Signing a PSBT by QR code is the equivalent of using a new SD card each time you sign a transaction.
NFC is a no go for the paranoid either.
Discussion
So can they tap my pants and basically take all my shit and these companies have left me exposed for years?
The target? The target is everywhere.....
Iâm so paranoid that I actually do use a brand new SD card every time lol đ
SeedSigner fixes this đ
I like QR too. I think your framing is good.
Soon with Q1
Wouldn't touch CuckKite products with a ten inch pole, no FOSS devs will waste their time with this shit & clearly their in house devs aren't great at catching easy to find bugs. The Q1 is a ripoff clone of other devices after NVK said, incorrectly, QR wasn't secure. He now agrees that QR is as secure as using new SD cards for every TX. This shady behavior is not what you want when you're trusting a company with your wealth.
As always, reciepts:
Bounties aren't paid:
https://thecharlatan.ch/Ransom-Coldcard/
2020 vulnerability & poor disclosure:
https://benma.github.io/2020/11/24/coldcard-isolation-bypass.html
2nd link with clearer explanation, can't even trust the testnet:
2021 multisig vulnerability & second known unpaid bounty:
https://benma.github.io/2021/02/09/coldcard-multisig-vulnerability.html
On the same licensing that CuckCard uses:
https://redmonk.com/sogrady/2018/09/10/tragedy-of-the-commons-clause/
But dude the qr scanners just weren't secure until NVK found THEE secure one to use đĽ´
When did he say QR is not secure? I believe he was referring to its implementation with certain pieces of hardware that perhaps make it less secure, and now that the better hardware is cheaper it became economically viable for them make the Q1 which enables QR. #[5]â am I tripping or is this the case?
I donât know about the other stuff about unpaid bounties, but all their code is open and verifiable, so idk what you mean by trusting them with your wealth?
I imagine youâre pro FOSS, so saying the Q1 is a ripoff clone is kinda funny and contradicting to the spirit of FOSS, but maybe youâre not pro FOSS.
I am Pro FOSS to the highest degree.
The reason I worded Q1 as a clone is because of how NVK has attacked foundation claiming the same & then moving away from FOSS.
As far as you not reading the links about the unpaid bounties that are well documented & tagging NVK instead says it all.
Trust, Don't Verify.
As far as reciepts go, I have posted all of them here before - I'll find it for you & post when I get a chance.
Should've bookmarked it.
Itâs ok, I believe you have the receipts. If itâs true it only harms them and that will show in the quality of their products. Consumers like myself mainly care about quality of products, I donât need to like everything NVK does. But by all means confront him and the VCs backing Coinkite
Definitely, I'm a quality maximalist so long as I'm not sacrificing what's most important.
That's why I don't use their products.
Iâm aware NVK has referred to the foundation device as a clone of the coldcard, but he is not a FOSS maximalist. Itâs weird seeing FOSS maximalists use those terms when they are contradictory to the FOSS ethos thatâs all.
Yes, I didnât click all the links thatâs why I said âI didnât know about the bounty stuffâ, as in for all I know itâs true, but I donât have time to click all those links and go down that rabbit hole. I didnât make a comment denying the validity of those accusations.
I tagged NVK in a separate paragraph in case I was misrepresenting his stance on QR and why they are just now enabling it on their hardware. I didnât tag him so he could defend your accusations. For all I know he could care less and would tell you to cry harder.
Seems like you didnât understand what I said or meant at all, but all good.
It's not contradictory, it's the truth.
Is it not a clone of the design?
I have no issue with people using FOSS code for their projects.
I have an issue with people who muddy the waters & pretend they produce innovation when they are just ripping others, then accusing them of the act of "cloning".
I will use the words produced by NVK without any omission, & respond in kind.
I'll find the receipts of his real time FUD campaigns & post them here for you to read.
I advise you to read those links as a user.
Happy hodling.
and QR is easier.