aljaz on Nostr: you can have 100 separated wallets if you're gonna open that veracrypt drive and ...
you can have 100 separated wallets if you're gonna open that veracrypt drive and keepass on the same computer you use to argue with stranger over the internet it doesn't help you much
clearly there is deniability and at rest security in mind with veracrypt+keepass but accessing that is problematic and the author glances over a large part of a threat model for self custody with everything missing (or omitted) in the post. so i don't think i'm missing anything, i completely understand and see the missing parts of his setup
trusting the machine you are using is a big assumption and should generally be avoided as much as possible (just look at the recent bybit hack). having separate machine only for bitcoin wallet stuff and not connecting it to the internet is basic opsec for setups like this.
clearly there is deniability and at rest security in mind with veracrypt+keepass but accessing that is problematic and the author glances over a large part of a threat model for self custody with everything missing (or omitted) in the post. so i don't think i'm missing anything, i completely understand and see the missing parts of his setup
trusting the machine you are using is a big assumption and should generally be avoided as much as possible (just look at the recent bybit hack). having separate machine only for bitcoin wallet stuff and not connecting it to the internet is basic opsec for setups like this.