Oddbean new post about login | logout Exactly. This is why I don’t like signing devices that lack recovery modes. If you can’t recover, you’re already owned.
In this case it was a Ledger, repackaged with fake manuals and a scratch card for the compromised seed phrase. Not sure what you mean with "lack recovery mode"? Or do you mean devices that can only generate a new key, and not import a seed?
Right. There are devices on the market that lack a mechanism for you to supply (recover) a seed. They’ll generate one for you on the trust-me-bro model.
that's disturbing. which devices are this unholy? https://m.primal.net/JLaM.png
Block’s Bitkey and Coinkite’s Tapsigner are two examples.
ohhh. the Bitkey is so tempting though for 25$ especially for new folks.
It would be fine as an addition to a multisig quorum. For example, I wouldn’t use a Ledger or a Bitkey, personally, but a 2-of-2 of a Ledger and a Bitkey is probably good enough for mid-sized cold storage.
yeah, that's the problem, i don't think it's advanced enough to do that. It doesn't actually show the seed. I need to dig into it more...
If it produces an XPUB and a master key fingerprint (XFP), that’s a good start. But yeah, its firmware would also need to be capable of signing multisig transactions. I’m almost curious enough to buy one. Almost.
