33 sats \ 16 replies \ @Zepasta 20 Nov 2023 \ on: How would you attack self-custody? bitcoin
deleted by author
NVK says hi...
https://twitter.com/nvk/status/1726392947543867640
reply
deleted by author
reply
His point is that even Raspberry Pi hardware cannot be trusted these days. I should have made that clearer.
reply
deleted by author
reply
No hardware can be. Shouldn't trust coldcard especially.
This is why 2:2 is necessary to mitigate any single compromised supply chain.
reply
Curious to learn why you would use a 2:2 and not a 2:3 or another setup where you protect yourself from a single point of failure?
reply
This has been written about by others who make good points about the 3rd being superfluous. A 3rd key adds the complexity of where you store it, practicing recovery etc. I'm sure there are cases for it but I don't think added failure proofing is one of them.
With 2:2 the average pleb can simply have a clean laptop and 1 hww safely. One key given to family for inheritance, the other with a secret dead man switch.
That covers most usecases without added user fuckup risk.
reply
That covers most usecases without added user fuckup risk.
I thought biggest user fuckup risk is to lose their keys? And having two separate keys you're not allowed to lose makes this even worse?
Can you link some sources for that 2:2 setup. Thanks
With a DIY solution like SeedSigner you are not trusting the hardware, the data is stored temporarly on RAM and wiped when you plug the cable off. Its completely different from an hardware wallet that stores data inside permanently.
If you really believe that is the only attack vector then you haven't read my entire post I guess...
reply