Build your own airgapped, stateless bitcoin signing device for less than most hardware wallets. 🤘
Public Key
npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl
Profile Code
nprofile1qqs09jtvjlmyrxjn37zv70a89csegcz7rpyqjmnw29cveedhv7vagqqpz3mhxue69uhhyetvv9ujuerpd46hxtnfduq32amnwvaz7tm9v3jkutnwdaehgu3wd3skueqxp2yth
Author Public Key
npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl Show more details
Published at
2024-08-01T18:12:17Z Event JSON
{
"id": "c605fae2d767badc4fb53b6ddd28b712e8e3284e3397223bfd3deaaa45919366" ,
"pubkey": "f2c96c97f6419a538f84cf3fa72e2194605e1848096e6e5170cce5b76799d400" ,
"created_at": 1722535937 ,
"kind": 0 ,
"tags": [],
"content": "{\"nip05\":\"[email protected] \",\"picture\":\"https://nostr.build/i/221.gif\",\"about\":\"Build your own airgapped, stateless bitcoin signing device for less than most hardware wallets. 🤘\",\"website\":\"https://github.com/SeedSigner/seedsigner\",\"banner\":\"https://nostr.build/i/nostr.build_22cc9b71ac844ff0bee723a3367417fe9749e744c84d4954658f415db22aba7d.jpeg\",\"lud06\":\"\",\"display_name\":\"SeedSigner\",\"name\":\"SeedSigner\"}" ,
"sig": "91acd253b0e78dbc1297eea53e3dc37d9fbd0e2ff8f1857fbebbfc4e720e79279bb41a5dfa085a2a24be6c339a2d21f7ce43c0429dc65e55e80190dbc9839672"
}
Last Notes npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner Hmmmmm... have to phone-a-friend on this. Any idea @newtonick ? npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner Agree. npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner For sure, thanks for checking into it -- give this one a try: https://image.nostr.build/62883676f0aa655ea888f4148f33c015e865c0af4e67ba7be95375ad2d2e0648.jpg npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner At some point, Nunchuk stopped supporting static XPUBs. If you change your SeedSigner to the Sparrow export setting, it will animate the QR code that depicts the XPUB and the rest should work fine. I ran into this a couple of weeks ago as well. npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner Functioning DM notifications. npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner 👀 npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner I'm just going to agree to disagree with you here. I strongly disagree with what you’re saying, but I just don’t have the time to refute every far fetched exotic attack scenario. Have a great afternoon. npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner I guess I feel like I've tried to talk about tradeoffs a lot and have always been willing to admit there are some use cases where a conventional hardware wallet makes a lot of sense. Meanehile some manufacturers constantly misrepresent our project for seemingly self serving reasons. But I understand it can be frustrating from someone with your perspective. I just don't know what the answer is. npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner All side channel attacks I am aware of require running software that has been maliciously modified. So to avoid that, run our released code. npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner Just so you know, that is not me. No idea who "Roberts" is. I was an LEO however, but have been very candid that digital forensics was my specialty. You should really double check it your sources, would have been easy to find this out. npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner This is the same as our approach. Boot from attached storage, then remove the storage device to show the system is probably running from RAM. SeedSigner is just a single purpose, hardened, verifiably offline computer. npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner #nevent1q…kkmd npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner We trust the manufacturer to do a lot less. We don't trust the device to validate software, we don't trust it to persistently store keys, and we don't trust it to make wireless or wired connections with other devices. We just trust it to execute SeedSigner code. npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner As of right now, just one, but progress on more is ongoing. But you're missing the point, it's not worth it to target the entire RPi supply chain at this point, and even if you wanted to target individuals, less than 0.01% of RPi products likely will end up as SeedSigners, so who knows which ones to pick. Whereas, at a certain point in a HWW's life, it's known that the device will be used to store PKs, and an attacker further knows that just about every device is going to someone who will potentially use it for that purpose. Different tradeoffs. npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner Yup. And we will continue to be here with a compelling alternative model, that requires much less trust in manufacturers and distributors. https://image.nostr.build/ac3742a377e7691e41c3bf207faf4cb235c2bbf9641d1e1e0fb60ea1cc993df0.jpg npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner With SeedSigner yes, but unfortunately BlueWallet does not support testnet. You can, however, go through the same workflow with either Nunchuk on mobile, or sparrow wallet on the laptop/desktop and use testnet. The experience with bluewallet is much the same. npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner A FOSS tool built by bitcoiners, for bitcoiners, shared one bitcoiner at a time. #note1v3u…arzn npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner Thank you for sharing our project with the bitcoiners there. 🧡 npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner It is an exceedingly simple process to verify and write new firmware/software to your SeedSigner, and it takes at most a couple of minutes. Users with any concern about their device can easily re-deploy to put those concerns to rest. The messaging put out there by both the Dark Skippy researchers and Odell/RHR was unfortunate, but those who have learned about our security model and been through the process know better. Myself and our contributors are as confident and bullish as ever on our project, which serves both those who may have difficulty acquiring cold storage tools, and those who are seeking more trustless cold storage solutions. #note12qt…hxpe npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl SeedSigner 🧡