I wouldn't mind having one private key of a multisig setup in a hot wallet. It's more convenient and allows for quicker signing. At the same time, I would make sure that the other keys are generated in more secure environments, like hardware wallets and/or airgapped computers. Like you said, that one (hot) key isn't enough to broadcast transactions but I would personally not be ok to have it backed up on the cloud. Is that a must? Do they have an option to not have it backed up in the cloud? it would be better if the user had a say and could opt in or out of cloud backups.
Perfect. You got the point of my question.
The backup method that is suggested by Casa opens up a very large spectrum of attacks, if it's saved on the cloud.
But, having one hot-key in a 2-of-3 and keeping an offline backup of the key, seems ok to me. Because, if you think about it, it's much better than a hot wallet and even better than a single-sig offline wallet. Losing one key (even the hot one) doesn't lead to any loss of funds. And if the key is compromised, the thief can't do anything with it.
One problem that I 've found is that mobile wallets (BlueWallet, Nunchuk etc.) don't work well with most hardware devices, except the ones that use QR codes, which is a very safe option, but not all hardware wallets support it.
