Why I Am Not Using Hardware Wallet For Cold Storage

[Dorky]

Wait... what?? The fraction of the 5 btc not spent will go to either a completely new "change" address, totally unrelated to all my other 19 addresses... or if I choose to not use change addresses as per the functionality offered in several wallets, the wallet will send the unspent amount back to the original address... which is also totally unrelated (from an external point of view) to all my other 19 addresses.

You have read BIP32 and BIP44 and understand about "external" (aka receive) and "internal" (aka change) addresses right? Pretty much all the hardware wallets that I'm aware of implement BIP44... and keep receive and change addresses separated as per the specification, that is to say using Derivation Paths of m/44'/0'/0'/0 and m/44'/0'/0'/1 respectively.

Most of them are also smart enough to prevent address re-use so while you could follow a chain of transactions that start with one 5 btc input... it'll never touch any of the other inputs (or their chain of transactions) until such time as you don't have enough coins in a single input to be able to send the amount you want to send and it needs to use 2 or more inputs.

All of which is relatively moot for "cold storage" anyway... and works pretty much the same way as your "paper" wallet system.

Like I've been saying all along... your system is pretty much the same as using a hardware wallet, without the convenience of being able to spend easily if required... or sign messages... or use on an online machine while maintaining security... or use easily with a mobile phone wallet... or use as a FIDO U2F secure key...

But hey, you're happy with it... and you saved yourself $100.

1. You are assuming hackers and kidnappers are so stupid that they do not know about dummy wallets. You have wrong assumption.
2. If you have tons of change addresses, your backup will be very problematic. You don't believe? Try it out. You should pray your hardware wallet will stay fine without glitches, or else you can say sorry to all your savings. Oh, yeah. Don't worry. You have the seeds written down and stored somewhere just in case for recovery. I assume they cannot be eaten, stolen, or destroyed.
3. What I mean is that 19 addresses are part of the change addresses as well, or else you will have far more than 20 addresses to look after.
4. You are avoiding the question on how to secure your hardware wallet's seeds/mnemonics/passphrases, which I believe you can never answer satisfactorily.
5. If you want to spend, you don't necessarily must use hardware wallets to do the job. Desktop wallets can work fine and they cost $0.

Come on. Give me a break. You are here arguing against my method without giving even a single credit to it, as if it is useless. Clearly you are here to argue for the sake of winning an argument and rest assured I will never let you win this argument.

Edit:
Notice I bold the 4th point for your eyes to see.

Like I've been saying all along... your system is pretty much the same as using a hardware wallet, without the convenience of being able to spend easily if required... or sign messages... or use on an online machine while maintaining security... or use easily with a mobile phone wallet... or use as a FIDO U2F secure key...

Nope, you are wrong. My method is not the same as using a hardware wallet.

A hardware wallet:
1. Doesn't give you 100% control of your keys. Using some source code to derive the keys from the seeds is bullshit as that's not the company's intention.
2. Doesn't protect you from a $5 wrench. Using dummy wallet as excuse is bullshit as we all know what you have is more than just dummy wallet.
3. Is a 3rd-party security risk. Denying this is bullshit. Saying/implying it is compulsory to use WinRar for my method is also bullshit.
4. Doesn't allow unlimited backups, vs my method that allows so.
5. Requires the same/similar need for encryption/security/backup (of seeds/mnemonics/passphrases). Implying they do not need so is bullshit.

There is NO such thing as needing hardware wallet to spend the cryptocurrencies easily, conveniently, safely, and securely. Implying that we need hardware wallet to spend is bullshit. In my article, I've said it clearly that hardware wallet is an option (but not the only option) when it's time to spend. You being a smartass, either do not read my article, or read it but have partial understanding of it, try to seek the pleasure of arguing with me. I will not let you win this argument. It is very easy to spot someone arguing for ego, and someone arguing for solution. You argue for ego, because you give NO solution.

[1715131421]

1715131421

[1715131421]

1715131421

[1715131421]

1715131421

[Dorky]

What about a bank cold storage, where you place your bitcoins in a cold storage online, but they put it on a paper ant store it for you ? Xapo for example does this. What are your thoughts on this type of cold storage?

I strongly do NOT recommend using Xapo for anything.
If you care enough, please go check the reviews given by others. I personally used it for a negligible while and the first experience is far more than enough to make me stay away from it. Even the founder (Wences Casares) has unethical business practice in the past that collects customers personal information and sold such data to 3rd-parties for profits. You use Xapo at your own risk. You have been warned.

To break can not, but you can lose the keys. If you store them on the computer then hack your PC and steal your codes much easier than to hack e-wallet. I think that in General it is impossible to store a large amount of bitcoins in one place.

Keyloggers are the biggest menace today. The malware can pretend to be a valid program and request the system to access certain file/registry or monitor clipboard changes.

What I do (beside installing anti-keylogger and anti-malware softwares) is that I encrypt my cold storage in an offline + formatted 2nd computer with very strong + long passwords and I never use these passwords on the computer I use for online purposes. As a last resort, I switch off the internet before using any password.

