pull down to refresh

857 sats \ 36 comments \ @jasonb 4 Dec bitcoin

WARNING: The ideas in this post are still half-baked and the conclusions quite dangerous to experiment with if I'm wrong. I'm only sharing this now to get feedback about the concept and am not yet recommending anyone try to make a wallet this way for any reason.

From Chicken to Bacon

I was listening to today's video by Matthew Krater during lunch as I typically do just to catch some of his savagely droll humor. Someone was pretending that the Satoshi wallet was compromised, but all of the BIP39 words were somehow related to KFC. Krater used it as a springboard to discuss how that BIP works and when it came about. These thoughts brought me back to the "bacon" wallet. @newnym first told me about this 24 word BIP39 wallet that is nothing but the word bacon 24 times. Pretty neat, eh?

Like any normal person might do when first hearing about such a phenomenon, I've since devoted my life to studying the bacon wallet. As one might expect, it's covered in bots. People occasionally drop money to it's addresses (presumably while closing their eyes and making a wish), and it looks like it's gone in seconds. Duh. But, as Krater points out for any naive noobs, the bacon wallet would be insecure even if it's seed phrase wasn't known to the public. There's just too little entropy.

Border Wallets

Meanwhile...are you familiar with Border Wallets? Dude, it's so cool. The idea is that you have a fake BIP39 phrase that can create a spreadsheet. You also have a shape that you remember in your head. The combination of that shape and the spreadsheet reveals your actual keys. ...or something like that. It's pretty simple to do but harder to remember if you don't actually need it. I had fun learning the process but currently don't need that particular option for my security.

Border Wallet Alternatives

...but maybe you do. And maybe future me will too. So here's my thought. As awesome as border wallets are, what if the border guard is hip to Border Wallets? Well, you've got your passphrase too maybe. The amount of things to remember is mounting up. There needs to be enough alternatives to this that no one border guard could possibly have the time or inclination to learn them all.

Introducing the HALF BACON WALLET (TM)

This is what I'm hoping to get feedback for today. The premise of the half bacon wallet is that one first generates a truly random 12 word BIP39 phrase:

Obviously, don't use the one pictured, it's now compromised.

Then, you start all over with a 24 word phrase. The first 12 words are the original 12 phrase that was generated randomly. The remaining 12 words are all one word that you pick, as an example...bacon! It can be any word on the BIP39 list and this time, can actually be one that you pick that's easy to remember.

In the event that this doesn't generate a checksum, as it likely won't you start with word 13 and start replacing the last 12 words with the original 12 words as well, until you get a checksum. If you end up finishing with two identical sets and don't have a checksum, start replacing the original 12 words with your special word.

Obviously, don't use the one pictured, it's now compromised too.

This is what I had to do with the example list above. If, after all of that, you don't have a checksum, just generate a new random 12 word set. I tried this a couple of times and didn't have to go that far.

What's the point?

So now, if you're in a bind, you have a new way to carry your bitcoin in your head. The 12 word list is kept physically. It can be used as a decoy wallet with some funds. The one word serves as a second level passphrase. You keep it and potentially a passphrase in your head. The nice thing is that you don't even need to remember where your special word ends or begins. You just iterate the same process until you hit a valid checksum.

Change my Mind

The big question is, am I missing something about how entropy words in key generation? If so, please let me know ASAP! It seems to me that by having those 12 randomly generated words in their randomly generated order, that the organization around them shouldn't make the wallet less secure, but I'm also not the brightest bulb in the batch...

Entropy = or < any Bip39 12 word wallet50.0%

Entropy < any Bip39 12 word wallet50.0%

2 votes \ poll ended

view all related items

1 reply \ @jasonb OP 5 Dec

🤦‍♂️ Oh, I’m just now seeing why the vote has been so confusing. The first option should read equal or GREATER THAN…

0 sats \ 0 replies \ @jasonb OP 5 Dec

Anyway, I feel way more confident about it being at least as secure as a normal, randomly generated 12 word phrase at this point.

36 sats \ 26 replies \ @DarthCoin 4 Dec

Nice meme! LOL you don't even bother to rotate the text hahahaha

For me 12 words are the same secure as 24. btw In one of my guides I put (just) 12 words from a wallet with 1BTC. Good luck finding them !

