Not using a passphrase decreases the complexity and points of failure of the setup, which he values more than outright security, since a complex (secure) setup is useless if you forget or lose access to the details, and is best left to advanced users, or the company he works for - wink.
He's writing to the masses, where an XOR'd set of seed words lets you have a simpler setup, easy to restore, and also includes plausible deniability since each of the XOR seed plates is a valid set of words by itself. An attacker has to know it's one of a set to know there's a larger wallet elsewhere.
The seed+passphrase setup is similar, in that you can load funds onto the seed-only wallet, and you keep the passphrase safe for the "real" wallet. But an attacker now has your entire seed phrase.
Rob
npub1wc…48uhk
2023-12-24 10:48:20
in reply to nevent1q…atpz
Author Public Key
npub1wcuhrw3pkvv8jrpc75e75hec0tdd2gyfe92ttghkhlxlf35papfsp48uhkPublished at
2023-12-24 10:48:20Event JSON
{
"id": "5559217895ebffe4adefe1329d925e129d6a4f26f7399ed173fa99419a9984bc",
"pubkey": "763971ba21b318790c38f533ea5f387adad52089c954b5a2f6bfcdf4c681e853",
"created_at": 1703414900,
"kind": 1,
"tags": [
[
"e",
"10d4bb4c0344684b74c14022921e30826bc44483fccf1a10de3a85e56cfb9d93",
"",
"root"
],
[
"p",
"f728d9e6e7048358e70930f5ca64b097770d989ccd86854fe618eda9c8a38106"
],
[
"p",
"b93049a6e2547a36a7692d90e4baa809012526175546a17337454def9ab69d30"
]
],
"content": "Not using a passphrase decreases the complexity and points of failure of the setup, which he values more than outright security, since a complex (secure) setup is useless if you forget or lose access to the details, and is best left to advanced users, or the company he works for - wink. \n\nHe's writing to the masses, where an XOR'd set of seed words lets you have a simpler setup, easy to restore, and also includes plausible deniability since each of the XOR seed plates is a valid set of words by itself. An attacker has to know it's one of a set to know there's a larger wallet elsewhere. \n\nThe seed+passphrase setup is similar, in that you can load funds onto the seed-only wallet, and you keep the passphrase safe for the \"real\" wallet. But an attacker now has your entire seed phrase. ",
"sig": "6bf1e8cce396cb022d1dd5191ce9033ea5dad0ce3d74ec09b86696799fbbbcc815f64d27fdaf66f1db1ea6adc2c4ccd45bde6aefaa13e4413502f7ddfa3e9037"
}