Oddbean new post about | logout
orange | 3 months ago (raw) | root | parent | reply | flag 
 I think “A Raspberry Pi is a closed source system and should not be used to store private keys” or something similar
noerms | 3 months ago (raw) | root | parent | reply | flag 
 Isn‘t the whole point of seed signer to not store the keys? 🤔
Volker | 3 months ago (raw) | root | parent | reply | flag 
 It stores them temporarily, and could exfiltrate them to the mempool or blockchain when used.
noerms | 3 months ago (raw) | root | parent | reply | flag +1 
 Same with passphrases?
Volker | 3 months ago (raw) | root | parent | reply | flag 
 In principle, yes. If you can exfiltrate any sequence of bits (eg a seed phrase), you can exfiltrate whatever you want (eg a BIP39 passphrase). But it may be impractical, and I don't know if there are actual exploits.