Exposing seed phrase question \ stacker news ~bitcoin

pull down to refresh

436 sats \ 12 comments \ @aliceandthewonderland 11 Feb bitcoin

If a hacker were to obtain my 12-word seed phrase, could they access my funds, even if my coins are held under a separate account (for example, at the derivation path m/84'/0'/10962462938’)?

Would the exposure of my seed phrase give a hacker the opportunity to steal my funds despite them being in a different account?

view all related items

521 sats \ 5 replies \ @megaptera 11 Feb

Yes it does.

Take care if you do this. This can easy lead to a "shoot yourself" situation as you probably don't know what you did in a few years.

Do not over complicate your setup and do not use obfuscation for security!

0 sats \ 4 replies \ @aliceandthewonderland OP 11 Feb

At least it does buy you some time?? Given that the hacker doesn’t know any info except seed words?

42 sats \ 1 reply \ @Filiprogrammer 11 Feb

If they only had the seed and nothing else, it might buy some time. But if they also have access to a watch-only wallet, then they can see your derivation path, which is usually not sensitive information.

You are better off using a passphrase instead.

0 sats \ 0 replies \ @megaptera 11 Feb

You are better off using a passphrase instead.

exactly

21 sats \ 0 replies \ @megaptera 11 Feb

It can but its not secure and it could lead to loss of funds because your self not remembering your setup. And if you write it down somewhere the "hacker" can find it and exploit it.

I think there are better ways to secure a wallet. (passphrase or multisig)

0 sats \ 0 replies \ @itsrealfake 11 Feb

you're talking about only minutes of time bought in this situation though... it's a matter of iterating over the Accounts, deriving a few addresses and looking for UTXOs not challenge.

7 sats \ 5 replies \ @itsrealfake 11 Feb

yes absolutely

it would be a bit more tricky if you had a passphrase checksum (13th word)

0 sats \ 4 replies \ @Signal312 11 Feb

Passphrase checksum, or just passphrase? The checksum is the 12th word, right?

0 sats \ 3 replies \ @itsrealfake 11 Feb

passphrase ends up being part of the checksum in a passphrase situation. I probably am not using the words correctly.

the 13th word.

3 sats \ 2 replies \ @Signal312 11 Feb

Checksum is the 12th word (or 24th).

Passphrase is on TOP of the 12 words, and creates a different private key. The passphrase does not need to be in the BIP39 word list, it can be whatever you want.

0 sats \ 1 reply \ @itsrealfake 11 Feb

I'm not understanding something...

using the passphrase will create a different checksum for the whole set, correct?

0 sats \ 0 replies \ @Signal312 11 Feb

If you just use the seed phrase, you get one private key

If you use the seed phrase (which still has the SAME checksum, that's just to make sure there's no typos, etc., in the first 11 words) AND a passphrase, there's no separate checksum. But it does create an entirely different private key.

Apparently forgetting passphrases is one of most common problems, in self-custody bitcoin.

reply on another page