What's wrong with my current cold storage? - Weaknesses in cold storage methods

[aolley]

Today we are going to discuss cold storage and some specific problems with cold storage. This applies to the Secret Key portion of a key-pair and to the seed used to backup HD wallets and hardware wallets. The point of this post is the show the motivation I had for making something better, a new type of physical bitcoin.

The best way to keep you seed/secret key safe is to have multiple copies in multiple locations perhaps with multiple formats and even better if the keys are split. However not everyone has access to multiple locations, or access to land long term, or more than one place to store their things.  This is an examination of faults with individual methods.

Not to say everything is all bad but there are many potential weakness out there, and some in the Bitcoin and crypto community like to know the edge cases of things. I will also highlight some of the aspects of the Keyois Capsule which is a 'physical bitcoin'

We will focus on mediums relating to cold storage and not ones designed for more everyday use, but this applies to the seed you save to keep your everyday spending wallets safe and backed up.


We will assume you generated your keys securely and that you already have them on some medium. We will also have to ignore endpoint physical security because they can all be carried away the same. Remember your cell phone /hardware wallet/ computer client are only as good as where you put the backup seed phrase, which can be thought of as data much like the SK discussed below.

I wanted to talk about cold storage methods that are secure, online storage is so far from secure I didn't even bother with it; if your method of storage is not mentioned here it may not be secure.


----

Written on a piece of paper

 * Anyone who can see it, can steal it

 * Handwriting can be hard to read or completely illegible

 * Human error in transcription can cause errors on end product

 * Paper can rot, be torn, burn, or be smoke damaged

Printed on a piece of paper

 * Anyone who can see it, can steal it

 * Type of printer - non-laser printers can run if paper gets wet

 * Have to trust printer - some have internet connections, wifi, and memory

 * Paper can rot, be torn, burn, or be smoke damaged


On laminated paper


 * Anyone who can see it, can steal it

 * Lamination is prone or degradation over time and puncture or cuts that could allow moisture to get trapped in the paper and cause deterioration or rotting in some circumstances - store in cool dry place

 * Can burn or be smoke damaged

 * 'Fireproof' & 'Fire-resistant' boxes can help protect paper in a small house fire but be warned that they can sometimes fall apart in the fire and get wet if the fire is put out with water. Remember people can just carry out a small safe.

Engraved / etched/ ablated/ stamped on a piece of metal

 * Anyone who can see it, can steal it

 * Some metals can deteriorate or corrode, choose a good metal; also store your metal away from direct contact other metals. Some metals that are corrosion resistant have low melting points, are extremely expensive, orhard to machine. Previously we had been working with 316 Marine grade Stainless Steel for the Keyois capsule engraving material, it is the best type of steel my research led me to, however we made the switch to  Titanium  because it is even better.

 * Metals can still deform or melt from heat, destroying any engraved SK.
"Most house fires do not burn hotter than 1,200 degrees Fahrenheit. This temperature is typically associated with the hottest portion of a home, which is in the roof area. Homes that burn for longer than 30 minutes or consist of multiple levels sometimes burn at higher temperatures."    
You want to pick a metal that won't be destroyed by a fire. So magnesium (lol), tin, and lead are all out as engraving materials.      
Silver, gold, copper, brass, bronze, nickel, cobalt, should survive a housefire fire unmelted.
Some Aluminium alloys can survive but you have to have the right ones. At around 1500° Steel and Nickel should be okay.  
Titanium is what the Keyois Capsule has the Secret Key engraved on and it has a melting point of over 1600° C / 3000°F. Tungsten is double that but can be brittle.

 * The Cryptosteel, http://cryptosteel.com/, product, made of 304 Stainless Steel is in this category. It is an assemble-at-home secret key backup however it does not have tamper evident properties (but I bet it can easily). So anyone who can see it, can steal it.

