|
Title: Is a single s 12 word seed and passphrase really enough to protect life savings? Post by: offnr on July 13, 2024, 01:01:32 AM From what I understand a 12 word seed generated with high entropy dice rolls, and a strong passphrase is strong enough security for most people. As a newby I am slowly rolling in funds into my wallet and getting more paranoid.
At what point does this setup ever not become sufficient? Is it a certain threshold of btc? Something else? Just spitballing here. Pls halp Title: Re: Is a single s 12 word seed and passphrase really enough to protect life savings? Post by: logfiles on July 13, 2024, 01:15:26 AM So long as you safely back up the seed phrase. It's safe.
Just practice proper wallet back up techniques (i.e. avoid copying and pasting, avoid taking screenshots, avoid storing the seeds online...) and also make sure you access your wallet using a clean air gapped device. There's no threshold on the amount of BTC you can put there, except for the current circulating supply. But If the Bitcoins is really a lot, I would split it up in a couple of wallets (if you understand the talk of not putting all the eggs in one basket), but this would also mean more responsibility on the back-ups. Title: Re: Is a single s 12 word seed and passphrase really enough to protect life savings? Post by: Poker Player on July 13, 2024, 03:03:56 AM In the title you talk about life savings. If that's all you have and it's a large amount (not like $30) you shouldn't have it all in one place. If you have a net worth of hundreds of thousands of dollars it is normal to have it divided between the value of your house or at least your equity in it, liquid money (in cash or in the bank) for unforeseen events, and then if you want, just bitcoin, but it won't hurt to have other assets as well. So if something happens to you with the 12 words you have plenty left.
But even if you have a lot of Bitcoins, like 200, I don't think it's smart to have them only in a single HW. Better to have several, with their seeds properly hidden in different places, at least one with a multisig system. Title: Re: Is a single s 12 word seed and passphrase really enough to protect life savings? Post by: pooya87 on July 13, 2024, 03:04:57 AM You don't need to use "dice rolls" to generate an entropy and call it secure. A computer generated entropy (and seed phrase) is secure enough and 99.9% of bitcoin users who want to use a deterministic wallet are already doing that without any problems.
What determines whether or not your funds are safe are: 1) The tool you used to generate the seed You should use safe software that is open source and is reviewed by experts so that it is bug-free and old enough to have found and fixed overlooked issues. Popular wallets like Electrum are excellent for this purpose. 2) The environment in which you generated the seed phrase For maximum security you want to use an air-gap system to generate, like a computer that has never been connected to the internet. You could use a live Linux without any internet access. 3) Correct storage of your backup and correct future uses For example you want to write down your seed phrase and keep that paper in a safe place outside of the reach of others. Also in future usages (like when you want to spend some coins) you also want to do it in an air-gap system because your keys should never "see the light of day" so to speak. Title: Re: Is a single s 12 word seed and passphrase really enough to protect life savings? Post by: SilverCryptoBullet on July 13, 2024, 03:20:11 AM From what I understand a 12 word seed generated with high entropy dice rolls, and a strong passphrase is strong enough security for most people. With different word set for your wallet mnemonic seed phrase, you will have different entropy.https://learnmeabitcoin.com/technical/keys/hd-wallets/mnemonic-seed/ 12 words: 128 bit 15 words: 160 bit 18 words: 192 bit 21 words: 224 bit 24 words: 256 bit BIP 39: Entropy and word length. (https://github.com/bitcoinbook/bitcoinbook/blob/develop/ch05_wallets.adoc#generating-a-recovery-code) With 2128 to 2256 private keys to find, it's very safe, no chance to brute force private keys. You only need to use an open source and non custodial wallet that creates your wallet mnemonic seeds with 128 or 256 bits of entropy. It's safe enough to use especially with 256 bits of entropy. You can create your wallet mnemonic seed with bigger than 256 entropy but there are only 2256 private keys. Quote How Much Entropy Do You Need? BIP32 allows seeds to be from 128 to 512 bits. BIP39 accepts from 128 to 256 bits of entropy; Electrum v2 accepts 132 bits of entropy; Aezeed accepts 128 bits of entropy; SLIP39 accepts either 128 or 256 bits. The variation in these numbers makes it unclear how much entropy is needed for safety. We’ll try to demystify that. BIP32 extended private keys consist of a 256-bit key and a 256-bit chain code, for a total of 512 bits. That means there’s a maximum of 2512 different possible extended private keys. If you start with more than 512 bits of entropy, you’ll still get an extended private key containing 512 bits of entropy—so there’s no point in using more than 512 bits even if any of the standards we mentioned allowed that. However, even though there are 2512 different extended private keys, there are only (slightly less than) 2256 regular private keys—and its those private keys that actually secure your bitcoins. That means, if you use more than 256 bits of entropy for your seed, you still get private keys containing only 256 bits of entropy. There may be future Bitcoin-related protocols where extra entropy in the extended keys provides extra security, but that’s not currently the case. The security strength of a Bitcoin public key is 128 bits. An attacker with a classical computer (the only kind which can be used for a practical attack as of this writing) would need to perform about 2128 operations on Bitcoin’s elliptic curve in order to find a private key for another user’s public key. The implication of a security strength of 128 bits is that there’s no apparent benefit to using more than 128 bits of entropy (although you need to ensure your generated private keys are selected uniformly from within the entire 2256 range of private keys). There is one extra benefit of greater entropy: if a fixed percentage of your recovery code (but not the whole code) is seen by an attacker, the greater the entropy, the harder it will be for them to figure out part of the code they didn’t see. For example, if an attacker sees half of a 128-bit code (64 bits), it’s plausible that they’ll be able to brute force the remaining 64 bits. If they see half of a 256-bit code (128 bits), it’s not plausible that they can brute force the other half. We don’t recommend relying on this defense—either keep your recovery codes very safe or use a method like SLIP39 that lets you distribute your recovery code across multiple locations without relying on the safety of any individual code. As of 2023, most modern wallets generate 128 bits of entropy for their recovery codes (or a value near 128, such as Electrum v2’s 132 bits). Title: Re: Is a single s 12 word seed and passphrase really enough to protect life savings? Post by: lovesmayfamilis on July 13, 2024, 05:54:41 AM If you are careful in storing your seed phrase, then you should not think of anything else or be afraid. People often forget about the importance of saving their data, and then begin to blame Bitcoin for its insecurity. There is no need to worry that your seed phrase can be selected using the selection method. You would rather win a big lottery prize several times than have your seed phrase hacked.
Title: Re: Is a single s 12 word seed and passphrase really enough to protect life savings? Post by: satscraper on July 13, 2024, 11:48:07 AM From what I understand a 12 word seed generated with high entropy dice rolls, and a strong passphrase is strong enough security for most people. As a newby I am slowly rolling in funds into my wallet and getting more paranoid. At what point does this setup ever not become sufficient? Is it a certain threshold of btc? Something else? Just spitballing here. Pls halp I kinda like the passphrase added to SEED phrase. As a matter of fact a 12 words SEED along is enough to guard your stash safely unless this SEED in the hand of the stranger. Thus to be on the safe side It is a good practice to guard the wallet by SEED enhanced with passphrase, the latter must be kept separately from SEED. To keep your SEED and passphrase you may use both primitive (based on paper, washers etc..) and sophisticated methods. The latter are commonly rely on encryption. One of them, end then 100% airtight defence, is described here (https://bitcointalk.org/index.php?topic=5494771). |