YetiCold.com Bitcoin Storage?

[dkbit98]

As alternative for hardware wallets I found one script called YetCold, that installs bitcoin core and then helps user with steps to create cold storage for holding Bitcoins.
They recommend it for storing BTC worth 50k or more with 3 of 7 HD multisig setup with private keys never exposed to device connected on internet.
You would need to have:

 - Two laptops with webcam, Ubuntu OS and Bitcoin Core.
 - 8 small USB drives.
 - Printer and paper.

Software is still beta but it is working fine and it has several Advantages:

- Private keys are never on any device exposed to internet
 - 3 of 7 multisig addresses is used, and this allows losing up to 4 keys without losing bitcoin, and it requires 3 locations to be compromised for losing bitcoins.
 - HD Multisig is used so that you can send funds to 1,000 addresses, but recover all funds using only 3 seed phrases
 - Using Generic computing hardware.
 - Minimal software used mostly for enabling multisig for Bitcoin core software.
 - Open source and easily audited.
 - Usable for most non-technical users with following steps.
 - Private, uses Tor and never transmits your IP address.
 - Bitcoin private keys are stored on paper in multiple geographic locations with professionals that do not know they are storing bitcoin private keys.
 - Private keys are written down using the NATO phonetic alphabet where every fifth word is a checksum to reduce the possibility that a private key will be unreadable when needed.
 - Instructions for recovering the bitcoin are included with every copy of the private keys to reduce the likelihood of loss.

Disadvantages:

- Time. To complete setup you will need to invest 2 hours spread over the course of a couple days.  You also need time to buy and setup clean OS on laptops.
 - Privacy. Using multisig is not very common and a 3 of 7 multisig is even less common. Someone could look at the blockchain and find out you are using yeti for cold storage.
 - More expensive than hardware wallets.

My opinion:

If you have some old laptops in your house maybe you can give them a new life with this YetiCold storage, but for most users this is to complicated to set up and it needs lot of time invested.
Maybe it is safer then regular wallets, but for most people this would be extreme and only used by most paranoid bitcoiners

Source:
https://github.com/JWWeatherman/yeticold

Procedure:
https://github.com/JWWeatherman/how_to_store_bitcoin

Website:
https://github.com/JWWeatherman/yeticold

[1714962991]

1714962991

[1714962991]

1714962991

[bob123]

You might want to mark what you have copied from their github, which is roughly 90%+ of your post.
Why not simply using quotes?

Further, the whole project seems a little bit suspicious due to the inconsistency when reading.
First, they are talking about Seeds and HW wallets, and later they talk about backing up the individual private keys.

I don't see a single reason to use that project over generating a multisig HD wallet offline yourself. It wouldn't even be more time consuming or complicated doing everything yourself.
Additionally, i dislike the idea of using actual coins to generate the entropy. The random number generator of a linux system is more than just sufficient for that task and saves tons of time.

[o_e_l_e_o]

I would imagine most people would struggle to find 7 geographically separate places which they could fully trust to hide a private key, short of just renting multiple safe deposit boxes at multiple banks which obviously increases the cost of this system (and incurs an ongoing cost). I also think that 3-of-7 is needlessly complex for the vast majority of people in the vast majority of situations.

I would also dispute the "usable for non-technical users" quote. Straight off it is using Ubuntu and terminal commands, which puts it out of reach of >95% of users without additional time spent on learning how to install and use a new OS. The whole point that this requires no trust is kind of moot if you are just blindly following the commands given to you without knowledge or understanding of what they do.

I applaud the effort to create a good non-hardware wallet cold storage system for newbies, but I don't think many people will be recommending or using this unfortunately.

[NotATether]

Why the need for two laptops, with webcams, for the whole setup? I'm not sure what those are supposed to be used for if the cold storage is the USB drives, unless those webcams are for scanning QR codes? The more devices and software you introduce, the larger attack surface you expose. It is best to keep security software simple and without extra or unnecessary features, only the bare minimum necessary to work.

[dkbit98]

Too complicated, why don't i just buy multiple completelty open-source hardware wallet which support multi-signature?

He does not want to use any hardware wallets and he claims it's just a mater of time when most hardware wallets will have some firmware exploits, and I would agree with him on that.
However, I would never go with all this stuff like buying two laptops and eight USB sticks

The whole point that this requires no trust is kind of moot if you are just blindly following the commands given to you without knowledge or understanding of what they do.

You are correct.
Imagine someone creating phising clone website with malicious links, and people blindly installing that on their laptops.

Whole thing looks to complicated for most people, and he said it himself that privacy can be reduced using this.

[stompix]

I applaud the effort to create a good non-hardware wallet cold storage system for newbies, but I don't think many people will be recommending or using this unfortunately.

Newbies??? Let's be serious, you've said it yourself how complicated it is, what newbie in this world that has just bought his first coins will not rush them back to the exchange and dump them when he sees what he needs to do? I will never ever think of adventuring in this stuff

Also, I'm completely lost at:

Private keys are not stored in non-descript packaging and stored with people that do not know they contain private keys

What? How did we end up to people storing your keys unknowingly from making your own indoor cold storage?

Instructions for recovering the bitcoin are included with every copy of the private keys to reduce the likelihood of loss.

So people will now know those are private keys, but they will have the instructions to recover next to them? Doesn't this sound a bit weird at least?
I'm a fan of creating safe cold wallets with back-up solutions as you can never have enough security but I think this one is going overboard and to in the right direction.

Anyhow, has anybody tried this?
It's way too much for me but I'm curious how much it will take for a more experienced user and if there are any fault points in it.

[NotATether]

Too complicated, why don't i just buy multiple completelty open-source hardware wallet which support multi-signature?

He does not want to use any hardware wallets and he claims it's just a mater of time when most hardware wallets will have some firmware exploits, and I would agree with him on that.

To be fair, the hardware used on the guide most likely are closed-source and have firmware exploit as well. The only advantage is the exploit might not useful to steal user's Bitcoin.

It makes me wonder whether one day we will see hardware wallets made with open hardware like Arduino, where people can verify that there are no exploits in the hardware since it's user programmable.

People have been using Arduino boards for a lot of other uses so I wouldn't be surprised if someone ported the key derivation and BIP39 functions to it. Then we could do cool things like make an Electrum plugin for an Arduino-based wallet.

[dkbit98]

It makes me wonder whether one day we will see hardware wallets made with open hardware like Arduino, where people can verify that there are no exploits in the hardware since it's user programmable.

There is something like this already and I am preparing a new topic about this DIY hardware wallet that is not expensive at all (HERE).

I am also looking forward for Schnorr signatures that will make Bitcoin and hardware wallets even better.