Replying to che

I recently bought a nostr:nprofile1qqsfy229w70e8lgtxavlz9t78k06yrel6fxyhreteafqet8kfxhhwmgpr9mhxue69uhhqun9d45h2mfwwpexjmtpdshxuet59uq3vamnwvaz7tmjv4kxz7fwwpexjmtpdshxuet5uzhxm7 jade plus, to upgrade from a ledger device. After the recent vulnerability, Iā€™m not longer sure if I should trust it anymore.

What does #nostr think? #asknostr #bitcoin
Avatar
Drew šŸ‚šŸš² 1w ago šŸ’¬ 1

The only certainty you can have is to audit the code yourself and spot a vulnerability. There is a degree of trust required with all hardware signing devices. If the firmware update isn't enough to rebuild your eroded trust, might need to consider an alternative.

You can certainly keep the device and user for a smaller "spending" wallet or include it in a multi-sig. Shoot you could just use it as your 2FA device for signing in.

Reply to this note

Please Login to reply.

Discussion

47
che 1w ago šŸ’¬ 1

Yea Iā€™m not technical enough to audit the code. So I do need to trust. Question is are they still trustworthy?

Avatar
Drew šŸ‚šŸš² 1w ago

Only you can decide that.

If my two sats are worth it, I'd say yes. I think the way they handled the vulnerability, rolled out an update and announced it were all above board.