pull down to refresh

If I can just write my key down on paper or my recovery phrase, what is the benefit to things like coldcard? It's no easier to lose than a notebook?
None at all! Hardware wallets are just "signing devices". Know what else can sign? Literally anything with a CPU!
Some HWW have secure element (i.e. a chip that can store your secret securely, even someone with access to the secure element will have difficult time trying to read the secret off the chip.) It could be "nice to have" a secure element, but IMO, you're better off keeping your secrets away from attackers in the first place.
And nothing screams "I HAVE SECRETS" like an expensive eye-catching device that was made for signing Bitcoin txns.
Some HWW have esoteric features like "Brick Me PIN" (so you can simply break your HWW and buy another one)
You don't have to think too hard to realize that HWW are scams. They advertise too much, they're overpriced for what you get, and they literally come with "features" that encourage you to buy more of them and discourage you from reusing or reselling them.
Learn to use commodity hardware like Android Phones and old PCs/Laptop in secure environments (by flashing secure firmware like GrapheneOS, or booting TailsOS from USB), do all your signing on airgaped (offline) devices running secure software and you should be fine.
reply
31 sats \ 7 replies \ @ChrisS 6 Aug
Airgapped devices and secure software are not so easy to set up.
reply
HWWs do, in fact, make it easier to achieve an airgaped secure environment. If you need to sign txns often, then maybe a HWW will be worthwhile investment.
Or if you're a highly targeted individual (like someone widely known to manage secrets for an exchange or whale) then you might benefit from the esoteric security features from HWW.
However, if you only need to sign once or twice per year (for example). Or if you're a pleb who isn't being targeted, then HWW might not make economic sense.
It might be more worthwhile to setup a secure airgap from scratch each time you need to sign. It maybe takes 10mins to download, verify, flash and boot TailOS, load your seed and sign.
None of this nuance is ever addressed in HWW advertising. They want you to believe its impossible to keep a secret without one.
reply
20 sats \ 3 replies \ @Fabs 6 Aug
"Economic sense" oh gimme a break!
People here probably have thousand's, if not ten's of thousand's in Bitcoin, but $100 - $200 for a professional and secure way to store and access said funds aren't worthwhile?
"Economic sense" my ass, dude.
"I DIY'ed my own hww, but can't access it anymore, help" will probably be his next post 🙄
reply
Lol...hardware wallets cost more than my current amount of bitcoin... I'm not setting anything up now. I'm just trying to learn. 😀
reply
0 sats \ 0 replies \ @Fabs 6 Aug
In that case, no, settle for a desktop wallet instead (Sparrow).
reply
unfortunately i agree with this. are hw wallets perfect? no. but for most non-techy people, which is the great majority, they are a huge improvement in security. flasing tails is probably above the knowledge level of most bitcoiners.
reply
10 sats \ 0 replies \ @ChrisS 6 Aug
Fair points.
reply
Ngmi
reply
71 sats \ 2 replies \ @Fabs 6 Aug
Sheesh dude, what a bunch of nonsense.
reply
If you get value from your HWW, that's great!
In my experience (and many others) the HWW was a waste of money and only served to doxx our mailing address
reply
Sounds like he was not happy with his HWW purchase lol
reply
159 sats \ 0 replies \ @ChrisS 6 Aug
Hardware wallets are designed to generate keys and sign transactions while never connecting to the internet The good ones like coldcard are designed specifically to hold private keys securely. And if the hardware device uses qr codes or nfc you can do all this without ever being directly connected to a computer that is connected to the internet. General purpose computers have much larger attack surfaces and are not designed to hold secrets like private keys securly. If you use a general purpose computer to generate keys, even if you "delete" them from the computer and back them up offline it is not a cold wallet.
reply
131 sats \ 4 replies \ @Fabs 6 Aug
Hm, a device that creates a root key with (probably) higher and more robust entropy than an amateur could, as well as a nigh-unlimited amount of keys and addresses in a secure and flawless way?
A second, third, fourth wallet with simple addition of a (new) passphrase?
A solid interface to interact with your Bitcoin?
It's simply the best option for anyone who's not a total pro in regards to tech, software and encryption, but who wants a secure and easy way of storing and interacting with his- or her funds; I definitely sleep better at night having an actually professional and tested, open-source hardware wallet, instead of some gimpy DIY...
reply
140 sats \ 1 reply \ @nullcount 6 Aug
None of these features require use of a HWW. They can be done using good software on any CPU. You don't have to be a "total tech pro" either. Just follow this guide to MAKE your own COLD wallet
When you get a new HWW from the manufactuer, you should really download the firmware, verify it, and re-flash the firmware yourself so you can verify that the device was not compromised in-transit. Sometimes new firmwares are released that fix vulnerabilities, so you should be downloading, verifying, and flashing to your HWW somewhat regularly anyways.
Flashing a new firmware on HWW isn't much different than downloading, verifying and booting TailsOS from a "tech" perspective.
reply
0 sats \ 0 replies \ @Fabs 6 Aug
Hardware wallets are simply the best option in terms of user-friendliness, usability, safety and price, period (if a renowned and praised hww is bought)
There's simply no arguing against, and sure, you can DIY it, but what do you win with it?
The best possible outcome is a working hww, the worst, total inaccessibility of funds, congratulations.
Seriously, if there's any serious money involved, a professional hww is the way to go, period.
reply
I wouldn't say all the implementations are flawless.
reply
0 sats \ 0 replies \ @Fabs 6 Aug
In terms of different manufacturers?
reply
For a long-term hodler it's not much of an advantage, but for someone who uses their wallet regularly it makes sense.
reply
21 sats \ 0 replies \ @iguano 6 Aug
You can have a paper wallet if you are not going to sigh a transaction. If you are going to keep signing transactions, the paperwallet is a terrible choise. Thats why the hardware wallet.
reply
Good question!
Very simple answer - using physical/analog ONLY actually defeats the purpose of air gapping.
If you write your answer on a piece of paper, you'll have to type it into an internet connected device as soon as you want to sign a transaction.
With a hardware device, the seed phrase is generated on an air gapped device, and remained air gapped even when signing a transaction.
Paper or engraved metal backups should only be used in a recovery scenario to move your funds to a new hardware wallet.
reply
If you write your answer on a piece of paper, you'll have to type it into an internet connected device as soon as you want to sign a transaction.
You don't need internet to sign...
reply
0 sats \ 0 replies \ @Fabs 6 Aug
This, +100.
reply
33 sats \ 1 reply \ @Satosora 6 Aug
I dont think paper wallets are bad in any way. They work, as long as you arent being flashy about it. As long as you have a secure computer and printer, you are fine.
reply
secure printer. yes. no lol.
reply
It's just another layer of security if configured and used properly. Not necessary at all but I like having an air gapped device which never touched Internet. Also, in case of a physical attack such devices can be used as "dummy" wallets, allowing for "plausible deniability", esp. when you have a hidden second wallet set up.
reply
For ultra-cold-storage there is not much benefit, since you need to secure your seed somehow anyways.
They are useful for mediocre-cold-storage needs where you need to sign some transactions from time to time. They make it so you don't need to work with raw seed (which is risky) but rather with HW secure element instead.
reply
stackers have outlawed this. turn on wild west mode in your /settings to see outlawed content.
stackers have outlawed this. turn on wild west mode in your /settings to see outlawed content.
deleted by author
reply