NVK (npub1az9…m8y8) I really loved your recent podcast episodes where you talked about all the security concerns on normal hardware devices. So I wonder, in your experience with Coldcard and other "low hardware" devices, would you say it is possible to have an ESP32 or similar device (maybe I am just stupid and there already is a coldcard version doing this) that with additional modules (like a camera, a screen and a keyboard) is able to scan a qr code containing an encrypted seed and ask for the passphrase to decrypt it (plus all the other signing stuff)? I am not talking about the 25th word of the seed, but 12 or 24 wordsof a seed that have been encrypted in a file and then converted as a qr code image, so the scan part will have to decrypt it before accessing the seed. The thing I don't like about hardware signing devices is that they assume a seed qr image to be in clear.
Maybe I am just wrong on some level, maybe there is something I am not considering, but I would like to know your opinion on this.
ciori
npub1hu…unnm6
2024-04-23 10:15:50
Author Public Key
npub1hupmmajeu337x9t54lmknr8c8dxdsx430q5uytmatn8hd74vmw7s6unnm6Published at
2024-04-23 10:15:50Event JSON
{
"id": "2a1a49e2cd2d21d45305fd412eff8173c65841e4647bdc5e8fc6c2232c1cc914",
"pubkey": "bf03bdf659e463e31574aff7698cf83b4cd81ab17829c22f7d5ccf76faacdbbd",
"created_at": 1713867350,
"kind": 1,
"tags": [
[
"p",
"e88a691e98d9987c964521dff60025f60700378a4879180dcbbb4a5027850411",
"wss://relay.damus.io/",
"mention"
]
],
"content": "nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 I really loved your recent podcast episodes where you talked about all the security concerns on normal hardware devices. So I wonder, in your experience with Coldcard and other \"low hardware\" devices, would you say it is possible to have an ESP32 or similar device (maybe I am just stupid and there already is a coldcard version doing this) that with additional modules (like a camera, a screen and a keyboard) is able to scan a qr code containing an encrypted seed and ask for the passphrase to decrypt it (plus all the other signing stuff)? I am not talking about the 25th word of the seed, but 12 or 24 wordsof a seed that have been encrypted in a file and then converted as a qr code image, so the scan part will have to decrypt it before accessing the seed. The thing I don't like about hardware signing devices is that they assume a seed qr image to be in clear.\n\nMaybe I am just wrong on some level, maybe there is something I am not considering, but I would like to know your opinion on this.",
"sig": "056ec5e7ac4c9deba2f5e501fae080065b5d82bbb0327a8da798ab1450a19509a735dba8818c478703cb024394262dc6b4f7d97ff5ef9fbf103f9f21fd7f5aa8"
}