Bitcoin Forum

We are still in quarantine and to avoid going out we watch movies or series to entertain ourselves.
A friend recommended me to watch Prison Break telling it was an excellent series, and so I did.
Season 2 Episode 7-8 Origami Codes from Scofield to Dr. Sara Tancredi being decoded.
It hit me that perhaps we could use this to hide our seed phrases for addition of security.

Let's start.
Seeds are phrases mostly so it could also be coded with the use of dots.  ;D
Requirements: An old phone. Turn off dictionary or autofill.

You will need numbers to assign where it would be pressed.
Let's use the one applied in the series as an example.

7   3  6  3 3  9    8   6   8  7 - the keys
... ..  ..  .  .. ....  ... ... .. ....
3   2  2  1 2  4    3   3   2  4 - the amount of press for each key
R   E  N  D E  Z   V   O   U  S

For our seeds, we need 12 words which will be a lot of codes.
We could just simplify it.
Example:

5...6...9...2.5... = loyal
3.3..7....5.. = desk
2..4...5..3.. = ?
7...3..7....6...8..7...2...3.. = ?

And so on...
Its old school and new hackers will have a problem breaking it. I hope.

It could also be used for private keys.
How will we input a number?
Try this: 2....0..3.... = 203 (when you press "0" once it will be space)
How about big letters?
Try this: #2..#2.#4.
Let's try combining them.
2....#2..3...4....0..9.....#8. = 2Bf409T

The only problem left is number 1.
We could use 1=1
Using the same example above we will add "1's" just to show it.
12....#2..3...4....0..19.....#8.
Since there is no 12 or 19 in our keypads you just drop the "1's".
12Bf4019T

Note: Be careful putting the dots.
I made errors while doing this just my missing 1 dot.
Double or triple check it if necessary.

Security by obscurity (https://en.wikipedia.org/wiki/Security_through_obscurity) is never a good idea.

You are not encrypting your information, just encoding it. You might as well use the binary notation.
It does not increase the security.

Okay then. Should I just delete it?

Delete what? This topic?
No you shouldn't as long it is in the biggenners board and the first reply below it is clarifying things for you and for other readers as well. I can even thank you for sharing your thoughts here as it's made for good willingness.
You may just edit it with mention to the reply made by bob123  :)

Btw, afaik you can't delete your own topic in this board.

The method could be good only if you share it to somebody you trust 100%.
Why good? Because if somebody finds the paper you wrote this down, the chance he'll understand what's that is smaller than if it's a plain text seed.
(So I'd say you can leave it if others want to use this method or adapt it).

But one has to share the info (the method) with somebody else because it's (somewhat!) like something password protected: if you lose your memory, most probably nobody else will be able to access your funds. And maybe you have family that should be able to access them if you need expensive medical help, for example (especially if you have "life changing amounts of money").

No, i was just making a point regarding this:


Such a method definitely has a use case, just as steganography too.
But it doesn't make your data more secured. That's all i tried to point out.

I've read similar methods to this one like how they will jumble the order of the seed phrases are and them only knowing the combination. And to be honest I don't like the idea of messing around the order of the seed phrase as it could really screw me up if something happened bad with it. In your example where you would alter the input of your old phone there is no guarantee that it will be set that way, phones can malfunction especially the old ones and if you don't have any backup for you to decrypt your combinations then you are basically screwed.

I'm quite sure this could easily be cracked by someone who knows how to write a script (or program).

If I see a paper with 24 rows of numbers and dots on it, I'd have to assume it's for a Bitcoin seed so completely ignoring the dots, I know that the rows contain:

- 5 digits
- 4 digits
- 4 digits
- 8 digits
- (..)

Which shrinks down the randomness by a significant amount of words (for example, if there are no 7 digit rows out of your 24 then I can exclude any 7 letter word out of the dictionary) and the possible combinations of words become way less.

