reply on: For individuals - split seed phrase, seed phrase and passphrase, or multisig? \ stacker news ~bitcoin

pull down to refresh

32 sats \ 4 replies \ @Scoresby 22h \ on: For individuals - split seed phrase, seed phrase and passphrase, or multisig? bitcoin

I would never use a 2 of 2 -- either splitting a seed phrase, doing a single sig with pass phrase -- it seems to me that you only increase complexity and risk that something goes wrong for very little increase in security. I'd sooner do a single sig or jump up to a multisig.

A 2 of 3 multisig is really easy to make in Sparrow or things like Bitcoin Keeper, Liana, Nunchuk, and Bitcoin Safe.

While multisig is a little more complicated, you gain a number of great benefits (most of which you point out): you can lose a key without a catastrophe, you can sign txs without bringing the keys together, and you can use different signers with each key so you aren't dependent on any one manufacturer.

0 sats \ 3 replies \ @BitcoinHandsOn OP 21h

Multisig is definitely the solution everyone points to, and I know it's a good solution in many cases.

But I'd love to hear some more about how exactly something that is a WHOLE LOT more simple and accessible to people (the first 2 options I list, geographically splitting either a 24 word seed phrase, or a seed phrase/passphrase), is such a bad idea, if you want to upgrade from standard single sig. I don't understand what's wrong with it, if you have some redundancy.

Also here's an interesting video - https://www.youtube.com/watch?v=7BAg5h4Lf2o - it's an interview with Peter Kroll, inventor of the paper wallet. He has a new setup now, that he's teaching, with 4 levels. level 1 - custodial lighting wallet level 2 - self custody bitcoin, in something like blue wallet, on phone, and steel seed phrase backup somewhere in house level 3 - new phone, always cold, no sim card, no email except decoy always turned off for cold storage with blue wallet , hide cold phone in home, also steel seed phrase backup at home level 4 - 2 of 2 multisig in Blue Wallet. Get another phone, same setup. Both phones have to authorize in order to sign. This phone, with steel backup, is given to family member. Another backup of seed B is in bank safety deposit box.

He's also not a fan of hardware wallets.

53 sats \ 0 replies \ @jamesviggy 20h

I’m not sure splitting a recovery seed is much of an upgrade from single-sig - at least not in the way multisig is. It’s definitely better than keeping your private key sitting in one place, like your sock drawer, but if your Bitcoin is still secured by a single signature, then someone with a gun can still coerce you to unlock your hardware wallet.

The real advantage of a 2-of-3 multisig setup is that there’s never enough information to spend the Bitcoin in any one location. No single compromise gives an attacker control - and that’s a true security upgrade.

32 sats \ 1 reply \ @Scoresby 20h

I suppose I'd say splitting your seed in half is not an upgrade at all. Youve actually made yourself more vulnerable because you have two secrets you need keep safe. If either one is lost, you lose your coins. I don't know that you even get much resistance to theft. You still need to bring the full seed together to sign a transaction. What is the value of this construction?

0 sats \ 0 replies \ @BitcoinHandsOn OP 20h

Here's my thoughts on it:

This is only valuable for a very cold storage situation - your stash that you want to keep safe, and (almost) never spend from
It's an upgrade from single sig, in terms of resistance to violent theft. If you're keeping your seed phrase in your house, and someone breaks in and threatens you, you may give it up. If you have to actually go to another location, you're more resistant to this kind of attack
Multisig is better, but much more difficult than just splitting the seed. Splitting the seed makes intuitive sense. Multisig does not. People who are knowledgeable about bitcoin often have a hard time putting themselves into the mind of a beginner - or even an intermediate user.
Each "site" (location that you're keeping the secret) would have a backup. Like, you'd have a hardware wallet, and steel backup.

I'm not saying that splitting your seed, or doing a seed phrase/pass phrase as written up above is THE BEST security, better than multisig.

But, it really does seem that it might be a good step, between single sig and multisig.

I'm definitely interested in people's feedback, though. Maybe check out the video from above, see what you think.