Be careful with seedsigner. I don’t think that have a secure element, so if someone get hold of your signer and knows what they are doing they can get your private key and bitcoin. I would only use it was party of a multisig setup using something like Sparrow.

Key storage is orthogonal to signature processing. I was asking about the latter. 🙂

Does it need a secure element if it's not storing the seed persistently?

Look into SeedQR and stateless signing. Verify firmware signatures before running it.

No. With seedsigner you keep your seed phrase backup secure and you don't need to be worried about your signing device getting stolen. It doesn't store the private key on the hardware. Every time you unplug it any private keys you have input are erased from RAM. You do need to verify the firmware before you use it. The recent security news involving seedsigner used modified firmware. Store your seedsigner securely. If you suspect someone has tampered with it, erase and reinstall the firmware.

GitHub

GitHub - SeedSigner/seedsigner: Use an air-gapped Raspberry Pi Zero to sign for Bitcoin transactions! (and do other cool stuff)

Use an air-gapped Raspberry Pi Zero to sign for Bitcoin transactions! (and do other cool stuff) - SeedSigner/seedsigner

Seedsigner is fantastic. Best UI in the market. The thing that sets it apart is that it doesn't abstract away hard concepts. Seedsigner is a tool for DIY financial sovereignty. In order to use it effectively you need to go on an educational journey from verifying software binaries to generating your own entropy to stamping out a metal backup. No hardware device can compensate for lack of knowledge or bad security posture. Most commercial devices try to make the 'least bad' tradeoff for mass market usability. They assume the consumer is ill informed and lazy. For the most part they are right. Seedsigner is for the folks who are ready to roll up their sleeves and be in control of their own security. I don't recommend it to everyone. But the people I do recommend it to are my favorite kind of bitcoiners. They aren't just buying a hardware device, they are digital survivalists learning skills necessary to thrive in the coming economy.

No.

My MK4 has been nothing but trouble. The Q has been okay-ish, but the screen is so dim even at the brightest that I can't get cameras to scan QR codes on the screen. Meanwhile, SeedSigner works just fine. ColdCards are way overrated after actually using them. I'm probably done with them. SeedSigner in general has a more positive team in my experience and I like their ethos better. Not for everyone, but it really taught me a lot I would recommend using hammer in pins instead of soldering if you plan to build one yourself though. The project leader sells assembled kits. @npub17tyk...3mgl

The Seedsigner is stateless. Disconnect the power and all seeds are erased from RAM. After booting it up you can also remove the SD before loading any seeds.

Absolutely love My Seedsigner. The sense of achievement for a 54 year old artist to build one from purchased parts; download, verify and install firmware; create offline multisig seeds with various entropy; create child seeds for older family and then signing PSBTs with the device. Is just priceless. The amount of new things I learnt in order to make my cold storage self sovereign made it all incredibly worthwhile.

I think the thing that I picked up on was the new firmware attack. You need to secure your seedsigner to make sure a bad actor doesn’t puts compromised firmware on that could steel your keys. So don’t share your SS with other people thinks it’s safe cos you wipe your seed ever time I use it.

Absolutely this! Read my post above. It took a few months for or a non tech older person to work it all out but I couldn't be happier.

I'd remove the SD with firmware if I was to loan it to someone. I don't store the SD anywhere near the device anyway. It is also very simple to verify the software or reflash the SD.

Good to know. Thanks

For sure. We have to be aware of dark slippy or evil maids attacks and stay vigilant.

*dark skippy

Hm, idk, you are Kind of right, but i do recommend seedsigner to everyone. As you Said there is No way around doing the Work and learning the Shit. The sooner you do it the better. Seedsigner greatly helps with the learning curve. So i think it is quite Important to recommend seedsigner as much as i can. Regular commercial Hardware Wallets do Not Help you learning stuff. And they will wreck you sooner or later, because they all have single Points of failures, speaking of their centralized Servers, which are honeypots for CIA, Lazarus and WHO Else.

Not heard of a dark skippy attack…

I had heard of this on RHR from Odell. Scary stuff. Multi vender multisig is the way to go. Thanks for the video 👍

Do it @Len AKA The Lengend⚡

Odell is sponsored by CoinKite, maker of the ColdCards. You’ll see a pattern of CoinKite sponsored podcasts refusing to give the @npub17tyk...3mgl an honest review. Your replies are similarly opinionated but don’t hold up in a community setting where truth rises to the top. I highly recommend not listening to those comments and build your own @npub17tyk...3mgl. You’ll learn more and most likely have a different opinion of not only the device but also of those sponsored podcasts. Sponsorship is censorship.

Absolutely. Every podcast that shills a signing device (hardware wallet) is gonna be biased AF and never push back on their sponsor during an interview. It doesn’t matter who they are.

One day just not yet

Lengendary

Seedsigner news on nostr View quoted note →

What are we looking at?

Seedsigner without raspberry pi

Nice! What board are you using? Are you working on a new hardware platform or just playing around? I think the next phase of SS evolution is to move to more generic and simplified hardware.

I would like to think I am working on a new hardware platform. I have been scanning the landscape of microcontrollers/embedded Linux devices for a number of years before discovering this particular device: Luckfox Pico Pro Max Benefits: Runs Linux -> porting seedsigner code is significantly easier than a true microcontroller. No micropython needed. No onboard WiFi -> for whatever reason all alternative embedded Linux boards all include WiFi. This was a really difficult obstacle actually. Ample memory -> can run Pillow, etc. the code is 99.1% the same! Camera header -> similarly to the Rpi this board has a CSI camera header Not a raspberry pi -> an answer to the loudest FUD Not a microcontroller -> while I support enabling new hardware platforms, I think seedsigner is best if we coalesce around “Linux”. The effort needed to port to micropython is unnecessary. There already exists Krux. Play to our strengths.