And then there are patterns.. for example, the ones I have underlined, bolded or underlined & bolded in the quote above. They're easy to create a pattern out of.

I agree with the above. It makes it harder for you and someone you trust like a family member to get access to the money and to a thief who has days to crack your seed it's going to be just another puzzle.

Can you imagine your mother decoding it? Who would do it faster your mother or a group of 20 year old thieves who robbed your house and found the code?

Security is important but backing your seed on a piece of paper isn't even if you encode it. You'll be safer with an encrypted or password protected file.

no it can not. this is a very well known method of translating (or encoding) words into numbers and any half wise attacker can figure it out within 10 seconds of seeing the numbers written down. https://en.wikipedia.org/wiki/Telephone_keypad
there are also loads of tools that can be used to do the translation in a blinking of an eye which means it has zero security.

Thank you.
Yes, there is a delete key when you are the OP.

I forgot that was there. I used "hide" a lot here.
Or perhaps it was the right word to complete the sentence.


That's the default set-up of an old phone here in the Philippines. I have tried other phones like Nokia 3390 before made in Finland, purchased in the USA and it has the same default keys and usage.
The difference will happen with Sony Ericsson old phones and Motorola I think.
Yeah, maybe I should have input Nokia as the default phone being used.
But this is just for private keys hiding.
The seed phrase hiding is for any phone.
The rows were intended for example purposes only.
You could create your own style to make it not look like 24 rows.

there is a delete key probably because starting post is still a comment like others and being the one who wrote it forum shows you the button. but when you click it, it can not be deleted instead you will see this error message "You cannot delete your own topics in this board." (tested this on my own topics in other boards).

I don't see anything wrong with it, in fact, it just shows a way not to hide your private key this way it can help newbies and others who don't know this method don't work, don't delete it and just make it as a reference, I myself discover a lot of helpful links on this thread.

If we go back 20 years, I was able to touch type on phones like this much like many people can touch type on standard QWERTY keyboards. I think I could probably do about 20 words per minute, and could type entire paragraphs without looking at my phone once. I was certainly not the only one, and if I saw a code like this written down not only would I understand it immediately, I could probably decode it in a matter of seconds simply from memory without even having a reference.

As pointed out above, this is bad way to store your seed phrase. It's probably worse than storing it in plain text, as it gives a false sense of security and may lead to someone storing their seed phrase in a less secure manner, falsely believing it to be "encoded".

All these homebrew schemes are likely to backfire and cause the user to lose access to their coins. Special ink might degrade over time, you might forget in which book or on which pages the seed is hidden, which can really screw you over if you have an emergency that requires you to take your seed.

Where is the security?
I don't see any security here:
Confidentiality: Your mnemonic code is not encrypted. It is visible for anyone who looks for it.
Integrity: Anyone can change your mnemonic, append new words, delete words etc.
Availability: Books are not known for being very resilient against water/fire etc.

All you did was to hide your mnemonic.
Same could be applied by writing it on a piece of paper and putting it into the drawer.




Despite of the lack of security (as mentioned above), what about an accident (e.g. a car hits you) ?


There is nothing against hiding secret information. But you shouldn't exclusively rely on that to secure your information.

How are you going to refresh it if you don't have your seed backed up the correct way - on a piece of paper with regular ink? You open the book, shine a UV light on it, and find out half the words are now unreadable. Hopefully you do this during a routine check and not because you need to recover your coins, which are now lost forever. Some UV ink will degrade within weeks or even days. If someone opens the book and exposes it to natural light, it will fade even faster.

This method is not worth the risk for the tiny additional protection it grants.

It's not bad when you have your own idea in hiding your seeds and private keys, but I am not in favor in using an old phone. You know why? It's because it may be vulnerable to system corrupt and it lets you force to do factory reset data.

Trust me, I've been there. My phone was corrupted and some of my seed phrases and private keys are there and cannot be recovered. Luckily, I have activated Google Cloud drive to back them up before it happened. But still, it's not a good idea to store them in a phone.

