pull down to refresh
0 sats \ 0 replies \ @0330830bf9 3 Apr \ on: NVK v SeedSigner - Valid Concerns or Arrogants Attacks bitcoin
deleted by author
If you need laptop that can bludgeon someone to death without getting damaged I recommend an HP Omen
You have no way of being sure that the db got the latest tx, and when shit goes sideways it's often a panic when writing, so no this isn't a great option... You risk loss of your funds if you ever have to use it for recovery which is why scb is the way it is
I tested this with inotifytools which is a disk level copy on write. The problem is in why the primary write fails in the first place, since the backup will break too. A failure boils down to being unable to read the latest state.
Reality is that a production routing node can't be allowed to have storage fail, period... Else it's dead.
Use nvme raid and you'll have bigger problems to worry about.
Not sure if the link will be accurate to the frame:
Watch the driver turn around and look back at the president just before his head turns into mist.
(This is at the point they famously were going too slow, against protocol)
Play it as slow as you can, and you'll see the haze from gunsmoke directly between them.
Also note the drivers shoulder bring his arm around cross-body
After all these years I'm surprised at all the long form whodunnit around this, the Zapruder film is clear as day
... It's the driver (CIA) who turns around and finishes him off.
Watch it closely, it's been in your face the whole time and they somehow gaslit the world into not believing their own eyes.
The driver turns, a metal object at arms length glistens a bit, then a small puff of smoke, JFK's head snaps back. Jackie starts climbing out the back to get away.
✅ Make "self-custodial" node that's still ruggable via web push
✅ Censor transactions to wallets using tech you don't like
✅ Berate and block anyone who critiques you
✅ Integrate banker shitcoins instead of fixing your shitty UX
No wonder all the spooks love this wallet, must be the cool T-shirts
I've avoided it for a long time as seeing it as not worth the complexity...
But it invites disaster to trust any single chip or piece of software with your families future... And it would take a lifetime to audit a whole stack myself.
The check and balance of 2:2 puts the trust back on myself
If I knew I wouldn't need it...
I may just have to fuck around with it on regtest a few different ways with different software to check for blindspots
Very interesting, I'd like to see a deep dive write up on this. Wen @DarthCoin?
One thing I have found is that 2:3 requires the xpubs for each key to be part of your backup...
Meaning 3 sets of 12 words PLUS a very long and non-readable string for each is a much more complicated storage/restore than two sets of 12 words.
If the biggest risk to your coin is you, then the complexity of 2:3 exacerbates this relative to a 2:2 that otherwise has most of the same benefits.
Multisig in a purely technical context is about non-reliance on either a single source of entropy or exfiltration.
Say you do something dumb like store a large amount of Bitcoin in a mobile wallet, well some employee at Google or Apple, or maybe even just an exploit of the device's software, could exfiltrate your key to their servers and sweep your coin without any evidence.
Had you a 2:2 multisig, the phone key alone would be inadequate to sweep.
It could be even less dumb than that, say a clean linux install on a name brand PC with an Intel, AMD, or ARM chip that has NSA-level skewing of the random number generator. Even if it was airgapped, your key could be re-created by an attacker and scanned for outputs.
It could also be a honeypot like a HWW that stealth shipped a similar backdoor.
By using 2+ signatures, no single attack is adequate... it's about requiring multiple coordinated attacks or collusion which vastly increases your security threshold.
Memory is not a storage strategy no matter how much people want to think it is, as there are factors like future cognitive impairment and inheritance scenarios that rule it out for anyone needing a serious setup.
For passphrasing stuff with encryption, that can be done at a higher layer like keeping encrypted instructions on a cloud drive. The problem with that is password patterns from the 80s are still the zeitgeist.
This old XKCD summarizes my view on passwords:
100 sats \ 0 replies \ @0330830bf9 22 Nov 2023 \ parent \ on: How would you attack self-custody? bitcoin
I can't find the post I'm thinking of that backs me up, created a new discussion on this in hopes the crowd can find it:
106 sats \ 0 replies \ @0330830bf9 22 Nov 2023 \ parent \ on: How would you attack self-custody? bitcoin
I can't find it for the life of me... made a new thread requesting help in the search and to facilitate this discussion: