SeedSigner or Specter-DIY

[mmikeww]

I'm just now investigating SeedSigner. These solutions offer the advantage of using off-the-shelf components that you personally assemble. This reduces the risk of the hardware wallet vendor compromising the hardware.

In addition, these devices do not store the seed phrases on the device itself. This means that you need to re-enter the seed phrase when the device boots. This has pros and cons.

Pros:

• Privacy. You avoid exposing your home address to vendor companies. We've seen the Ledger leak already
• Cost. It only requires ONE device for your entire multisig setup. Now, you don't have to worry about buying multiple devices, and storing multiple devices. You just need to worry about storing/securing your multiple seed phrases. When you want to sign with a different signature, you simply just input a different seed phrase at the start. SeedSigner simplifies this by just scanning a QR which contains your seed.

Cons:

• Inconvenience. Well not really. Scanning in your seed phrase is not much more effort than inputting a 25th word passphrase
• Reliance on a single software/hardware solution. Since we only need one device, a critical bug could compromise the multisig.

Both SeedSigner and Specter-DIY both use animated QR codes for airgap (ala the Keystone in the current recommendation), whereas the Coldcard is not fully airgapped since it requires USB cable or SD card.

I don't know if its worthwhile to change the guide to this solution, but I thought its worthwhile for discussion. If the risk of using one device is too large, perhaps consider replacing Coldcard (which has closed source components and no camera for QR codes) with a SeedSigner in the recommended setup

[BrutusBondBTC]

I thought about this too and am considering sending Flaxman an email to see what he thinks about it. I know there's no secure element, but we can keep the air gap and I love the QR Codes from a UX perspective. My wife will never be able to use Electrum on Tails, but I am thinking about doing a pull request to teach people how just in case. Now that we have all these cool Nostr things, I'm considering making videos too.

[mflaxman]

Sorry for the delay on responding, and thanks for the comments!

I'd like to add a bunch of hardware wallets (seedsigner, DIY, Jade, Passport, Ledger, etc), and perhaps even some software wallets. I don't think any of these are perfect (nor are my top 2 choices that I put in the guide and I still think are the best defaults), but we're at a point where the additive security of multisig makes sense to let people judge the risks themselves and diversify their hardware wallets as they see fit.