For me, it's still writing them on a piece of paper or notebook in exact order and put it somewhere safe. Not just one paper though, make sure you have a few pieces of that with your private keys or seed phrases.

I usually wanna do more than one piece of paper with private keys and seed phrases, because if something happens to me later on, at least they can be a family inheritance. You know what I mean?

Yes, it is. As this topic shows, people are bad at coming up with secure methods for protecting data. If you want to store some data securely, then encrypt it. There is reason that encryption is the global standard used by every half-serious tech company or user, and not everyone coming up with their own methods of encoding data like OP has done.

Did you read OP's post? There is nothing stored on the phone. He is simply using the keypad as an encoding method.

Backing things up on cloud servers, email accounts, or any other online storage is a terrible idea. You are exposing your seed phrase to an unknown number of servers in an unknown number of locations, which can be accessed remotely or physically by an unknown number of people. This kind of storage is frequently hacked. I suggest you move all coins out of those wallets immediately.

I guess you could make your own encryption to your seeds or private key so that even if the hackers find a way to get your files where the encrypted private key saves you it may still not going to be hack as it is encrypted.

You could code your encryption or maybe create your own application that could encrypt and Decrypt your own password. It seems not to be a good idea or not recommended but I guess it might work for some cases.

And yet, does your method not protect the confidentiality of the information.



And yet, does your method not protect the Integrity.

Your method does not increase the security of your data (https://en.wikipedia.org/wiki/Information_security#Key_concepts).

What about this one :

You have a ledger or trezor.

You engrave your seed on a steel plate (many options available on the market).
You add a passphrase
You put your steel plate in a bank Vault (like a proper vault, that has been here for a couple of hundred years without any breach).
You write your passphrase in your will, let with your lawyer.

Case 1 : you die. Your heirs have access to the vault and the lawyer gives them the missing 25th word.
Case 2 : you break your ledger, you go to your vault, you go to your lawyer and you have your backup
Case 3 : the vault is breached (unlikely), well, that will definitely be in the news, and you have your ledger, you move your coins to a different wallet ASAP.
The thieves will need days to test all the possible passphrases (especially if you have large entropy). And usually, bank robber are not crypto experts.
Case 4 : someone rob you and take your ledger, they only have 3 chance before wipe out.
Case 5 : someone does a $5 wrench attack, you unlock your ledger (without the  passphrase) no one is supposed to know that there is a passphrase (plausible deniability).


Anyone is seeing serious flaws here?

Complete trust in the bank or vault operator. Further, when you die, depending on your jurisdiction it might not be as simple as your heirs going and opening the vault. The vault may have to be opened by the bank, and the contents passed to lawyers to take a full inventory of so the contents can then be distributed according to your will. There are quite a lot of intermediaries in that process who may be able to get their hands on your seed. I would consider encrypting it first and storing the encrypted seed in the vault.

You are also trusting your lawyer to store your passphrase safely and securely (and not go out of business) for 30, 40, 50 years.

And of course, bear in mind that the plausible deniability of a passphrase only works if its existence can be plausibly denied. That means no obvious blockchain links between your standard wallet and your passphrased wallet, and enough funds on your standard wallet to justify the ownership of a hardware wallet. If your standard wallet is completely empty, it raises a strong suspicion that there is something more to be found.

Things we need to avoid while storing the Private keys are -

• Never keep your private keys/seed online.
• Never store the copy in a cloud, on pc or phone.
• Never print on a paper or take a photo of a seed.

We can store the seed using a paper wallet, the cheapest, and the best way to hide the seed. For stronger security, we can use Cryptosteel metal to store the seed.

Is there any flaw if you were to put a laminated seed inside a bottle and then buried the bottle in the backyard or inside a large pot?

