no hw wallet represents a single point of failure - if it does then it's a wrong setup
Our valued sponsor
Ledger Stax - what do you think ?
- Thread starter CoinMaster
- Start date
-
- Tags
- cryptowallet hardware ledger stax
What do you mean by "multiple signatures for a single device"? Most multi-signer wallet setups distribute the signatures/key shards across multiple devices.
A hw wallet is inherently a single point of failure; it is one device. If that device is hacked or accessed - your assets are lost.
Equally - if you have a single seed phrase; if that seed phrase is leaked, your assets are gone.
After multiple bricked Ledgers years ago I would never give them a single satoshi again.
I prefer the Grid lattice. One seed per card and a nice screen to see exactly what you are signing.
I prefer the Grid lattice. One seed per card and a nice screen to see exactly what you are signing.
fault
double fault
you're not supposed to use hardware wallet this way - if you worry about your device being lost or broken or about somebody finding your seed backup then something is seriously wrong
This is how 90% of people use hardware wallets.
Sure you can have Shamir on a Trezor or have multiple redundancies and distributed partial seeds, but this is far from standard.
Okay got it.
So typically if you have multiple signatures (technically partial signatures not signatures but regardless) for a single wallet this will be a wallet that uses Multi-party Computation (MPC). There is no single key, but rather there are a number of key shards; of which a threshold number of shards have to be used to approve a transaction. The key shards are off-chain and the signing process is also off-chain taking placeat the cryptography layer.
Whereas, if you have multiple wallets controlling a single signature this will be a wallet that uses multisig.
MPC vs Multisig is a divisive topic, but for most use-cases I think MPC is the better solution. A couple benefits you get with MPC that you don't get with multi-sig:
- Blockchain agnostic; since MPC is off-chain, the same cryptography is used across all protocols with the same signing scheme. This means that you have a narrower surface area of attack than relying on the distinctive smart contract implementations of multisig on each chain you want to hold assets on.
- native compatibility with all decentralized applications
- more flexibility in terms of policy creation and access control
- lower transaction fees
- ability to easily refresh keys...
The better comparison would be whether you should be able to access a bank account and move funds with someones email and password or if you should have to have their email + password + authentication through mobile phone + in-person or over the phone verification for a large transfer... in other words; one layer of authentication vs multiple.
Again - I don't think multi-signer wallets are the right fit for most people; but I do think they're a better fit for managing sizable amounts of assets than using a hw wallet in most circumstances.
number of layers, i.e. the complexity of one's security model should be adequate to what one protects
for instance current trend of mandatory 2FA causes more bad than good - it causes unnecessary collateral damage
why do people have to use 2FA to only check their balance or send 20usd?
there is no proper replacement for a hw wallet (i.e. device that stores the entropy, derives the keys and signs transactions offline) ... unless you can do all that in your head (and even that wouldn't be enough)
That seems like a somewhat clunky device, maybe more suited for people with disabilities.
I had the same problem and transferred all my USDT into DAI after a discussion in another thread here on OCT. It's more secure and, according to the gurus on OCT, it can't be frozen.
DAI can be stored directly on Trezor and Ledger BTW.
I think you've missed my point, I've said multiple times that a multi-signer solution is not the right fit for someone holding a small amount of crypto.
I'm purely comparing a hw wallet vs mpc or multisig for UHNWIs/businesses,etc
No definitely not a portable setup if you wanted to take the whole device somewhere but the cards will work in any device.
Very useful if managing multiple seeds since the device can manage unlimited seeds, just program another card.
I didn't study it enough (so correct me if I'm wrong) but the card is just a storage... ergo the computation is done outside of the card... ergo you either have to own multiple devices in all the locations (a not sure what to do while traveling then) or you have to use the card via generic card reader and use some PC software or so ... which is totally unwanted
that's probably the only use-case I can think of...
however you can elegantly achieve this for example with Trezor using multiple passphrases (yes, all the wallets will be based on the same entropy which is mostly unwanted if not all of them are owned/managed by the same person) - so this device would potentially allow sharing with other people BUT I don't think anyone sensible would insert his card with a seed to a device that somebody else was potentially messing with before
am I missing something?
Forum Announcement
-
!NEWS! Wishing You a Joyful Christmas and a Prosperous New Year- Latest: Martin Everson
Latest Threads
-
-
Stripe Payouts to a personal bank account- Started by yngmind
- Replies: 1
-
-
!NEWS! Wishing You a Joyful Christmas and a Prosperous New Year- Started by JohnLocke
- Replies: 1
-
