Replying to Avatar Brunswick

The threat model of seedsigner or coldcard are largely the same. The only real threat of any truly offline signing device is in the generation of a seedphrase and the device's internal random number generation or interepretation of dice rolls. You can e2e verify diceroll functionality of either device with third party software, or you can generate the seedphrase with plastic seedwords in a bowl, or separate software like sparrow. In any event, if you assume you can use the devices in an airgapped fashion and not rely on their integrity with taking common sense measures, what is the functional advantage of a coldcard over a seedsigner?
Avatar
btconboard #LNHANCE or #CTV 1y ago

People have to judge for themselves, but I strongly dislike stateless signing devices. Somehow every time you use it you have to load the seed. Which means you must handle and have it nearby in a format that’s easy to steal. My experience is often noobs have a QR or seeds words lying on their desk and that’s not great. So if you use in an ideal way consistently it’s fine, but I’m extremely skeptical in the real world most people do.

I also want taproot and mini script support, which is at least on Coldcard’s edge firmware.

The parts costs are also way up these days which stinks, not the projects fault though. For the same money I would much prefer a Jade and use the blind signing oracle.

I don’t at all mean to dunk on Seedsigner. I love the project and have donated a few sats to it.

Reply to this note

Please Login to reply.

Discussion

Avatar
Brunswick 1y ago

If I understand your argument correctly, you believe the main advantage of a coldcard is the ability to store the seed on the device itself,

Avatar
btconboard #LNHANCE or #CTV 1y ago

Close but not necessarily exactly that. Yes that is how coldcard accomplishes it. But my real point is I think it’s a bad incentive to need the seed in an unencrypted format in order to use the device. My guess is that in practice this means most people keep their seed nearby in such a manner it’s easy to steal, and generally, I think the more you handle your seed the more likely it is to get leaked. Coldcard does this in a stateful way where it is stored on the device in a manner where it is quite hard to extract, but the jade accomplishes this in a wholly different way with a blind signing oracle also making the seed essentially impossible to extract but you don’t need to handle or load the seed onto the device itself.

Avatar
ShiShi21m 1y ago

Your pin is easy to guess my g, if you're leaving your seed phrase around you're retarded.