Unless you sell your lot completely forgetting the fact that you have buried a seed under the ground or you tell your friends where the "secret bottle" is located, I don't know what else could really go wrong: a house fire would not affect it if you bury it in the right place, no scanner or metal detector will ever find it and a thief won't start digging your garden whatsoever.

Might be the oldest way of hiding some valuable things, but I have a feeling it's giving the least headache overall.

How can you claim that storing the seed printed on paper is insecure, while at the same time recommending a paper wallet?

Storing the seed on a piece of paper is not insecure by definition. However it depends on the thread model, as always.
If an evil maid scenario is possible for you, storing it in plaintext on a piece of paper is insecure. If your physical storage however is safe, that's not the case.

Depends on the bottle. You'd need to make sure the cap was totally waterproof and airtight. The glue used in lamination can last decades if not exposed to the elements, but it will eventually break down, and exposure to water or moisture will expedite that. There are specific water and moisture proof tubes you can buy which would be better than just using an old drinks bottle, for example.

In terms of what else could go wrong - depending on where you live, you may need to bury it in the middle of the night to avoid any neighbors seeing you do it. You may also need to hide the evidence that you've dug a hole in your garden, and disguise it as part of larger garden work, a new flower bed, or something similar. Be sure there aren't any cables or pipes which run under you proposed burial site - you don't want it being discovered by a contractor trying to repair a leak.

This set up alternative way to safe private key is good but seriously I don't understand the whole process. Looking difficult to understand. You made mention to delete the thread, No this isn't good, others may learn from it, use and practice it on a daily basis and will work basically.

Other ways to safe keys too have been written here as shown above, I think if I keep to that side would be more better for me  for better understanding. Thanks anyway for your shared idea.

Same issues with diamonds, bearer share, family heirlooms...  A lot of very very rich people are trusting them, and they have been keeping secret/wealth of centuries.


This is a good point, I believe that in my case I might need to change a few things to ensure a smoother transition between vault and heirs.
But no inheritance taxes where I am and pretty straightforward dealing with estates. Encryption is definitly needed to make sure that no one can have a look or take photos while it is being handed to heirs.

yes and lawyer have contingencies for this, how do you think that will are stored?



Very true, only a fool would have an empty wallet and try to hide a juicy wallet with a passphrase.

Sure, but it still involves trust. Lots of people were trusting Mt Gox. Lots of people were trusting Lehman Brothers. Lots of trust doesn't mean too big to fail.

Again, yes, but how do the contingencies work? Making copies of the documents? Scanning them and storing them electronically? All this involves more people handling your passphrase and more additional risk.

Not saying your set up is necessarily bad, but it is worth considering all potential flaws.

You are right, but nobody is disputing that here and this makes your post not to be online with the topic. There are different methods we can store private keys, I can encode my private key the way I like, but I will advise before to follow standard ways of encryption rather than brain work.

If you print your seed on a paper, it may leave a file on the system(PC or Laptop) where you are printing which is not safe. Writing seed on a paper using a pen is also safe.


I have just added a note that we need to avoid a few things before thinking about how to store the private keys securely.

So, do you usually write down a paper wallet including the private key and the QR ?
Seems to be quite a lot of work.

Printing can under some circumstances leave traces, that's true.
Old print jobs might be accessible long time after the print job is done.

That's why it is recommended to print from a live booted USB distro and to use a non-network printer with storage for print jobs.
You can use a printer without leaving traces, but a few extra steps have to be made.

No, we can write the private key but not the QR code.

Printing without leaving any traces can be done. This would be safer! As you said, an extra step needs to be taken care and they should know the steps to remove the traces.

you can actually write or rather draw the QR code too. QR codes are just a big square that have small dots filled or empty to create the "picture". and for a private key with 32 bytes it won't be that big. you could also play around with the encoding (eg. use base43 or use all uppercase in bases like base16 that let it) and reduce the size even further.

in any case if the plan is to write down the key it is best to use an HD wallet and write down the mnemonic since they are words and easier to write down by hand compared to writing a key base58 characters.