Edit:
I personally suggest SpyShelter Premium/Firewall.
Someone suggested Norton Power Eraser (@ https://www.bleepingcomputer.com/forums/t/640092/is-it-possible-that-i-have-been-hacked-strange-case/).
Generally, you better scan your system while in safe mode.

[Kakmakr]

In a roundabout way, it would be stupid for any company to risk their reputation and their whole business on creating something that can be exploited by themselves. Ok, they might make a shitload of money, but they will also have to face jail time, once this goes public and go to court.

We unfortunately place our trust in third parties with every financial transaction we make. We use banks and ATM's and we make credit card payments and all of these services has been compromised in the past.

Online banking has been targeted the most and we still use it. ^hmmmmm^

[Orbolon]

What about a bank cold storage, where you place your bitcoins in a cold storage online, but they put it on a paper ant store it for you ? Xapo for example does this. What are your thoughts on this type of cold storage?

I strongly do NOT recommend using Xapo for anything.
If you care enough, please go check the reviews given by others. I personally used it for a negligible while and the first experience is far more than enough to make me stay away from it. Even the founder (Wences Casares) has unethical business practice in the past that collects customers personal information and sold such data to 3rd-parties for profits. You use Xapo at your own risk. You have been warned.

To break can not, but you can lose the keys. If you store them on the computer then hack your PC and steal your codes much easier than to hack e-wallet. I think that in General it is impossible to store a large amount of bitcoins in one place.

Keyloggers are the biggest menace today. The malware can pretend to be a valid program and request the system to access certain file/registry or monitor clipboard changes.

What I do (beside installing anti-keylogger and anti-malware softwares) is that I encrypt my cold storage in an offline + formatted 2nd computer with very strong + long passwords and I never use these passwords on the computer I use for online purposes. As a last resort, I switch off the internet before using any password.

Edit:
I personally suggest SpyShelter Premium/Firewall.
Someone suggested Norton Power Eraser (@ https://www.bleepingcomputer.com/forums/t/640092/is-it-possible-that-i-have-been-hacked-strange-case/).
Generally, you better scan your system while in safe mode.

Hey thanks for the warning, I definitely did not read about xapo at all. Was recommended by a friend so i forgot to double check it  Could you recommend an alternative to xapo ? I mean for the visa card that you can withdraw $$ at an atm from bitcoin, or make purchases?

[Dorky]

Hey thanks for the warning, I definitely did not read about xapo at all. Was recommended by a friend so i forgot to double check it  Could you recommend an alternative to xapo ? I mean for the visa card that you can withdraw $$ at an atm from bitcoin, or make purchases?

For spending bitcoin, you should at least consider using a wallet that gives you control of the private key first.
Desktop wallet like Electrum is fine with me at the moment.
Hardware wallet is fine too, if you use it for spending (but I do not recommend it if it's for cold storage).
Xapo is a 3rd-party service provider that does not even give the user any control of the key.

You can check this out @ https://bitcoin.org/en/choose-your-wallet
Mobile wallet and web wallet should be 100% avoided.
So I would say go for desktop wallet and/or hardware wallet for spending only.

[Orbolon]

Hey thanks for the warning, I definitely did not read about xapo at all. Was recommended by a friend so i forgot to double check it  Could you recommend an alternative to xapo ? I mean for the visa card that you can withdraw $$ at an atm from bitcoin, or make purchases?

For spending bitcoin, you should at least consider using a wallet that gives you control of the private key first.
Desktop wallet like Electrum is fine with me at the moment.
Hardware wallet is fine too, if you use it for spending (but I do not recommend it if it's for cold storage).
Xapo is a 3rd-party service provider that does not even give the user any control of the key.

You can check this out @ https://bitcoin.org/en/choose-your-wallet
Mobile wallet and web wallet should be 100% avoided.
So I would say go for desktop wallet and/or hardware wallet for spending only.

I use electrum it's okay everything is fine, but i want the ability to go a local shop that accepts bank cards, and use the xapo card to directly pay for my purchase in Euros using the xapo card that has a btc balance

[Dorky]

I use electrum it's okay everything is fine, but i want the ability to go a local shop that accepts bank cards, and use the xapo card to directly pay for my purchase in Euros using the xapo card that has a btc balance

I have no idea which wallet is the best choice to spend btc like a credit/debit card would.
But I personally do not use Xapo, and do not recommend using it.

Which country has such level of adoption already that you can spend btc at local shops?
Are you from Japan?

[HCP]

1. You are assuming hackers and kidnappers are so stupid that they do not know about dummy wallets. You have wrong assumption.

You seem to have the assumption that all hackers and kidnappers are evil and sadistic enough to keep beating people for the hell of it... just in case you have more money. My point is that with a hardware wallet, there is no actual evidence anywhere how many wallets a person happens to have. They simply don't exist until a passphrase is entered...

However, if an attacker happens to find 20 items in my email account that are all encrypted... what do you think they're going to do if i stop at #1 and say I have nothing else? Perhaps they'll just ignore items 2 through 19?

2. If you have tons of change addresses, your backup will be very problematic. You don't believe? Try it out. You should pray your hardware wallet will stay fine without glitches, or else you can say sorry to all your savings.

