Absolutely not.

It is not the manner in which you use a brain wallet which makes it inherently unsafe (although using any wallet in an unsafe manner is a risk), but rather it is the very concept of a brain wallet which is unsafe. Humans are not random. Humans cannot be random. Even if you think you are being random, you aren't. Coming up with your own password, passphrase, seed phrase, whatever, in order to generate a wallet, will absolutely result in a wallet with less entropy than you think or that you want. There is a reason that all good wallets generate seed phrases randomly and all good password managers generate passwords randomly. Anything you come up with yourself will not be secure.

All it takes is someone else to come up with the same string as you did, and all your coins are lost, regardless of if you used an airgapped device or not. Using a string of a single number or word, or even a string of words from a book, movie, song, etc., will almost certainly result in your coins being stolen. There are dozens of bots out there continually watching entire databases of addresses composed of hundreds of thousands of brain wallets, just waiting to steal any coins sent to them.

It is not a bug, but rather intended behavior: https://github.com/spesmilo/electrum/issues/6860

And if you are using some centralized Binance operated shitcoin, then your choice of wallet is almost meaningless as far as holding your own keys goes. It doesn't really matter if you are using an open source wallet in which you have personally reviewed the code and you are running it on a permanently airgapped device with full disk encryption, when the centralized owners of the chain you are using can still just freeze your addresses or seize your coins at any time regardless.

It's not convenient, but if the alternative is losing everything, then it is preferable. It doesn't have to be the only copy of your seed phrase - obviously you can keep one close by which is convenient to access should you need to - but any back up which is safe from catastrophes in your local area will by necessity be inconvenient for you to access.

Good quality stainless steel of a reasonable thickness would survive just fine, especially something 2" thick as you suggest.

If a 1000 ton building collapses, then that full 1000 tons will be spread out over the entire area that the building collapses on to, which will be the footprint of the building plus more, since the rubble will fall in all directions. An average steel plate is maybe around 10 square inches, a tiny fraction of the total footprint. And as I said above, Lopp's stress testing shows that such devices can easily withstand 20 tons of pressure. To have 20 tons of pressure on 10 square inches, you would need all 1000 tons of the building to collapse on to an area less than 2 foot by 2 foot, which is obviously crazy.

In which case no, there is no point in even trying. The data from this wallet file is lost.

Unless you have some other copy of this wallet file somewhere, or you have some other method of recovering the individual private keys you imported, then I'm afraid your coins are gone.

And if you don't tell them what it is or where your encrypted seed is located, then how will they recover it after your death? Either you tell them your whole set up, in which case you are trusting them just like I trust my wife, or you don't tell them the set up, in which case you run the risk of them never being able to recover your coins.

If you don't have a family member you can trust, then there are trustless ways to set up inheritance, such as by using timelocked transactions. This is a better solution than giving out passwords in envelopes.

Leak it over the entire internet, as they've done with plenty of data in the past? Store it in plaintext, as they were caught doing with users' passwords for 14 years? Or maybe just shut down the service you are relying on, meaning your data is lost forever.

Because she is not an idiot. If she is at risk of falling to such a low level scam, then so is everyone on this forum and nobody's bitcoin is safe. Not to mention that it would be significantly more difficult and time consuming for her to collect all the necessary back ups to start emptying various bitcoin wallets than it would be to log in to a fiat account and empty it out.

Of course I also have a number of wallets which are used on a regular basis with frequent transactions, but such wallets are obviously not my main cold storage wallets and do not contain large amounts of funds. These wallets would be the first to go in the case of a $5 wrench attack. If an attacker is unsatisfied with such wallets and keeps going in search of a cold storage wallet, then I can hand over one or more such cold storage wallets which instead of being filled with regular transactions have the transaction pattern I described above - one or two deposits followed by months or years of inactivity. And as Pmalek said, the compromise of any of my wallets provides absolutely zero clues as to the existence of any other wallets.

And actually I just recently lost all my wallets once again in yet another unfortunate boating accident!

All I would add is that it is better to do all of this offline rather than exposing your private key to the internet and entering it in to random websites to convert it to other formats, which puts you at risk of having your coins stolen. Once you've converted to hex locally, then you should download and verify bitaddress from its Github page and run it offline in order to turn your raw hex key in to a WIF key.

Electrum is also a good choice for importing individual private keys. You should obviously then sweep all the funds within to a more secure wallet.

Binance are currently "in negotiations" with regulators about their illegal activities and secret transfers, so expect some kind of punishment and fall out from that. They experienced the largest single day outflow of money since the collapse of FTX earlier this week. Their stablecoin, BUSD, is struggling to maintain its peg under regulatory pressure and some users are not able to cash out. I wouldn't call that flourishing. I would call that a warning sign to get your money off their exchange and in to your own wallet.

Hacked/stolen KYC data is very cheap, and money launderers do not have to spend much at all. The hacker who stole KYC data from Binance for example was selling it on the dark net for a rate of between 1 and 5 USD per 1,000 documents. 5 bucks for 1,000 identities.

Redundancy and off site storage.

A stainless steel metal plate of sufficient thickness will likely survive an earthquake or a building collapsing on it without significant damage. Jameson Lopp has tested many such devices under a 20 ton hydraulic press, and devices which are simply steel plates hold up very well under such conditions (any device with moving parts such as tiles, not so much). You can see the results of such stress tests here: https://jlopp.github.io/metal-bitcoin-storage-reviews/. However, having your metal plate survive is not much use to you if it is buried under several tons of rubble and you will never find it again. Similarly if you are in a tsunami region, your metal plate will survive just fine, but is no use to you if it is buried under rubble a kilometer away from where you stored it and you will never see it again.

