Well, that's not a cold ❄️ wallet, that's a very good hot 🔥 wallet.
The secret keys are in RAM instead of a secure enclave with only finished hashes/signatures leaving the secure enclave into the RAM. Which, to my knowledge, is the definition of cold wallet.
148 sats \ 1 reply \ @joda 11 Jun
cold just means "offline". It's not the absolute most secure for every possible attack vector, but it's better than running Rando Wallet on the 10 year-old computer your mom downloads .exe email attachments on.
The keys are stored on the USB drive, which can be encrypted, and which can be hidden (the same way we store seed phrases).
reply
cold just means "offline"
that's my understanding too.
reply
how so? the whole process is untouch with the internet 🤔
reply
10 sats \ 0 replies \ @nyan 11 Jun
I think what @joda means that you have a single point of failure here. In order to transact, you need to sign with this wallet and however you do it, in this process malware can extract the private key from your wallet. Having hardware signing devices mitigates this attack vector to a huge extent. You of course open a new attack vector by trusting the manfacturer, therefore, you should use devices from at least two different ones in a multisig.
reply