Avatar
The Daniel 🖖 2y ago

When choosing a hardware wallet (signing device) for your cold storage, it’s really important to find one from a manufacturer that has proven to be trustworthy, and the same goes for the software and the marketing team. You don’t want a setup that collects analytics on your activity, or one that stores your personal information on an insecure database that creates a very attractive honeypot.

The first one I ever used was called a KeepKey, launched in early 2015 by a company led by CEO Darin Stanchfield and CTO (this is his actual name, I shit you not) Ken Hodler. It was a slick-looking device about the size of an Apple TV remote that connected to your computer using a browser extension to view balances and broadcast transactions.

On Christmas Day in 2016, Darin was sim-swapped and hackers compromised his email account, as well as the company’s social media account, as well as its marketing database, exposing customer data.

In 2017, KeepKey was acquired by ShapeShift, an exchange run by Erik Voorhees, an early pioneer in bitcoin who has since pivoted to shitcoins. Within a short time, they began pushing new updates to KeepKey to turn it into a full “crypto” wallet, and replaced the original browser extension with a new website (that also doubled as an exchange) to manage the device.

By that point, I absolutely knew it was time to move on, and I opted for a new bitcoin-only device. Much to my surprise, when I first attempted to migrate from KeepKey to the new setup, I got an error saying that the transaction could not be broadcasted. I tried in a different browser, and on a different computer, with no luck. Before going into a panic, I sent an email to ShapeShift support. I got the following autoresponse from them:

“I’d like to apologize for the delay in response. As a crypto enthusiast, you must have noticed what a crazy time it has been in our industry! We’ve seen an all-time high in demand, and with it, needs for extra support.” 🤮

A few days later, a reply came, saying that there were “known issues” with the platform that affected certain legacy wallets (i.e., pre-acquisition) and that I should use the device directly with Electrum. I did some research, and after a few more days, was finally successful in getting off of this platform. It was a hair-raising moment that made me realize that even self custody has the potential to get rugged, even if you thought you were making the most informed decisions you could at the time.

Be careful out there!

Reply to this note

Please Login to reply.

Discussion

Avatar
Bandwidth Billy 🤠 2y ago

So given everything you said what device would you get today?

Avatar
The Daniel 🖖 2y ago

A lot of people recommend building a SeedSigner. This is on my list to learn how to do. I didn’t consider myself experienced enough to do this sooner, but after building two nodes, I’m pretty sure this is next.

For most people I’ve lately been recommending the nostr:npub1jg552aulj07skd6e7y2hu0vl5g8nl5jvfw8jhn6jpjk0vjd0waksvl6n8n Jade. You can simply ignore the Liquid feature, and use it via USB instead of Bluetooth if you have concerns about signing events wirelessly.

Avatar
Bandwidth Billy 🤠 2y ago

What about the coldcard?

Avatar
The Daniel 🖖 2y ago

People love it. I don’t have one.

Avatar
Bandwidth Billy 🤠 2y ago

SeedSigner is on my to do list. Thanks for the insight 💯

Avatar
jimbocoin 🃏 2y ago

Multi-vendor multisig. Any vendor may be compromised at any time. The chances that multiple vendors are compromised at the same time is significantly lower.

Avatar
The Daniel 🖖 2y ago

Agreed, this is a very good option but it can get expensive or tricky to set up if you’re going DIY. It’s important to think about how those you’ll leave your stack to will be able to access it after you’re gone.

Avatar
jimbocoin 🃏 2y ago

> Agreed, this is a very good option but it can get expensive

One way to reduce cost is to do, say, 2-of-2 where one is your hardware wallet, and the other is software. For example, Sparrow calls these keystores and makes it easy to set up a wallet with a mix of hardware and software keystores. The software seed would be encrypted in the wallet file. This would still be significantly better security than single hardware sig.

> or tricky to set up if you’re going DIY.

Sparrow is the way to go here.

> It’s important to think about how those you’ll leave your stack to will be able to access it after you’re gone.

Bitcoin is the world’s premier value transfer system. Passing keys to heirs is unnecessary. Instead, use long-dated, pre-signed transactions (Deadman’s Transactions, DMTX) to ensure your heirs can receive coin after you depart.

This requires your heirs to have their own wallets. But this is inescapable. In order to inherit Bitcoin, one must be competent in Bitcoin. There’s no substitute for competence.

Avatar
Flow 2y ago

It’s really hard to find the right spot, I love the idea of the SeedSigner because of the low attack surface, no USB, no storage card that stores PSBT or seeds, no WiFi, no NFC, no Bluetooth, all software loaded in RAM, stateless. Commercial signers have their commodities, so it’s a matter of what you personally prefer using, but if we’re talking pure security, I’m not sure if there is a better solution than the SeedSigner atm