/biz/ - Business & Finance

>>12699568
why not just encrypt keys on paper?

>>12699636
Because you can use your ledger to interact with metamask, idex, etc.

>>12699636
just took out a CDP on mkr with my ledger, can't do that with a paper wallet. also trading with dexes directly off my ledger.

>>12699636
ledger makes shit sooooooooooo easy

>>12699568
lol these all have backdoors implemented by a certain agency. ledger is a front. sha256 will be cracked at the next halving (2020.) screenshot this.

>>12699568
until there is a fire and you lose this as well as your pass phrase
>never going to make it

REQ is a French company
Ledger is a French company

you have been warned

>>12699844
I keep a slip at my grandmas house as well

>>12699860
the french are also the biggest pussies throughout history you have been warned

>>12699840
Done.

>>12699840
>sha256 will be hacked
this is where i knew you were a faggot

>>12699840
This is pure truth. You all got backdoored, about to be scammed and you payed for the pleasure.

>>12699898

you don't know much about the History of Europe and you shouldn't comment on it

Why you don't use trezor instead?

>>12699568
Yeah, duh. Was my first purchase and biz called me retarded for wasting money on that instead on req at 80 cents kek. Meanwhile mew and exchanges getting hacked left and right

too dodgy to have just 1, it could too easily fail, be damaged, be lost. i keep my cryptos on 5 usb sticks.

>>12700264
Trezor has a nice scheme of how to enter a PIN via the computer/mobile without exposing it - It shows 1-9 in a randomized 3x3 matrix, and you click on a blind matrix on your managing device to indicate the 4-8 digits. This exposes duplicate (and also non-duplicate) digits in your PIN. I guess the security impact is not too high, but it weakens what one could get from a n digit PIN. Also if you use a BIP39 passphrase, you enter this on the controlling device, leaving it vulnerable to keyloggers. I see the threat model has to be pretty complex, attacking you on various channels - compromise your controlling device to steal your passphrase, steal your PIN or seed via completely other channels. But either way, a compromised controlling device reveals a huge part of your security.

Ledger nano s on the other hand allows all those infos to be entered on device directly via a 2-button interface. This is not quick or overly easy, but in my eyes more secure. One button increases a digit, the other one decreases it, both pressed at once confirm a digit for PIN entry. With the latest firmware the starting point of the first 4 digits can be set to random, so observing your sequence of keypresses will not reveal your PIN.

You also have the option to "save" a passphrase to another/different PIN, but this would once again weaken your security. I believe if you enter the passphrase every time even some advanced attacker can't extract your keys from the device - it's just not on them, no matter what.

For the hardware: I don't know too much about the "secure element" on the ledger, I guess it's proprietary (downside) but might add to security (?). The design of the ledger nano s is way better to keep on a keychain, and it might just look like a USB stick - but you clearly need two hands to operate it. The Trezor can be easily controlled with one hand, but less device interaction is needed anyway as more input is taken from the controlling device.

>>12700338
> what is a recovery phrase and/or seed