Bitcoin Forum

Where do you store your cold wallet? A safe in your house? Also, where do you store your backup recovery phrase? Seems risky to store them both in the same place right? Fire could take both out.

Inside a safe in a bank perhaps? And inside of that safe why not another safe? I suggest having at least two places to store them, both highly secure and that you are the only one that may know about it.

Perhaps one of them should have instruction to contact your next of kin if you go missing / don't login into the service (bank perhaps) for more than 1 year... This would be handy in a sudden death scenario,but then again, you can also leave it stated in your will I suppose ...

This is a very important question, which is not discussed often. Everyone doesn't have a safe, although if you hold a huge amount it could be wise to invest in one, if it makes you sleep a little bit better.
Without a safe, an individual ideally has secure spots where they keep valuable possessions and documents, these could be a good place to store your cold wallet, they should be well out of reach to anybody else and only accessible to you.

You can make multiple backups, although not too much so as not to lose track, two seems like a safe number. One can be kept with you in a different location but well within reach in case you need to import your keys quickly; the other should be stored in a different safe location such as a bank, etcetera.

This is one of the advantages to having a multi-sig wallet where you need multiple keys to sign a transaction instead of just one. Having a single key represents a single point of failure. Of course you still need to manage your keys in a multi-sig setup, but you don't risk ruin if you happen to lose one of the keys (if for example you had a 2 of 3 setup which means you have 3 keys but need only 2 to sign a transaction).

Lots of options to think about in terms of security. A bank deposit box, safe, home of a close relative, multiple physical locations, etc. Think about the tradeoffs between security and accessibility (more secure may limit accessibility, more accessibility may limit security).

Multisig wallet is only good when there are many people that needs to handle a wallet, a good example is a company that want to have a bitcoin wallet that needs to be handled by many people, the company can have a multisig wallet in a way two or more users can be given different private key. In this case, if any of the private key is compromised, the bitcoin on the company wallet can be sent to another wallet which they have just newly generated without anything happening.

If you have a multisig wallet, do you know the transaction fee is higher than normal wallets? That aside, many people will still have to do the backup together which can make the multisig wallet to be hacked at ones if hackers have access to the backup.

There are many people making use of cold wallet backup and yet their wallet is safe, because the backup if private key and seed phrase are offline, they are still one of the safest wallets to use.

I just got mine recently and I shove it up my ass and carry it everywhere with me.

But if I had any substantial amount I don't know what would feel safe to me. What are your experiences when carrying more crypto? Multiple wallets and redistribute evenly between them? Or are there any safer ways? Maybe some VIP package for wallets that make them safer? Thanks in advance for the reply.

Dilute your finances into as many offline, air-gapped wallets that never touch the internet and you're alright. If you fear that the risk of losing one wallet is too much for the amount stored on it, split it up. If you want redundancies in your seed/privkeys then that's up to you, but it's a security risk.

Depending on the amount, you might even want to start memorizing seed words rather than recording them down in tangible forms.

---

I know that Trezor T uses Shamir Backup as an option: https://trezor.io/shamir/


Alternatively, check out some of those fire-resistant steel options for recording down phrases and strings (for privkeys)

I'm glad you've got your thinking cap on. Very few people consider the risk of natural disasters.

A first step you could take is implementing fire and water-resistant housing. The "Cryptosteel Capsule" (https://cryptosteel.com/) is the most popular solution I've seen.

A cheaper means to the same ends is to store encrypted copies of your backup in multiple physical locations. You could keep one in your safe at home, one with a trusted family member, one in your safe deposit box at the bank, etc.


I wouldn't risk trusting memory. Mine has devolved so much just in the years I've been using Bitcoin. I no longer have any faith in my ability to remember 12 words in specific order for any significant period of time. And then there is the risk of things like head injuries too.

I prefer the idea of hiding words in plain sight, using means of pattern recognition that only you -- and not an adversary -- can recognize.

Are the bank have a duplicate safe key? if yes, I won't keep it there.

I won't be carrying in my pocket, if I have a few balance, I will buy a hardware wallet where can connecting to my mobile phone.

Multiple wallets are good but you must keep each seed.

You should actually keep multiple backups of your cold storage wallet.

You can use the 3-2-1 method for your cold storage wallet:
Keep 3 copies of your wallet, in at least 2 mediums of storage, and have at least 1 copy of your wallet off-site (in a different location).

1. Etch the words in [1]steel
2. Store the backups in 3 places
3. Optional: use a 2-of-3 [2]Shamir backup

---

[1] https://blog.lopp.net/metal-bitcoin-seed-storage-stress-test/
[2] https://cryptosteel.com/splitting-the-secret-the-case-for-shamir-backup-with-the-cryptosteel-capsule/

Thank you for the quick replys  :) I will definitely be looking into getting more physical wallets and doing it like that, taking the approach one would during smart investments, not to have all of my eggs in the same basket. Memorizing safewords is a neat trick and definitely doable for some people, but that would not work for me. I also have some crazy ideas on how to store it, but that might be pushing it a bit.