 * There are multiple companies that sell laser-engraved metal key pairs about the size of a calling-card; often there are color, material, and design options. This is a great option for BIP38 addresses, although anyone who can see it can see it, they still have to crack your BIP38 pass phrase. However it is my opinion that the Keyois capsule is much prettier than all of them.


Stored digitally on a computer

 * Computers can crash, making  data recoveryexpensive

 * Data can still technically  be recovered after a system is abandoned by the user. In some cases data can be recovered after multiple overwriting attempts and physical destruction (as long as the attacker can get all or most the pieces) so if you copy files to a new computer and ditch the old one, be careful.

 * Can burn or be smoke damaged

 * A traditional hard disc drive can have data corrupted by powerful magnetic fields and can physically shatter

 * A non-negligible amount of HDDs suffer from factory defects that will cause them to fail unexpectedly during their lifetime

 * Accidents can happen that could result in loss of data
 * Solid state drives (SSDs) will lose data if unpowered, they may last years before this becomes a problem but it is unwise to store long-term data in unpowered SSDs

 * If connected to internet it is another attack vector and the safety is only as good as the encryption used; I don't know what I would recommend but it wouldn't be BitLocker. Someone could be trying to break into the computer constantly. Even with good encryption if the machine or location is compromised the key could be stolen as soon as it is decrypted.

 * There are a lot of ongoing threats with computers, from 0-day exploits to [firmware exploits](https://www.wired.com/2015/02/nsa-firmware-hacking/) and malicious USB cords

 * External hdds are good for storage for a few years at least if stored properly

 * If not connected to internet, safety is only as good as the physical protection encryption used; could someone break into the location and copy the data without anyone noticing?


Stored digitally on CD, floppy disk, laserdisc, or mini-disc

 * Plastics break down over time and with exposure to heat, humidity, regular light, all sorts of chemicals, even the oxygen in the air. This can lead to the loss of your data when stored on a medium made of plastic or written/printed on plastic.

 * Can burn or be smoke damaged

 * Can be physically damaged, making data recovery expensive or even impossible

 * Magnetic media (tapes, floppy disc) can be damaged by magnets

 * Data can become difficult to recover if the software and/or hardware to decode is old, don't use proprietary formats


Stored digitally on a flash drive


 * Can break and have to be physically repaired before use

 * Rapidly changing magnetic fields can damage the data stored on flash drives

* Can burn or be smoke damaged

 * Can become corroded from salt water or some atmospheric conditions

 * If they break apart, some lighting conditions can cause data corruption (you can also put them back together and often still get the data)

 * Different devices are all different, even similar devices from the same production batch can be different. There are large quality differences
in drives but I am assuming you aren't using these for anything but storage.

 * There are some fake flash drivesthat look like they saved the data but you can't get it back later

 * Flash drives are not advised for long term storage; they can be used as one part of a multi-medium-location-format plan.

*Backups are essential for digital data*    
Computer code for performing operations can be corrupted in transfer or in operation.
Special systems exist and procedures help data to last longer. For ideas, see this archive.gov page    
Remember to store in multiple locations. You can lose everything in single structure

A pre-funded physical bitcoin coin (where the manufacturer generates and installs the secret key)

 * The medium that the key is on is often paper/plastic which can burn or be smoke damaged

 * Trust in the manufacturer themselves, they could copy the key

 * Trust in their key generation procedure

 * Trust in the operational security of the manufacturer, they could be generating the keys on their everyday computer

 * Trust no one is successfully spying on them, electronically, looking through their documents while they are out of town, or with tiny tin foil hat cameras or long range ones

 * Trust that the object was not tampered with in delivery

 * Trust that no one has tampered with the object since you got it

---

What can solve most of these problems? A combination of good backup procedures and encryption.    

If you have permeant access to more than one location (people who live in big cities, without family or cars have a hard time with this) or have people you trust with your money (don't) then look into using some form of Multi-signaturemethod.