They're ALL able to be regenerated from a simple 12/24 word seed... unlike a bunch of randomly generated keys... ie. one of the main reasons for BIP32 existing in the first place. I can create a thousand addresses... and then have my computer explode into a million pieces... and drop my hardware wallet into the toilet and then microwave it... and you know what? I can recover all of them...  I don't even need the hardware wallet to do it.

Oh, yeah. Don't worry. You have the seeds written down and stored somewhere just in case for recovery. I assume they cannot be eaten, stolen, or destroyed.

Exactly... I can just triple encrypt them and put them in my email, on USB thumbdrive, written down on a piece of paper in my favourite book between pages 57/58, stored on the cloud, stored in a bank vault...

3. What I mean is that 19 addresses are part of the change addresses as well, or else you will have far more than 20 addresses to look after.

Ummm no... why wouldn't I just have 20 receive addresses? You really don't seem to understand how Hierarchical Deterministic wallets actually work.

4. You are avoiding the question on how to secure your hardware wallet's seeds/mnemonics/passphrases, which I believe you can never answer satisfactorily.

As I just mentioned above, I can just store it digitally encrypted if I so choose. I am then protected from exposure by the use of dummy wallets. The dummy wallet facility DOES give me the security of ensuring that an attacker can only have confidence of 1 wallet, the default wallet generated from the seed and no passphrase. While they may know how dummy wallets work and may suspect I have hidden wallets, there is nothing they can do to actually prove their existence, regardless of how much they hit my loved ones or me. Unlike having a whole bunch of digitally encrypted items laying around in my email and on thumb drives etc. Do you see the difference? I have plausible deniability because there is no proof of anything existing other than my seed.

5. If you want to spend, you don't necessarily must use hardware wallets to do the job. Desktop wallets can work fine and they cost $0.

At which point all your security is also 0. You're going to just import your keys into a desktop wallet? Oh that's right... 2nd computer offline... oh wait... how much did that second computer cost again? You're doing well if you found one for less than the price of a hw wallet...

I also never said hardware wallets were compulsory for spending. I said they offer security without compromising convenience.

If I need to move some coins, I can plug the wallet in, sign the transaction, and then broadcast. I don't need to get my encrypted file, decrypt it, transfer an unsigned transaction to offline machine (better make sure that USB stick is clean)... sign transaction... back to online machine and broadcast. And the make sure I've destroyed all evidence of the key on the offline machine... Also, I've found that carrying a 2nd computer with me while travelling is a bit of a nuisance with the limited baggage allowances that airlines give these days

Come on. Give me a break. You are here arguing against my method without giving even a single credit to it, as if it is useless. Clearly you are here to argue for the sake of winning an argument and rest assured I will never let you win this argument.

"Without a single credit"?? I've mentioned on multiple occasions, that your method is a viable alternative to hardware wallets... I just don't think it is as secure as you believe it to be (a point you eventually conceded) nor as useful overall as a hardware wallet for the reasons I've outlined... and I certainly never said it was useless.

Like I've been saying all along... your system is pretty much the same as using a hardware wallet

I've taken the liberty of bolding it for your eyes to see

You mean where I said "Is it "better" than a hardware wallet? A viable alternative sure, but better? I'd say that is somewhat debatable and likely dependent on the use case(s) of a given person"

I'd already bolded that one before... so I've underlined it as well this time...

A hardware wallet:
1. Doesn't give you 100% control of your keys. Using some source code to derive the keys from the seeds is bullshit as that's not the company's intention.

It's no different to using encryption software to decrypt your keys now is it? Or are you going to do the decryption by hand?

2. Doesn't protect you from a $5 wrench. Using dummy wallet as excuse is bullshit as we all know what you have is more than just dummy wallet.

How can they? There is no proof. No evidence of how many wallets I have. I could 1 or I could have 10000000. They don't know because there is no tangible evidence of anything past the seed existing, unlike having a series of encrypted items on disk or in email etc. that are visible.

3. Is a 3rd-party security risk. Denying this is bullshit. Saying/implying it is compulsory to use WinRar for my method is also bullshit.

I never said it wasn't a 3rd party security risk... you claimed your method was better than hw wallet as it didn't rely on a 3rd party... but clearly it does rely on 3rd parties... unless you've gone ahead and written yourself an OS and some encryption software from scratch... I've been trying to point out, since I made the mistake of offending your ego, that NO method is 100% safe. There is always risk.

4. Doesn't allow unlimited backups, vs my method that allows so.

Pretty sure that there aren't any laws saying that 12/24 word seeds can't be stored in multiple places using multiple methods... but then legal systems around the world can be kinda crazy... so you never know. I'm also fairly sure that the hw wallet manufacturers don't limit purchases to 1 per person... Trezor sells 3 packs if I'm not mistaken.

5. Requires the same/similar need for encryption/security/backup (of seeds/mnemonics/passphrases). Implying they do not need so is bullshit.

Feel free to show where I have said that seeds don't need to be securely backed up somewhere...

