jimbocoin 🃏's avatar
jimbocoin 🃏 11 months ago
Yes. Whatever you produce yourself, put in multiple devices to ensure none are lying to you. In the dice-rolling example, you could get two manufacturers, enter the same rolls and ensure they produce the same seed phrases. The problem is that there aren’t two vendors (just ColdCard, AFAIK) so to verify, you basically have to spin up an offline computer and run the Python source code. Using an offline computer to reproduce your seed phrase generation process kinda negates the advantage of having eternally quarantined, air gapped hardware in the first place. Plus, it’s not Coinkite’s preferred method anyway. They recommend using a mix of your own words and their in-device entropy, which is entirely unverifiable. By contrast, many vendors can perform the last word generation, XPUB generation, and address generation. So starting with seed words makes more sense to me.
↑ Parent

Replies (2)

YODL's avatar
YODL yodl@nostr.land 11 months ago
Ooh didn’t know it was just coinkite, assumed others too. Could roll once as a test wallet to get confirm with computer calc, if agreement, roll a new seed and trust it, I guess. I didn’t know about the vendors helping with last word, that’s kinda huge news to me. You could “roll” random 1-2048 23 times, and then roll 1-8 for final word. Do I have that right?
1 replies ↓