Oddbean new post about login | logout The idea that an HWW’s security hinges on the secure element only is insane
I have no idea how the secure element works, but coldcard has two of them so that's cool.
both of them have viable laser fault injection attacks meaning you only need the expensive (probably $300k max) equipment, but that’s nothing as you can reuse it for as many wallets as you prefer
both of them are IoT grade shit (and at least one lacks any CC certification) that don’t have the same basic protections as any credit card within the last 15 years
Ledger Donjon hasn't managed to break the MK4 yet, and I guess they have all the nice equipment. Seems like the most secure hww that is currently available imo. https://www.ledger.com/blog/category/donjon
yes, they have, the SE2 used by CC Mk4 is broken (source: Coinkite), and SE1 also has been broken (source: a talk by the Ledger Donjon team)
Even if it is single one it makes a difference. When there are 2 of them (from different vendors) then they can play with MCU in quite complicated set. More here https://blog.coinkite.com/understanding-mk4-security-model/ And also if you prefer Guy’s read https://fountain.fm/episode/5kdybDzg6HJHLxEajAyS
Multi-vendor geo-distributed multisig is best. Finding all the devices is a tall order vs cracking an SE. After all, they're just signing devices, not "hardware wallets"