Thread - Nostr Hypermedia

DETERMINISTIC OPTIMISM 🌞 nvk@primal.net 1 year ago

> Multisig with the same device is like using a passphrase, but more convenient It's the user's decision. I can use every signer on the market multiple times in one setup One of the many issues with this is that SS is closed platform without any tampering protection. It is trivial for someone to load evil firmware accidentally or be tampered with in their absence. The device can then broadcast the private key to an attacker. Multi dig with multiple devices also de-risks bugs, say for example bad entropy. > I think the software is portable to other computers and even microcontroller. the team has state multiple times they are don't interest in porting to actual embedded platforms. It is not an easy task as they are not embedded developers, don't have security experience and depend on some of the Linux stack. > I don't think there is a truly open hardware platform at the moment. if that changes, we will see whether the project goes down this path. there are many options are that orders of magnitude more open and less complex. Like Krux and specter DIY, jade, etc... As a side note, raspberry pi was a platform created for education, it is not designed for critical operations. It is just a full Linux computer like your laptop. And we all recommend that people don't use laptops for signing.

↑ Parent

Replies (2)

npub132t6...8j7n 1 year ago

As I remember, the monero's official site warn the people who use raspberry to run their node. Still fragile. I am all the time surprise to see those lot thinking that Raspberry Pi is a sustainable solution.

Marcelinho marcelinho@nostriches.net 1 year ago

I have counted each of your > with a number 1. through my work i can tell you that i treat every signing device, no matter if e.g. coldcard, bitbox or seedsigner like the seedsphrase itself. security is not a state but only a snapshot I verify and flash the firmware before use I think you know better than i do that the biggest danger for bad entropy is the human being. 2. I have found at least attempts to micropython and the esp32 platform on github. 3. I wouldn't trust myself to rate more open, but definitely less complex chips (but a black box is still a black box) with financial support, the team could purchase security support if necessary (foss is simply a hard place) Btw. I would juse a notebook without wireless adapters if necessary. I will never recommend it because you can make a lot of mistakes. But I trust the SeedSigner as part of my signer concept. And yes I think im biased / but I always try to be open minded to improve myself