Nostr Web Client

Replying to

orange ⚡️

I think “A Raspberry Pi is a closed source system and should not be used to store private keys” or something similar

Noerms 1y ago

Isn‘t the whole point of seed signer to not store the keys? 🤔

Reply to this note

Please Login to reply.

Discussion

VOLKER - Voice Of Logic Knowledge Experience & Responsibility 1y ago

It stores them temporarily, and could exfiltrate them to the mempool or blockchain when used.

Noerms 1y ago

Same with passphrases?

VOLKER - Voice Of Logic Knowledge Experience & Responsibility 1y ago

In principle, yes. If you can exfiltrate any sequence of bits (eg a seed phrase), you can exfiltrate whatever you want (eg a BIP39 passphrase). But it may be impractical, and I don't know if there are actual exploits.