I love my cold card but Iv been slowly migrating over to a seed signer multi sig. Less hardware and software risk to fuss with.
Discussion
Hrm, don’t really want to start this argument up again 😅 but SeedSigner has a lot more hardware risk than a ColdCard, except (perhaps) for targeted supply chain attacks — because a SS is widely available off the shelf stuff, it has ‘herd safety’ whereas CC is obviously only for Bitcoin so has a clear incentive to be attacked. SeedSigner is also more closed hardware than the ColdCard is (RasPi is very closed), though neither are fully open as CC give schematic but PCB layout is closed and Secure Elements are mega closed and the ST Microprocessor is also closed.
Similarly, for the software risk, ColdCard software stack is way way fewer (orders of magnitude) lines of code than what’s in a SeedSigner which AFAIK is running an entire Linux. CC firmware can be deterministically built, whereas SS doesn’t and that might be tricky to achieve.
So while both are great, they have slightly different security characteristics and for *most people* the ColdCard comes out as the stronger option
My thinking is, if I'm holding Bitcoin for my kids and grandkids then I have more faith that a Linux computer with a camera and an open source OS like SS is more likely to be around than the special chip that is available in CC. I like that with SS the keys are physical by default. I know my wife is able to send to and from a multi Sig made with a ubiquitous rpi seed signer setup + blue wallet. I'm not so sure she would be able to do the same with cold card multi Sig. So I may just be using the word "risk" differently.
That’s exactly how the spooks killed PGP.
Seed signer is extremely easy to use.