Subnostr

Question: How is it possible to clone an old Coldcard to a new Coldcard Q through the SD Card?

Shouldn’t that be impossible? And since it is possible, isn’t that a door for a physical attack?

I’m asking with not enough knowledge on the subject. This isn’t meant to be FUD inducing.

#asknostr

When you clone a new air gapped signing device from another, you physically transfer the SD card from the original device to the new device in order to transfer the key information, and then you wipe that file off the SD card. Once the file is used in the process, you don’t have to have it residing on the SD card anymore for the clone to work. It’s all on the secure side of the new card at that point, behind a PIN. It’s good housekeeping to keep all of your actively in-use SD cards empty after the files on them have served their purpose. If you want to store an encrypted wallet backup file for instance,(or any other file used to interact between two devices) on an SD card, you can keep that SD card somewhere else, rather than in one of the devices. Encrypted backup files carrying key info also require a separate key for future use anyway. It’s bomb proof.

Reply to this note

Please Login to reply.

Discussion

TKay 1y ago

I guess that’s where I was a bit confused. I thought the whole point of the secure element is that you can’t access the seed ever again after creation.

Isn’t that the whole point of the secure element?

nobody 1y ago

I think the designers wanted to still leave the utility available to back up the card in an encrypted way and restore the wallet data to a fresh card in the event one needed to. When you make a wallet backup file you get a set of 12 seed words for ever using that file too.