COLDCARD HAS TWO DICE MODES.
ONE USES COLDCARD ENTROPY AND THEN ADDS USER PROVIDED DICE RANDOMNESS ON TOP. THIS MODE GENERATES A SECURE SEED REGARDLESS OF DICE ROLLS.
THE OTHER IS USER PROVIDED DICE ROLL ENTROPY ONLY. IF A USER DOES NOT BRING ENOUGH RANDOMNESS TO SEED GENERATION IN THIS MODE - RECOMMENDED TO PROVIDE GREATER THAN 100 GOOD DICE ROLLS - THEY CAN GENERATE AN INSECURE SEED. THIS MODE ENABLES AN ADVANCED USER TO GENERATE A SEED IN A REPRODUCIBLE WAY WITHOUT TRUSTING COLDCARD.
Doesn’t CC enforce a minimum of 101 rolls? Or is it just a recommendation? Can’t remember from when I did it.
The way to go!!!! 🎯
😍
THE OTHER ONE IS TO RUG YOURSELF, UNLESS YOU ARE GIGI.
🫡
Follow the guide. 100+ rolls, verify with the python script in tails:
lol who set you down this path?
Yelling this while reading makes it hit home harder.
I didn’t use dice rolls on my coldcard. Trusted the coldcard entropy. Am I the only one? 😬
I added dice rolls to a CC generated seed
I gather that’s what I should have done.
Not necessarily, I think what you did is fine, the only reason I didbwhat I did is incase the random number generators aren't as random we think.
I freaked out about it when I learned about dice rolls but when I looked up how the CC generates your seed I was like, meh, probably good. lol
This is a possible mistake to make, and I know someone who lost all their coins to it(allegedly). But even before the firmware update to make it harder to do it was still pretty hard to do.
I think CK could have done a better job with warnings, but more importantly people need to be SUPER carefull setting up their devices
seed phrases seem to me a very thin layer for securing my life's wealth... wonder if there are other solutions to this problem.
what do you think about the 3-signature method used by BitKey?
For a small amount of money a seed phrase is usually be secure enough if you make sure nobody has access to it. For a larger amount you can add a passphrase on top which makes the seedphrase useless if someone has accees to the list of words but not the passphrase. For even larger amounts multi-sig wallets such as 3 of 5 or 5 of 7 work but with the added security comes added complexity.
great piece of info!
any particular cold-wallet you'd recommend (that supports passphrase)?
How long had Coldcard had two dice modes? Is this recent with the new Q version because I only was aware of one mode with 100+ rolls recommended.
relevant: nostr:note1lvem3sny8ayq87k6r7h5kk9ft9xgvkf3m99hznp4me4w9dn3e98sg9x3wd
THANK YOU CAPTAIN 🫡
The first case (CC entropy + dice rolls) is the method used in your TFTC ColdCard guide right?
100 rolls plus multiword passphrase with mixed cases and numbers ftw
Coldcard mk4 bricked on me out of nowhere. A Guy i talked to who works for unchained said he sees this often. Said coinkite isn’t responsive
Is this TRULY necessary? A simple pushback on why I need to go to Coldcard. How ‘bout Foundation? Such biases in this space that I’m currently tremendously bullish on
BTC.
FOUNDATION COPIED THE FIRMWARE FROM COLDCARD IN THE FIRST PLACE PAIRED VENTURE CAPITAL
He wasn't suggesting you have to use Coldcard just talking about a feature it has. Besides Foundation copied the Coldcard code & used it to make their own wallet so they are the same, although I would never buy Foundation on principle.
Generating your own random seed in an air-gapped environment is crucial because wallet manufacturers can make their random number generators deterministic, with no reliable means to detect when they do so.
Thanks for sharing this! Helps me a lot nostr:npub1qny3tkh0acurzla8x3zy4nhrjz5zd8l9sy9jys09umwng00manysew95gx
Case study, OP threw a 5:
https://www.reddit.com/r/coldcard/comments/17epqk8/comment/k69u1og/
