Utilise a seed + passphrase for plausable deniability, or a multisig distributed over different locations so that it's impossible to forfeit keys even when under duress.
Some signing devices also have a "brick me" PIN, which might be worth setting up too.
Sounds about right.
Utilise a seed + passphrase for plausable deniability, or a multisig distributed over different locations so that it's impossible to forfeit keys even when under duress.
Some signing devices also have a "brick me" PIN, which might be worth setting up too.