There is NO such thing as needing hardware wallet to spend the cryptocurrencies easily, conveniently, safely, and securely. Implying that we need hardware wallet to spend is bullshit. In my article, I've said it clearly that hardware wallet is an option (but not the only option) when it's time to spend.

Obviously people are spending cryptocurrencies every day without using hardware wallets... I never said they were required to spend. I stated they offer a level of convenience without sacrificing security, which I believe your method does not.

You being a smartass, either do not read my article, or read it but have partial understanding of it, try to seek the pleasure of arguing with me. I will not let you win this argument. It is very easy to spot someone arguing for ego, and someone arguing for solution. You argue for ego, because you give NO solution.

No solution for what exactly? How to store bitcoins securely while maintaining convenience? I thought that my solution would be fairly obvious... use a hardware wallet. In my opinion it offers the same level of security in some areas (securing seed), more in others (spending and dummy wallets) and is more convenient (portability, spending)... arguably it could be considered cheaper too, as a hw wallet is cheaper than a 2nd computer for spending or setting it all up offline.

While we're talking about solutions... I'm still waiting to hear how you propose to leave no evidence of multiple encrypted addresses in your email or on your thumbdrive etc and/or how you would implement a dummy wallet solution with your method.

Telling me I'm not creative enough to see it or that "my heart will point the way" doesn't really explain it... and is the sort of answer people resort to when they don't actually have a solution either. Despite what you think, I am genuinely interested in possible solutions to these issues...

[Orbolon]

I use electrum it's okay everything is fine, but i want the ability to go a local shop that accepts bank cards, and use the xapo card to directly pay for my purchase in Euros using the xapo card that has a btc balance

I have no idea which wallet is the best choice to spend btc like a credit/debit card would.
But I personally do not use Xapo, and do not recommend using it.

Which country has such level of adoption already that you can spend btc at local shops?
Are you from Japan?

Nah i'm form europe. That's the magic of Xapo, when you have btc in your xapo wallet, you can order a debit card that automatically converts your bitcoin to euros when purchasing something

[mamontkiev]

Just use 2-3 flash drives in diff places - same functionality, low price, lower risks, independence from possible firmware bugs

[Dorky]

You seem to have the assumption that all hackers and kidnappers are evil and sadistic enough to keep beating people for the hell of it... just in case you have more money. My point is that with a hardware wallet, there is no actual evidence anywhere how many wallets a person happens to have. They simply don't exist until a passphrase is entered...

However, if an attacker happens to find 20 items in my email account that are all encrypted... what do you think they're going to do if i stop at #1 and say I have nothing else? Perhaps they'll just ignore items 2 through 19?

I believe the assumption comes from you, as you are the one to mention the $5 wrench attack.
And yes, humans are naturally cruel, so the situation where they beat you until your skull cracks is a possibility.
And you are starting to contradict your own argument. Your argument is bullshit.

How in the world will an attacker find 20 items (or more, or nothing) in my email?
Care to clarify, instead of making things up? I am sincerely interested to know.

They're ALL able to be regenerated from a simple 12/24 word seed... unlike a bunch of randomly generated keys... ie. one of the main reasons for BIP32 existing in the first place. I can create a thousand addresses... and then have my computer explode into a million pieces... and drop my hardware wallet into the toilet and then microwave it... and you know what? I can recover all of them...  I don't even need the hardware wallet to do it.

That's not even the point, you silly.
And just because you can generate infinite keys doesn't mean that is the best option. Nor is that a good argument in favor of hardware wallet.
I wonder why are you even bringing this stupid point up, since it is neither relevant nor practical. Your argument is bullshit.

And oh, pray tell how are you going to recover all of them. And what are you going to do after the recovery? Store them in paper wallet? LOL
You will still have to buy a new hardware wallet. Hardware wallet companies are successful thanks to customers like you.

Exactly... I can just triple encrypt them and put them in my email, on USB thumbdrive, written down on a piece of paper in my favourite book between pages 57/58, stored on the cloud, stored in a bank vault...

You are clearly a troublemaker.
I am a person that will say a ball is round.
You will be a scum that will appear out of nowhere and say "No, a ball is circular."

But good for you. At least now you are beginning to see some of my points.

Here's a good advice for you: Don't encrypt the seeds. Encrypt the keys directly instead.
And do whatever you want with the encryption... put them in email, on USB, store on the cloud, in a bank vault...
But NO, you bullshit. Write NOT on a piece of paper or else you are talking paper wallet.

Ummm no... why wouldn't I just have 20 receive addresses? You really don't seem to understand how Hierarchical Deterministic wallets actually work.

That's not even the point, you silly. Duh, I never even say you must not have 20 addresses.

As I just mentioned above, I can just store it digitally encrypted if I so choose. I am then protected from exposure by the use of dummy wallets. The dummy wallet facility DOES give me the security of ensuring that an attacker can only have confidence of 1 wallet, the default wallet generated from the seed and no passphrase. While they may know how dummy wallets work and may suspect I have hidden wallets, there is nothing they can do to actually prove their existence, regardless of how much they hit my loved ones or me. Unlike having a whole bunch of digitally encrypted items laying around in my email and on thumb drives etc. Do you see the difference? I have plausible deniability because there is no proof of anything existing other than my seed.

