I'm shopping for a new hardware wallet, and I'm bothered by all the wallets that advertise their support of 10k+ coins. It makes me want to not buy them. So now I'm focusing on Bitcoin only wallets.
Discussion
Bitcoin only. 👊
We want a Monero signer
excited for the new Foundation one.
Eventually just Bitcoin and Monero support I hope.
I don't think I've encountered a Monero signer. But then again, I didn't bother to review the list of 10k+ plus coins some of these wallets support. I've definitely never seen a standalone Monero signer. But I have seen a few Bitcoin only wallets.
there isn't one
but Foundation is already partnering with Cake to make an app for their new Prime platform.
Good choice
I would recommend hardware by: SeedSigner, Coin Kite or Foundation.
I was just looking at that SeedSigner. Going the DIY route works out to be about $10 cheaper than buying an assembled version. It looks like a nifty little device, simple, straightforward, and purpose-driven. I think my only concern with it is there's no secure element.
Considering that the assembled version plus the necessary MicroSD card is about the same price as the Portal (about $95), I wonder if it would be a better value, and a more secure option to just go with the Portal. On the other hand, the Portal is NFC-only, and doesn't provide any QR functionality for air-gapped operation, and no MicroSD for backup and moving transactions between the device and your computer or phone. It's a tough call, and I'm getting lost in the weeds!
jus use electrum..
I'm talking about hardware signers, not a software wallet. I already use Nunchuk and don't plan on switching. And I use Mycelium as a watch-only backup.
multi sig, you prob don't need an HSM for that. Cause it's multi sig. And cut the wifi chip. That's it. Ez.
There's no wifi chip on either the SeedSigner or the Portal. SeedSigner uses a no-communication Pi Zero, and the Portal's open-source board only includes NFC capabilities.
Inhave both single-sig and multi-sig wallets. With the multi-sig wallets, I want to have a 2/3 multi-vendor hardware signing configuration. I've already got a Tapsigner for one key, I want a different wallet/signer for the 2nd key, and the 3rd key will be encrypted and stored offline.
I can't seem to find any pi zero without chip 😔
I would so run electrum on this 😎
Would you do that with Pi OS? Or does electrum have their own OS for use with Pi?
raspbian with python deps yeah. you can transfer the deps w a USB stick
don't loose ur corn. Use 2/4.
What difference does the additional key make? If I have one encrypted offline key, shouldn't that be sufficient? Or is there some other benefit to using 4 keys that I'm not aware of?
The more keys you have, the less chance you 'loose' them
But the tradeoff is the additional attack surface, no?
Pi has an RNG chip, you can use offline. So.. id error on the side of loosing vs actually being hacked.
I do not like the complexity of multi sig. It is overkill imo.
I think it's a necessity. I used to live on a boat, and nostr hates this but, no boating accident gonna take me out 😎
Life on a boat would have its challenges. My single sig keys are safe for at least a millennia. I’m good!
It's also theft .. no one device, or place, is good enough.
What do you mean by “it’s also theft”?
theft, fire, loss, etc. best to spread out. And also be protected from theft. they can't steal more than 1
I’ve mitigated those risks.
not if I theive a pic of your steel plate seed tho 😎
I saw a metal plate system somewhere that came with two plates, and you need both plates to read the seed. One plate was completely blank, and the other had the grid and little holes for each grid square. The idea was that you'd put the two plates together and punch your seed letters, then seperate the plates and store them in different locations. The blank plate would have all the punch marks but no notation or indication of the letters, and so you'd need the other plate to reveal what the punch marks represented. I was impressed with the ingenuity.
Single-sig with two metal backups is probably sufficient in practical terms. Multi-sig may be technically more secure and safe on paper. I think it really depends on your risk tolerance, and how much complexity you're willing to handle.
It's not too bad. Just open 4 electrum wallets
I see the value, but I also recognize the added complexity. For a hot wallet, I think single-sig makes more sense. But for cold storage, multi-sig is probably the smarter choice.
That Pi Zero is cheap AF. And that supplier also has the solderless GPIO pins for like $7. Add the camera and you're good to go for under $30 including shipping. That's a great deal if you ask me. If you get one, I'd love to see a video walk through of your installation of Electrum. That sounds like a very cool project.
I did briefly look at the Passport wallets. My one big criteria is that it must be supported by Nunchuk Wallet, as that's the wallet I love and am committed to. I've been looking for a list of all hardware that supports Nunchuk, but haven't really found anything definitive. I may end up reaching out to Nunchuk support for better understanding of which hardware wallets they support. They've got an active nostr presence, and are pretty responsive, so that may be the way I go for determining which wallets/signers can be used with their wallet.
Why are you committed to nunchuck?
It's a great wallet. Solid security, native support for COLDCARD, Tapsigner, and Portal, clean UX. I've tried most legit wallets out there, and Nunchuk is the one that stuck. I also use Mycelium as a watch-only backup, but Nunchuk is where I do all my transactions.
You should also prioritize Bitcoin-only Air-Gapped signing devices with secure elements.
