Replying to Avatar cryptowolf

I re-read your message regarding not knowing the technical nuances.

I personally do know the technical nuances for most hardware wallets and always advise people to use something that is fully open source hardware, firmware, and software as well as an opensource secure element.

Currently the new Trezor is the only one out there with all this in mind and fully offline seed storage.

Also the most user friendly and versatile for newbies.
Avatar
nostr.build 2y ago

Coldcard and Passport are both open source and fully off-line.

Problem with Trezor is you have to plug it into the computer. Coldcard and Passport are fully air gapped..

Reply to this note

Please Login to reply.

Discussion

Avatar
cryptowolf 2y ago

Coldcard has a proprietary secure element.

No thank you.

Signing transactions by scanning QR codes off screens have also been exposed to have security flaws.

Avatar
nostr.build 2y ago

Coldcard actually uses two different third-party, known elements, and overall there is more risk plugging your signing device into a computer than using psbt / chip transfer/ QR codes.

Personally, I don’t want my signing device to touch the computer. Some people might be more likely to lose their seeds, so a device like Jade or BitKey might be ideal.

Ultimately I think all the devices we have talked about are very secure, and it is just a matter of preference.

“The COLDCARD Mk4, unlike its predecessors and other products like it on the market, has two Secure Elements (SE) : Microchip’s ATECC608B (which we will refer to as SE1) and Maxim’s DS28C36B (referred to as SE2)”

https://blog.coinkite.com/understanding-mk4-security-model/

Avatar
Toxic Bitcoiner 2y ago

AFAIK there is no such thing as an open source SE.