It's incredibly risky. I'd argue that having your back up in the same physical location as your wallet is hardly a back up at all. The only thing it fully protects against is failure of your wallet, and does not fully protect again theft or any natural disaster, be it fire, flood, explosions, hurricanes, what have you.

I don't disagree about a single point of failure, but I prefer not to use multi-sig set ups (unless required between multiple people) due to their inefficiency, both when creating and signing the transaction, and in terms of the size of the transaction and the fees you pay. If you are worried about a back up of your seed phrase being a single point of failure, then I would prefer to add a long and complex passphrase backed up separately, or encrypt my seed phrase before backing it up and again, back up the decryption key separately.

Although metal based back ups are good, I wouldn't buy a Cryptosteel Capsule. Although it performed fairly well under stress testing (https://jlopp.github.io/metal-bitcoin-storage-reviews/), the price tag of $80 is completely unnecessary. You can walk in to any hardware store and buy a piece of stainless steel to etch your words on yourself for under $10, with the added advantage that you don't have to give your name and address to a company which only manufactures crypto-related products, since the recent Ledger hack has shown how dangerous that can be. Note that the sister product, the Cryptosteel Cassette, performed poorly under stress testing.

I would say a word of caution here: There are countless posts I have responded to on this forum from users who came up with their own "ingenious" way of storing/backing up their seed phrases, and two or three years later cannot remember their process and are unable to access their coins. It is better to use tried and tested industry standards such as proper encryption than it is to come up with your own system which will be both less secure and harder to recover.

I have my phrases back up into 3 different papers which are scattered into different places. Carving it into dog tag and making it like an accessory is one that I've seen the last time which was suggested too.

I'm focusing on the 1 backup that I have which I'm storing in a safe place that I know.

Just for the purpose of a safer backup, you don't necessarily need a multi sig wallet.
This just makes any transactions bigger in size and therefore more costly.

I mean, that's definitely an option and better than a single point of failure. But i'd prefer a secret sharing scheme over multi sig as a backup spread between multiple locations if N out of M pieces should be required.

The upside is that you can basically store any sensitive information that way. Private keys, mnemonic codes, passwords etc..
And always the property holds that if someone has N-1 shares, no information about the secret is leaked.

You can simply store only the seed, maybe scrambled or encrypted, maybe not. But how and where, it's up to each and everyone's choice. It can be on the back of your favorite painting, it can be on crypto steel buried near your favorite tree, it can be in a bank's deposit box.

Especially if one chooses something flammable, but imho in all cases actually, one should store the seed in multiple places/locations. Scrambling or a 25th word is a good addition, but then if something happens to you your family may not be able to benefit of those funds (which may matter to you .. or not).
Of course, it depends greatly on how much is that wallet worth. One wallet for 100$, 1000$ may need certain precautions, maybe 100k others and clearly 1M completely different ones.


I'd add that although I like @mk4 post/links, I am against use of "standardized" methods (Shamir backup). I think that everybody should use his imagination.

The best place to store your back up recovery phrases is to have them;

• tattoo on your body may be on your arm or somewhere more private
• Put it in your memory I have mine in my head that's the most safer place on earth.
• Carving it to something you can easily get access to.

Keep your cold wallet at home locked in a vault.

What will be the first point of focus for thives? It will be the safe in someone's home, this should not be a good place of saving hardware wallet or any other cold wallet, today's thives may not know what hardware or paper wallet is, but they are getting advance, it can even be the point of target in the future, while safe is not good for saving anything these era.

To keep cold wallets, a place very safe and out of reach to theives will be good, cold wallets are not big to the extent it can be noticable, they are very small in a way they can be kept in a place not even known to theives at home, but safe will never come to my mind.

About seed phrase, it is very important to store them in a safe place that will be safe from attackers and damages. That is why I made a topic that people suggested different ways they can store their seed phrase.

https://bitcointalk.org/index.php?topic=5256197.msg54635541#msg54635541

This is why you never keep all your crypto in one wallet. Split your coins up between a number of wallets, using a number of different mediums. Keep some of the wallets entirely hidden, for example by using a passphrase on top a seed phrase which has some coins stored in it, or by creating a hidden encryption volume, and putting one wallet in the non-hidden volume and a different wallet in the hidden volume. If you are a victim of a $5 wrench attack, you can hand over one or even several wallets which each contain a relatively small amount of bitcoin, while your main wallets stay hidden. If you do this, you need to make sure there is no obvious blockchain link between your wallets as well. If the wallet you hand over showed 5 BTC moving in a single transaction to a single address, and the coins haven't moved from that address, then that is a dead giveaway.

This is a terrible idea. First of all, you have to expose your seed phrase to the tattoo artist. Unless you have it tattooed on your genitals, then you will expose it every time you go to the beach, go swimming, go tanning, or even just walk around on a hot day. It also becomes trivial for a $5 wrench attack as described above to be successful. Don't do this.

This is another bad idea, unless you also have it backed up on paper or metal. People naturally forget things all the time, not to mention the millions of people every single day who suffer an accident, head trauma, stroke, aneurysm, infection, seizure, etc., completely unexpectedly, which can result in memory loss. While it might be useful to be able to transport coins across a border, for example, by only remembering your seed, you should never rely on memory as your only form of back up.

