In future, frozenkrill (or software designed with similar goals) will run on hardware wallets (fingers crossed🤞), but as today it requires a "normal" computer and a tech-savvy user.
It requires that:
- the user is able to check the hardware for potential malware, in particular
- There are no keyloggers on main computer or keyboard
- The BIOS can be trusted
- Components like Intel Management Engine are not doing funny stuff
- the user will boot a minimal and safe (preferably open-source) system in a known state (e.g use a secure Linux/BSD distribution that has been safely downloaded and minimally audited)
- In particular it's imperative that the swap memory is disable so no RAM contents ever get persisted to disk
- And, of course, that
frozenkrillis the official version and no tampering has happened
- the system will never get connected to internet during key generation and it will be reset before connecting again
- the password is reasonably strong and has not been reused (and will not be reused) outside of
frozenrkrill - no one is watching you
Many hardware wallet users are very concerned about the capabilities of their devices of being random enough while generating a seed.
Many will prefer to throw dice (or some similar method) and generate the seed using non digital methods of gathering entropy.
While frozenkrill is perfectly capable of accepting an external seed generated by the user (see the --user-generated-seed flag of the singlesig-generate command), in practice if the user don't trust the operating system's entropy pool, then others cryptographic processes like salt and nonce generation shouldn't also be trusted.
So we recommended everyone to do their own due diligence and check if they can trust the entropy of their setup.
One tip is to install the package rng-tools, present in most Linux distributions, in particular run the rngtest binary like rngtest -c 1000 < /dev/random.
If it doesn't block and yield a low failure rate (let's say, less than 1%), then it may be safe enough for our purposes.