Why Nostr? What is Njump?
2024-04-20 14:06:24
in reply to

NVK on Nostr: > Multisig with the same device is like using a passphrase, but more convenient It's ...

> Multisig with the same device is like using a passphrase, but more convenient
It's the user's decision. I can use every signer on the market multiple times in one setup

One of the many issues with this is that SS is closed platform without any tampering protection. It is trivial for someone to load evil firmware accidentally or be tampered with in their absence. The device can then broadcast the private key to an attacker. Multi dig with multiple devices also de-risks bugs, say for example bad entropy.

> I think the software is portable to other computers and even microcontroller.

the team has state multiple times they are don't interest in porting to actual embedded platforms. It is not an easy task as they are not embedded developers, don't have security experience and depend on some of the Linux stack.

> I don't think there is a truly open hardware platform at the moment. if that changes, we will see whether the project goes down this path.

there are many options are that orders of magnitude more open and less complex. Like Krux and specter DIY, jade, etc...

As a side note, raspberry pi was a platform created for education, it is not designed for critical operations. It is just a full Linux computer like your laptop. And we all recommend that people don't use laptops for signing.
Author Public Key
npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8