How do y'all rationalize the closed source secure elements vulnerability. Because I would like one..😐
That’s very easy.
Step 1) suppose the secure element is backdoored
Step 2) stay air gapped forever
Step 3) input your own entropy from dice rolls
Step 4) after signing a transaction, verify the transaction signature on your own node before broadcasting (which I believe but am not certain is done anyway)…just in case the signature is invalid and merely an attempt to disclose private key or seed or something else nefarious.
Step 5) recognize that after the above, a back doored chip can do nothing nefarious other than sign incorrectly, in which case you need a new signing device/hardware wallet.
Step 1) suppose the secure element is backdoored
Step 2) stay air gapped forever
Step 3) input your own entropy from dice rolls
Step 4) after signing a transaction, verify the transaction signature on your own node before broadcasting (which I believe but am not certain is done anyway)…just in case the signature is invalid and merely an attempt to disclose private key or seed or something else nefarious.
Step 5) recognize that after the above, a back doored chip can do nothing nefarious other than sign incorrectly, in which case you need a new signing device/hardware wallet.
🍻1
