[...]
I wonder how long before someone figures out a way to update the firmware so that it creates an unencrypted backup of your seed on the microSD card
I wonder how long before someone figures out a way to update the firmware so that it creates an unencrypted backup of your seed on the microSD card
I have tried the backup option. It creates a 12 word mnemonic that acts as the pass phrase to decrypt it.
Huh ?
What kind of backup is being generated if you still need your 12 word mnemonic ?
Are you sure that you need your mnemonic seed to decrypt the backup file ??
IMO, this wouldn't make much sense. The mnemonic seed should be the backup itself.
As i have understood it, it generates a backup (= encrypted mnemonic seed) which needs a password(?) to be decrypted.
It makes perfect sense since it adds a level of security, if your seed is compromised your funds are gone unless you use a passphrase, the passphrase for the backup is not your seed it is to decrypt the backup which has your seed, if the attacker gets access to your backup passphrase but not to the backup itself you are still safe. Of course you would never have the backup and the passphrase for the backup in the same location.
You understood correctly, but in this case the passphrase to restore the backup it is 12 words, the backup I believe it also includes the pin, duress pin, and brick pin.
The only thing that is missing is a timer lockdown to view the seed, it should only show the seed after a given period of time set by the user, this way if you are not very careful with the wallet while using it on a public place you are still safe.
The seed has to be backed up somewhere, having it on a piece of paper has a higher risk than storing it on an encrypted file, and a hardware wallet is the perfect device for doing the encryption.