pull down to refresh

Compared to generating a private key using a website offline like https://www.bitaddress.org How safe is the BIP39 Seed Phrase?
Some time in future if some kind of quantum computing starts to decipher bitcoin private keys. The chances that all BIP 39 bitcoin accounts get compromised is higher
Which might lead to an increase in valuation for bitcoins not compromised in the Non BIP 39 accounts
What do u think?
10 sats \ 3 replies \ @Rex 31 Jan
The risk has nothing to do with BIP39. But using a web page to generate a private key is more dangerous.
reply
  • go to bitaddress.org
  • save the file in your computer
  • go offline
  • randomise and generate the key
  • take printout
  • format the computer
  • you have a virgin bitcoin account ready
reply
21 sats \ 1 reply \ @Rex 1 Feb
The average user cannot be sure that they are linking to a real website and not a fake one.Users cannot confirm whether they are offline. If it is a mobile phone, there will be more problems.Not many people know how to low-level format their computers. Other than that, I don't trust bitaddress.org .
Make a tails OS usb stick. Use tails OS to open electrum and write seeds more easily.
Moreover, it is difficult to use Bitcoin with a simple paper wallet. Do you just think that everyone can add value to Bitcoin without using Bitcoin? Eventually you'll have to enter your private key into electrum, so why not just use electrum from the start.
There are not many softwares that support private key sweeping.
reply
  • electrum need to be used only at the spending time
  • the method described above the public key and the private key is generated offline
  • whatever amount of bitcoin is kept in this account the private key never got connected with internet - it is only in the form of a printed paper
  • private key is exposed to internet only when it needs to be spent
  • useful to store higher value of bitcoin for a longer time span - for regular use other methods may be best
reply
I run it offline and air gapped you can use your seed in say Sparrow and Electrum to check if the addresses match ? if your worried about Entropy use a Passphrase and or a 2/3 or 3/5. But happy I'm with Coldcard/Dice generated seeds as well.
Multisig solves a lot of theses issues.
I would not use a Connected web based seed generator.
reply
but it is BIP 39 why to take the risk i explained in the above post?
reply
You can grab the rolls.py from Coldkite and duplicate what the Coldcard is doing on an old airgapped computer also. This way you don't have to trust using a webpage that generates the code, and you can verify it yourself.
openssl rand -hex 256 |tr -dc '1-6' |cut -c 1-99 | python rolls.py
reply