I believe the key on the phone also can be backed up to Google cloud or wherever you want. So someone would have to access both cloud key and bitkey server key.
Someone trying to steal bitcoin would have to get access to both Bitkey server and Google cloud...
I'm not sure how easy it is to fake identification on both of those. I would assume if someone could gain access to one of them, they could also gain access to the other. hmmm. Anyone who manages to get information from Bitkey is probably wily enough to get that information from Google. However, hopefully Bitkey would notify their users in this case, and bitkey owners could take necessary precautions/ move bitcoin elsewhere.
I guess it depends how you allocate risk:
90% risk of losing it myself/apartment burning/flooding
9% risk of someone walking in and grabbing devices/seed phrases
1% risk of google/cloud Bitkey hack
0.1% state actors subpoena bitkey/google
Perhaps as the months go by each of these risk allocations change a bit.
Gary Poppins /
npub16g…f7cwq
2024-05-10 18:32:11
in reply to nevent1q…lq83
Author Public Key
npub16gahc8cevxkvhnl05e72kxp3xwu4n969kcq72xucfgpk5tcu9vpqff7cwqPublished at
2024-05-10 18:32:11Event JSON
{
"id": "ee0f252ba2f398686d5e4bbb772bfde5dda29d32380d5abd7fd193e64adbadc0",
"pubkey": "d23b7c1f1961accbcfefa67cab183133b9599745b601e51b984a036a2f1c2b02",
"created_at": 1715365931,
"kind": 1,
"tags": [
[
"p",
"980d1fa6460d817c5a3640dabb5e78625392d7fe00f21d256ea9661bcf6e2c04",
"wss://nostr.bitcoiner.social/",
"TheKid"
],
[
"p",
"a8171781fd9e90ede3ea44ddca5d3abf828fe8eedeb0f3abb0dd3e563562e1fc",
"wss://purplepag.es/",
"paulo"
],
[
"p",
"8aef75ca27af00a6f70c14865ae52860ccdc368f46499c7cf6b2352b09a709f5",
"wss://relay.snort.social/",
"Ronin"
],
[
"p",
"d5805ae449e108e907091c67cdf49a9835b3cac3dd11489ad215c0ddf7c658fc",
"wss://relay.nostr.info/",
"Feels Guy"
],
[
"e",
"fc5887538a010171c317540b6d34e1c9d0c6e46297ca4b44b0b322da8aacf47b",
"wss://nos.lol/",
"root"
],
[
"e",
"8bc7c997d27fe01cefca0f8a0ce90a7067cd2f00a319c2159cd45c7e4da85c15",
"mention"
],
[
"e",
"76d9fc7d12f2f199de298f0e0fc19b0c5d09ca9558db773939f6cd763188e00c",
"",
"mention"
],
[
"e",
"69e3807de07cf5606ffe04b779eb6ac93360faea47d8dd3f76e6ef367d8115fe",
"wss://nostr-pub.semisol.dev/",
"reply"
]
],
"content": "I believe the key on the phone also can be backed up to Google cloud or wherever you want. So someone would have to access both cloud key and bitkey server key. \n\nSomeone trying to steal bitcoin would have to get access to both Bitkey server and Google cloud... \n\nI'm not sure how easy it is to fake identification on both of those. I would assume if someone could gain access to one of them, they could also gain access to the other. hmmm. Anyone who manages to get information from Bitkey is probably wily enough to get that information from Google. However, hopefully Bitkey would notify their users in this case, and bitkey owners could take necessary precautions/ move bitcoin elsewhere. \n\n I guess it depends how you allocate risk:\n\n90% risk of losing it myself/apartment burning/flooding\n9% risk of someone walking in and grabbing devices/seed phrases\n1% risk of google/cloud Bitkey hack\n0.1% state actors subpoena bitkey/google\n\nPerhaps as the months go by each of these risk allocations change a bit.",
"sig": "fec178f2ffeaaa10c5aa21e08e1551058cc0566bf8b0f1b59077a13add6e3d7cf13e786d3acfa16867423d12235adc9c63d17457978af549241273eb664ee067"
}