Nostr Web Client

that is not a hardware wallet and I do not think I am in a position to comment on physical backups

but could work with a nostr:npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl

modulo 2mo ago

Exactly, not a wallet👍🏻

As a key it works incredibly well with a #seedsigner since SeedSigner accepts the 11/23 words plus residual bits.

Make your modulo key offline, derive words, use SeedSigner to create addresses (with a passphrase = 👍🏻), store for the long term.🧡🗝️💜

mar 2mo ago

I want software not hardware because then I'd have to carry it around, my phone is already my hardware device. We also don't want to pay for software, we want it free, What you could do is take a fee from the transactions if you want to make money. That is the future.

Phones keep getting hacked all the time. In general, there is physical separation whenever a less trusted system has to interact with keys, like HSMs, or airgapped systems.

mar 2mo ago

I don't understand what you mean by phones getting hacked. I've never met anyone that's had their phone hacked.

I don't think hardware wallets are that popular at this moment because we can't pay directly with Bitcoin. Maybe store accept lighting everywhere we can carry around a hardware wallet and load lighting onto it before we head out the door.

Hopefully not more than $150 USD. We need some low barrier to entry for people.

I’m at crossroads though because. If you’re protecting your life savings you should be okay spending some $$ but also if it’s not obtainable people won’t use it or adopt it.

Steps. What would you expect from for example:

- a $100 starter sevice

- a $200 device

I think the important things for me are

- generating keys 100% offline

- zero way to connect to WiFi or Bluetooth

- easy way to import/export to xpubs

- simple work flow for signing transactions. Most likely QR codes

- I like the stateless system of seedsigner so you can use it with many seeds.

My threat model is an easy one to work with. I live in the middle of nowhere and people don’t know what bitcoin is here or what a hardware wallet is. So the SS is perfect for me. Pi zero and QRs are life for me.

I’m not against the seed staying on device. If the secure element is actually secure. But I would want the documentation that comes with it to basically force (shame) the user to create a stainless steel backup. I think there’s so much risk of losing the device or it melting in a fire.

Require a verification of the backup

Yeah. That will be tough. I work in software so I know what it’s like to try to force users to do something. But I guess we just have to scare them into doing it. Ultimately it’s education.

QR is expensive to implement on a device (needs a better MCU and camera hardware and tuning. possible, but the amount of overlap between “secure against attacks” and “high performance” and “cost effective” is tight), so would not be great on an entry level model.

As a tradeoff, SD cards could work.

Technically, an airgap is not going to stop anything if the device is malicious, as some methods like screen brightness could still modulate data. And people have turned a GPIO pin on a $1 chip into a LoRA transmitter.

I had this discussion a few times, but most of the USB concerns originate from bloat on the host OS, which supports a million different things, compared to a small device which you basically have 0 chance of finding a bug in.

I think passing PSBT on SD is 100% viable option.

I think BT are not inherently bad (again, OS bloat is the bigger concern, but BT has some encryption issues which could be solved by a custom encryption layer) but they are unnecessary, so why have them? And now you need a battery, and… exploding money storage devices sound fun.

An SD card is also more auditable.

I think you have all the right direction. You get the importance of the true secure elements. The air gap capability.

You and I are on a similar, or same page with SS. I think we just need reasonable alternatives to them. SS is a great product, we just need more. but nothing else that is commercially available is worth it’s weight in silicon

An SS does not work well when you want to carry around a small stash securely :) but it works great for multisig

maybe you could use a smartcard I am making with SS to get best of all worlds for a distributed multisig (especially key shards held in less secure locations)

I love this idea. Travel is the big downside with SS. I end up taking a QR seed with me and I keep a passphrase for that wallet in my head. So the BTC isn’t accessible but it’s still not a perfect or great option. Obviously everything has tradeoffs.

I’d be happy to keep talking about this stuff. I’m not a dev, but I work in software (operations, training, support, sales, testing) UI/UX is super interesting to me too.

A Yahboom k210 costs around 30–50 dollars. Krux is good enough

Persistent storage of keys on a device without a secure element is a bad idea.

The goal here is something you can carry and is secure.

It's optional; you can upload your key to an ephemeral session.

I’d say a SeedSigner is better then due to not requiring less specific hardware.

Most people don't build from zero or install a custom firmware, I agree its a incredible minority of users. If you want to appeal to masses you need a slick interface and an smartphone form factor like passport prime.

Well, if it's necessary to transport a key manager device, then I'm not your target customer.

Different target markets.

Justin 2mo ago

Just give me a stone tablet. And a chisel.

Tim Bouma 2mo ago

I’m pretty happy with my Coldcard and Trezor. Starting to wonder what a nostr hardware device would look like. Likely a self-generated master key that never leaves the device with a bunch of derived keypairs that can be provably mapped back to the master public key.