Nostr Web Client

Response nostr:npub132ertlsrunh600cph2au55ssmel2cqdt5mnrpxfand5ych4nmp8q50zmdh ?

Unlike Raspbery Pi, we wrote the coldcard bootloader, it's fully verifiable. I recommend reading the code in addition to docs. https://github.com/coldcard/firmware

Reply to this note

Please Login to reply.

Discussion

semisol 1y ago

The entire problem is that the bootloader has to be trusted with attesting what it is.

61bb909b... 1y ago

So you can look at the bootloader software but you’re trusting the software to tell you what it’s doing accurately?

semisol 1y ago

Yes, the only way you can verify it with custom firmware is to ask the bootloader itself for its hash from the docs.