Replying to Avatar cryptowolf

"Non-custodial solutions like a Phoenix, Breez, and Muun are nice options. Still, don’t put your life savings in these, as they are “hot” (internet-connected) wallets. "

At this point is it worth managing additional private keys for pocket change?

"For large amounts of value, use a hardware signing device like ColdCard, BitBox, or Jade."

ColdCard uses closed source proprietary secure element. Bitbox tells its users to back up their private keys on an SD-CARD lol - Jade is probably the best option for security out of those 3 as well as other fully open source hardware wallets that provide logical instructions.

I will also continue to recommend WoS and Alby as entry points, obviously with the disclaimers you wonderfully mentioned. Thank you.
Avatar
boston wine 2y ago

Awesome profile pic, first of all 🤙

The pocket change analogy was in reference to custodial solutions, not self-custodial mobile. Phoenix etc. are like the debit card/checking account - someone hacks the details and they can spend it all.

As for the hardware wallets, I feel like every device has trade-offs. Even if you’re doing an offline dice roll + seed signer, you’re trusting the stock parts. I do get what you mean re: Jade. Although, also, I hear not-infrequent reports of the spin wheel not working, which is its own downside, as opposed to theoretical and highly unlikely secure element compromises…

I love the Bitbox tbh. I have no problem saving a MicroSD backup as long as it’s protected as carefully as a stamped steel plate (and doesn’t replace the steel backup, either).

Reply to this note

Please Login to reply.

Discussion

Avatar
cryptowolf 2y ago

the key point here is the steel back up.

I personally prefer Trezor Model T with passphrase and steel backup.

My widely unpopular opinion on this is, if you are using lightning for pocket change, I wouldn't make a big deal about the wallet you choose. Life savings should be on cold storage.

Non custodial lightning wallets are a great initiative, but Im not sure i would trust them with large amounts even once cold storage is available for them.

Avatar
boston wine 2y ago

Steel backup should be non-optional for any significant value 💯

I recall reading that Trezor’s seed can be extracted with the right approach, although I have no idea what that entails. (Note, I just dug this article back up but have not re-read it yet). https://blog.ledger.com/Unfixable-Key-Extraction-Attack-on-Trezor/

I think we’re in agreement on Lightning. Custodial or not, there’s a risk. Some more, some less. A spending wallet in either case, in line with your personal level of risk tolerance 🤙

Avatar
cryptowolf 2y ago

I recall reading that to and it was debunked years ago.

Hence why i wrote "WITH A PASSPHRASE" in my comment :)

The seed cannot be extracted if you use a passphrase even with that multi-millionaire hardware tool kit :) Just like the files on your computer can be extracted without using a password.

The link you posted was from their inferior competitor ledger website. Ledger leaked private user data to the dark web. Ledger also has the ability to download your private keys to the cloud. This is not possible with trezor. Here is the article that explains it. Since your link was from their competitor, my link will be from Trezor :)

https://blog.trezor.io/addressing-concerns-about-trezor-firmware-1-5-2-4c1f766034c7

Avatar
boston wine 2y ago

Haha, thank you for the link! Will read this in depth.

Didn’t know whether a passphrase affected this piece of Trezor security, so that’s great to know.

And I’m familiar with the Ledger hack - between that and the recent “split seed phrase backup” news, I don’t recommend them to anyone… and I sure don’t love that they store a ton of user data from Ledger live itself:

https://www.ledger.com/privacy-policy

Avatar
cryptowolf 2y ago

oh and im glad you like my pfp thank you! It was enhanced by the nostr community here :)