Subnostr

An encrypted backup of the multisig wallet configuration doesn’t let you steal the coins, it isn’t your key, it’s the wallet generated *from* those keys. The problem with multisig is you could generate a near infinite number of xpubs from the same 3 keys, so if you don’t save it properly, it’s kinda like a fourth key.

Your wallet configuration is critical, but doesn’t spend your funds. A saved backup attached to an account is a great feature one might expect with a mobile wallet service.

Extracting the actual seed from a hardware wallet is a night and day difference. The whole point of a hardware wallet is to have your keys never leave the device. Ledger has built a hot wallet feature into their cold storage product. It’s beyond stupid and a huge security vulnerability.

Guy Swann 2y ago

Sidenote: I don’t know much about Nunchuk assisted recovery and it could be storing an encrypted copy of a mobile key (which you should consider the trade offs for a hot wallet), but I do know they aren’t extracting keys from my hardware wallets and keeping them stored on their servers… because they can’t, I don’t use a Ledger 😉

Reply to this note

Please Login to reply.

Discussion

No replies yet.