I recently bought a nostr:npub1jg552aulj07skd6e7y2hu0vl5g8nl5jvfw8jhn6jpjk0vjd0waksvl6n8n jade plus, to upgrade from a ledger device. After the recent vulnerability, I’m not longer sure if I should trust it anymore.
What does #nostr think? #asknostr #bitcoin
I would prefer a jade anytime over a ledger. Just upgrade the firmware.
The only certainty you can have is to audit the code yourself and spot a vulnerability. There is a degree of trust required with all hardware signing devices. If the firmware update isn't enough to rebuild your eroded trust, might need to consider an alternative.
You can certainly keep the device and user for a smaller "spending" wallet or include it in a multi-sig. Shoot you could just use it as your 2FA device for signing in.
Yea I’m not technical enough to audit the code. So I do need to trust. Question is are they still trustworthy?
Only you can decide that.
If my two sats are worth it, I'd say yes. I think the way they handled the vulnerability, rolled out an update and announced it were all above board.
No HWW is perfect. Stay updated and be vigilant. Multisig mitigates a lot of risks but its also more complicated.
You shouldn't trust any single hardware wallet vendor and your setup should assume that your hardware could be compromised. Multisig fixes this. Take a look at Casa.
testing zaps for this note… we made six attempts to⚡zap this note, at jimseeche@ln.tips, over a period of about 2 hours. in each case, we found that your lightning address service or server did not respond correctly. if you wanted to fix this... you could try getting a free rizful lightning address -- https://rizful.com ... if u get it set up, pls reply here so we can do this ⚡zap test again.
