This seems like a good way to encrypt and embed your seed phrase in an inconspicuous file. Anybody have any experience with this? Any warnings or advice?
Steganography is weak for cyber security. Computers are very good at beating steganography. It’s fun and can have legitimate uses outside of computers, but it’s simply no match for a hacker.
TL;DR - The security of this method is reduced to the integrity of the computer or device used for encryption (where the seed was inputted in plaintext! Yikes!) and the security of the password. If someone wanted to steal your bitcoin, you would lose.
Some detail:
1) Hiding the ciphertext in an image:
If your camera was lost or stolen, whoever ends up with your camera likely won’t find your seed. Only a hacker would think to scan the photos for extra data. *If they find the ciphertext, it should be uncrackable, but hold that thought (see point 3)
If someone was really coming for your bitcoin, they’d go for your computer.
2) The compromised computer:
When you engrave your seed into metal directly from your hardware wallet, the chances that someone “hacks” your wallet are the same as the chances of picking one specific atom out of the entire universe.
Keep reminding yourself of this fact as you read this. Because…
The moment you type that into a computer or phone, all of that security is reduced to the integrity of that device.
a) remote hacks:
You need to be 110% sure that device is not compromised in any way. Keyloggers, spyware, malicious or compromised third party apps, etc…. And you need to do this every time you encrypt AND decrypt.
In case that doesn’t sound too bad, here are some recent problems Apple has had:
Again, compare this to “one atom out of the entire universe”.
Don’t type your seed into an internet connected device.
b) physical access:
If a hacker stole your computer (or phone), all they’d have to do is scroll through your terminal history, and your seed will be found in plaintext [echo "your passphrase" >seed.txt].
But let’s say you deleted your terminal history (you’d need to delete all of if, because your entire hiding process can be found there as well). Scanners should be able to find data hidden in images, and other forensic techniques would help as well. Steganography is weak against hackers.
3) The ciphertext:
Let’s say you’ve done all the right things all the way up to encryption.
You’re a security expert and have ensured the integrity of the device used for encryption. You’ve scrubbed the entire encryption process so if that device is stolen, a hacker wouldn’t be able to find the plaintext seed anywhere.
Now the ciphertext of your seed is stored on an SD or phone or computer or cloud. A hacker MAY be able to get your ciphertext, but you should be fine because they shouldn’t be able to crack it, right?
Well, that’s the question. The security of your seed has now been reduced to the strength of the key (password) and your ability to keep that password safe. (remember the atom)
You’ve got a whole new list of password security “right steps” to take. It needs to be unique (not used ANYWHERE else), it needs to be long, it can't contain personal details, etc... Keep in mind, the entire point of this steganographic method was ease of use. You want your password to be something you can easily memorize. But too easy means brute-forceable in the event that your ciphertext is compromised. And too hard means you might forget it, and that defeats the whole purpose.
punchline: steganography is fun, but don't type your seed into a computer
the real solution: use 2 of 3 multisig! Ideally collaborative custody multisig with a company like Unchained. It eliminates all single points of failure, and you don't have to try to come up with clever ways to keep your backup accessible. Keep your bitcoin via hardware wallets and metal backups. Never have to use a computer. Zero chance of hacks. Zero cyber security hoops to jump through.
For this use case, where I have a file, need to travel, do not want to rely on there being connectivity at my destination, and do not want anyone at the border or wherever to know that I have this file, ...
First, you need to differentiate short term vs long term storage.
Long term storage should not be digital, at all, even when using steganography. There's a reason steganography is not a consideration in cyber security. It's simply fun challenge for a hacker.
That being said - if you're needing to escape a dangerous situation and need to be discreet about your bitcoin, there are lots of ways you can do this - but this is the important part. Move your bitcoin to a new, long term wallet as soon as you're safe and able to do so!
To answer your question - assuming there's a need to escape with your bitcoin as inconspicuously as possible - there are lots of options that might not involve typing a seed phrase into a computer. If you don't want to use a brain wallet (which is understandable), you need to be creative and come up with a method that's only known to you. AND (this is also important) - you need to walk through your recovery steps several times to make sure you don't accidentally brick your wallet. Steganographic methods aren't bad as long as you're not using a computer - unless you can 100% ensure your device has not been compromised in any way.
If you think there's a real possibility you may need to escape with your bitcoin, it would be good to establish an analog method of doing so, but not execute it until you absolutely have to.
And, if you absolutely insist on using a computer, I'd wipe the computer after using it to hide your bitcoin in some clever way, and then wipe the device used to recover your bitcoin on the other end. And then finally, transfer to a new wallet that's never touched the internet once you're safe.
Maybe keep the majority of your coins in 2 of 3 with engraved seed plates, but you can keep an emergency fund in a separate wallet with steganography. Furthermore, you can write more than your seed phrase. Perhaps a short essay where you know the seed phrases are hidden in it. I think it has some usefulness.
I think you're seriously underestimating the number of vulnerabilities and zero-days that most devices have. Only digitally store bitcoin you're willing to lose.
It's not difficult to scan an essay for seed words and try all possible combinations.
Per my response above, if you want to be prepared to escape with your bitcoin in an emergency scenario, secretly establish a method to do so, and then transfer that bitcoin to a new air-gapped wallet as soon as possible once you're safe. And if possible, do this without ever having to type your bitcoin into a computer or phone.
The point of metal plates w/ 2 of 3 multisig is not that it’s 100% impossible to find a metal place, but that if one is found, you have enough time to transfer your bitcoin to a new wallet before another can be found.
This is further strengthened with collaborative custody multisig vaults via companies like Unchained.
Having two metal plates in different locations (ideally hours apart) isn’t a perfect solution, but it means a thief has to physically travel to two locations and spend hours trying to find two needles in haystacks without any leads and without your knowledge.
Keeping a digital backup does nothing to improve your security - it only reduces it. Hacking your computer can be done without your knowledge, and there are plenty of forensic techniques (many of which are automated and take seconds) a hacker can use to sniff out your seed.
Solo thieves aren't the only attack vector. There's also federal agencies, etc. to consider. You're ignoring these considerations to avoid admitting any possible need for any trade off.
I know the point is not to make it impossible. But with the decreased threat of theft comes the increased threat that you will not be able to retrieve your coins. You're ignoring the trade off.
Option A is more secure at the expense of accessibility. Option B is more accessible at the expense of security.
Hiding a secret with a secret is like hiding the key of a safe in another safe whose key you hide in a third safe etc...
In the end one still needs the encrypted seed phrase and the key. Moving 1 out of 1 security to 2 out of 2 security increases security while decreasing safety. It's a linear correlation.
I'm not sure this is 2 out of 2, assuming you keep your seed phrases stored in different locations.
This method allows you to safely carry a copy digitally. So you can leave your steal plate in your home safe, but still access your corn if you need to.
1) Hiding the ciphertext in an image:
2) The compromised computer:
a) remote hacks:
b) physical access:
3) The ciphertext: