Oddbean new post about | logout
utxo the webmaster 🧑‍💻 | 1 months ago (raw) | root | parent | reply | flag +1 
 I don't think your key material should ever be on a device connected to the Internet
hugomofn | 1 months ago (raw) | root | parent | reply | flag 
 That’s what I said. The phone (or desktop) should be a watch-only interface.
mleku | 1 months ago (raw) | root | parent | reply | flag 
 i wish there was a proper USB detached signer device... some of the yubikeys support storing a secret and signing hashes with them but not the ones we need

just usb-a/usb-c interface on it would be enough for now, an NFC interface would be a nice extra... all it does is sign a hash, and keep the secret and execute a BIP-340 signature

an extra neat feature would be if you could have it store like 16 secrets on it and sign on any of them with the protocol specifying the signing pubkey...