Thread - Nostr Hypermedia

Nick Klockenga newtonick@klockenga.com 1 year ago

@ODELL in the most recent @RABBIT HOLE RECAP you spend a few minutes addressing accusations regarding your integrity around simultaneously supporting @SeedSigner and having a vested financial interest in the success of Cold Card. You said the SeedSigner project is “incredibly important” but continue in the same breath to deny they are competitors and described SeedSigner as only reasonable to be used as a fallback if we lived in a world where devices like Cold Card don’t exist. Far from an endorsement. You have historically supported the SeedSigner project and I appreciate the support. There’s 100+ ways the SeedSigner project could be better. Your most notable grievance of SeedSigner seems to be solely focused on physical security attributes when comparing the two air gapped Bitcoin signing devices. Specifically you don’t like that SeedSigner doesn’t have a secure element. Secure elements are great tech, but you never cover the actual trade offs on RHR. You gloss over how Cold Card is verifying firmware at boot on behalf of the user. You don’t discuss the trade offs at all. The verification of firmware at boot on a Cold Card requires trust in Coinkite. The user isn’t verifying, Coinkite is. You also make it sound like it’s an impossible task to verify firmware for SeedSigner. IMO you’re getting sucked into stupid polarizing debates around Cold Card vs SeedSigner. I think Cold Card and SeedSigner are both great in their own ways. They make different trade offs and actually complement each other really well in a multisig setup with Sparrow Wallet. I personally have no issue with you recommending a Cold Card over a SeedSigner if you prefer the trade offs. Totally reasonable if you asked me. It’s way more important people self custody Bitcoin using cold storage.

Replies (6)

npub12m8r...2jq0 1 year ago

The real issue is NVKs, that the hardware seedsigner uses, at least for now, has closed source software running under whatever os is loaded in. I think it's a fair take. Love me a Seedsigner or five, but not actually using it for anything in practice. Great teaching tool.

1 replies ↓

Rich Nost richnost@nostrplebs.com 1 year ago

Are we surprised that @ODELL is a proxy by which douchenozzles beef over turf.

thePR0M3TH3AN ✝️ 🥩 🍊 1 year ago

I literally verified my SeedSigner firmware last week. It was like 2 min of work. Not hard.

SeedSigner seedsigner@nostr.seedsigner.com 1 year ago

Different set of tradeoffs that not all grok, in part likely because bitcoiners are perpetually bombarded with a marketing narrative declaring HWWs as the most secure way to interact with private keys. Different tools are appropriate for different people and different use cases, but SeedSigner is entirely a viable option "in practice".

1 replies ↓

bitpunk.fm is typing _@bitpunk.fm 1 year ago

I love how people think the rasperry pi is closed sourced but the STM32 is not lol. 🤣 Show me the github for the stm32 rom and I'll change my mind.

1 replies ↓

DETERMINISTIC OPTIMISM 🌞 nvk@primal.net 1 year ago

Can't speak for all projects using STM32. But every single OP code on COLDCARD is open to review and reproducible. RDP=2 changes the memory map to put our reset vector as first bytes executed. Full part number: STM32L4S5VIT6 check the COLDCARD code and docs to verify it yourself. It was quite the feat to make it work like that in conjunction with the 2 other secure elements!