-
@ stevi
2025-05-17 22:51:36for context: the server is the only one that can co-sign after the wait. this tradeoff limits attacker power but creates risk in edge cases like full block unavailability. a 2-of-3 wallet protects against loss and theft but not both at once. will think a bit more about what our options are without breaking the principle that this must stay secure and that block can’t act on its own.