Security even for paranoid people
The Specter DIY hardware wallet was created by Stepan Snigirev in 2019 because the devices available at the time did not meet his strict security requirements. Specter was a completely open-source Bitcoin-only wallet that anyone could build themselves and whose code could be independently verified. Since then, a significant portion of the software has also been used in the SeedSigner and Krux projects.
Firmware and software security
Open source
The firmware of the Specter DIY is completely open source and freely usable by other, even commercial, projects. A large portion of the code is therefore used by the SeedSigner and Krux projects, which underscores the security and robustness of the code.
Reproducible builds
You can also sign the software yourself to ensure you're using the official version of Specter. This is much easier; you can find a Instructions.Â
Secure Boot
The Specter DIY's firmware is signed exclusively by the official developers of the Specter Association. With every update, the device checks the digital signature to ensure only verified and authentic versions are installed. This ensures that no compromised or tampered software makes its way onto your device unnoticed.
Anti-phishing words
When the device is first started, a unique secret is generated on the main microcontroller. This secret allows you to check if the device has been replaced with a tampered one – when you enter your PIN, you'll be presented with a list of words that always remains the same. As long as this list of words remains the same, you can be sure that the device hasn't been tampered with during that time.
Seed phrase management
Seed custody
Save seed phrase to the internal device memory (not recommended)
Your PIN code and the unique secret (see Anti-Fishing Words) are used to generate a decryption key for your Bitcoin seed phrase (if you save it). Even if an attacker could bypass the PIN screen, decryption would still fail.
If you lock the firmware (instructions for how to do this follow), the secret key material will also be effectively locked. If an attacker attempts to install a different firmware on the device, this secret will be erased. You'll notice this because the word sequence differs when entering the PIN code. However, this method is not recommended, as it is theoretically possible to extract the seed phrase using techniques such as lasers or acid.
Save seed phrase outside the device: Temporary Seed
Therefore, the Bitcoin seed phrase is typically only stored in the RAM during active use and is deleted when the device is turned off. The seed phrase is thus stored outside of the Specter DIY. Typically, the 12 or 24 seed words are written down on paper and entered via the large touchscreen when using the device, conveniently scanned as a seed QR code, or imported from an SD card.
Recommendation: Multiple copies of the seed phrase should be created and stored in different secure locations. It is recommended to store them in tamper-evident bags or in the backup stack. Additionally, a passphrase or a multi-signature setup should be used. This allows for detection of potential theft of the seed phrase and prevents access to the Bitcoin through the additional backups and/or the passphrase.
Seed Verwahrung, Secure Element Smartcard "encrypted"
Der Specter Shield sowie der Specter Shield Lite bietet alle Funktionen des Specter DIY und zusätzlich eine Smartcard-Option. Damit kannst du die Bitcoin Seedphrase verschlüsselt auf dem Secure Element der austauschbaren Smartcard speichern.
Wenn wir die Bitcoin Seedphrase als „encrypted“ auf der Smartcard verschlüsseln, verwenden wir die Dual Chip Sicherheitsinfrastruktur des Specter Hardware Wallets. Hierbei haben wir zufälliges Geheimnis auf dem Secure Element (Smartcard), ein zufälliges Geheimnis auf dem Mikrocontroller (Specter Hardware Wallet) und ein von dir gewähltes Geheimnis, den Gerät-PIN. Hierbei wird wenn 10 falsche Gerät-PINs eingegeben werden, die Smartcard mit dem Secure Element vollständig unbrauchbar und diese Seedphrase kann nicht mehr vom Secure Element hergestellt werden. Ein Angreifer bräuchte physischen Zugriff zum Gerät, als auch zu der Smartcard und hätte mit Brute-Forcing (mehrfaches raten) nur 10 Versuche den PIN zu erraten.Â
Seed Verwahrung, Secure Element Smartcard "plain text"
Wenn wir die Bitcoin Seedphrase als „plain text“ auf der Smartcard verschlüsseln, verwenden wir den Secure Chip, der Smartcard um die Seedphrase sicher zu verschlüsseln. Durch diese Form der Verwahrung lässt sich mit Smartcard und PIN Code, die Seedphrase mit jedem Specter auslesen. Hierbei wird wenn 10 falsche Gerät-PINs eingegeben werden, die Smartcard mit dem Secure Element vollständig unbrauchbar und diese Seedphrase kann nicht mehr vom Secure Element hergestellt werden. Ein Angreifer bräuchte physischen Zugriff zu der Smartcard und hätte mit Brute-Forcing (mehrfaches raten) nur 10 Versuche den PIN zu erraten.Â
Wallet seed generation
The security of the Specter DIY is based on a robust generation of the private seed phrase by combining several entropy sources:
- Random generator: A hardware-based True Random Number Generator (TRNG) on the microcontroller generates true random numbers.
