ClavaStack

Menu
Menu

Security even for paranoid people

Specter DIY Sicherheit. Ohne Virus, Hacker und Internet. Airgapped Sicher und Transparent.

The Specter DIY hardware wallet has been around since 2020 and was largely programmed by Stepan Snigirev. At that time, the hardware wallets on the market couldn't meet his security requirements. Specter was then released as a completely open-source Bitcoin-only hardware wallet, allowing anyone to build it and verify the code themselves. Since then, a large portion of the code has also been used in the SeedSigner and Krux projects, without any significant security vulnerabilities.

Security features

Firmware and software security

Open source

The firmware of the Specter DIY is completely open source and freely usable by other, even commercial, projects. A large portion of the code is therefore used by the SeedSigner and Krux projects, which underscores the security and robustness of the code.

Here is the entire code

Reproducible builds

Don't trust, verify! Specter DIY's firmware is fully reproducible. This means anyone can compile the open-source code independently and ensure that the resulting software matches the official version. Detailed instructions and additional information about the reproducible builds are available on the official GitHub available.
 

You can also sign the software yourself to ensure you're using the official version of Specter. This is much easier; you can find a Instructions

Secure Boot

The Specter DIY's firmware is signed exclusively by the official Specter developers. With every firmware update, the device verifies this digital signature to ensure only authentic and verified versions are installed. This way, you can be sure that no tampered software will sneak onto your device.

Anti-phishing words

When the device is first started, a unique secret is generated on the main microcontroller. This secret allows you to check if the device has been replaced with a tampered one – when you enter your PIN, you'll be presented with a list of words that always remains the same. As long as this list of words remains the same, you can be sure that the device hasn't been tampered with during that time.

Seed phrase management

Seed custody

Save seed phrase to the internal device memory (not recommended)

Your PIN code and the unique secret (see Anti-Fishing Words) are used to generate a decryption key for your Bitcoin seed phrase (if you save it). Even if an attacker could bypass the PIN screen, decryption would still fail.

If you lock the firmware (instructions for how to do this follow), the secret key material will also be effectively locked. If an attacker attempts to install a different firmware on the device, this secret will be erased. You'll notice this because the word sequence differs when entering the PIN code. However, this method is not recommended, as it is theoretically possible to extract the seed phrase using techniques such as lasers or acid.

Save seed phrase outside the device: Temporary Seed

Therefore, the Bitcoin seed phrase is typically only stored in the RAM during active use and is deleted when the device is turned off. The seed phrase is thus stored outside of the Specter DIY. Typically, the 12 or 24 seed words are written down on paper and entered via the large touchscreen when using the device, conveniently scanned as a seed QR code, or imported from an SD card.

Recommendation: Multiple copies of the seed phrase should be created and stored in different secure locations. It is recommended to store them in tamper-evident bags or in the backup stack. Additionally, a passphrase or a multi-signature setup should be used. This allows for detection of potential theft of the seed phrase and prevents access to the Bitcoin through the additional backups and/or the passphrase.

Seed storage on the secure element of the smartcard

The Specter Shield and Specter Shield Lite offer all the features of the Specter DIY plus a smartcard option. This allows you to store the Bitcoin seed phrase encrypted on the secure element of the removable smartcard. For a potential thief to access the Bitcoin seed phrase, they would need three different secrets: a random secret on the secure element (smartcard), a random secret on the microcontroller, and a random secret on the microcontroller. (Specter Shield) and a secret of your choice, the device PIN. If 10 incorrect device PINs are entered, the smart card with the Secure Element becomes unusable, and this seed phrase can no longer be generated by the Secure Element. This limits brute-forcing (multiple guessing) of the PIN to 10 attempts. 

Wallet seed generation

The security of the Specter DIY is based on a robust generation of the private seed phrase by combining several entropy sources:

  1. Random generator: A hardware-based True Random Number Generator (TRNG) on the microcontroller generates true random numbers.
  2. Touchscreen interactions: The time and position of each touch on the touchscreen are measured. The resulting entropy is collected in a hash and updated with each subsequent touch.