The Keyois Capsule is a crypto piggy bank; it can be funded from the outside but you to break it open to get them out. You give me a BIP38 encrypted key pair (well the address not the public key) and I engrave it in this tamper evident and time resistant package. You still have to hold on to the pass phrase that allows you to decrypt it; that is however the same problem as all methods with BIP38 encryption. How to store this without having to trust anyone but still being assured of it's security?


 * Engraving, embossing, or stamping on a sheet of metal is one option; however the metals that are easiest to stamp are ones that melt in a house fire. They could be put in a glass jar that's filled with aerogel and buried. These is the best readily available option for most people but it really can be tedious.  - This puts you back at *anyone who can see it can steal it* so dip in plastic dip, wrap in duct tape, bake in clay, encase in concrete, whatever just don't leave unencrypted keys visible!

 * The cryptosteel is another ready-made option

 * Have the words etched onto glass at home with off the shelf products; but be carful of this idea because the glass can shatter from impact and heat or even sudden temperature changes

 * Anodize the words yourself on a pieces of metal, there used to be a service to help use your home printer to print the words with some chemicals you can buy

 * Bake them in clay, then encase that in epoxy resin so it can't shatter. then paint the outside, in the future you can solvent the paint off and see the written seed

 * Use a combination of techniques to split the seed so that it is safe(because it is split and separated) and redundant (because it is backed up).


The most cost effective way for a 'normal' person (without their own land, without more than one location, and who cannot trust anyone else with their funds) to keep their backup seed/ secret key safe from damage from the elements would probably to buy a stamping kit and hammer and some stainless steel sheet or bar, Aluminium can be okay if you have the right alloy but better safe than sorry.
---

[Kakmakr]

Most of your storage methods, do not include a backup plan. You never store only 1 copy of your paper wallet. You never store all paper wallets in 1 location. I have 3 locations with 3 copies of each paper wallet. For example : 1 copy in a safe deposit box / 1 copy in safe place at home / 1 copy buried in a time capsule.

I know the reason for this post, is to promote your device, but your storage methods needs redundancy to allow for disasters happening in your area. ^smile^

[Kevin77]

Almost every cold storage method is vulnerable to hack /theft /natural calamities. We can protect our laptop with a password from a colleague not from a fire accident.
Having multiple copies in different format and keeping them in different location must be a 'practical' solution still not a complete solution imo.

[Japinat]

Every method having their own risk but it is good to know the risk so we can make things to secure our bitcoins, I have not try cold storage because I believe online is safer when you put 2FA on your accounts.

[Coding Enthusiast]

there are a lot of overkill in your comment and since my expertise lies in the following part i try to explain my thought:

Engraved / etched/ ablated/ stamped on a piece of metal
 * Some metals can deteriorate or corrode, choose a good metal; also store your metal away from direct contact other metals. Some metals that are corrosion resistant have low melting points, are extremely expensive, orhard to machine.

lots of the links about corrosion, erosion (that you missed the link to), melting point, maintainability, etc are used for harsh/corrosive environment which contains acids like in the food industry, and as for machining, forming,... the hardness of these materials is what you should look for and a simple Austenite Stainless Steel has enough properties to be able to cut the big plate in the form of a paper wallet and then engrave on it using a simple chisel.

Previously we had been working with 316 Marine grade Stainless Steel for the Keyois capsule engraving material, it is the best type of steel my research led me to, however we made the switch to  Titanium  because it is even better.

is your research a self google search or is is a consult with a material science expert?
if you ask me i say you have increased the cost at least 20 times by choosing Titanium and gaining not much properties over the stainless steel.

* Metals can still deform or melt from heat, destroying any engraved SK.
"Most house fires do not burn hotter than 1,200 degrees Fahrenheit. This temperature is typically associated with the hottest portion of a home, which is in the roof area. Homes that burn for longer than 30 minutes or consist of multiple levels sometimes burn at higher temperatures."     
You want to pick a metal that won't be destroyed by a fire. So Brass, bronze, tin, lead, silver, gold, and copper are all out as engraving materials.     
Aluminium should survive but I haven't tested this.

