Bitcoin Core encryption questions

[apogio]

An encrypted digital backup (wallet.dat) can be replicated much more easily, avoiding the risk of storage failure. (But why not combine physical and digital backups?)

Descriptors were one of the best innovations I've seen in Bitcoin Core, after BIP32. It's a shame it's not very widespread.

Let's be honest, I don't think having 3 encrypted backups of my wallet.dat will ever fail. In order for this to happen, all my backups need to be compromised (destroyed actually), at the same time, or at a small period of time in which I will fail to realize it and take precautions. It's extremely unlikely that 3 digital media will die at the same time and it's also unlikely that 3 locations will be compromised at the same time.

[LoyceV]

I don't think having 3 encrypted backups of my wallet.dat will ever fail. In order for this to happen, all my backups need to be compromised (destroyed actually), at the same time, or at a small period of time in which I will fail to realize it and take precautions. It's extremely unlikely that 3 digital media will die at the same time and it's also unlikely that 3 locations will be compromised at the same time.

Apart from forgetting the encryption password, here's another scenario. First: when you say 3 backups, does that include the wallet you're using? I assume so. So by the time your system fails and you realize you need your backup, you'll only have 2 backups left. You're nervous, not very careful, and before you know it, you have only 1 backup left. Or you messed up one of your backups while you created it.
Do you at least check if you can restore from your backups once in a while?

[apogio]

Apart from forgetting the encryption password, here's another scenario. First: when you say 3 backups, does that include the wallet you're using? I assume so. So by the time your system fails and you realize you need your backup, you'll only have 2 backups left. You're nervous, not very careful, and before you know it, you have only 1 backup left. Or you messed up one of your backups while you created it.
Do you at least check if you can restore from your backups once in a while?

To be honest, I'm doing it but not with my savings' stash.
So, the way I do it is very similar to what I'd do if my whole savings existed in a Core wallet.dat file. I don't do it with my stash because I'm too idle when I need to make changes like this and, at the same time, I'm too used to using the other system that I use.

But, with Core, I'm doing the following:
1. I have the wallet.dat file on an airgapped laptop, loaded in Core, signing transactions.
2. I also have 2 backups in USBs (which is my pain-point). I think USBs are the worst option.
3. Every 6 months, I have set a notification and I load the backups to my laptop to see if the loading happens perfectly. I also create a new backups to my USBs.
4. Every 2 years, I rotate my backups to new USBs. (this step has only happened once, but next summer I'll need to repeat it).

[Forsyth Jones]

I don't think having 3 encrypted backups of my wallet.dat will ever fail. In order for this to happen, all my backups need to be compromised (destroyed actually), at the same time, or at a small period of time in which I will fail to realize it and take precautions. It's extremely unlikely that 3 digital media will die at the same time and it's also unlikely that 3 locations will be compromised at the same time.

Apart from forgetting the encryption password, here's another scenario. First: when you say 3 backups, does that include the wallet you're using? I assume so. So by the time your system fails and you realize you need your backup, you'll only have 2 backups left. You're nervous, not very careful, and before you know it, you have only 1 backup left. Or you messed up one of your backups while you created it.
Do you at least check if you can restore from your backups once in a while?

In my view, making digital or physical backups isn't enough. We need to consider situations in which we're forced to show our backup. Let's say your government becomes a persecutor, an inquisitor, and decides to confiscate your coins. What's the plan of action? I've already given some tips on this, but I think for our own sake, it's best for everyone not to disclose their backup method for their own safety.

There are already countries creating legislative extensions to include Bitcoin and similar assets as confiscatable assets (this is already happening in my country).

That's why it's important to plan your backup carefully and test it periodically to make sure it will work when you need it most.

You don't need to go much further. We know that an encrypted backup like wallet.dat will work if you're truly certain you encrypted it correctly and have control over the password. The same goes for those who make BIP39 mnemonic backups. However, the higher the level of encryption, while improving security, increases the risk of operational error. Therefore, it's essential to start with test wallets with very little funding.

Each individual should self-assess their security based on their threat model.

[kTimesG]

I keep all my keys in a JSON file. Every key is encrypted with an AES-256 master key that's decrypted based on a 8 million rounds PBKDF2 derivation step, similar to how wallet.dat does it.

The JSON is steganographically embedded in cat videos based on chroma subsampling averages of encoded 16x16 blocks, so its agnostic to video transcoding. Everything's up on YouTube for secure backup. Ever seen weird videos like "12 hour cat relaxation calm music healing anti stress"? Well, thats me striking users in their face with hidden crypto assets!

The reverse steganography scripts, with secondary backups are saved over in a VeraCrypt hidden volume that appears to contain expired voucher codes; the volume only mounts using a picture of Nyan cat as the keyfile. This allows plausible deniability in case the file gets busted and I'm forced to mount it.

The volume file backups (aptly named "SystemVolumeInformation") is sync'd on a cloud storage I shall not name, using rsync's file encryption feature, thus encrypting all contents and chunking all data into randomly named blobs.

Am I doing it wrong?

[LoyceV]

2. I also have 2 backups in USBs (which is my pain-point). I think USBs are the worst option.

Why not add something else to the mix? Get an old HDD, get a cheap USB bracket, and use that.

4. Every 2 years, I rotate my backups to new USBs. (this step has only happened once, but next summer I'll need to repeat it).

Does "rotate" mean you get rid of the old ones? Why not just add a new one to your backup every once in a while?

[apogio]

Why not add something else to the mix? Get an old HDD, get a cheap USB bracket, and use that.

That’s a good idea. In general the only problem I have is that I am unable to load the labels with my current system. I do it manually.

Does "rotate" mean you get rid of the old ones? Why not just add a new one to your backup every once in a while?

No I am keeping them! In fact I have learnt it from you. There’s no need to delete the old backups!