[codex] Clarify hot vs cold wallet taxonomy#449
[codex] Clarify hot vs cold wallet taxonomy#449welttowelt wants to merge 2 commits intosecurity-alliance:developfrom
Conversation
welttowelt
force-pushed
the
codex/clarify-hot-cold-wallet-taxonomy
branch
from
9b3727c to
df9005e
Compare
|
Thanks for your contribution! This PR needs approval from @pinalikefruit as steward of the framework updated :) |
built with Refined Cloudflare Pages Action⚡ Cloudflare Pages Deployment
|
pinalikefruit
left a comment
pinalikefruit
left a comment
There was a problem hiding this comment.
Thank you for your support @welttowelt and for take the time to improve the docs.
scode2277
left a comment
scode2277
left a comment
There was a problem hiding this comment.
Thanks again for the contribution @welttowelt and thanks @pinalikefruit for the quick review!🙏🏻
Good to go @mattaereal!
frameworks-volunteer
left a comment
frameworks-volunteer
left a comment
There was a problem hiding this comment.
Model: z-ai/glm-5.1 Reasoning: medium Provider: openrouter
Approved. Two precise factual corrections, both improve accuracy:
-
The 'Did you know?' callout now correctly states that exchanging transaction data via USB/Bluetooth/QR/SD does not make a cold wallet hot -- the key distinction is whether the private key remains isolated from the internet-connected system during signing. The old text incorrectly implied USB connection makes it "technically hot," which was misleading.
-
Account abstraction and multisig wallets correctly moved out of the cold-wallet subtypes list -- they are account/authorization models orthogonal to the hot/cold key-exposure axis, and can use hot signers, cold signers, or both.
Security: clean -- no code, no secrets, no injection surface.
QA: spelling pass, CI green, frontmatter untouched, no broken links.
4 participants
Summary
This narrows the cold-vs-hot wallet page to two factual corrections:
Why
The existing page mixes key exposure with account and authorization models. That leads to two clear category errors:
Validation