| Abstrakt: | Compromised software clients that assemble cryptocurrency transactions are a threat to
users' funds, which is why hardware wallets exist. One of them is called Ledger Nano S. This
hardware wallet only has limited resources available. Therefore, applications for it
cannot take up too much space and they have to work with few kilobytes of RAM. In our previous work, we designed an
application that only requires an addition of a single hash to the source code in order
to add support for a new transaction type. However, the validation of the integrity of the transaction only happened at the
end, right before signing, which allowed a compromised client to show malicious data to the user during the communication process.
In this thesis, we propose two application designs that terminate the signing process immediately
upon receiving suspicious data while offering the convenience of only having to change
a single hash in the source code to add support for a new transaction type. The first
design is based on Merkle trees, and the second is based on hash functions. We also
present proof of the security of the latter one. An efficient approach
for allowing undo and redo actions is also described. Such actions are useful if the user decides to return to
data they have already confirmed.
|
|---|