late night crew

bi-annual reminder:
hardware wallets aren't cold

Spicy addendum: if the public key an address is derived from is exposed, it's also not cold.

BDFL of Quilibrium, Eng @ Farcaster, ex-Coinbase, always opinionated, never hydrated

/quilibrium

that is indeed spicy 
can you expand why you say that

oooh i see the angle 
in such a scenario wouldn't derived addresses also be able to be worked backwards to the public key then? 
or is that much harder compared to working public to private key backwards.

Cold separation is intended to avoid any risk of key compromise, for long term storage. If you're using cold storage for long term but not also hedging bets on quantum compute or advancements on discrete logarithm attacks by keeping the public key also contained cold (as the hash is presumably QC safe), then your cold storage strategy is not fully risk adjusted.