Oddbean new post about | logout
 what is there to pretend? coinkite was the first hardware wallet that offered complete airgapped functionality using secure elements

even the industrial design and packaging is thoughtful compared to the other participants in the market. Innovation doesn't only reside on the PCB.

if anything, Coldcard is overkill -- bitcoiner paranoia is second-to-none 
 Secure elements are only beneficial because of the stateheld nature & airgapping with SD card isn't much different than USB.

The real innovation in PSBT was doing it through QR. 

ALOT of people who own a CC end up plugging in via USB btw.  
 To achieve the same security assurances as QR you would need to use a new SD card for each & every transaction.

This has already been admitted by NVK btw. 
 Then we have the walk of shame...
nostr:nevent1qqs0cygkjf3ru9sgk9uz598akwdnt67uan7kk7kvjy277x6fupu6rdqpz3mhxue69uhhyetvv9ujuerpd46hxtnfdupzpc3xpfa0xwem5vq8gygug4ne8nh4354tg0zevk7mke2ljruh8xdvqvzqqqqqqy5ruwp6 
 nostr:nevent1qqstgp50datz0msjathwswymuc8t7f8g7z5fx5lf9hqdlgp3lmc5fyqpz3mhxue69uhhyetvv9ujuerpd46hxtnfdupzpc3xpfa0xwem5vq8gygug4ne8nh4354tg0zevk7mke2ljruh8xdvqvzqqqqqqyn0l0ph 
 PSBTs off QR codes is a hack, look no further than the rolling QR Codes for multi-sig. if you really dig into it with a tinfoil hat, passing PSBTs off SD cards is actually safer -- less dependencies at the end of the day, no different than USB? what interface do you think your camera runs off of?

another innovation you don't see elsewhere? NFC that you can turn off physically

I don't even have a cold card 🤣 I give props because it is deserved.  
 I see where your head is at but I think you're wrong about this.

Trezor doesn't get it's due bc they supported shitcoin firmwares, but all they did was add SD card support. 

I haven't seen a single person get pwned using the Trezor suite of products.

QR is a huge innovation and you know it, but I think you're taking this stance as you don't seem to care about the FOSS aspect - correct me if I'm wrong but that's my hunch. 

 
 I hope you also realize the vulnerabilies that they left their customers open to. These great innovators.

You talk about multisig ...

https://image.nostr.build/436524bf19f17e8468fb5df0f3995ed55f47ece63fec9b5c13f7940fe1ab8194.jpg  
 No, you're wrong about this. Trezor and Coldcard are very different things if you get down to the physical design.  

Trezor getting pwned -- https://www.youtube.com/watch?v=dT9y-KQbqi4

QR is a hack. No hate, I use it everyday

I do care about the FOSS aspect, not my business though 
 They can literally do this with every HWW. 

Which already happened with the mk2 as I showed you.

And mk1.

You're so salty it hurts. 
 Why do you think MK4 has two SEcure elements now? Because one was safe enough?

It's a never ending rabbit hole of close source stuff.

I prefer stateless & QR.

Or USB and wipe. 

You can repeat your garbage about QR & conveniently talk about NFC being able to be neutered...but you can't take away from the security benefits. 

Sorry kid, 
 so your threat model is less severe, happy for you 
 My threat model takes into account people who act like experts but aren't.

https://bitbox.swiss/blog/coldcard-isolation-bypass/ 
 Vulnerable AF, this wouldn't be acceptable if any other "brand" has this going after so many years in biz.

They didn't pay a single bounty, fuggin shady fucks.

nostr:nevent1qqspmv5g2na728re2xwvs0arga8cmtuhjy7mgsfayjcrcxmwjprfgqspzamhxue69uhkummnw3ezuendwsh8w6t69e3xj7szyr3zvzn67vanhgcqwsg3c3t8j080trf2ks79jedahdj4ly8ewwv6cqcyqqqqqqg7m0ugn 
 why would I be salty? 
you don't even know me or where my expertise lies.  

Focus.

You called out no innovation and I listed some for you. Only one hurting is you
 
 Lol cope harder.