oh it's Melvin pulling statistics out of his ass again :o
Swan spent all their cash on Tucker Carlson.
Oh no how could I ever store an easily exportable file/qr code that is not security-critical and thus can be stored in more locations with only privacy considerations..
The tooling around multisig has improved dramatically, Specter, Nunchuk, etc. Throw that sheet (or file in a flash drive) at every location where a seed of a signer of the multisig is located and you're done.
One very important clarification!
This particular attack actually "encodes the secret key into low entropy secret nonces and uses them in signing", so it's not just grinding the nonces.
What does this mean?
In the "classical" nonce-attack you either need a LOT of computer power or a LOT of signatures, which makes harder to pull off.
In his variant above they reduced this to only 2 signatures (for 12 words 4 for 24 words) vs ~64 signatures for the classical attack.
(again a lot of caveats I'm hand waving :p)
which is a great improvement and way easier to pull off and requires fewer steps to be taken by the person being attacked.
Source: https://darkskippy.com/taxonomy.htm
Oh the beauty of multi-vendor multisig π€
This is true, which is why it makes sense at the $25 promo price.
At the $150 asking price, it's a tapsigner with an added fingerprint sensor, but with additional tradeoffs and vendor lock-in.
I can only see this being a useful product if they keep the current model for entry-level users and unlock it for use as a blind signer for any multisig setup.
> if someone has hijacked your phone and what appears on its screen.
this is common for all blind signers, not a bitkey specific issue.
I mean, you could achieve that with amethyst and a muted words list.
I do think the 'default' nostr experience leans heavily into bitcoin, and probably more importantly heavily right-leaning and slightly conspiratorial.
But I don't think this is the reason anyway.
That much is true, but does not hinder an anti-klepto implementation regardless.
Their excuse is shitcoins and being lazy to build the tooling around it
No, it's a 10% *bonus* before they front-run them π€£
The french are just too hung
The only question mark is the key server.
App is open source and reproduceable.
Great project and I always keep an eye on it :)
But this signer mustn't be stateless and must be resistant to physical attacks in a 3o5 multisig
#Kamala wants you to stay #woke
https://blossom.oxtr.dev/fd19468e64020be0c08562e75122f5233f6f4d694122a2928e98adfa1a92caa4.mp4
yes mommy
It's funny to me seeing people from former colonial powers complaining about immigration.
There is a debt to be paid.
If only bitkey actually worked as a standalone blind signer for multisigs outside blocks setup...
If only...
Ledger is aware of anti-klepto - but apparently won't bother due to shitcoinery
exhibit a:
https://www.ledger.com/blog/towards-a-trustless-bitcoin-wallet-with-miniscript (scroll down to leaking information)
exhibit b:
source for image in exhibit b: https://www.reddit.com/r/ledgerwallet/comments/10loki9/does_ledger_supports_antiklepto_protocol/
Ledger is aware of anti-klepto - but apparently won't bother due to shitcoinery
exhibit a:
https://www.ledger.com/blog/towards-a-trustless-bitcoin-wallet-with-miniscript (scroll down to leaking information)
exhibit b: