Fanis on Nostr: It only affects Legder Recover users. But what's interesting is that any HW company ...
It only affects Legder Recover users.
But what's interesting is that any HW company could theoretically publish an update that extracts the seed. Or, more realistically, an attacker could publish a compromised version of the firmware that does this.
As long as we don't have Secure Elements capable of doing secp cryptography, verifying the software you run on your signing device is a critical part of its security.
But what's interesting is that any HW company could theoretically publish an update that extracts the seed. Or, more realistically, an attacker could publish a compromised version of the firmware that does this.
As long as we don't have Secure Elements capable of doing secp cryptography, verifying the software you run on your signing device is a critical part of its security.