Good morning! Hardware wallets are a barrier to entry for self custody. For someone who is just getting started, teach them to create a wallet on their phone, back up the 12 words, export the xpub and delete the wallet from their phone and start self custody.
Hot wallets are not a bad thing!
Hot wallets can certainly advise people when a balance crosses above a threshold, how someone can provide better security of their funds.
The initial risk is low, without a large starting transfer.
Help guide people into suitable and appropriate standards based on their position and risk.
Every lightning node on the network is a hot wallet. There's never been an instance where lightning was "hacked".
Risk is an exposure and management process. Supply chain attacks or zero days are possible and not of zero risk.
Active/dynamic systems (multiple lightning implementations and lightning channels) are generally at much greater risk than passive (btc cold wallet address). The overall risk may still be low - while the relative risk is quite different.
Side attacks are also very possible - like requesting a refund via a path hint with a high fee node the attacker controls. Unless you mitigate against something like this, naive implementations are vulnerable.
Same goes for Umbrel. LND may be safe, while an app update or new app could escape docker and do bad things.
It’s a matter of when, not if. Yet it’s all a risk management process at the core.
Thought you were going back to Twitter mate?
Me? I’ve been largely taking a break from tech and dev the past bit. I really don’t do social networks.. killed Facebook and Twitter a decade ago and now only have a zero follower private Twitter to get some content that’s yet to cross borders.
Some social keeps you connected. The rest rots the brain.
This is pretty solid I would say for most people but it is best practice to also keep track of the derivation path to ensure you can recover the wallet in the future.
