akatopaz
commented
6 years ago Dear crystalneth,
The secondary wallet is not meant to be secondary. Its purpose is to be the hidden cold wallet. The PIN to be revealed to an attacker is the primary wallet. That's how it has been engineered.
If you consider the secondary wallet as a low security wallet then your funds are at risk in the primary wallet.
This is why I tend to call the secondary wallet the hidden identity (stealth), as there are no way to know it exists if the attacker is only given the primary identity PIN (and considering the device is not plugged when extorted).
The reason the secondary is the hidden identity is that in the end, the attacker could make you tell him where you hid your recovery 24 words, the passphrase shall remain in your brain.
Hope this answers your problem.
An easy method to distinguish whether user is signed in with "Attach to PIN" wallet assuming the secondary PIN is given to the attacker.
Steps:
User 1) Set up Attach to PIN wallet
Attacker 1) Sign in to with extorted "Attach to PIN" PIN 2) Observe bitcoin receive address 3) Set up any Attach to PIN wallet while still signed in 4) Observe bitcoin receive address 5) The receive address has changed as you are automatically signed in with the new backup wallet. If you signed in with main wallet, the receive address has not changed.
Attacker now can extort main wallet address with knowledge of an existing secondary wallet.