I am seriously considering it. Do you also use it for long term cold storage or for everyday wallet ?
Discussion
Not used as cold storage
no i don’t use it for long term cold storage, but you could I guess. Probably better than a lot of solutions.
Not for cold storage. If your signing device can't show you the transaction details that it's about to sign, then you have no way to confirm that the transaction isn't sweeping your entire wallet somewhere else.
You can pair a hardware signing device with Nunchuk that does have a display (like a Coldcard or Blockstream Jade), and verify the details of the transaction before signing. You can also pair multiple hardware with Nunchukm and create a multisig wallet, which offers superior security and robustness compared to a singlesig wallet.
In the above setup, Nunchuk only acts as a watch-only wallet coordinator. So yes, 100% Nunchuk can be used for cold storage. And many of our users have done so.
We also have a Decoy Wallet feature that’d give you plausible deniability.
We also have a Decoy Wallet feature that gives you plausible deniability. Check it out here:
Yeah, I'm specifically referring to the tapsigner setup being referenced in this thread. And, I'm not trying to imply I think Nunchuk would intentionally do anything malevolent. But, with all due respect "Nunchuk only acts as a watch-only wallet coordinator" doesn't guarantee that Nunchuk is asking the tapsigner to sign the transaction that you think it is.
Got it, thanks for the clarification.
Yes, for cold storage you might not want to only use Tapsigners (although, even a Tapsigner-only multisig would still be better than something like Bitkey, which is a closed system). As long as you have at least one hardware in your multisig quorum that has a display and can verify transactions independently, it’s a solid setup.
Why is it not a good solution for cold storage?
For me purely as there is a hoy key involved in my setup. Tapsigners also need backing up in case they shit themselves. So this introduces more attack vectors. Nothing beats multisig seeds in steel geographically apart in my opinion.
That’s just me but everybody has different risk tolerance and situations. There is no one size fits all
I think Antonopolous describes it well here. https://youtu.be/nRts1VWkOXQ in general my main worry with a single hard ware wallet is that someone finds words and takes over it and there are simpler solutions to solving my single problem like having additional passphrase on top of my words. The multi sig brings extra complexity that requires much more effort in securing safely that emotionally are a bigger burden to me and I don’t feel confortável with it yet.
https://youtu.be/sjS5qF65Yos maybe this one explains better
But, with the tapsigner you don’t have to use multi-sig. You can simple do single sig.
I don’t quite understand what you mean. I suppose you mean using a multisig with a coldcard and a tapsigner? I would never use tapsigner for my main multi sig. I totally loose stuff on the regular and would be relying heavily on the back up of that one. And what I dread is loosing one of the wallets on the multi sig