I heard there's a small chance secret service might have invented xmr

Better yet, the NSA

Nicholas SAberhagen

NSA

What's the goto if that gets revealed as true? Zcash?

side-trips[m]: Wownero

side-trips[m]: Zcash was invented by nsa

One of the trusted signers is even snowden lol

Criminal scammer

Dev fee 20%, guy always side talking monero and boosting his bags

Zcash an an alternative to what? Another scam, perhaps.

Tech is only as good as its implementation

<ofrnxmr[m]> "One of the trusted signers is..." <- he's such a traitor, can't believe he released our national secrets and fled to russia.

he was probably a russian spy even before he released those documents.

And shilled zcash the whole time

<side-trips[m]> "I heard there's a small chance..." <- And if it was, who cares? We're here now

Feel like they could have some backdoors or 0-days

<side-trips[m]> "Feel like they could have some..." <- Unless, you have a strong and concrete reason to think otherwise, who cares right? I mean, It will always be impossible to prove a negative and It might be easier to target low hanging fruit. Why target monero itself, when you can target the super insecure computers and smartphones most people are keeping their coins on, lol

That being said, we shouldn't let our guards down and still verify, but I wouldn't lose my sleep over it.

Monero will end involuntary taxation.

From the two companies that do Monero hardware wallets, Trezor and Ledger, what do people here prefer and why?

Ledger just added kyc backup for your key

can just not use it

<chesterfield[m]> "Ledger just added kyc backup for..." <- Yeah, I'm aware: beincrypto.com/ledger-recover-cloud-seed-phrase-feature

That is one of the reasons I'm leaning Trezor. But they are big Block stream ass lickers, so I would prefer something else. But seems they are the best option for Monero.

<DataHoarder> "can just not use it" <- Still, Ledger is closed source that already makes Trezor 2x better

There's also the WIP Monero firmware for the Passport wallet

is trezor hw open source? I guess they don't include a secure element

ledger apps themselves are open source, though

secure elements are finicky cause, yeah, not many out there are open source

DataHoarder: Apps?

I'm talking about the hardware and firmware

but without the secure element you can just extract the keys from an offline token (then just protected by pin, bypassing limits)

Both of those are open source for Trezor

stuff like github.com/LedgerHQ/app-monero

yep, trezor to do that lacks a "secure element"

which opens a different kind of attacks, making a "pin/password tries limit" not really hold up

The passport wallet has a secure element iirc

is that secure element also open source? I need to refresh my memory in the ones that are

Don't think so, but everything else is

Ledger also had many data leaks in the past

yeah using any of their "cloud" or "site" services is insane

don't do it

thankfully not related to the hw itself

both Trezor / Ledger have also been affected by security issues, Trezor response is nice

but most of Trezor ones keep coming up all the time and some are unworkable due to physical access = memory stolen

I think I have the initial Passport version around

cockliuser[m]: What I say will be controversial, but most hardware wallets were never supposed to be invincible, nor for long term storage of crypto. They were just supposed to be a convenient way of holding a small amount of crypto for transactions in a "secure enough" way against casual attackers.

^ I use them mainly for multisig setups

Hardware wallets are just small airgapped computers

it's convenient indeed

cockliuser[m]: They're much more secure than software wallets IMO because of the airgapped part

But closed source ones add that element of "trust" that I don't like

ledger is not airgapped because it technically can send out the seed

dreamcity[m]: I can do the latter on a regular computer or phone, too. So if that was the goal, why buy an extra device?

cockliuser[m]: More secure than hot wallets (sw wallets on a pc connected to internet)? Sure. Compared to an airgapped pc wallet, It's not always obvious which one is more secure and It depends a lot

Yeah but most people aren't going to set up an airgapped computer for signing transactions

<k4r4b3y[m]1> "I can do the latter on a regular..." <- I don't disagree, but a hardware wallet is always going to be a bit more secure than a regular smartphone (even the "insecure" and poorly implemented hardware wallets), It's still a little peace of mind even for small transactions. But your point stands indeed.

dreamcity[m]: > <@dreamcity:matrix.org>

> I don't disagree, but a hardware wallet is always going to be a bit more secure than a regular smartphone (even the "insecure" and poorly implemented hardware wallets), It's still a little peace of mind even for small transactions. But your point stands indeed.

the point isn't whether a smartphone or a hardware wallet more secure. The point is, for small amounts (as you posit the scenario) you don't need that high security anyways.

About as secure as your trust level in the company

Ledger doesnt even show correct xmr seed

Break your usb port or screen, then what?

ledger releases a breaking update OTA, then goes out of business, then what?

Do you trust that your ledger will work in 15 years? Or plan on buying the lastest every couple years?

seed engraved on a steel plate to the rescue

so why would i need a hw wallet

If i have a seed backup, hw wallet doesnt protect ne

Purpose of hw wallet it to avoid being brute forced, no?

sech1: This, but unironically. For long term storage, encrypted paper wallets at multiple physical locations + brain wallet (remembering the key) should be more than overkill to not lose keys

To be able to spend without ever risking keys

ofrnxmr[m]: If you plug in your hardware wallet to an untrusted computer connected to internet, you are taking a small risk (there can be vulnerabilities and It happened in the past in some hw vendors)

safer if i just use ny phone

Plugging into random usb ports, or devices ive left unattended = sill to me

Store my big bucks on a paper wallet

Probably just as easy (easier) to crack into my bank app as to get into cake wallet

I dont use a hw wallet for my bank app 🫡

<sech1> "seed engraved on a steel plate..." <- > <@sech1:libera.chat> seed engraved on a steel plate to the rescue

14:59:11 <ofrnxmr[m]> Do you trust that your ledger will work in 15 years? Or plan on buying the lastest every couple years?

redpill me on this. I understand that the steel plate protects against fire hazards, but I can't bring myself to have my seed words lying around unencrypted, easy for the seeing.

no, as sech1 said, seed words stored

I setup an extra "passphrase" each time to use the ledger/trezor/etc.

you can engrave an encrypted seed on a steel plate, and keep the password in your head

Monero CLI/GUI wallets have support for this

sech1: > <@sech1:libera.chat> you can engrave an encrypted seed on a steel plate, and keep the password in your head

cool.

<sech1> "you can engrave an encrypted..." <- why not qr code on paper

paper burns

it can also decompose

not safe long term

cover it in plastic

if you keep a password in your head you can keep a seed in your head

but the head is not a safe place for anything

nioc: i save all my password in a memory palace

but yeah i hit by a car and i will forget everything

nioc: It is safe, but It's still better to have backups, just in case.

mlcboss[m]: > <@mlcboss:matrix.org> i save all my password in a memory palace

>

> but yeah i hit by a car and i will forget everything

If you forget everything, you can forget where you put your steel plate too :P . At some point, you will have to cut corners and not be too paranoid

it is safe until it is not

as always people have different risk tolerance

sorry guys but my coins will still be able to be used after imma gone :D

<dreamcity[m]> "> <@mlcboss:matrix.org> i save..." <- i store my paper seed in my wallet

my favorite band on Project Coral Reef no longer takes XMR at their store :sad_pepe:

<lza_menace> "my favorite band on Project..." <- why? government ban?

no, aliens

Can we sponsor aliens to start making Monero themed crop circles

best marketing idea ever

Would you give out your monero address or generate a new address within your wallet for each person?

riceandbeans: New address per person

How many addresses can I have with a wallet?

riceandbeans: infinite

That's my favorite number