So you need redundancy. This means more than one back up, so if one back up is lost you have others you can rely on. And these other back ups need to be geographical separate, so if a natural disaster affects your city/town/village you have a back up in a different city/town/village which is unaffected.

Based on what evidence, exactly? Trust Wallet is closed source, so you have absolutely no idea how good or otherwise its security is. It is also a hot wallet, meaning it is one of the least secure wallets you could choose to keep your coins on. And given that it is owned and operate by Binance, who have suffered numerous security breaches over many years leading to both the loss of coins and the theft of private data and KYC information of their customers, I wouldn't be placing much faith in its security at all.

There is literally no good reason to choose a closed source wallet, especially not one owned and operated by Binance.

I assume you are getting that error because Electrum cannot decode the encrypted data because the plaintext contains invalid characters.

The only way to open this file with Electrum will be to replace the plaintext with the original data that it wrote over. If you are unable to recover this data with a data recovery tool, then the only option would be to bruteforcing the missing data. This will be relatively easy if it is just a few characters, but more likely it will be completely impossible if the plaintext is several words of text or more.

You could also try looking for some software which could try to decrypt the partial data you have remaining and see if anything useful can be recovered.

In that case yes, it sounds like the wallet file is encrypted and has been partially overwritten by plaintext. If the plaintext is making reference to Apple, then it definitely doesn't belong there.

Do you remember the password you used to password protect the Electrum file? If you know the password, and the corruption is minimal, then you might have a very small chance of recovering something useful. But if a large part of the data is written over, or you don't remember the password, then you are almost certainly not going to be able to recover anything.

As far as I am aware, pywallet is only for bitcoin core wallet.dat files.

The wallet files will be the same up to the point where you added the password to one of them.

When you add a password on a Bitcoin Core wallet.dat file, the keypool is refreshed. This means that all existing key pairs and addresses will remain the same, but any new ones you generated with the encrypted wallet file will be different to those generated by the non-encrypted wallet file. You can use the non-encrypted file to spend any coins from addresses which are common to the two wallet files, but any addresses you generated in the encrypted wallet will not be reproducible in the non-encrypted wallet. Your only solution for any such addresses will be to bruteforce your password.

You can find this data very quickly using Blockchair. For example, here is a list of all the blocks mined yesterday: https://blockchair.com/bitcoin/blocks?s=id%28desc%29&q=time%282023-02-17%29. They have an API you can use, but there is a cost associated with its use.

They do also have free data dumps of this information which you can download from here: https://gz.blockchair.com/bitcoin/blocks/

You can find them here: https://github.com/spesmilo/electrum/blob/master/electrum/bip39_wallet_formats.json
Scans 14 in total - all the usual ones you would expect, plus a couple of unusual ones from specific wallets.

It does now, after I opened an issue about lost change last year: https://github.com/spesmilo/electrum/issues/7804

The way it works is that it scans the first derivation path on the list above for any transactions on either the first 20 receiving addresses or the first 10 change addresses. If it finds some transaction history, then it will recover the entire wallet, and it will also increment the account number by 1 for that specific derivation path and check that wallet too. It will repeat this process until if finds an empty wallet, and then move on to the next derivation path on the list above.

Assuming your string takes the same format as OP's, then the solution is given above in the posts from pooya87 and myself.

• Take your base 64 string.
• Decode it, and you should end up with a Base58 string.
• Convert that back to the original hex, and strip off the first byte and last bytes to end up with a 64 character raw private key.
• Convert that to a WIF key and import it in to your wallet.

Are you opening it with a text editor? And you see data including some reference to Apple? What else do you see? Is there any plain text which makes reference to "seed", "xprv", "keystore", or "keypairs"? Or is there just a bunch of random looking characters (uppercase, lowercase, numbers, and + and /)?

If it is plaintext, you might be able to extract something useful. If it is random characters, then it is encrypted and so the chances of recovery are almost zero.

Which services which demand KYC are flourishing? In terms of centralized exchanges we've seen dozens collapse with insolvency, bankruptcy, or outright scams over the last few months, and those which haven't collapsed laying off huge chunks of their employees. And in terms of fake peer-to-peer exchanges which demand KYC, we've seen LBC shutdown and Paxful volume falling.

If you want to actually trade peer-to-peer, then you can use an exchange like Bisq which gives you complete privacy and complete security over your coins, does not require any KYC, and does not require you to deposit any money to a centralized wallet. I see no reason to use something like LBCs which provides you with zero privacy, zero security, frozen accounts, seized coins, and leaked/shared/sold data.

Sure, but when we can generate P2WPKH vanity addresses significantly more easily and more quickly than P2PKH addresses, then why even consider generating P2PKH vanity addresses? Hell, why even consider using P2PKH addresses at all anymore? All good wallets default to P2WPKH address, and several wallets won't even generate P2PKH address without some work around now. I haven't used one at all for a couple of years, and before that I only used them when withdrawing chips from ChipMixer.

The only benefit I can see for legacy addresses is the standardized signing mechanism, but this is trivial to overcome by just using Electrum.

Thank you for the very generous offer! Every year I am disappointed that I must decline the physical prizes due to my long held stance on privacy.

Can I donate the cost of printing/shipping my print to making one for ChiBitCTy instead?