Joke's on them - I don't even know the exact sum of bitcoin I own. :P

Well, this is true if you complete KYC at centralized exchanges which hand your details over to your government, if you continuously reuse all your addresses, if you link all your coins together through poor privacy practices, if you do all this without using Tor, and so on. If, on the other hand, you only trade peer-to-peer, you never complete KYC, you never link to your real identity, you always use Tor, you always mix/coinjoin your coins, you never link inputs from different places, and so on, then the chances of your details being in a database somewhere are far smaller, let alone someone being able to accurately link all your holdings together. Sure, if you started doing a bunch of illegal stuff and became a specific target for a three letter agency then I do not doubt they would be able to track down you and your coins, but it is entirely possible to avoid the mass surveillance of the general population that most governments partake in. It's neither easy nor convenient, but it is doable if you are motivated to do so.

There is a thread actually here opening up some cold wallet storage that are fire proof, water proof and the likes. In my case storing cold wallet may be best store in a vault. A fire proof and water proof would be better that if you really storing high number of bitcoins. I can't relate actually for now because I do not hold bitcoin for the moment.

Before, I am using centralized exchange wallet here in our local and store few amount of bitcoin. I did not have worries actually and I just need to use the 2FA so that I will know if my coins will be move or not or if there will be a transfer to be made. So far, I never had the problem with it and I will still use it in the future.

OP, you're basically asking where we hold our lifetime savings :)? Ok, I must admit that place where I keep it isn't safest one. But there is one very important point - keep your cold wallet and recovery seed separately. Keeping it in the same place wouldn't be smartest idea.
And one idea which wasn't mention yet come to my mind while making this post. You can keep your backup phrase buried in your backyard. Use waterproof box or simple bottle or jar. But still, it would be best to use laminated paper in case if something will go wrong.
For me it looks like really bad idea. People tend to forget even more simple things like passwords, phone numbers, PIN codes. While recovery seed basically is just 12 random words - it's not something what is easy to remember. Do you really want to see that you will be able to remember all words in correct order after not using your wallet for year or two? Personally, I wouldn't risk.

If we're dealing with this level of preparedness, then it's no longer a "$5 wrench" - it's a $5 wrench + you fucking up your privacy willingly + you fucking up your digital/analog identity connections + you dealing with a persistent mugging. And if I had the amount of Bitcoin required for someone to dedicate themselves to going to my location with a wrench attack, I probably wouldn't be the type of person who is willy-nilly about his privacy.

If we're at the point where the guy is ready to start torturing you for every last one of your keys, odds are you're not going to survive, whether you give it to them or not.

I have made a settlement with my brother on this by keeping all my recovery phrases as well as cold wallets in his phone which was never used to get connected to internet and not even have a sim card. So even if I die, I'm tension free that he'll manage to withdraw my BTC (whichever I saved but it's not worth too much, maybe some satoshis) and sell them for a great value.

Very often, everything that we so zealously fear will never happen in our life. People go to madness encrypting and hiding their keys. I also agree that you shouldn't be paranoid about this. Those who had bitcoins in its early development and subsequently simply lost the keys may just go crazy about it. But is it worth it? We can all just regret and tear our hairs out, thinking that we did not acquire bitcoins as soon as possible.
Anyone who comes to bitcoin must agree that all responsibility for preserving their coins lies only with him. Otherwise, you need to keep the money in the bank.
The most valuable remedy for hacking is silence. Our language is the best key that should not tell absolutely anyone that its owner owns the cryptocurrency.

This is something I can completely agree with, because in order for someone to steal something from someone in any way, they must first know that someone actually has it. Nowadays, people behave very freely on social networks and practically share their secrets with complete strangers, which then puts them in very awkward situations.

Everyone should keep to themselves how they store their cryptocurrencies, especially if they have some specific/unique way. Bad guys aren't so stupid (at least not everyone) that they randomly hunt down victims, but they closely follow social networks and forums like this and wait for someone to confess that they have x BTC kept in x place - everything else can be found out through social engineering methods.

My advice is to protect your digital life first, and then your physical one as well.

Absolutely right. Social media is an evil that can later harm account holders. By uploading their photos, users forget about such a function as metadata (https://medium.com/@NullByteWht/how-to-obtain-valuable-data-from-images-using-exif-extractors-77feee50531c) . They contain GPS information, date and time, and sometimes more sensitive information. Subsequently, users wonder how scammers find out about their whereabouts.

I am not familiar with IronKey, but I would think it would be possible to copy the (encrypted) contents of the hard drive an arbitrary number of times to allow for additional password guesses.

My understanding is that IronKey meets the FIPS 140-2 Level 3 standard, meaning it stores password hashes and keys in a tamper-resistant module physically separated from the memory component. If the key storage module is physically compromised, the self-destruct feature is engaged.

The standard was developed specifically to address the threat model you described. I think the security threats are still at the theoretical, academic stage.