pull down to refresh

Let's talk a bit about how to prudently secure your 24 words.
I have an idea that may be judged as too complex for some, or not secure enough for others - but I want to throw it out there and get a discussion started.
The idea is:
  1. Have 24 words, split them into two pieces of 12 words.
  2. Securely encrypt one set of 12 words and store it online
  3. Elaborately encode the other set of 12 words (something simple, but just not plaintext)
  4. Keep the encryption passphrase and the encoded set of 12 words physically
Physically distribute the encoded set of 12 words + encryption phrase (e.g 3 locations) and digitally distribute the encrypted set of 12 words (e.g 5-6 locations). Optionally store digital words in hard-drives locally too.
This is basically security through obscurity, which is frowned upon in security circles but I argue is decent enough to protect you from the types of attacks that are most common for a normal pleb.
If a very sophisticated attacker is targetting you specifically, you may get rekt - but any other scenario you should be fine.

Protection

There are numerous attack vectors for your keys, these are the ones I want to protect myself the most from.
  1. Random house break-in/maid-attack (e.g someone knows I have wealth, be it in crypto or not -- and breaks into my safe/finds a cold wallet with words loaded on it/finds the seed phrase)
  2. Fire/Damage/Loss - you should not lose your sats if you lose a piece of hardware, a piece of paper or your house in a natural disaster
  3. Relative/"friend"/"significant-other"/etc. - someone that you trust should not be able to easily get ahold of all of your wealth - e.g in an event of a break-up, etc.
  4. Third-party risk - a website/service going down/being seized by the government should not result in you not having access to your crypto (self-custody!)
  5. Third-party hacks - something being hacked (e.g service/exchange/etc) should not result in you not having access to your crypto.
  6. Confiscation risk - eg while travelling and crossing borders. Borders are high-risk areas. You have little rights in borders (at least temporarily) - travelling cross-countries is very risky.

Elaborately-encoding your words

Helps so that if any random person finds them (e.g you lose them while moving house / burglar steals them randomly), it's unlikely to ever get mapped to the real 12 words.
This also gives you the confidence to spread them to other physical locations (friends/relatives/banks) with more confidence because even in the event of them being leaked - it's unlikely anyone will be able to decode them.

Discipline

  • Do a quarterly audit.
  • Never load up your 24w on a computer - always use a hardware wallet and enter them only through there
  • Do not decode your 12w on a computer - use a piece of paper
  • Store the setup (encoding protocol, online locations of words and etc) in a couple of places
Are there any obvious downsides to this?
reply
it is in the metadata or the image itself?
reply
openstego.com
reply
steghide says it's encrypted-so probably not worth the time
reply
I assume you did it on an air gapped computer.
Amazing idea!
reply
It's an interesting idea - it basically puts more obscurity into the mix -- but the underlying question of how you store the picture and encryption password seems the same?
reply
I also put 12 words in one of my guides on https://darthcoin.substack.com. In plain sight. Find the words if you can and grab the 1BTC wallet.
reply
What is the public key for that 1 BTC?
reply
I agree with Lopp that it makes more sense to just store the 24 words unobfuscated in a durable medium and just focus on securing that.
The more you complexity you add to the recovery process the more likely the funds can get lost forever.
reply
Interesting, what about using something like Casa?
I guess it's the same as the 2-part 12w split with some added benefits/disadvantages.
reply
Yep, seriously considering Casa or equiv.
Specifically, building on @lunabrokein2022's thread...
Do you guys think 2-of-3 multisig with the one as 3rd party 2-part 12w split is an overkill?
reply
How you store your local 2 keys (2-part 12w) is the equivalent problem OP is trying to solve I think, so you're only adding an extra failsafe on top of it
reply
Cool, thanks dude.
reply
So if I understand correctly your setup would be 12 words + encryption passphrase, and 12 words + encoding method.
This would be similar to a 4-of-4 multisig, which isn't a scheme commonly recommended due to the lack of redundancy. If any of those parts are irretreivable for whatever reason, then your funds are toast.
Consider the main threats to losing your funds. These are:
A) Backups are lost / destroyed B) Restoration method lost (complexity) C) Backups are stolen
You've covered C, but seem rather weak against A and B due to the large number of parts and using a non-standard method.
Look into standard backup schemes and evaluate whether these cover your bases. Chances are that they are more than adequate. You can use a seed + passphrase for example (which also offers plausable deniability), or a 2-of-3 multisig (redundancy). Keep it simple.
Look through Lopp's guide for more info: https://blog.lopp.net/how-to-back-up-a-seed-phrase/
Also, consider how easily your funds can be retreived by a beneficiary in the event of your death.
Hope that helps. Be careful. Oftentimes funds are lost by the user, not by a thief.
reply
Thanks for the thorough reply!
I do acknowledge that funds are often lost by the user, so I have been careful to err on the conservative side when setting this up, trading off security for redundancy. I stayed a year with this setup while having the words loaded in a hw wallet too.
I see 12 words + encryption passphrase as one unit, because they're always kept together. That is stored in 3 physical locations as I mentioned.
The other 12 words (2nd piece out of 3) are kept in 4-5 digital locations.
The encoding method is also stored in 4-5 digital locations. It is also easy enough to remember, so can be brute-forced by me if I forget the exact details of it. I think this solves B) pretty well.
As for A), I think a replication factor of 3 is sufficient - although I can certainly improve it a bit further (e.g even bank custody) given that even those words can be encoded. The encoding I really like because it opens up a lot of practical applications that I otherwise would have been uneasy to do (e.g storing plaintext 12w at a bank, at a friend's house, etc.)
Look into standard backup schemes and evaluate whether these cover your bases.
Thank you, I will research more into that and really dive into Lopp's post -- this is the second recommendation now.
reply
That’s twelve different potential safe places to leave your secrets. That’s a lot.
reply
This is easier and just as secure.
reply
Came to post this too. It's such a genius solution.
You can post the entropy grid all over the Internet and you're not compromising the security of your seed.
Create indestructible physical copies and digital copies you can access anywhere. If you ever need to suddenly leave your home and don't have time to take the physical copy, just get access to the digital copy once you're safe.
It's good practice to also use a passphrase, and then all you need to remember is the shape your seed phrase makes on the entropy grid and your passphrase.
reply
Yep. It’s a great solution!
reply
0 sats \ 1 reply \ @u 9 Oct 2022
u do u
it’s a good thing
reply
thanks u
reply