I suggest you read my article over and over again repeatedly until you understand. Once you understand, you will know the answer.

At which point all your security is also 0. You're going to just import your keys into a desktop wallet? Oh that's right... 2nd computer offline... oh wait... how much did that second computer cost again? You're doing well if you found one for less than the price of a hw wallet...

Prove to me that my security is 0.
I don't want to go down to such lowlife level by saying hardware wallet security is 0 because it is not.
So when you say my method is 0, you are actually spreading disinformation that only a lowlife would do.
Any person care enough to make it secure, can make it extremely secure.

I also never said hardware wallets were compulsory for spending. I said they offer security without compromising convenience.

If I need to move some coins, I can plug the wallet in, sign the transaction, and then broadcast. I don't need to get my encrypted file, decrypt it, transfer an unsigned transaction to offline machine (better make sure that USB stick is clean)... sign transaction... back to online machine and broadcast. And the make sure I've destroyed all evidence of the key on the offline machine... Also, I've found that carrying a 2nd computer with me while travelling is a bit of a nuisance with the limited baggage allowances that airlines give these days

Nonsense. My article is for cold storage. Not for spending. Your argument is invalid.

And of course, a hardware wallet is NOT compulsory for spending. Even desktop wallet can do the job well.
Good for you that you see some light of day.

"Without a single credit"?? I've mentioned on multiple occasions, that your method is a viable alternative to hardware wallets... I just don't think it is as secure as you believe it to be (a point you eventually conceded) nor as useful overall as a hardware wallet for the reasons I've outlined... and I certainly never said it was useless.

I never conceded. You are talking nonsense. My method is better than both hardware and paper wallets combined for cold storage.
I don't need your belief to make it possible. You are talking nonsense. I never said it is for spending.
Please read my article over and over again repeatedly until you understand.

Okay, so you mean to say my method is useful and viable. Good for you.

Like I've been saying all along... your system is pretty much the same as using a hardware wallet

I've taken the liberty of bolding it for your eyes to see

Like I have said it clearly, no, it is not the same.
Let me repeat it here for your eyes to see...

Nope, you are wrong. My method is not the same as using a hardware wallet.

A hardware wallet:
1. Doesn't give you 100% control of your keys. Using some source code to derive the keys from the seeds is bullshit as that's not the company's intention.
2. Doesn't protect you from a $5 wrench. Using dummy wallet as excuse is bullshit as we all know what you have is more than just dummy wallet.
3. Is a 3rd-party security risk. Denying this is bullshit. Saying/implying it is compulsory to use WinRar for my method is also bullshit.
4. Doesn't allow unlimited backups, vs my method that allows so.
5. Requires the same/similar need for encryption/security/backup (of seeds/mnemonics/passphrases). Implying they do not need so is bullshit.

You mean where I said "Is it "better" than a hardware wallet? A viable alternative sure, but better? I'd say that is somewhat debatable and likely dependent on the use case(s) of a given person"

I'd already bolded that one before... so I've underlined it as well this time...

Let me say it again. My method is superior to hardware and paper wallets combined for cold storage.  

A viable alternative? Not better than hardware wallet? But as good/comparable as a hardware wallet?
Well, I am proud that a Dorky fella like me can think of a cheap way for cold storage comparable to a hardware wallet, but better.  

A hardware wallet:
1. Doesn't give you 100% control of your keys. Using some source code to derive the keys from the seeds is bullshit as that's not the company's intention.

It's no different to using encryption software to decrypt your keys now is it? Or are you going to do the decryption by hand?

There is big difference, as you keep failing to see.
But I will not point that out for you to see, because if you have to come to this stage of argument it proves you can never see.

How can they? There is no proof. No evidence of how many wallets I have. I could 1 or I could have 10000000. They don't know because there is no tangible evidence of anything past the seed existing, unlike having a series of encrypted items on disk or in email etc. that are visible.

Nonsense. There is also no evidence of how many wallets I have. I could have 20 or 100 or 0. They don't know because there is no tangible evidence that an encrypted folder will contain any key inside. It could even be empty.
Bullshit. Encrypted items on disk or email is not visible. You are making fake stories up. I am going to hold your balls on this.

I never said it wasn't a 3rd party security risk... you claimed your method was better than hw wallet as it didn't rely on a 3rd party... but clearly it does rely on 3rd parties... unless you've gone ahead and written yourself an OS and some encryption software from scratch... I've been trying to point out, since I made the mistake of offending your ego, that NO method is 100% safe. There is always risk.

You are playing it safe by saying no method is 100% safe. Thus you can be a fence-sitter and argue in anyway you like, be it in favor or against it.
I can guarantee if I write an opposite article saying hardware wallet is the best choice, you would take the liberty to argue why I am wrong too.

Pretty sure that there aren't any laws saying that 12/24 word seeds can't be stored in multiple places using multiple methods... but then legal systems around the world can be kinda crazy... so you never know. I'm also fairly sure that the hw wallet manufacturers don't limit purchases to 1 per person... Trezor sells 3 packs if I'm not mistaken.

