I’m a Bitcoin pleb who finally mustered enough courage to exchange a decent amount of fiat into Bitcoin. Is Coldcard the “gold standard” for a cold wallet or should I look at others? Also, I guess I should get a safe for storing my seed — is that what everyone does? I read https://werunbtc.com/coldcard
Discussion
What’s the difference? More DIY and cheaper?
The lack of a “secure element”. While coldcards implementation is so laughably better than ledger, it’s not a fair comparison (there’s just zero competition to CC in this respect), a stateless design has the advantage of no illusion to security. When you pull the power to a seedsigner, your seed isn’t stored on the device, thus falling back to your storage design’s native security assumptions (where/how you store your seed(s)).
Granted, the cost to attack a cold card’s stateful design is $250k+, so I’m really arguing about something out of scope for many.
However, the planned SS port to esp32 hardware further lowers the cost, adds optionality, and increases supply chain attack resilience (the argument is “what if someone hw hacks the suppliers”; search “supermicro bloomberg” for an example).
Does Cold Card work with a piece of desktop or Android software? If so, what is their software called?
It works with practically all bitcoin-only software. I recommend Sparrow.
Seedsigner is awesome but managing seed QRs cards is not really practical for most people. I don't see it as a cold storage solution personally. And yes I built one and use it.
Seedsigner is not a cold storage solution, it’s a signing device. In your instance, the seedQR is one part of the storage solution. What medium it’s imprinted on, where you keep it, how you access it, and when it’s accessible are other components of that storage solution.
Right, I understand. The problem is it only really makes sense in a multisig setup. Why would I want single sig QR codes laying around with my seed phrase, just another thing to have to secure. But a multisig wallet with a Seedsigner as one of the keys makes sense. Problem is most people can't set up a 2FA on Coinbase let alone a 2 of 3 multisig with a watch only wallet.
Unless you delete the key from your coldcard, you’re already leaving your naked singlesig laying around and have a second item to secure.
So my Coldcard gets stolen along with my Seedsigner and seed QR code. Which offers more protection in a single sig wallet in this situation? The Seedsigner? Lol.
Whataboutism is a lose/lose game. Thief beats your ass or worse until you give up the pin is the likely scenario there.
Trade offs, all the way down.