Oddbean new post about | logout
Cyph3rp9nk | 3 months ago (raw) | export | reply | flag +3 
 And reading criticisms of Jade I see that whoever makes them does not even know how the "virtual" secure element of Jade works.

In the absence of an open source secure element is the best option by far. 

nostr:note1qgazru8tsec93c5d087gtg0nr38j58sdpe240slny9qcdl55zdases9cvs
Jordan | 3 months ago (raw) | root | parent | reply | flag +1 
 wait, better than coldcard? I'll have to read your article.
Cyph3rp9nk | 3 months ago (raw) | root | parent | reply | flag 
 Yes, I don't know why the community thinks coldcard is the most secure wallet, it is not. 

First of all, it changes its model and architecture too often.

Secondly, they have already had problems with secure element providers and have had to switch to one of them.

Third, it uses Secure Element, which is not recommended in cryptography.

Fourth, it uses RFC6979 signatures to mitigate the attack mentioned in the article, which as mentioned in the article is dangerous and impractical. 

Fifth, it is not opensource and they took advantage of the trezor architecture.