You are clearly a very very stupid person.
Why would you want to encrypt your seeds when you can encrypt the keys direct?
You are now shooting yourself in the foot.
You are being stupid by encrypting the seeds that unlock the keys...
Instead of being smart and just encrypt the keys direct.
All the "vulnerabilities" that you claim my method has, is exactly as applicable as on your seed-encryption.
But you will say my method is the same as hardware wallet. In which I will continue to say, no, it's not the same.
But then you will be a smart ass and say hackers will see all the keys in the encrypted file. I say bullshit to you.
Trezor sells 3 packs... and there goes your stupid argument of spending $100... as now you need to spend $300 instead.
You are a bullshit.

Feel free to show where I have said that seeds don't need to be securely backed up somewhere...

Whether you are a hypocrite or otherwise, doesn't discredit the fact that you are arguing for a very very stupid point.
Your effort is on encrypting the seeds that generate the keys. My method is on encrypting the keys directly.
You can argue why my method is visible to everyone. And at the same time you may argue your encryption is totally hidden.
For that, I say you are a bullshit.

Obviously people are spending cryptocurrencies every day without using hardware wallets... I never said they were required to spend. I stated they offer a level of convenience without sacrificing security, which I believe your method does not.

Bullshit.
Please go read my article over and over again repeatedly until you understand. The title of my article says it clearly.
Have the courtesy to compare apple to apple. Don't compare apple to orange. My title clearly stated it is for cold storage.
How many times do I have to repeat this to a stupid fella like you? FOR COLD STORAGE, you dumb nut.

No solution for what exactly? How to store bitcoins securely while maintaining convenience? I thought that my solution would be fairly obvious... use a hardware wallet. In my opinion it offers the same level of security in some areas (securing seed), more in others (spending and dummy wallets) and is more convenient (portability, spending)... arguably it could be considered cheaper too, as a hw wallet is cheaper than a 2nd computer for spending or setting it all up offline.

Bullshit.
A hardware wallet does NOT secure the seeds. You are making things up.
You are a hypocrite.
At least I am objective to say that for spending, a hardware wallet is an option.
Unlike you, where you now clearly show your hypocrisy by saying the solution is to use hardware wallet.
Why no desktop wallet? Why no mobile wallet? You are a hypocrite.

Nonsense. A 2nd computer can be used for other offline work as well as for other work related to security that requires it to be offline.
And the purchase is just for one time.
You need to buy a new hardware wallet every time it breaks.
Oh, you don't need to buy a new one? You just use some source code and derive the keys?
Oh, pray tell how are you now going to secure the keys and spend the btc in it after the hardware breaks? LOL
I know what you will do. You will either turn the recovery into paper wallet (your dog forbids), or buy a new hardware wallet.
For this, I say you are a bullshit.

While we're talking about solutions... I'm still waiting to hear how you propose to leave no evidence of multiple encrypted addresses in your email or on your thumbdrive etc and/or how you would implement a dummy wallet solution with your method.

Telling me I'm not creative enough to see it or that "my heart will point the way" doesn't really explain it... and is the sort of answer people resort to when they don't actually have a solution either. Despite what you think, I am genuinely interested in possible solutions to these issues...

Being honest is no use to you. You make things up to argue your points.
You accuse my encryption is visible. If my encryption is visible, then so is your encrypted seeds.
My article is clearly written. Please go read my article over and over again until you understand.
You are not genuine in possible solutions. You are genuine in finding argument for the sake of arguing.
My article stated the solution. Go read it over and over again until you understand.

I don't mind if you are a smart person. In fact, I would be very happy if you are smarter than I am. At least I can learn from you.
But if you are a stupid jackass pretending to be some smart ass, then I don't wish to be troubled by a lowlife such as you.

[craZyLovE0916]

For added defense against the wrench attack, you simply create multiple different wallets with one address each... hand over the passphrase to the "exposed" 5 BTC and your dummy wallet.

That can be done with my method.

The bonus is that with a hardware wallet there is exactly ZERO evidence that these multiple wallets even exist... whereas, with your system of 20 different encrypted private keys and an attacker has hacked your email or found your USB/CD with the encrypted files... they can actually see all the different encrypted items in your inbox or on your CD etc. So, I'm not quite sure how you deny the existence of other keys/addresses?

If I encrypt 1 address, then encrypt another 1 separately, and store them both separately, will you be able to find the evidence of my other address if you are able to hack into one of them? You can't. But you just don't see this.

If the hacker can hack into my email and then hack my encrypted files, then there is nothing stopping them from hack every other people's, including your hardware wallet. Like I said, your argument is not objective. You keep assuming my method is a handicap and limited.

Let me say this to you:
Encrypting a paper wallet = encrypting a hardware wallet's recovery seeds/mnemonics/passphrases.
If only you can see this obvious truth...

Unless you say, "Well, there is no need to secure my recovery seeds/mnemonics/passphrases because I have 100% fail-safe brain memory."
In that case, I admit defeat.