These sources are combined and hashed to create a high-entropic seed phrase that is more secure than any single source alone.

Optional can also be playfully simple and transparent Incorporate real life randomness into seed phrase generation by means of coin tosses, where a coin can be flipped for each single bit. 

Additional security features

Only Bitcoin and Liquid support

In addition to the Bitcoin mainnet, the Specter DIY can also be switched to the Liquid mainnet (Bitcoin's second-layer solution). The following test networks are also supported: Testnet, Signet, Regtest, Liquid Testnet, and Liquid Regtest. Since no altcoins are supported, the codebase remains narrow and offers fewer attack surfaces. Furthermore, the networks are clearly separated, so each wallet belongs to a specific network. This means that a wallet imported to the testnet is not available on the mainnet or regtest. To use the wallet on a different network, you must switch to that network and import the wallet there separately.

Secure display

The Specter DIY is designed for when your computer is compromised and you can't trust it. You can securely verify transactions, receiving addresses, transaction fees, and other data in detail via the large touchscreen display.

Rules for transactions signed by Specter DIY

  • Warning for mixed inputs: If inputs from different wallets are detected in a transaction, the user is warned on the display. This protects against potential attacks aimed at manipulation.
  • Warning about unusual change addressIf the Specter DIY detects a suspicious or unusual change address, the user is clearly warned on the display. This check is performed for both single-sig and multi-sig transactions to ensure maximum security.
  • Change outputsChange addresses (return outputs) display the name of the wallet to which they are sent. This ensures full transparency and control.
  • Multisig or miniscript usageTo use multisig or miniscript transactions, you must first import the corresponding wallet. This is done by adding the wallet descriptor via QR code, USB, or SD card.

Communication options

The Specter DIY supports three different ways to communicate with the companion app of the device that is connected to the Internet. 

Air-Gapped

Two of these communication options are completely airgapped. This means there is no physical connection to the other device. Furthermore, this communication method is extremely transparent, as the user can see exactly what information is being exchanged at any time. 

via QR code (recommended)

This is the most secure communication method. The information is displayed transparently via air-gapped QR codes using the Compnion app. When scanning QR codes, a separate microcontroller is running, so image processing takes place outside of the safety-critical microcontroller.

via SD card (not recommended)

Communication via the SD card is also air-gapped. Here, the SD card is plugged back and forth from Specter DIY to the internet-enabled device. To reduce the attack surface, this option should not be used, as communication takes place directly with the safety-critical microcontroller.

not air-gapped (not recommended)

This method of communication is not quite as secure because the communication is less transparent. 

via cable (not recommended)

Communication via a mini USB cable is also possible. While this may be convenient, it's not optimal, particularly because it uses the main microcontroller interface, rather than a separate one, as is the case with the QR code method. For this reason, we have deactivated this communication method for the devices we sell at ClavaStack Shop. To use it, it would have to be reactivated manually.

Privacy features

X-Pub storage

It is

multiple accounts

The Specter DIY enables secure management of multiple accounts by storing their xPubs on the device. Wallet descriptors are imported via QR code, USB, or SD card. Accounts can be individually named for clarity.

Coin Control

With Specter DIY, you can easily select exactly which UTXOs you want to use for each transaction.

Notice

The Specter DIY is designed for self-sufficient Bitcoiners who know or want to learn how to securely store their Bitcoin. The Specter DIY offers maximum freedom in your Bitcoin storage and does not have built-in parental controls, so it supports some features that, if used improperly, do not ensure maximum security. These optional features are marked "not recommended" on this page.

For the sake of completeness, you can find the Specter DIY GitHub security page. Even if a lot of things are repeated there.

Pages

Home

Specter DIY Features

Specter DIY Security

Uncle Jim Wallet

About Us

 

Products

Specter DIY

Specter Shield

Safety talk

Backup Stack

Security bag

Guidelines

imprint

Privacy Policy

Cancellation policy

Terms and Conditions

Social Media
X-twitter Instagram YouTube
Newsletter

Subscribe

en_GBEnglish (UK)
de_DEDeutsch en_GBEnglish (UK)