Thoughts on the Bitbox and Keystone anyone?
Never used either and with *everyone* lol calling now wanting to āget intoā bitcoin, curious if these are better than Coldcard or Passport in any way?
Discussion
How about Jade?
Jade is great except for one important detail - it is possible to open, replace the chip with a compromised one, close the device, and it will function!
The way to mitigate for this is to be sure to flash the firmware before setting it up, as it will not flash if the chip has been compromised.
While this is currently an unlikely supply chain attack vector, I donāt like that it is possible at all, and as bitcoin becomes more valuable supply chain attacks are more likely to increase.
I have spoken to the nostr:npub1jg552aulj07skd6e7y2hu0vl5g8nl5jvfw8jhn6jpjk0vjd0waksvl6n8n devs at a conference, and they know this is a problem and are working on a solution, but could not tell me when a new version would come out.
As I see it, a simple solution is to make it such that if the device is opened, it cannot be closed again without breaking, like the ColdCard.
Interesting, I didn't know that. Pretty easy to mitigate, as you say.
I think it really comes down to their technical competency and willingness to learn.
Bitkey has a great UX for newcomers, but isnāt ideal when it comes to UTxO management. They have some pretty compelling recovery features also, and donāt require a seed phrase. However, there may be privacy implications depending on Blockās infrastructure setup.
Coldcard or Passport offer a more traditional experience, but definitely require a steeper learning curve.
Thanks yes, Iām not a fan of Bitkey requiring biometrics and not having a screen to confirm the address afaik.
Was wondering about Bitbox and Keystone, ever tried those?