- Touchscreen interactions: The time and position of each touch on the touchscreen are measured. The resulting entropy is collected in a hash and updated with each subsequent touch.
These sources are combined and hashed to create a high-entropic seed phrase that is more secure than any single source alone.
Optional can also be playfully simple and transparent Incorporate real life randomness into seed phrase generation by means of coin tosses, where a coin can be flipped for each single bit.Â
Additional security features
Only Bitcoin and Liquid support
The Spectre DIY can be operated not only with the Bitcoin mainnet, but also with the Liquid mainnet (a second-layer solution for Bitcoin). It also supports various test networks: Testnet, Signet, Regtest, Liquid Testnet, and Liquid Regtest. Since it supports only Bitcoin and no altcoins, the code remains lean, thus reducing potential attack surfaces. The networks are strictly separated from each other – each wallet is always assigned to a specific network. This means that a wallet imported into the testnet is not available on the mainnet or Regtest. If you want to use a wallet on another network, you must first switch to that network and import the wallet there separately.
Secure display
The Specter DIY is designed for scenarios where your computer may be compromised and therefore untrustworthy. The large touchscreen display allows you to directly and securely review all important information—such as transactions, receiving addresses, fees, and other details.
Rules for transactions signed by Specter DIY
- Warning for mixed inputs: If inputs from different wallets are detected in a transaction, the user is warned on the display. This protects against potential attacks aimed at manipulation.
- Warning about unusual change addressIf the Specter DIY detects a suspicious or unusual change address, the user is clearly warned on the display. This check is performed for both single-sig and multi-sig transactions to ensure maximum security.
- Change outputsChange addresses (return outputs) display the name of the wallet to which they are sent. This ensures full transparency and control.
- Multisig or miniscript usageTo use multisig or miniscript transactions, you must first import the corresponding wallet. This is done by adding the wallet descriptor via QR code, USB, or SD card.
Communication options
The Specter DIY offers three different methods to communicate with the companion app on the internet-connected device.
Air-Gapped
Two of these communication methods are completely air-gapped, meaning there is no physical connection to the other device. This type of communication is also particularly transparent, as the user can always see exactly what information is being transmitted.
via QR code (recommended)
This is the most secure form of communication: Data is exchanged completely air-gapped and transparently via QR codes with the companion app. A separate microcontroller is used to scan the QR codes, so image processing takes place outside of the safety-critical main microcontroller.
via SD card (not recommended)
Communication via the SD card is also air-gapped: The card is plugged back and forth between the Specter DIY and the internet-enabled device. However, this method offers a larger attack surface, as the data exchange takes place directly via the security-critical microcontroller, thus providing a larger attack surface.
not air-gapped (not recommended)
This method of communication is not quite as secure because the communication is less transparent.Â
via cable (not recommended)
Communication via mini or micro USB cable is also possible. This is very convenient, but less transparent and not quite as secure as using QR codes.
Privacy features
multiple accounts
The Specter DIY enables secure management of multiple accounts by storing their xPubs on the device. Wallet descriptors are imported via QR code, USB, or SD card. Accounts can be individually named for clarity.
Coin Control
With Specter DIY, you can easily select exactly which UTXOs you want to use for each transaction.
Notice
The Specter DIY is designed for self-sufficient Bitcoiners who know or want to learn how to securely store their Bitcoin. The Specter DIY offers maximum freedom in your Bitcoin storage and does not have built-in parental controls, so it supports some features that, if used improperly, do not ensure maximum security. These optional features are marked "not recommended" on this page.
For the sake of completeness, you can find the Specter DIY GitHub security page. Even if a lot of things are repeated there.
