Pages:
Author

Topic: Anyone use a COLDCARD hardware wallet? - page 3. (Read 598 times)

hero member
Activity: 714
Merit: 1298
October 26, 2023, 06:50:59 AM
#7
* Takes open source to the next level: The open source code can be viewed, verified and compiled directly from the device itself.
This is not correct. Coldcard is not open source, but rather, it is "source verifiable".

You can see their license here: https://github.com/Coldcard/firmware/blob/master/COPYING-CC


License: MIT


Code that is not actually open source is bad for the product and bad for the ecosystem. If no one is actually allowed to use their code in other products, then you are going to have far fewer sets of eyes on the code since there is far less incentive for people to spend their time examining it.

Being under MIT licence ColsCard code is allowed to be used virtually with no restriction.  According to fossa.com  MIT-licence-code can be used in any software, including commercial one, can be   modified and redistributed. Two miserable restrictions:  "you can’t hold the code author(s) legally liable for any reason. You also can’t delete the copyright notice and original license from your version of the code".

What is your problem with MIT licence?

Coldcard is not open source.

I have the opposite view. Being under MIT licence it's open source.
hero member
Activity: 882
Merit: 792
Watch Bitcoin Documentary - https://t.ly/v0Nim
October 26, 2023, 06:00:57 AM
#6
* Takes open source to the next level: The open source code can be viewed, verified and compiled directly from the device itself.
This is not correct. Coldcard is not open source, but rather, it is "source verifiable".

You can see their license here: https://github.com/Coldcard/firmware/blob/master/COPYING-CC
You can understand why this distinction is important here: https://nitter.cz/sethforprivacy/status/1651039483419058177

Code that is not actually open source is bad for the product and bad for the ecosystem. If no one is actually allowed to use their code in other products, then you are going to have far fewer sets of eyes on the code since there is far less incentive for people to spend their time examining it. Open source code encourages competition which furthers development, which ultimately is good for bitcoin.

I'm getting fed up of various projects claiming to be open source when they aren't, or claiming their not-open-source license is just as good as open source when it isn't. Open source has a very specific meaning and is very important to the ecosystem. Coldcard is not open source.
When coldcard was created, they came up with an unmatched security, right? It's true that they copied others and use their work but Coldcard still came up with more unique product that no one has created before. At the same time, we have to keep in mind that bitcoin hardware wallet is a business. When ColdCard left their code open-source, The Passport Foundation copied them, improved some UI details if I am not wrong and become a Coldcard's competitor. This means loss of customers, loss of sales and all these because someone copied your code and put it in a new design.
Let's say ColdCard left their code open-source and there comes someone with ten times more money for marketing, manufacturing and so on. They take ColdCard's open-source wallet, create a new hardware wallet, spend ten times more in marketing than coldcard and will build a great business on ColdCard's work.

I don't see anything wrong with Verifiable Source Code. It's a business, I think it will even demotivate people to start a business if their work might be copied super easily. I don't think anyone shares the belief of Nikola Tesla in a modern capitalism where you are nothing without money.
legendary
Activity: 2268
Merit: 18771
October 26, 2023, 04:59:54 AM
#5
* Takes open source to the next level: The open source code can be viewed, verified and compiled directly from the device itself.
This is not correct. Coldcard is not open source, but rather, it is "source verifiable".

You can see their license here: https://github.com/Coldcard/firmware/blob/master/COPYING-CC
You can understand why this distinction is important here: https://nitter.cz/sethforprivacy/status/1651039483419058177

Code that is not actually open source is bad for the product and bad for the ecosystem. If no one is actually allowed to use their code in other products, then you are going to have far fewer sets of eyes on the code since there is far less incentive for people to spend their time examining it. Open source code encourages competition which furthers development, which ultimately is good for bitcoin.

I'm getting fed up of various projects claiming to be open source when they aren't, or claiming their not-open-source license is just as good as open source when it isn't. Open source has a very specific meaning and is very important to the ecosystem. Coldcard is not open source.
member
Activity: 302
Merit: 46
NO SHITCOIN INSIDE
October 26, 2023, 12:10:31 AM
#4
The coming ColdCard Q1 is equipped with  camera which will secure  communication with software wallets via optical channel. Thus I would wait for Q1 model.  


Never heard of the Q model before. The secure camera for QR codes is the best new feature. I guess that's what the Q refers to.

Sounds interesting but has no release date. The company says they hope to put it out Quarter 1 2024.

hero member
Activity: 714
Merit: 1298
October 25, 2023, 06:59:18 AM
#3
 Not to take anything away from the latest  available ColdCard model, i.e. MK4,  I should mention that it lacks camera . That is why I have acquired Passport 2 which allows to be paired with software wallets  via QR code. The coming ColdCard Q1 is equipped with  camera which will secure  communication with software wallets via optical channel. Thus I would wait for Q1 model.  
hero member
Activity: 882
Merit: 792
Watch Bitcoin Documentary - https://t.ly/v0Nim
October 25, 2023, 02:54:06 AM
#2
I always thought the Coldcard was a great hardware wallet
Coldcard is definitely a great hardware wallet, their hardware's security is a gamechanger in bitcoin wallets. Coldcard and The Passport Foundation are both great wallets. TPF is built on Coldcard's code.

And unlike Trezor the Coldcard is bitcoin-only so no shitcoins supported. It also seems to be built like a tank.
I will be getting one next time they have their 20% off Black Friday sale.  Grin
There is nothing wrong with supporting altcoins. Personally, I will be more than glad to purchase a wallet that offers as much security as ColdCard and also offers altcoins. But still, I like that they only focus on Bitcoin, their message is clear.

By the way, main difference between Trezor and Coldcard is that Coldcard is a superior wallet when it comes to security and features, overall, it is an ideal wallet, both, CC and Passport are great choices! 
member
Activity: 302
Merit: 46
NO SHITCOIN INSIDE
October 25, 2023, 01:44:16 AM
#1
I always thought the Coldcard was a great hardware wallet, but never knew the head-spinning amount of security features it has on it, because I never looked at it before in much detail.

It blows away every other hardware wallet in terms of sheer amount of features, almost too many to list.
Many of them appear to be unique to the Coldcard, and doesn't cost much for what you are getting.
The Trezor Model T doesn't have a fraction of the features but cost $60 more.

And unlike Trezor the Coldcard is bitcoin-only so no shitcoins supported. It also seems to be built like a tank.
I will be getting one next time they have their 20% off Black Friday sale.  Grin

https://coldcard.com/


Some of the features:

* Supports Bitcoin only.

* Dual Secure Element chips

* Takes open source to the next level: The open source code can be viewed, verified and compiled directly from the device itself.
  
* True Air-gap - Only signing device (hardware wallet) with option to avoid ever being connected to a computer, for its full life cycle: from seed generation,
   to transaction signing. Uses PSBT (BIP174) natively.

* MicroSD Back-up - allows truly offline signing by transferring unsigned/signed transactions  sneakernet

* NFC tap for all data types, PSBT, address, etc.

* USB virtual disk mode

* Extensive duress PIN features

* AirGap SneakerNET - maximum security when transferring data between devices

* BIP39 passphrase supports multiple hidden wallets

* Anti-phishing words

* Genuine vs. Caution lights

* Clear see thru case design so you can see if wallet has been physically tampered

* Dice roll and provable bitcoin seed generation




Pages:
Jump to: