Subnostr

No. The masterseed never leaves the device. Not even encrypted.

The idea is you have a safe deposit box. You put your valuables into the safe deposit box and then give the keys to the box to some guardian who will only give it to people who guess the pin on the fifth attempt. The guardian doesn't know where exactly you keep the box and less what's in it.

samuel 2y ago

Interesting. I like the strategy, currently I am simply migrating from a ledger that I no longer trust to a multi-sig air gap solution built from a raspberry pi zero. With open source Python code.

Reply to this note

Please Login to reply.

Discussion

Leo Wandersleb 2y ago

Multi-vendor-multi-sig is probably the most secure you can get but seedsigner being one of the signing devices is already a great choice I think. I saw they made advances with reproducibility but are not there yet. But even as a black box, it can do little evil due to the way it works.

samuel 2y ago

As I recall that was mentioned in the seedsigner document.

But what are you referring to WRT reproducibility on the seedsigner side?

Leo Wandersleb 2y ago

https://github.com/SeedSigner/seedsigner/issues/166#issuecomment-1264069567

samuel 2y ago

Thanks for the thread! I can assume you are the Giszmo in those posts. Nice to know I am talking to some knowledgeable folks!