Oddbean new post about | logout
 I'm using Bitcoin since 2013 and since many years I manage my daily life with Bitcoin.
That you lost your key is horrible but you can also loose your access to your hardware wallet. I know ppl with that problem. Also the whole supply chain attack is really something to think about. In total there are more risks with a hardware wallet. 
 At the end it all comes down to a proper management with how you secure your seed phrase because if you loose your seed phrase kr someone gets access to it a hardware wallet brings you nothing at the end. 
The risk is much higher with a hardware wallet and I tell you that as someone who has spend hours over hours about this topic. 
 Then you have reached a conclusion that I haven't and we are at an impasse. The seed phrase issue is correct, but 100% irrelevant because it exists literally with every single option you go with. It's much easier to know you've secured it when its created entirely offline and never touched an internet connected device and has been properly backed up. But the issue is identical with or without a hardware wallet 
 Hardware keys are the only real practical way to have keys offline, which is always safer. And not just for Bitcoin, but in general for BYOK: certificates, passkeys, etc. We should always prefer keys we own and generate, with services only adding or removing trust from  public key hashes.
Trusting the key hardware and software, so long as it is open source, is no different from trusting your bitcoin node, wallet, nostr client or relay.
The real problem is that the privacy situation today sucks. Everything is a cloud service accessed through an proprietary OS by one of a handful companies. Difficult to protect your data from being stolen, keys and all. 
 I still completely disagree, there are not more risks with a hardware wallet, and I don't know how you have reached that conclusion. Any basic assessment of common attacks and their likelihood, let alone a basic assessment of how people have lost their bitcoin, would demonstrate this very easily. An no, losing your backup seed is not a hardware wallet problem, its a self custody concern now matter what way you do it. So pinning that on hardware wallets as unique is not useful or accurate. You can just as easily lose your backup to a mobile wallet (which also happened to me once due to a dead phone)

supply chain attacks are a tiny concern if you are buying from the manufacturer and you buy a hardware wallet that specifically considers that a risk. Let alone simply doing a tally of how many times this has occurred, which is almost nonexistent except for people buying outright scam wallets or second hand off of ebay or something. 
 You can even mitigate the vendor attack vector by using multisig. As long as no vendor has quorum, you can be fairly sure you’re protected. It’s unlikely that multiple vendors will have vulnerabilities at the same time that are exploitable by the same party.