pull down to refresh

Most people's setup is probably this: single sig, seed phrase on steel plates (which relies on the physical security of the plates) and a passphrase (on steel or memorized).
Let's say you have a relatively small stack with that kind of setup and you're moving abroad indefinitely.
If you take the plates with you on the plane in a carry-on bag or in your pocket, they may get seized or airport security may take photos of them. Checked luggage is even worse, because you wouldn't even know.
Memorizing anything is only as good as your memory. A passphrase may be easy to memorize (you can use strings that only mean something to you while still maintaining a good amount of entropy), but seed phrases are much harder. Steganography may be a better option.
If you're not taking the plates with you, you want to destroy them. How would you go about that?
If the route you're taking compromises the original seed phrase, you want to generate a new seed phrase upon arrival at your destination and move your stack to the new wallet with a new passphrase. Even if your seed phrase gets stolen en route, it would take the thief some time to brute force your passphrase, hopefully longer than the duration of your journey, so you can move your stack before they manage to siphon it off.
You could also move your stack temporarily to multi-sig and move each seed phrase using a different channel (e.g. carry one with you on a plate, xor another with a passage from a book then GPG-encrypt it and send it digitally etc.)
What would be the most practical way?
I would follow a pattern like this:
  • Prepare all secrets (seeds, descriptors, passphrases, etc).
  • Encrypt in a secure, airgapped environment.
  • Store the encrypted contents online somehow.
  • Cross the border.
  • Decrypt on airgapped machine in destination, proceed with life.
The specific details (how to encrypt, how to create the secure env, how to store online, etc) can change, but that's the general drill.
Darth's cats picture is an example of this.
reply
reply
I expect these kitties to one day be as famous as Laszlo's pizzas.
I'm curious Darth: do you know how strong the cryptography on this pic is compared to, say, SHA256?
I just thought it would be funny to repeatedly pull this image up everytime some FUDster goes around saying "Bitcoin will end because <insert your favourite cryptographic function here> will soon be broken by <quantum computers/jesus/the fall of the roman empire>".
reply
Sent you a SN DM over LN with an explanation. We can't reveal here in plain sight all teh secrets to grifters.
how strong the cryptography on this pic is compared to, say, SHA256?
I think it can be compared. Nobody broke that until now. But the strength is not in the cryptography but in hiding it in plain sight: the attacker will NEVER know which one is the real one. So let them waste their time looking for empty files. ๐Ÿ˜‚๐Ÿ˜‚๐Ÿ˜‚๐Ÿ˜‚๐Ÿ˜‚๐Ÿ˜‚๐Ÿ˜‚๐Ÿ˜‚๐Ÿ˜‚๐Ÿ˜‚
reply
deleted by author
reply
One of my substack guides contain 12 words from a 1BTC wallet. That guide is posted on multiple servers. Please find the words if you can. I can travel wherever I want just with empty pockets. Nobody knows where are my BTC.
reply
Hey Darth, in the middle of the night my child woke up and seems he may have pneumonia. Moments like this make me realize I'm sick and tired of my idiot fiat boss. While he sits with me, recovering from his cough in my lap, I tried to do a script, very naively optimistic to take your 1 BTC from your guides to compare them with the BIP39 word list. I have vouched that if I can take that 1 BTC I will quit my job at the fiat mine and try to get a bitcoin-only paid job (tried last time for a few months, got a few interviews, but failed in the end and ran out of gas. Now I have much more savings and I can try again).
Unfortunately, as you can see just a single of your guide can contain even 70 words (!), which made the effort a bit futile. I tried with a few iconic guides and iterated to see if the checksum adds up, but no luck.
I also created my own bounty some time ago (https://bitcoin-crossword.com/) and I was actually quite happy when someone earned the 1,000,000 sats bounty, so if that's the case with you, I am asking here for any tips. Bizarre or not, all are welcome.
โšก๏ธ me@pay.handsomelatino.com
reply
But why do you want to take my 1BTC instead of just hard working? And also you want me to give you clues to find them LOL
That is an example of hard it is to take it, is not a bounty or a donation or a give away.
reply
Ah, sorry, I thought it was a bounty. My bad. I love to work hard and already do, but also love fun challenges.
You're right, it's amazing that even with the information you just gave us, openly available out there, it's near-impossible to find that 1 BTC. I did something similar with a much smaller stack in case something happens and I need to flee -- knowing it might represent a big amount in the future.
Changing subject what tool do you recommend for image steganography? I tried a few command-line ones but wasn't super convinced, I thought the UX could be seriously improved and thought about making a tool myself.
reply
the https://openstego.com works just fine.
reply
Please find the words if you can.
Have you lost them?
reply
I'd just go set up my life somewhere else, create a new wallet/backup there. Travel back to original country, then send BTC to wallet in foreign country. From there I'm free to move whenever, without travel risk.