Naturally. I thought that went without saying. Lol
Do you know anything about the Jade? I'm looking at it because it's bitcoin only, and it's supported by Nunchuck Wallet. It's also made by a reputable company (Blockstream) and it's fully open source. It's fully air-gapped, but it does include Bluetooth which can be disabled by downloading the no-bluetooth version of the firmware. And it's cheap. It's selling for about $70.
The only thing that gives me pause is they're not using a hardware secure element chip. Instead, they have virtual SE which uses the security infrastructure to create a protected area of the data storage system that emulates the secure element chip. I'd be happier if they used a hardware SE chip, and bumped the price by $20. What do you think?
Well, I have a Blockstream Jade, but just like you, I don’t like the fact that Jade doesn’t have a secure element.
Therefore I would only recommend to use the Jade in a multivendor multisig. Not singelsig.
Have you seen the Portal? It's another Bitcoin-only wallet/signer that's made for mobile devices. It's powered entirely by the NFC connection, which is pretty novel. It's also reasonably priced, currently selling for $95. I don't know if it's got a secure element chip, but I joined the official telegram channel and asked about it. Hopeful they get back to me in the next day or two. If it does have the chip, it will have ticked all my boxes, and could be the device I choose.
The Portal NFC-only signing device is great, but it’s very new and therefore it’s hardware and firmware isn’t battle-tested.
What are your opinions about the Coldcard Q from nostr:npub12ctjk5lhxp6sks8x83gpk9sx3hvk5fz70uz4ze6uplkfs9lwjmsq2rc5ky and Passport from nostr:npub1s0vtkgej33n7ec4d7ycxmwt78up8hpfa30d0yfksrshq7t82mchqynpq6j?
I really like the Coinkite wallets, both the Mk4 and the Q. I think Coinkite has been very thoughtful in their designs, and have created hardware that's solid, reliable, and ready to manage the funds of the biggest whales. My only gripe is with the cost. I'd like to see them priced about 15-20% less. But I don't know their manufacturing cost, or their profit margin so I'm just judging from my consumer perspective.
The Passport from Foundation is another really nice walet/signer. I haven't used one, so I can only judge based on the specs, reviews, and video walkthroughs I've seen, but the Passport, and soon the Passport Prime, are the Cadillac of hardware wallets. Their design is beautiful, and you can tell they're appealing to the high-value users. But with the Cadillac design comes a Cadillac price. It won't be an issue for people holding dozens of BTC, but for the average bitcoiner, it may seem intimidating.
I really like the design and functionality of the Portal. Using the NFC connection to power the device is ingenious, as it always works, and you never have to be concerned about dead batteries, or being near an outlet to conduct business. It looks like a very sleek, and efficient signer, and at $95 and considering its ease of use, it's accessible to everyone. What I don't like about it is that it's 100% NFC. It doesn't do true air-gapped transfers via QR or transaction files on a MicroSD. It's probably not a dealbreaker, especially if you do all or most of your transactions on your phone, but I like having options as it makes the device more versatile, and more easily used across platforms.
I've also been looking into the SeedSigner. It's a nifty little Raspberry Pi Zero project that you can build yourself, or purchase fully assembled. It has its own OS, and it's purpose-built to conduct true air-gapped transactions using a small screen that displays QR codes, and a small camera on the back that scans QR codes provided by your companion software wallet. It also backs up to MicroSD makings backups easy. The SeedSigner costs about $85 assembled and with an SD card, and the DIY kit ends up costing about $10 less. But there's downsides to every hardware wallet, and with SeedSigner the downside is no secure element chip. Instead, it relies on the software, and embedded microprocessor to protect the seeds. For this reason, I think it's a great choice for people holding less than 1 BTC, but probably not ideal for those holding larger sums. It's a great introductory signer for people new to bitcoin.
Given that SeedSigner's cost is similar to Portal, I think it's a toss-up between Portal and SeedSigner. Is it more important to have a secure element and a professionally manufactured device, or is it more important to have true air-gapped transaction signing? That's what I have to determine for myself.
I've used two brands recently.
Foundation Passport is nice. If you only need cold storage for yourself, it's great. Probably a great solution overall. Especially if you want to scan QR codes, it is excellent.
Coldcard Q. This is my favorite because it fully supports BIP-85, which are child seeds derived from the master seed. The BIP-85 feature supports exporting as many xpubs as you wish, for watch-only wallets. This is great if you are being an Uncle Jim to members of your family. All the child seeds are backed up in the Coldcard. The QR scanner is not compatible with most software wallets though. So I transfer psbt's via sd card, which always works.
I've looked at the Passport, and it is really nice. But it's expensive. I'm just looking for something in the $100 range that's bitcoin only, open source, send secured with a secure element chip. It will be used primarily as a signer with Nunchuk Wallet, so I don't need a lot of the the bells and whistles the more advanced hardware has. I'm currently leaning towards the Portal, but I'm still looking.
you can get that trezor one with bitcoin only firmware fir under $100 pretty sure
Which Trezor model are you talking about? I haven't really looked too hard at the Trezor because it seemed like it was more expensive than I wanted to spend. If they have one at about the $100 mark, I'd definitely look into it.