few notes
This commit is contained in:
Peter D. Gray
doc-hex
parent
bc49347a69
commit
73bb6b850d
@ -30,6 +30,7 @@
|
||||
Tapsigner Backup
|
||||
Seed XOR
|
||||
Migrate Coldcard
|
||||
Key Teleport (start)
|
||||
Help
|
||||
Advanced/Tools
|
||||
View Identity
|
||||
|
||||
18
docs/spending-policy.md
Normal file
18
docs/spending-policy.md
Normal file
@ -0,0 +1,18 @@
|
||||
|
||||
# Spending Policy
|
||||
|
||||
A special mode where your coldcard will stop you from signing transactions if
|
||||
they exceed a spending policy you define beforehand.
|
||||
|
||||
|
||||
|
||||
## Tips and Tricks
|
||||
|
||||
If you are using a BIP-39 passphrase for everything, you should
|
||||
probably do a "Lock Down Seed" (Advanced/Tools > Danger Zone > Seed
|
||||
Functions) first. This takes your master seed and bip-39 passphrase
|
||||
and cooks them together into an XPRV which then is stored as your
|
||||
master secret (not a seed phrase anymore). This process cannot be
|
||||
reversed, so other funds you may have on the same seed words are
|
||||
protected. Once you are operating in XPRV mode, you can define a
|
||||
spending policy and know that it is restricted to only that wallet.
|
||||
@ -62,7 +62,7 @@ but we may find other uses for it.
|
||||
- multiplies that private key by server's known public key
|
||||
- apply sha256(resulting coordinate) => the session key
|
||||
- apply AES-256-CTR over URL contents (ascii text)
|
||||
- prepend 33 bytes of pubkey, and base64url encode all of it
|
||||
- prepend 33 bytes of pubkey, and then base64url encode all of it
|
||||
- full url is: `https://coldcard.com/2fa?{base64 encoded binary}`
|
||||
|
||||
## Trust Issues
|
||||
|
||||
Loading…
Reference in New Issue
Block a user