Aluminium properties can range from a melting point of 460 °C (865 °F) to 1500 °C (2800 °F) but the price is also going to go up!

At around 1500° Steel and Nickel should be okay.     
Titanium is what the Keyois Capsule has the SK engraved on and it has a melting point of over 1600° C / 3000°F. Tungsten is double that but can be brittle.

i am curious to know which Titanium alloy it is used in this product.

Austenite Stainless Steel is most probably more than enough for this particular usage, and if you are worried about some properties like the strength, more corrosion resistance, a better surface, a better resistance to Pitting there are some alloys that have structures made out of a mixture of Austenite, Martensite, Ferrite which are so much cheaper than Titanium with enough properties to satisfy any possible threat.

i will post more information with my CES if i had time!

[aolley]

there are a lot of overkill in your comment

Bitcoin is all about the edge cases and being fully informed, I don't think there is any overkill in the comment but perhaps you can tell me what you think is overkill?

What does erosion have to do with this that corrosion does not cover?

> the hardness of these materials is what you should look for

hardness is good but as we see with tungsten being so brittle it isn't a end all be all. I agree that stamping on steel is the best for the common man, I update the Al part to reflect the potential melting point


The titanium is actually only about 10% more expensive than the 316SS and it has benefits for me, notably more lightweight, more corrosion resistance, and not paramagnetic 



This was all made because I want others to be aware of potential problems in their cold storage methods (to see why I wanted to make something better)

Thanks for you comments!

[Coding Enthusiast]

Bitcoin is all about the edge cases and being fully informed, I don't think there is any overkill in the comment but perhaps you can tell me what you think is overkill?
What does erosion have to do with this that corrosion does not cover?

i agree about the edge cases but lets review your edge cases that you have been focusing on in your first post (corrosion, melting point, and you mentioned hard to machine which relates to hardness if we want to engrave physically and doesn't matter much if we want to laser-engrave)

keep in mind corrosion is a process, not a property.
Corrosion:
when we talk about corrosion it is all about the environment, put simply there are two categories to watch: corrosion that is not influenced by any other process and corrosion that is influenced by another process, such as the presence of stresses or erosion (Erosion being a wear process, in which surface damage is caused by the repeated application of high localised stresses)
since the wallet is going to be kept at home environment, lots of conditions like stress induced corrosion cracking are not relevant.
the only things that we have to think about are "Aqueous" and "atmospheric" Corrosion. so strictly speaking a carbon steel with a simple coating is going to do the trick.

melting point
again room temperature and a case of possible fire to reach a temperature of as high as 1100°C which is still inside working temperature of steels.

> the hardness of these materials is what you should look for

hardness is good but as we see with tungsten being so brittle it isn't a end all be all. I agree that stamping on steel is the best for the common man, I update the Al part to reflect the potential melting point

you misunderstood the meaning of "brittle". a brittle metal is a metal that breaks catastrophically when it reaches the UTS point.
we are talking about a metal, so tungsten with a Yield strength ~ 1000 MPa (it is 500 ish for SS) needs a tremendous amount of power to be broken.
i am not saying use tungsten , just pointing out what brittle means

The titanium is actually only about 10% more expensive than the 316SS

you didn't say which alloy though.
you are intriguing me to buy one and do a quick XRD to find out

[springgers]

If your marketing is good? Mmm... I don't think so, maybe you can do something more directly. You don't need to roast the others methods to promote your.

Change the world key for notes of dollar for example...
Anyone can steal it, it can burn. Same with any currency, like gold too, anyone can steal or whatever.

[yayayo]

What's wrong with my current cold storage? 

Nothing is wrong. I wish you good luck with your product, but to me it seems to be a bit of an overkill with no real benefit in terms of security. Especially I don't understand, why your product is limited edition (just 50 pieces). A suitable solution for cold storage should ideally be mass-produced and provided at low costs. To me it seems that you just want to create a collectible item that is never put to real use but instead just kept in a collection to be sold some day for higher prices.

