Coldcard sending question…
You plug in the SD card to sign the transaction, and then plug it back into your computer to finalize.
Is the signature on the SD card vulnerable in any way? Or is it just an output that indicates it was signed by the private key?
Yes, from a wallet-hacking standpoint that's my understanding. Less surface area for attack than USB.
Yes meaning it’s just “confirmation” of a signature but no compromise of the key itself?
Yes I think in any signing operation that’s the idea, that there is no way to recover the private key from its signature, which is a hash of the private key and txt data, it’s a one way function. I am no expert though
It can be finalized on the coldcard if it's the last signer of multisig or only for single sign.
If the signature is tampered on the way back then nodes will see it as invalid and reject it. If you review (see below, it'll also indicate an error or something awry)
If the tx was tampered on the way from computer to coldcard, then that's where the coldcard verification comes in, and user review of outputs and amounts on screen.
Because I like to minimize trust, this is what I do...
Setup the tx with wallet coordinator (sparrow). Export to micro SD for signing. Plug card into coldcard with power not from data cable. Do tx verify and sign on coldcard. Take SD card back to computer. Open finalized txn file. Use node to decode the tx and verify it's still what is intended. If all good, then broadcast through a service connected via Tor
This sounds like it checks every box. Thanks for the great answers today 🤙
