Yep. A subscription service. I realize a service such as recover has been requested for a long time but not really by your average Ledger holding pleb.
Just listened to the #Ledger Recover episode on WhatBitcoinDid and found it mildly frustrating. Both NYK and Ledger’s CEO made inaccurate claims. Here are some general notes on #Bitcoin wallets and security as it relates to the episode.
- Ledger’s CEO claimed that we would know whether a vulnerability exists and has been discovered due to responsible disclosure agreements or widespread loss of customer funds. That’s simply not true. 0-day vulnerabilities must always be presumed to exist in any system and it was scary to me that he brushed off the issue.
- Software wallets are actually not terrible when done well. They’re perfectly fine for smaller amounts imo. Open source wallets that properly store your seed backed by Android’s keystore of the Secure Enclave in iOS is still relatively secure (though nowhere near a hardware wallet)
- My biggest concern is that Ledger feels confident about verifying a large number of customer recovery claims online in a time where deepfakes and AI image video generation has recently taken leaps forward. How long until we see customer funds recovered by malicious actors if Ledger’s recovery service sees any sort of large scale adoption?
However, in the end I’m not very concerned. This will be a nische feature due to its $10 a month cost (which nobody seems to be talking about) and the target audience it’s aimed at. Ledger has one of the most respected security teams in the space but the company sucks at PR.
So verifying the Coldcard #Bitcoin wallet firmware was a bit more complicated than I first assumed. The hashes won’t match due to signatures being different so you have to strip out the signature bytes. There are still a few bytes that differ which I can’t explain but it’s starting to make sense. This also helps: https://github.com/Coldcard/firmware/blob/b51652f146182e47da493c388eeb4645d7ff78dd/docs/notes-on-repro.md
Tried to reproduce the Coldcard #Bitcoin hardware wallet v5.1.2 firmware. The build process claims I’ve built a bit-for-bit copy but a quick manual diff tells me otherwise. Anyone get a different result? 
Well, to be the devils advocate there’s a difference between Bitcoin the network and bitcoin the network. It’s totally valid to say you prefer using the Lightning network over the Bitcoin on-chain network imo
Good morning plebs! May our nodes and the Lightning Network continue to prosper. Thanks for everything you do!
Cool new bitcoin wallet with a secondary time locked key just launched. Eg if you don't use your wallet for 1 year coins can be moved by the secondary key. Perfect for setting up inheritance schemes. https://wizardsardine.com/blog/liana-announcement/
That’s actually a really cool idea! I need to read up on how it works
Regardless, it’s always important to be aware of the fact that vulnerabilities can be found in any piece of software or hardware. The most secure seed is the one that has never touched a computer
Totally understand and partially agree. There are a lot of unanswered questions about the recovery service.
You bring up an interesting point. Can the third parties decrypt the shards? What key is used to encrypt and where is it derived from? Ledger should publish a whitepaper on this asap.
No, and I agree the cloud backup thing is concerning. But it’s opt in at least. The Coldcard firmware is open source but you can’t build it and flash your own.
Ja vi elsker dette landet! Happy Norwegian national day! #17mai 
Well, the Coldcard has the same ability to encrypt your seed phrase and send it off-device.
Plot twist. The Coldcard also allows your encrypted seed phrase to leave the device
Not true. You can keep using the Ledger with KYC
Worth nothing that the seed phrase is encrypted before leaving the secure element. Same thing the Coldcard does.
FINALLY got VSCode devcontainers working in Fedora Silverblue with Podman. Can’t wait for official Podman support from Microsoft.