Nostr Web Client

I personally don't trust hardware wallets.

Especially if it's closed source. If you got a large enough amount of cryptocurrency to justify a hardware wallet, then I'd:

a) Split it up into a hot wallet for daily stuff, and a large cold wallet with the rest

b) Cold wallet could be KeePass inside VeraCrypt Drives, with a fake password for a hidden drive

c) With an epic amount of cryptocurrency, (this is not the vast majority of the readers), using a virtual machine, with the crypto wallets on the host, and the purchases inside the VM.

d) With a medium amount of cryptocurrency, our fingerprint app also gives you the added benefit of GUI isolation for Linux Distros like Mint, which don't have it for x11 displays. In other words, the web browser isn't seeing your keepass and wallets.

Reply to this note

Please Login to reply.

Discussion

aljaz 9mo ago 💬 1

please noone take this advice seriously.

at a minimum it should be an airgapped device. having an internet connected cold wallet is just plainly retarded.

in no scenario it should be your daily driver device, no matter how clever you think you are. self custody is a complete fucking mess as it is without ppl thinking they are clever while not understanding fundamental risks.

Kayne 9mo ago

I think you need to read the post again

Aldin 9mo ago

Bad advice. You will shoot yourself in the foot trying to poorly replicate what hardware wallets already do best.

soombaz 9mo ago

I agree with the advice. Trusting specialized closed source hardware is asking for trouble. Much better to use open source and commodity hardware.

mister_monster 9mo ago

Trusting closed source yes.

Commodity hardware is designed largely for networking. That makes it poorly suited for airgapping.

Generally I say it's a bad idea. Trezor is open source, and not too expensive for the 3. If you want to roll your own hardware, building something like a seedsigner is good, IMO a multi coin seedsigner would put all the hardware wallet vendors to shame.

Storing cold wallet keys on a drive is a bad idea, period. Everyone that ever had their keys stolen from their lastpass or some malware thought differently. You can come up with the best scheme in your head, and only in hindsight when you're weeping will you see your blind spot. Just write the damn things on paper.

tuco 9mo ago

100%

nostr:nevent1qqsgnduz3086sfu9m04yfdhkuuc9pxahcgf8t37ryvx5ecl75vvhg4ql67q5e

Matt 9mo ago

I agree with your view on source code, but the rest of this is over complicating something that airgapped hardware signers already do well. I don't think something like a nostr:nprofile1qqs09jtvjlmyrxjn37zv70a89csegcz7rpyqjmnw29cveedhv7vagqqpz4mhxue69uhk2er9dchxummnw3ezumrpdejqz9rhwden5te0wfjkccte9ejxzmt4wvhxjmcpzpmhxue69uhkummnw3ezuamfdejs92xe5k is any less trustworthy if you build it yourself. It doesn't even bother with saving your keys. You can be as paranoid as you wish with it though. I think is far more suitable than trying to use methods with an even larger attack surface.

Kayne 9mo ago

I wrote my seed phrase with a permanent marker on my arm

SimplifiedPrivacy.com 9mo ago

solid