Hey - hope to see some members of the wallet ring at 35c3! Here some sessions that might be interesting to wallet devs:
One more interesting session (yes keys on smart-cards will be a thing in 2019 - https://github.com/status-im/status-keycard):
Magicians at 35c3
Thanks for that, all the talk are viewable and downloadable here https://media.ccc.de/b/congress/2018
I have an idea about using iterated hashing to mitigate password-protected wallet owners’ vulnerability to coercion:
Time-Lock ASICs for Password-protected Wallets: https://github.com/esaulpaugh/scratchpaper/blob/master/Crypto-Time-Lock
Instead of memorizing your wallet password, memorize your wallet password’s seed and hash it repeatedly to generate the wallet password. Seed (i.e. master password) “Jeb!2064” might produce derived password “bdrvpUu8N8xN3s7xi22jM” after 80 billion iterations.
By the time the attacker knows you’ve given him a fake (master) password, many hours or days will have elapsed, making attacks expensive/risky.