Edit:
Or maybe I should be as specific as possible... just in case.
Digitally-encrypting or digitally-securing a paper wallet = digitally-encrypting or digitally-securing a hardware wallet's recovery seeds/mnemonics/passphrases.

The only difference with the former method is that I am 100% in control, don't need to do extra steps in securing/recovering the keys (like using a source code to derive the keys from the seeds), can customize the security to be as hardcore as I prefer, can do infinite backups, and don't need to spend more on any 3rd-party hardware.

Edit:
And please stop talking about dummy wallets.
In the future (or today?) hackers will know you will have a false seed standing by to trick them to a dummy wallet.
They will do far more than just accepting your dummy wallet.

Above it all, refer to Matthew 6:19-21. The Bible is right.

Paper wallets are hands down the best method of storing Bitcoin, it really surprises me that so called "experts" do not mention and promote them more considering how much theft and hacking goes on in this industry.

If everyone were to use paper wallets, I am convinced hackers would stop targeting these poor noobs as much given how easy it is these days. They just make a fake URL, use SEO to get a high rank and boom you make like $200,000 in a few days (I actually saw this happen right here on this forum).

The first thing all noobs should learn is how to make a paper wallet. It is so simple. Go to a site, generate your keys, write/print them, laminate or whatever, and then send Bitcoin to them and you can recover them on sites like Blockchain.info. There are just a few steps and the best part is it is like paper money which makes it easy for noobs to truly understand. This is opposed to hardware/software wallets which are a nightmare to setup for beginners.

[Dorky]

Paper wallets are hands down the best method of storing Bitcoin, it really surprises me that so called "experts" do not mention and promote them more considering how much theft and hacking goes on in this industry.

If everyone were to use paper wallets, I am convinced hackers would stop targeting these poor noobs as much given how easy it is these days. They just make a fake URL, use SEO to get a high rank and boom you make like $200,000 in a few days (I actually saw this happen right here on this forum).

The first thing all noobs should learn is how to make a paper wallet. It is so simple. Go to a site, generate your keys, write/print them, laminate or whatever, and then send Bitcoin to them and you can recover them on sites like Blockchain.info. There are just a few steps and the best part is it is like paper money which makes it easy for noobs to truly understand. This is opposed to hardware/software wallets which are a nightmare to setup for beginners.

Yes, in fact one of the main reasons why I wrote the article is to help people avoid getting cheated off their savings.
The more noobs dabble in "high tech" stuff, the more vulnerable they are to getting cheated unless they become savvy in this.
Getting paper wallet has its risks too, as it is very easily destroyed, stolen and/or lost.
Best is to digitally-encrypt the paper wallet with very strong encryption as my steemit article suggested, for cold storage.

[Dorky]

For those using hardware wallet, what will really happen in real life is as below...

Hacker: Hey, gimme your seeds.
Victim: Okay, here you go. The passphrase. You can have everything in it. Please let me go now.
Hacker: Har har harrr.... Nice try, pal. I am not asking for the passphrase. I am asking for the seeds! And we have our computer standing by to validate the seeds on the spot.
Victim: Ops. Oh nooo....

Hardware wallet seller: We sell super secure wallets. We use super secure seeds.
You: Yeah, but how are you going to secure the seeds? You can't expect to remember them with your brains without some risk of memory loss. Even a single tiny spelling/memorization mistake causes everything to be totally gone for good.
Hardware wallet seller: Sure, you should encrypt the seeds as well.
You: In that case why do I even need hardware wallet for cold storage? I can do the same directly to the keys instead of the seeds.
Hardware wallet seller: Our hardware wallet is secure for spending as well.
You: For spending, we can use desktop wallet too, which is free.
Hardware wallet seller: Ummm.... urrrr.....


Even Trezor recommends paper backup @ https://doc.satoshilabs.com/trezor-faq/software.html#why-should-i-do-a-paper-backup-of-my-seed
Unfortunately enough, that is actually one of the weakest link in Trezor's security.
For more details, check out the disadvantages of paper backups.

Besides, if you want to use hardware wallet, you need to remember:
1. The 12-word/24-word seeds.
2. The PIN.
3. The passphrase.
4. The encryption password for the seeds (if you do backup on that).
5. The encryption password for the PIN (if you do backup on that).
6. The encryption password for the passphrase (if you do backup on that).

With the method I laid out in my steemit article, you only need to remember:
1. The encryption password for the keys.
If my method is not far more convenient, I don't know what is.

And if you want to use Trezor with backups, you still need to buy a 2nd computer for the backup too, for maximum security.
So your total cost of using Trezor is the additional unnecessary cost of buying a hardware wallet.
Buying a 2nd computer is compulsory for maximum security, regardless of whether you go for hardware wallet or not.

[HCP]

For those using hardware wallet, what will really happen in real life is as below...

Hacker: Hey, gimme your seeds.
Victim: Okay, here you go. The passphrase. You can have everything in it. Please let me go now.
Hacker: Har har harrr.... Nice try, pal. I am not asking for the passphrase. I am asking for the seeds! And we have our computer standing by to validate the seeds on the spot.
Victim: Ops. Oh nooo....

