Oddbean new post about | logout
LeoWandersleb | 1 years ago (raw) | root | parent | reply | flag +4 
 If you store the same private key on both a Trezor and a Ledger, you expose it to vulnerabilities on both stacks. So Ledger using a closed source "Secure Element" might have given you an insecure private key as there is no way for a public audit to rule this out. Copying a weak key to a Trezor now exposes it to Trezor's extractability.

You did not reduce your risk. You squared it.
devstr | 1 years ago (raw) | root | parent | reply | flag 
 It depends on where you see risk. I view manufacturer failure, hardware failure, lost wallet, as much higher risks than private key breach.
sankthoshi | 1 years ago (raw) | root | parent | reply | flag +1 
 The risk of both devices dying without you noticing increases independently with time without usage and with spacial proximity. Better have a more robust method for longterm storage and one hardware wallet to comunicate to the blockchain.
Pelvis | 1 years ago (raw) | root | parent | reply | flag 
 They are not the only options on the market, right.
f5bc28b1 | 1 years ago (raw) | root | parent | reply | flag 
 True, but to be fair they probably mean risk of "catastrophic loss of access" or something ... To me if you're not spending your stack, it's better to keep it offline & in totally cold storage - multisigs in stamped steel in various vaults or something. It's also good to keep a small amount in a poem in your head.