Use A Seed Signer With Cold Power

Use A Seed Signer With Cold Power

It's that time, again--The bull market which happens every 4 years like the Winter Olympics. We've surpassed the previous USD/ATH. This is the 498th resurrection of our beloved bitcoin, but you know what really turns my crank? Bitcoin cybersecurity!

I love digging into the nitty-gritty of cryptography not CrYpTo and finding creative ways to use my toy collection. I mean, hardware wallet(a.k.a. signing devices) collection. Nah, they're toys. Yesterday, as I was playing with my toys, I was inspired to use my seed signer after a long hiatus. To be clear, I love the Seed Signer. It has some neat features:

  • Generate seeds with the entropy from a picture
  • Hand drawn QR codes for easy seed backup
  • You can DIY
    plug

It looks cool too, but for the record, I wouldn't use it for a single sig wallet because it does not contain a secure element. According to NVK, there are zero days and supply chain attacks you can't really mitigate with the seed signer. Although I think this is a fair criticism, it can be useful:

  • As an educational tool
  • Part of a multi-sig backup.
    Michael Flaxman, in his 10X Your BTC Security Guide, suggests removing a Wi-Fi card and hard drive from a computer, boot up TAILS, plug your computer into an RJ45 port with an Ethernet cable for Internet access, navigate to https://seedpicker.net/ on the default TOR browser, unplug the Ethernet cable from the RJ45 port, and generate the seed for your paper wallet. That sentence is too damn long, but this is indicative of how cumbersome this method is.

This was necessary when he wrote it since we did not have as many hardware wallets back then as are on the market today. In my cybersecurity opinion, and I am not a certified cyber security expert, buying a seed signer requires less technical know-how than using Flaxman's guide. This is not a criticism of Flaxman, his guide is one of my favorite things ever written about bitoin because of it's educational value. If you want to learn about extreme cybersecurity, Flaxman's guide makes an excellent lab. We assume no network security model is 100% secure, so we never risk compromising our keys by ever connecting to an Internet-connected device. It's a hell of an education.

Seed Signer Is For Everybody

seed signer

Say you work a full time job and didn't spend the majority of your free time learning this stuff during a pandemic. Or maybe you're like my wife. She think's Bitcoin is cool now, but this one time she walked in on me with my Cold Card plugged into a 9v battery and said, "See. I'm never using whatever the %$&! that thing is. My wife is never removing a Wi-Fi card from a laptop. If you're like my wife, the Seed Signer is right for you, if you want to use multisig. It's also not imperative to use the 9v battery if you don't want to. You can just plug it into a wall outlet like everybody else.

I want to start bringing the Seed Signer to my local meetup, but it's at a brewery and I don't want to be a wallflower because I need to plug the damn thing into an outlet so I thought, “Why not try the Cold Power with my Seed Signer?”

I found one of my magnetic micro-USB adapters and plugged it into the Seed signer, Then I plugged the battery in. My switch is on because the flimsy plastic switch broke the first time I turned it on, but it still works. I just broke it with my fat thumbs.

It felt as if it took as long as a difficulty adjustment to boot-up, but in reality it was about the time it takes the Liquid Network to find a block. I proceeded to take a picture and write down a 12 word seed. I plan on using this with the Nunchuck testnet wallet to show people at my local Meetup how to create seeds and take self-custody of their Bitcoin. Again, I would not use this as a single sign because there are more secure options, but it is a great tool for teaching Bitcoin cybersecurity and can be a great wallet that can mitigate the risk of supply-chain and retirement attacks when used as part of a multi-sig quorum. I can also now use it in the middle of a brewery. I'll write about how this goes the next time I get down there.

Why We Use The Cold Power

Cold Power

I placed one of those magnetic adapters I bought on Amazon into one of the power holes. Power holes is a technical term for microUSB. This is because the Cold Power does hooks up to a cable that does not transmit data, only Power. Get it? It's like a cold wallet, but instead of a wallet, it's a power cable. You hook this cable up to a technology which was invented in 1836, a [battery]. 9V batteries contain no data. It is only Power, but most of us must trust Coinkite. Maybe they programmed the green part to be a bitcoin stealing script. I doubt this and think Coinkite is an honest company, but the awesome sauce thing is, the little magnet I bought on Amazon does not allow the transmittal of data. I don't need to plug in a charger that might be compromised.

This might sound paranoid, but in Tools of Titans, Samy Kamkar, malware has even been found in cigarette lighter chargers. Imagine a fix of nicotine costing you you entire life savings. That's not likely to happen, but why take a chance? It's better to spend several thousand sats on a charger and a 9v battery than lose your whole stack.

According to Wired Magazine, he can also learn the keystrokes you're typing on your laptop keyboard through a window. This means typing a seed onto a laptop might not be the best idea even if you are afraid of this. It is better to take a picture and use the entropy from the random picture.

Powering The Seed Signer With A Coinkite Product

Seed Signer and NVK, the CEO of Coinkite seem to have some beef on nostr, but it's none of my business. The part I find interesting is a product made by Coinkite works with a product made by Seed Signer. This was made for the Cold Card, but it works with a hardware wallet made from someone else. Too bad politics isn't more like that. It's nice to see two rival companies make products that are compatible with each other, but that's just the way free and open source software like bitcoin is. Seeds from Coinkite can be used with the Seed Signer. Maybe that's okay if it's only $1,000 worth of bitcoin on the Seed Signer. You don't need to go to Defcon 5 for every single sat. It's not practical. Sure, if the NSA was after you and wanted to steal your $1,000 worth of bitcoin from you, they could probably do it. Why would they spend ten thousand dollars to do this to you? This is not in most people's threat models.

Wait...Then why do you need to use the 9v battery thing-a-ma-jig? I technically don't need to , but we could also use this for a multi-signature quorum? What if you took your wallet to a safe deposit box, but the vault does not have a plug?

no plug

I created this key with no power outlet at all. This means I could do this in the middle of Alaska where there's no cell phones, where you only need to worry about bears stealing your seed phrase... That's a bit much, but it's possible.

I was not able to take a picture on the same battery charge so You might want to use a fresh battery if you ever try this yourself.

Thanks for reading.

✌️

npub1marc26z8nh3xkj5rcx7ufkatvx6ueqhp5vfw9v5teq26z254renshtf3g0no

869,719

As Seen on Nostr