What is Nostr?
jb55 / Will
npub1xts…kk5s
2024-03-31 15:28:58
in reply to nevent1q…v4dd

jb55 on Nostr: At the end of the day using a hardware device is going to be way more secure than ...

At the end of the day using a hardware device is going to be way more secure than exposing your private key to a general purpose computer.

If vendor and supply chain attacks are in your threat model, then use multisig, otherwise single-sig + passphrase with an airgapped coldcard device should be ok and is simpler to backup over long periods of time. This was my goto-recommendation for ages but I’m not sure how long that will be if supply chain attacks ramp up.

Alternatively you can just do a 2of2 or 2of3 multisig with two different hwws and a tapsigner for convenience. Just make sure to have plate backups for both wallets stored in two physically separate locations.

This is a bit more complicated, this is why Ive always like the simplicity of singlesig + passphrase. Passphrase acts like a two factor in case the physical security of the seed is compromised.
Author Public Key
npub1xtscya34g58tk0z605fvr788k263gsu6cy9x0mhnm87echrgufzsevkk5s