Why should private keys be private

The whole purpose of a cryptowallet is, that private key for signing crypto transactions is stored in a safe place never directly exposed and thus susceptible to malware & co. that can infect your desktop.

Still MiTM (Man-in-the-Middle) attack could be made on the desktop and thus you have to always check the tx details, you are about to sign, on the cryptowallet itself (one of the reasons why BC Vault cryptowallet has one of the largest OLED displays on the market).

You do that, because attacker could in theory change the requested dst. wallet address AFTER you type it in the application and before it reaches the cryptowallet (thus MiTM). This would happen if attacker did compromise the desktop/application on it. But what about the vice versa problem?

What if you have good desktop/application and somebody compromised your cryptowallet with rogue firmware that acts as normal, but instead signs transaction to some other destination (but shows you the correct one on display)? That would be MiTM on the hardware.

Well… BC Vault does protect you from that. We do take extra care to double check everything on BOTH sides. Thus application will also check, that requested tx sent to the device is the same one, that was signed with private key and returned from the device!

— Alen Šalamun, CTO of REAL security
Original post