More secure than mobile key, less secure than Coldcard. Not sure about Jade as I haven’t fully reviewed the security model.
Basically we called yubikeys “cool keys” because they aren’t quite totally cold keys, but they also aren’t hot keys. The yubikey stores the bitcoin key, but then your browser signs with the key. So the key becomes hot when it’s being used, then is thrown away by the software and remains cold for storage on the yubikey device.
nneuman / Nick Neuman
npub1e2…xflnt
2024-08-16 22:10:50
in reply to nevent1q…rtu3
Author Public Key
npub1e2wr9uhjheywu9eprtxmdkshj8zdr92s8z5t9wkny650rnyp35mskxflntPublished at
2024-08-16 22:10:50Event JSON
{
"id": "df363edef9bf25d7e1ac001ecde4c529b73b7baef2ef4cc1f4c47b4ca962905a",
"pubkey": "ca9c32f2f2be48ee17211acdb6da1791c4d1955038a8b2bad326a8f1cc818d37",
"created_at": 1723846250,
"kind": 1,
"tags": [
[
"e",
"4cf279f471a8b6d1fdb0d3066fd4372c3f0013630e8e69e55e0bbd057e7670e4",
"",
"root"
],
[
"e",
"91d9c7488b33835e5125fc760a6dea516ec4e87c8ea446c26a64fb19032a43bd",
"wss://a.nos.lol",
"reply"
],
[
"p",
"8829a79aa18928efc9b888590186f24082b45a7a51509aca4d40a20136d69c3a"
]
],
"content": "More secure than mobile key, less secure than Coldcard. Not sure about Jade as I haven’t fully reviewed the security model. \n\nBasically we called yubikeys “cool keys” because they aren’t quite totally cold keys, but they also aren’t hot keys. The yubikey stores the bitcoin key, but then your browser signs with the key. So the key becomes hot when it’s being used, then is thrown away by the software and remains cold for storage on the yubikey device.",
"sig": "eedd38fe19d12a45b04d7d700623a20bd1bfe574474cfd815f8ba5ece67854e03f60d5a54d3f8301e13d63d5b2e2482bcb2a49c760210c4bc53b725342dc7efb"
}