I fail to see a real advantage of using your capsules over just printing out an (encrypted) paper wallet or engraving my (encrypted) key into a piece of metal of my choice. Doing it myself is a lot cheaper and I can print out thousands of paper wallets to store them at different places, thereby significantly reducing the risk of theft. A small sheet of paper is also much easier to hide than one of your capsules.

Physical tamper evidence is not a really important feature if the item you use for cold storage is itself worthless: If a potential thief will get his/her hands on your cold storage item he/she will either directly spend your BTC or transfer them to a new address. If you have any suspicion that someone might have discovered your cold storage you can quickly transfer your funds to a new address as well and create a new paper wallet. In addition you can easily provide some kind of tamper evidence for paper wallets as well: Put your paper wallet in tinfoil / a dark envelope and seal it with glitter nail polish.

ya.ya.yo!

[coinoclock]

your solution is over the top and also not perfect.
i don't think you can be 100% safe, but you also don't need to.
there are fine solutions at a cheap price that are sufficient.
the biggest factor is and always will be is the human part.

[poncom]

Cold storage is an ongoing process where you periodically check if all your multiple backups on multiple different mediums still work. If one breaks you replace it with a copy from one of your other backups. You can't rely on anything forever because of the human factor, so the belt and braces approach is best if you expect your belt or braces to eventually break and need replacing. Keep monitoring and repairing multiple backups.

[ebliever]

From previous discussions on this topic, I suggest the following  strategy: An M-of-N multisig wallet with multiple copies of each key distributed in different locations. Whether in digital or hardcopy format I simply don't have the expertise/data to judge which is best. But by using multisig you don't worry about a single copy of the key falling into wrong hands, and by using duplicate copies you protect against accidental loss. (This would only be for rarely touched significant investments, it's just too much of a hassle for everyday spending accounts.)

And while I appreciate the efforts of folks like in the OP, I still tend to think that zipping your wallet.dat file with a password, renaming it BirthdayPics2006 and throwing it on any decently operated cloud storage account is likely to be safer than most overthought methods, so long as you didn't have malicious code on your computer when you first generated it.

[aolley]

, but to me it seems to be a bit of an overkill with no real benefit in terms of security.

Again, I am trying to spell out the potential problems, if people are uninformed they would all just do silly things.

Especially I don't understand, why your product is limited edition (just 50 pieces). A suitable solution for cold storage should ideally be mass-produced and provided at low costs.

In fact you very greatly misunderstand everything about the motive for my post and creation. The post outlines why current methods were not good enough for me, because of their failure in edge cases.
The 'product' is a personal art project, I made this for me so that I could have something better than what was out there, for the reasons outlined above. It is expensive to make but way more expensive to design and make just one, so I made a few; perhaps others see the problems that I have outlined and want something better

I fail to see a real advantage of using your capsules over just printing out an (encrypted) paper wallet or engraving my (encrypted) key into a piece of metal of my choice. Doing it myself is a lot cheaper and I can print out thousands of paper wallets to store them at different places, thereby significantly reducing the risk of theft. A small sheet of paper is also much easier to hide than one of your capsules.

that is the exact point of the post. was that not clear? I thought I was very clear in spelling out the weaknesses with methods and suggesting people stamp their own metal as the easiest option. Also, this post is more for people who don't have access to more than one location, so if their house burns down and all their paper wallets are in that house they are all gone. There is a link to a situation where this pretty much happened. That is why I made this post, to point out weaknesses (and show why I wanted something better)

Physical tamper evidence is not a really important feature if the item you use for cold storage is itself worthless:

I very much disagree, for one not everyone monitors their btc so if the thief replaces it you might never know until you need to spend it

Put your paper wallet in tinfoil / a dark envelope and seal it with glitter nail polish.

