Nostr Web Client

It seems like the trade off is to either trust your wallet software to not generate leaking nonce or to trust your hardware wallet to not leak via nonce. IMO trusting the hardware wallet is the better option as that is the device that you are trusting to not be compromised already

Matt Corallo 2y ago 💬 2

Nope! There’s no tradeoff, what I’m proposing allows you trust that *both* need to be compromised, instead of just the hardware wallet.

Reply to this note

Please Login to reply.

Discussion

bitbuybyte 2y ago

Interesting. This is definitely above my technical expertise, but good to see this being discussed.

I think we can all agree that any hardware wallet (ledger included 🤢) are better than trusting custodians

isaac-asdf 2y ago 💬 1

Ah okay. So you’re saying hardware wallet would use the nonce unless it thought the nonce was leaking, in which case it wouldn’t sign. The change is just that software _could_ specify the nonce to use as an additional security measure

Matt Corallo 2y ago

https://damus.io/note17sng39wcp29fafljnp5g3rz9avw3dmtme4qr3lumqry4mqnxv2vqvkv4n6