it'd be nice if github had better support for rewriting history as part of a PR review process, even something really basic like squashing groups of commits
1
2
31
Conversation
Replying to
squashing on the server would break commit signing. nonetheless, yeah, it would be nice if it handled it better.
2
8
Replying to
it could be there as an option for when none of the commits are signed, which is a common case imo
1
10
(fwiw, my perspective is that i think in practice commit signing has very little value and causes a lot of pain)
1
18
Replying to
one thing that the cryptocurrency people got right is that the hardware wallets have little screens on them so that you can confirm what you're actually signing on the trusted device, not the untrusted one
2
9
58
Replying to
yeah, we like that approach although we question how secure those devices actually are
1
7
There are some quite good options such as coldcardwallet.com with a high level of security.
Trezor pioneered a great design for using a seed phrase + optional passphrase as the basis for an infinite number of derived keys in a hierarchy.
Also N-of-M backups for seeds, etc.
Most traditional HSMs are far worse and have a lot to learn from the far superior approaches in good hardware wallets. Traditional HSMs don't have any reasonable answer to disaster recover for keys securely generated on the device or a way to confirm what's being done with them.
1
2
We haven't personally audited these, so it's hard to comment, but thank you.
2