Entropy, miniscript and hardware wallets

[bigspider]

Description

What is this talk about? Give us as many details as possible.

We've been doing hardware signers all wrong! We have trained our users to do the machine's job: write down seeds, compare addresses, verify xpubs.

Users don't do it, or they do it wrong – and even advanced users might end up losing their coins.

High entropy is ultimately a requirement for security, which is why signing devices have been designed this way. I will talk about the negative impact of high entropy in the various UX flows of hardware signers, and how we might rethink them to make our users happy without making their security worse.

What would an attendee learn from this talk?

Why is it challenging to teach your grandma to use a hardware signer today? Can we have both good UX and good security? What does entropy have to do with all this?

Is there anything folks should read up on before they attend this talk?

High level knowledge of:

• BIP-32
• miniscript
• Silent Payments (BIP352)

Relevant Links

About the Speaker

Social Link:

Github: https://github.com/bigspider Twitter: @salvatoshi Website: https://merkle.fun for my research work outside of hardware signers

Talk Details

Length of Talk

45 minutes, ideally

Preferred Day/Time Slot

Any day works - first day preferred

[iglesiasbrandon]

hey @bigspider this issue has been accepted.

would you say this is beginner, intermediate or advance talk?

We are collecting an additional attribute for the workshops. Please update your issue and include a line item on the difficulty level of the workshop with either "Beginner", "Intermediate", or "Advanced".

• Beginner: would be no prior knowledge needed, very few technical skills required for workshop
• Intermediate: At least some knowledge needed to not be lost, technical skills, Comp Sci, IT related experience is greatly beneficial
• Advanced: Potentially a strong working knowledge of certain technologies, libraries, fundamentals, Comp Sci, and related protocols.

Error on the side of more advanced than less advanced as we want to set strong expectations. Depending on what you pick please gauge your workshop accordingly.

[bigspider]

Thanks a lot, I'm excited about coming!

I think the talk will be quite self-contained, so anyone technically minded should be able to get something out of it. Trying to think about and contribute to the problems I'm raising (which is a goal!) is more on the intermediate/advanced side.

I'd say intermediate overall is appropriate.

(NB: Your message says workshop, but this is really a talk)