRC20 token transfers, NFT transactions, and DApp message signing.
Address Formatting: Formats and potentially obfuscates addresses for display.
Change Address Handling: Identifies and handles change outputs separately from regular transaction outputs.
Fee Calculation and Display: Calculates and displays the transaction fee.
Input Source Display: Shows the source addresses of the transaction inputs.
Coin Configuration: Retrieves and uses coin-specific configurations (decimals, symbols, etc.).
Storage Updates: Updates local storage with transaction-related data (e.g., received indexes for address derivation).
QR Code App Integration: Has special handling for transactions initiated via a QR code app.
Multiple Address Types Support: Handles different address types (legacy, SegWit, native SegWit) for coins like Bitcoin and Litecoin.
The main purpose of this code is to prepare transaction data for user review on the hardware wallet's screen before signing. It ensures that all relevant transaction details are properly parsed, validated, and presented to the user in a clear and secure manner.
Here we have proof that certain functionality that would describe a bitcoin-firmware is present, there are many missing pieces. Thus, the appropriate verdict to give is Failed to Build from Source.
xrviv
commented
4 months ago Hello, Danny here from WalletScrutiny, we have updated our verdict to "Failed to Build from Source (FTBFS)" due to the lack of build instructions and release/tags.
How you can say that these are sources? Some post above @daic11 was naming the content here "random files": how can you disprove it? There is at least part of the content matching to something? Or is it possible to install even a part on some device and verify something with it? Personally I think that no source available and failed to build have the same semantic in this context. If you agree @xrviv probably at wallet scrutiny you should merge both states into something that explain better the situation, since from an outside perspective failed to build seems less severe, and maybe even depicting incompetence of the person that want to build it instead of the missing things...
Yeah agree, there are no proofs that the code posted is even connected with Safepal X1.
Noted. We have agreed that for relevant code to be discernable as the source code that is being described, more stringent documentation efforts should be applied by the provider. I am retracting the MR I made, and leaving the verdict for this as nosource until more documentation is made available.
Gabrieltk5
commented
4 months ago The problem is nobody is looking this here, an issue topic page inside a repository file GitHub page.
We need to expose this in other blogs, pages, YouTubers have to talk about it, posts on X, Reddit. So that people wake up and see what is going on. A lot of people around the world use SafePal and think it’s open source.
xrviv
commented
4 months ago Well, actually, a great number of source-available projects have a few kinks in them that belie the point of being source available in the first place. Many are not updated versions. Most don't have build instructions. Others don't build for lack of documentation.
If you'd like to, please advocate for WalletScrutiny.com's goals on twitter - like @Gabrieltk5 said.
matthew-bryce
commented
1 month ago Below is the response I got after pushing the subject further, asking specifically if they would address the issues here on Github. It does not inspire confidence in the product. At least I got the wallet on discount, it will make a nice paperweight until they go full open source.
Begin Quote
Actually the SafePal hardware wallet and App are not fully open source.
I understand that transparency is important to you, and I want to assure you that SafePal takes your security and trust very seriously.
Security through Obscurity
SafePal employs a balanced approach to security.While not fully open source, this strategy can make it more difficult for attackers to exploit vulnerabilities.
This is a common practice in the industry to enhance security.
Ongoing Development
SafePal is actively working towards open-sourcing parts of their code. They are preparing an open-source wallet program that will include the mobile app, browser extension, and communication protocol for the hardware wallet. This shows their commitment to increasing transparency over time.
Proven Security Record
Despite not being fully open source, SafePal has a strong security track record. For example, when Kraken Security Labs conducted tests, they were unable to steal cryptocurrency from the wallet, indicating robust security measures.
Transparency in Development
SafePal is responsive to security concerns. They promptly addressed findings from Kraken Security Labs and released firmware updates to patch potential vulnerabilities. This demonstrates their commitment to maintaining a secure product.
Industry Standard Components
SafePal uses widely-trusted, open-source components like U-Boot and the Linux Kernel, which are well-vetted by the broader tech community. This ensures that critical parts of the system are transparent and secure.
User Control
As a decentralized wallet, SafePal ensures that you retain full control over your assets by holding your own seed phrases. This means you have complete ownership and access to your funds.
Future Plans
SafePal has indicated that open-sourcing is part of their future considerations. They are committed to transparency and are taking steps towards making more of their code open source.
Balancing Act
It's important to understand that being open source has both advantages and disadvantages. While it allows for community review, it can also potentially expose vulnerabilities to malicious actors. SafePal aims to strike the right balance to ensure your security.
I hope this helps clarify why SafePal is not fully open source at the moment.
Rest assured, SafePal is dedicated to providing a secure and transparent product, and they are continuously working to improve their offerings.
End Quote
xrviv
commented
1 month ago The idea of semi Open Source baffles me.
Hello!
Fellow bitcoiner. We are a bitcoin project at walletscrutiny.com that looks into source-available Bitcoin apps and wallets. We found that the SafePalX1 does not have the following:
We would like to invite you to kindly include this. It would help us re-build if possible from the source code and then conduct verification procedures.
We appreciate your response!