I think I also suggested something along these lines for the better stamped metal plates

[jtipt]

Every method having their own risk but it is good to know the risk so we can make things to secure our bitcoins, I have not try cold storage because I believe online is safer when you put 2FA on your accounts.

I personally don't feel safe with that even with 2FA after all the bitcoins are on the server some server that you dont know, even if the provider is very trusted you never know if the servers are hacked or something. In my opinion you should keep majority of bitcoin in cold storage, if you are going to use them in near future and keep some change online or anywhere you please for everyday use.

[Kprawn]

Every method having their own risk but it is good to know the risk so we can make things to secure our bitcoins, I have not try cold storage because I believe online is safer when you put 2FA on your accounts.

I personally don't feel safe with that even with 2FA after all the bitcoins are on the server some server that you dont know, even if the provider is very trusted you never know if the servers are hacked or something. In my opinion you should keep majority of bitcoin in cold storage, if you are going to use them in near future and keep some change online or anywhere you please for everyday use.

I keep about 20% of my coins in hardware wallets or online services to be able to trade quickly, or if I see something I want to buy. The

other 80% are in cold storage, securely stored. I will also not trust anyone with the storing of my private keys, no matter how reputable

they are. The 2FA authentication is a temporary hurdle for hackers, who mostly use social engineered methods to get hold of that. The

MitM attacks will also void some of these securing methods.

[BitcoinHodler]

it is always good to have security in mind when it comes to bitcoin or money in general and although i agree with most of what OP says but i have my own way of doing things.

i have made my cold storage in USB disk and i keep it encrypted and in my desk drawer. there is one paper backup of my seed and also a digital backup on the cloud (obviously encrypted) and i feel safe enough.

because even if i lose access to one of these like my house burning to the ground, i still have another back up accessible.

[aolley]

Also, don't forget to mention that cloud storage or online wallet isn't good place to keep your bitcoin wallet

Hmm, I didn't include it at all because I figured anyone that gets any insight from this post would know well enough to not store their btc in an online service unless they were prepared to lose it.

I wanted to talk about cold storage methods that are secure, online storage is so far from secure I didn't even bother with it, should I add something to that effect?

[Lauda]

A physical bitcoin coin

 * Trust in the manufacturer themselves, they could copy the key
 * Trust in their key generation procedure
 * Trust in the operational security of the manufacturer, they could be generating the keys on their everyday computer
 * Trust no one is successfully spying on them, electronically, looking through their documents while they are out of town, or with tiny tin foil hat cameras or long range ones
 * Trust that the object was not tampered with in delivery
 * Trust that no one has tampered with the object since you got it

This is only true for pre-funded coins, otherwise it is false. I'd say it is a bad generalization to say that all physical Bitcoin share these weaknesses, because they don't. There are several DIY coins, where you assemble and fund it with whatever address that you want. The only obvious weakness in DIY coins is theft (none of these listed above apply to these) and potentially your own generation scheme (if weak, vulnerable, etc.).

[aolley]

This is only true for pre-funded coins, otherwise it is false. I'd say it is a bad generalization to say that all physical Bitcoin share these weaknesses, because they don't. There are several DIY coins, where you assemble and fund it with whatever address that you want. The only obvious weakness in DIY coins is theft (none of these listed above apply to these) and potentially your own generation scheme (if weak, vulnerable, etc.).

A good point, I have updated the section to be more accurate in that point

'A physical bitcoin coin where the manufacturer generates and installs the secret ke

 * The medium that the key is on is often paper/plastic which can burn or be smoke damaged'

[Lauda]

A good point, I have updated the section to be more accurate in that point

'A physical bitcoin coin where the manufacturer generates and installs the secret ke

 * The medium that the key is on is often paper/plastic which can burn or be smoke damaged'

We usually use the terminology funded (or pre-funded) vs. DIY coins (or buyer funded) in the collectibles section. That may help with clearing things up. This is a nice summary but should probably be differently formatted to make it look nicer!