Is there a decent resource of information for coldcards / signing devices / solutions that are truly open? A matrix / rating would be quite useful. I’ve recently started exploring procuring such solutions and have found it difficult to make a good decision on such items.
Discussion
Comes down to your specific wants and needs.
while walletscrutiny.com is a good starting resource for software reproducibility, to my knowledge there isnt one for hardware vs licenses and the features available.
i will continue to use coldcard as its affordable and no other devices offer its full feature set. yet.
if you dont need remote access as a HSM like coldcard offers when paired with ckbunker (99.9% of users dont), then consider the following:
- blockstream jade (simple device but unless setting up your own server for login to use it requires the blockstream server. sealed, MIT)
- trezor (open, but no secure element and private key retained on device. must use passphrase, sealed, MIT)
- seedsigner (open source software on top of general purpose hardware you acquire and assemble where chipset is neither open nor source available, must physically secure, unsealed, MIT)
- foundation devices passport (initially modeled after coldcard, catalyst for nvk license change, it offers the essentials for most use cases and improved privacy support with whirlpool, sealed, Apache/BSD/GPL/MIT)
sealed = physically sealed, tamper evident
Ty Vic. That’s a super helpful and a thoughtful, well written reply to assist in my learning space currently.
I’m playing around with Trezor and Jade currently. I was plan on building out a seedsigner based device, but it is useful to state the chipset item in that use-case.
I was considering coldcard.
I just started playing around with Nunchuk and Jade this morning, with the intent of exploring multiple /layered hardware based keys.
What are your thoughts on the NFC cards from coinkite? Tap signer?
I just procured an sats card from coinkite. I think the technology on paper behind the sats is quite interesting and unique.
Overall I assume coinkite has contributed majorly in this space, despite the grumbling on the licensing approach, yes?
Cheers! Have a good day.