26 sats \ 8 replies \ @jasonb OP 4 Dec

Nice meme! LOL you don't even bother to rotate the text hahahaha

Thanks!

For me 12 words are the same secure as 24. btw In one of my guides I put (just) 12 words from a wallet with 1BTC. Good luck finding them !

I was hoping you'd chime in. I definitely want people that are way down the rabbit hole looking at this. With this setup, I'm thinking folks will basically be able to have a 12 word wallet, but it has, more or less, an ADDITIONAL passphrase because it has this one word added to it over and over again in the form of a 24 word wallet.

5 sats \ 7 replies \ @DarthCoin 4 Dec

I am still trying to find out why aezeed seed have 24 words.

Can you explain me a bit the 2 choices you put in the poll? Still trying to figure it out which one to choose, are quite confusing.

It is an interesting post anyways.

3 sats \ 6 replies \ @jasonb OP 4 Dec

Yeah, this is hard to explain, but I really think I’m onto something here that has a specific use case to travel or just really physically insecure situations.

I’m proposing that the user makes a 12 word phrase but then recreates it in a 24 word context with one word they intentionally pick filling in the rest of the places. Now they can carry a paper wallet with the 12 word phrase. Of course, they don’t want to expose this, but if they do, the border guard opens it up and finds a decoy wallet. Meanwhile, they get to their destination and only need to have remembered the one word that they combine with the 12 word phrase to generate the real 24 word keys.

My fear is that the 24 word wallet isn’t actually as random as I’d guess because about half of it wasn’t generated randomly, but rather made in a way similar to the “bacon” wallet.

50 sats \ 2 replies \ @nym 4 Dec

You start with 128 bits of entropy from the 12 words, which is the standard for a 12-word BIP39 seed phrase. A 24-word seed phrase typically has 256 bits of entropy. While your approach wouldn’t lower the entropy of the original 12 words below 128 bits, the repetitive pattern you’re adding reduces the overall entropy significantly below 256 bits. The security of your 24-word phrase is closer to that of the original 12-word seed, with added complexity but no significant increase in actual randomness.

3 sats \ 1 reply \ @jasonb OP 4 Dec

This is great! This is honestly the kind of confirmation I was hoping for. I knew it wouldn’t have as much entropy as the 24 word phrase, but 128 ain’t no joke, as I understand it. I was just thinking there may have been some element that I hadn’t thought of.

50 sats \ 0 replies \ @nym 4 Dec

If you put some satoshis in there as a decoy wallet for the 12-word phrase, just make sure the transactions aren’t linked to your actual stash. You could use Boltz.exchange to swap some sats earned from Stacker News a few times.

50 sats \ 2 replies \ @DarthCoin 4 Dec

But I have a simple question: Why do so much trouble with keys inside other keys, just to give to a dumb border guard a decoy wallet or even give them a reason to search, when you could just send a nice email letter to your mom, inserting just the fucking 12 words into a 1000 words letter text and ONLY you know the real position of the words for your seed? So you cross a border with empty pockets and fuck'em'all...

I did such thing a s test in 2016. In an airport. Just me with nothing on me. They asked me: sir, did you declare something else?" I said: "yes I carry 12 millions fiat coins with me, is that a problem?" I said "fiatcoins" just to fuck around with them, thinking that I carry a shitload of money...

They were definitely nervous because I had nothing on me. Seeing them in a complicated situation, I told them: all is in my head...

Then I just walked away.

Later I stick this nice BTC sticker on their billboards... just to fuck around more.

When I see people carrying with them obvious HW that even the dumbest airport guard knows what is it, I just laugh. Carry nothing, give them nothing. Be smart and use smart ways to hide your stash. Even the shitiest USB stick can carry an encrypted seed.

21 sats \ 1 reply \ @jasonb OP 4 Dec

So yeah, that was a brilliant tactic. I just want to compile as many ideas as possible like this so folks have options when they end up in these type of situations. I liked how my idea was a little simpler than the border wallet, but this is simpler still. You obviously just want to make sure the email is preserved! Haha

Now I’m even more curious where you are from and now live. Obviously will probably never learnt that though.

0 sats \ 0 replies \ @DarthCoin 4 Dec

Imagine you are at the airport with a bunch of images on your phone. Each image is a wallet with a steganographied seed inside.... Absolutely nobody will have the idea that each picture could have 100 BTC inside. Cats pictures, or with you and your family at the beach. Fuck'em.