If it came down to an emergency move, coming after me specifically, one trip only, leave in 24hrs type thing....yikes. I guess I'd go with borderwallets method.
reply
Border wallet is made for this. It's a pattern to a key that will indicate your seed words. Humans remember images way better. Worth looking into.
reply
Memorizing anything is only as good as your memory. A passphrase may be easy to memorize (you can use strings that only mean something to you while still maintaining a good amount of entropy), but seed phrases are much harder
That's a few words... the ancient Greeks already knew how to memorize that with mnemonics. Personally, if my mind wasn't able to handle that, I'd give custody of my coin to a third party, I wouldn't consider myself trustworthy any more.
reply
Luckily I still trust my memory enough but I try to practice repeating the seed in my mind every now and then. It's just like a little mantra that makes me feel empowered.
reply
Traveling with all of your backups at once seems to be the focus of the challenge here, because a stolen or confiscated hardware wallet isnโ€™t likely to be drained of funds before youโ€™re able to transfer to a new wallet via your backup.
In the end, if it were me, Iโ€™d need to move funds to a new wallet.
My process would be: securely encrypt the seed phrase, store the seed phrase in a password manager, memorize the decryption key, and (possibly stenographically) store the decryption key in something physical Iโ€™m traveling with. Then, once I arrive safely, transfer funds to a new wallet and store the backup as I did before so that none of my funds are currently touching the internet in any way.
In other words, temporarily trust in cyber security but still air gap the decryption key (essentially enforcing a kind of MFA), and then go back to a pure air gapped set up.
I typically advise against keep any seed phrase in any digital form - but that's for long term storage. Using solid cyber security practices is an acceptable short term risk
If you use collaborative custody multisig, this is all significantly easier, and you donโ€™t have to set up a new wallet - youโ€™ll just have to take more than one trip. Thereโ€™s literally ZERO risk in traveling with one wallet and backup at a time.
reply
Use a tapsigner & you will have no issues at the boarder.
reply
This is why I don't like steel plates or hardware wallets. It's just another layer of abstraction and risk. Personally, I generate multisig keys on a never-been-online raspberry pi, encrypt them with GPG, distribute them in encrypted online backups with Shamir Secret splitting of the GPG secret key that go out to friends for another layer of multisig. This makes it so that I always have access to them in case of a fire, or if I move, as long as my multisig partners are alive (and I have enough redundancy to handle some loss of partners). This also protect me from the $20 wrench attack (who can buy a wrench for $5 these days?)
reply
I would bring seed in paper say in my wallet or somewhere close to me, put behind passphrase for purpose of trip, assume the seed was compromised by tsa or what not. Then move btc to fresh wallet once landed and settled.
reply
Interesting problem. Reminds me of that puzzle of the farmer who has to ferry a dog, chicken, and bag of corn across a river without them eating one another.
First assume the following backups:
  • x2 seedphrase in anti-tamper bags
  • x1 passphrase in anti-tamper bag
  • passphrase memorized
Assume all are currently stored securely in country A, and you wish to move them all to country B.
The most important things are that a) All secrets are never in the same place and b) Both seed backups are never in the same place (single point of failure). With this in mind I would do the following:
  1. Travel to B with seedphrase backup #1. Check anti-tamper seal then move it to secure location #1.
  2. Travel back to A. Travel to B with seedphrase backup #2. Check anti-tamper seal then move to secure location #2.
  3. Travel back to A. Travel to B with the passphrase backup. Check anti-tamper seal then move to secure location #3.
Not terribly practical with the repeated trips, but this seems safe to me. I've assumed a passphrase that cannot be bruteforced (6-8 random words).
And yeah, you could do something similar with multi-sig.
deleted by author
reply
deleted by author
reply
That could work, but still I'd be carrying it on a physical item that could break or get lost or stolen. Potentially a lot to put on such a thin line.
I'd feel safer having more redundancy and possibly storing parts of it online with a mix of several layers of obscurity (which steganography is) and/or encryption.
reply
storing parts of it online with a mix of several layers of obscurity (which steganography is) and/or encryption.
The bitcoin bockchain is the most secure and reliable "cloud storage". You could store the seedphrase inside a file directly on the blockchain using Ordinal Inscription. You would only need to remember a 6-digit Ordiginal ID for accessing that file.
You could start by creating a password-protected 7-Zip folder. Inside this folder, you can place a VeraCrypt password-encrypted vault. Within the vault, you can store an image file that utilizes steganography to hide a long text containing the seedphrase. You can keep adding more and more layers of encryption and obscurity.
It's highly unlikely for anyone to crack crazy complex setups like this. Even if someone were able to break through, they would still need to know the passphrase of the seedphrase to access your sats.
OR, you could do what DarthCoin did.