Oddbean new post about login | logout IF YOUR HARDWARE WALLET COMES WITH A SEED, DO NOT USE IT. https://m.primal.net/JLZJ.png Counterfit manual quality is very high. Attached address: https://mempool.space/address/bc1qnlpkmt4unawdql3ec9xaj94svlvxl6hveqs8m8
Exactly. This is why I don’t like signing devices that lack recovery modes. If you can’t recover, you’re already owned.
In this case it was a Ledger, repackaged with fake manuals and a scratch card for the compromised seed phrase. Not sure what you mean with "lack recovery mode"? Or do you mean devices that can only generate a new key, and not import a seed?
Right. There are devices on the market that lack a mechanism for you to supply (recover) a seed. They’ll generate one for you on the trust-me-bro model.
that's disturbing. which devices are this unholy? https://m.primal.net/JLaM.png
Block’s Bitkey and Coinkite’s Tapsigner are two examples.
ohhh. the Bitkey is so tempting though for 25$ especially for new folks.
It would be fine as an addition to a multisig quorum. For example, I wouldn’t use a Ledger or a Bitkey, personally, but a 2-of-2 of a Ledger and a Bitkey is probably good enough for mid-sized cold storage.
yeah, that's the problem, i don't think it's advanced enough to do that. It doesn't actually show the seed. I need to dig into it more...
If it produces an XPUB and a master key fingerprint (XFP), that’s a good start. But yeah, its firmware would also need to be capable of signing multisig transactions. I’m almost curious enough to buy one. Almost.
How come the balance isn’t zero yet if you got the seed for it 😜