0 sats \ 16 replies \ @Satosora 4 Dec

Hey, you were always on me about publishing my address. And you go put it in your guide lol

10 sats \ 15 replies \ @DarthCoin 4 Dec

12 words seed is NOT a public address LOL ! I put 12 words from a seed in plain sight but people cannot see it because are too blind.

0 sats \ 14 replies \ @Satosora 4 Dec

People still havent figured it out and taken the bitcoin?

10 sats \ 13 replies \ @DarthCoin 4 Dec

people don't even read those guides and don't know how to use a LN wallet and you want them to find 12 words?

Here... another example, please take the 1BTC (if you can)

0 sats \ 1 reply \ @south_korea_ln 5 Dec

If I download the image from here, it gives me an avif image. Is this the original or is there any chance things would get lost in compression (metadata, layers, etc)?

0 sats \ 0 replies \ @DarthCoin 5 Dec

Yes, using steganography, you must keep the original file. Once you make a copy or share it online it get compressed and altered, the steganography inside is gone.

I post it just as an example so people will dig more into this easy solution. But yes, indeed, you must be careful with the original file and have also copies of that seed in another places, do not rely only on that file.

Imagine having a digital picture frame on your desk, with some nice images with your family. Those could contain each one a wallet seed, for example. And nobody will know it.

0 sats \ 10 replies \ @jasonb OP 4 Dec

Dude! Holy shit. Maybe not all of us can unmask steganography, but there are some pretty savvy stackers here. I hope you don’t really have a Bitcoin imbedded in that pic in a way that can be decoded by humans.

50 sats \ 1 reply \ @DarthCoin 4 Dec

It is real. No joke.

0 sats \ 0 replies \ @jasonb OP 4 Dec

!!!!

reply on another page

0 sats \ 7 replies \ @nym 4 Dec

It's been there for years

43 sats \ 6 replies \ @DarthCoin 4 Dec

I even put signs and people still don't get it...

This "treasure" is there under that rock for 8 years... nobody touch it. I go there to check it and after 8 fucking years is still there. UNBELIEVABLE ! They just have to grab the QR code and scan it.

view replies

50 sats \ 1 reply \ @Signal312 5 Dec

Have you seen this idea - EasyWallet? It's similar to your idea, but looks easier.

Check out this stacker.news post on it from earlier this year: Introducing easywallet: a simple and secure brainwallet

Basically, you have a 12 word seed phrase, consisting of the 1st word in the BIP39 list, repeated 12 times, the same word.

Then you have a passphrase, consisting of 7 of the BIP39 words. Perhaps not good enough for a long term stash, but definitely good enough for an emergency situation. He has a good write-up of the details in the post.

0 sats \ 0 replies \ @jasonb OP 5 Dec

I have NOT seen that yet. It not only looks simpler, but is explained in a much clearer fashion than I did. I’d love to compile all of these ideas in some sort of anti-border guard resource database.

11 sats \ 3 replies \ @freetx 4 Dec

Those are some cool ideas, however why not just use 12 words + passphrase.

Here is a wallet with 100,000 sats in it

robust own donate other small can prize essence source setup visual similar

11 sats \ 2 replies \ @jasonb OP 5 Dec

Nice! More buried treasure in plain sight!

I think it just gives more levels of decoy wallets. “Ok ok, here’s the real stash.” This way if you’re only remembering one word instead of remembering multiple paraphrases and you still have both the paraphrase wallet and the half-bacon wallet…or even one that uses both.

Maybe not super practical in normal life, but if I was in a last-scene-of-sound-of-music situation, I’d want to have as many options as possible to stuff my sats as deep as possible in a hole that I could keep in the minimal amount of brain space.

0 sats \ 1 reply \ @Bell_curve 5 Dec

Kentucky is not an approved seed word

Neither is most of the nato phonetic alphabet like bravo or Charlie or kilo

11 sats \ 0 replies \ @jasonb OP 5 Dec

Yeah, you could use anything for the passphrase word, but the “bacon” replacement word would have to be on the BIP39 list.

0 sats \ 0 replies \ @Bell_curve 5 Dec

I saw the same video. That’s how I learned about Kentucky