Seeds? Why would you have multiple seeds? You still don't seem to understand how a single BIP39 seed and use of passphrases work for being able to hide your coins in totally invisibile, undetectable, hidden wallets...

It goes more like this:

Hacker: Hey, gimme your seed. And we have our computer standing by to validate the seed on the spot.
Victim: Okay, here you go. Have my seed... all 24 words of it...
Hacker: <Enters seed and discovers default wallet with only 5 BTC in it> Is that everything?
Victim: Yep... that's all my coins!
Hacker: <Unable to prove existence of any other wallets> Well, thanks for the coins... wooo $20K, I'm rich! you're free to go
Victim: Phew... good thing they didn't know about the hidden wallets/addresses containing my other 20 BTC generated from that seed + my personal private passphrase(s) that only I know about... BECAUSE THERE IS NO EVIDENCE ANYWHERE THAT THIS HIDDEN WALLET EXISTS... I'd best go regenerate my hidden wallet and move my coins to a new seed (+passphrase) using one of the freely available desktop wallets or buy another hardware wallet and restore it or use something like the opensource BIP39 mnemonic code converter websites to get the keys and sweep them.

compared with say:
Hacker: Hey, we hacked your email/cloud storage... we found these 5 encrypted files... give us the password(s) to decrypt the files. And we have our computer standing by to validate the passwords on the spot.
Victim: Okay, here you go. Have my password(s)... Please let me go now.
Hacker: <Enters passwords and decrypts all 5 files, each one containing a private key with 5 BTC on it>Thanks for the 25 BTC... wooo $100K, we're superrich!... you're free to go
Victim: Damn... that was ALL my coins, now I'm broke

Do you see my concern with storing encrypted keys now? It leaves traces/evidence behind. It has to, as these encrypted files need to exist somewhere for me to be able to decrypt them to get my keys out. Sure, you could try and hide all your keys around multiple email accounts... or stored on different encrypted devices in different locations... but there is still tangible/physical evidence that these devices/files exist and that means they could be discovered. It also completely negates the "convenience" of your method, having stuff spread everywhere.

With a seed (+ passphrase)... I can store it encrypted, and if my email/cloud backup is hacked, and they find my encrypted seed, I can hand over the password to decrypt the seed... The seed on it's own will generate a valid wallet and valid addresses that I can put some coins in as a decoy (or even for use as a relatively secure hot wallet).  However, my main stash of coins can be hidden using the SAME seed in combination with a passphrase. This will generate a completely different wallet with completely different addresses.

Now the hackers might be smart and be like... "Ok, buster we know all about passphrases... hand it over!"... but you can say "I don't bother using one it's too hard to remember these things!"... and they simply cannot prove that you have a passphrase. There is NO evidence anywhere of this hidden wallet existing... but it can be generated at anytime by using the seed+passphrase... Can you recreate an encrypted file containing your private key(s) from 24 words written on a piece of paper and a passphrase?

Even Trezor recommends paper backup @ https://doc.satoshilabs.com/trezor-faq/software.html#why-should-i-do-a-paper-backup-of-my-seed
Unfortunately enough, that is actually one of the weakest link in Trezor's security.

No one is denying that securing the seed is the weak link in the hardware wallet chain. However, you can encrypt the seed and put it in various places like emails/cloud storage... and even if these are compromised by a hacker, you can still be protected by having your hidden wallet as outlined above, whereas a simple encrypted file only has 1 layer of protection...

Besides, if you want to use hardware wallet, you need to remember:
1. The 12-word/24-word seeds.

You don't need to remember this... you just need to store it securely.

2. The PIN.

Yeah... 4-6 digit numbers that you get to choose are so hard to memorise...

3. The passphrase.

Yes, just like your encryption password for your encrypted keys

4. The encryption password for the seeds (if you do backup on that).

Yep... so that's one extra password I need to remember...

5. The encryption password for the PIN (if you do backup on that).
6. The encryption password for the passphrase (if you do backup on that).

Seriously? Encrypt my pin? and why would you encrypt your passphrase? It is the same thing as remembering your encryption password AND it potentially leaves evidence that your passphrase exists

In total... you only need to remember 2 passwords/passphrases... One is the encryption password for the secure backup of your seed... and the other is the passphrase that protects your hidden wallet.

With the method I laid out in my steemit article, you only need to remember:
1. The encryption password for the keys.
If my method is not far more convenient, I don't know what is.

1 passphrase vs 2. Technically, yes it is more convenient... but it certainly isn't "far more" convenient.

Buying a 2nd computer is compulsory for maximum security, regardless of whether you go for hardware wallet or not.

Why do you need a 2nd computer? Hardware wallets allow you to use any computer/device you like... as they don't expose the keys to the device. That's the whole point. You don't need to be using an "offline" computer to set them up or use them.

[Dorky]

Seeds? Why would you have multiple seeds? You still don't seem to understand how a single BIP39 seed and use of passphrases work for being able to hide your coins in totally invisibile, undetectable, hidden wallets...

It goes more like this:

Hacker: Hey, gimme your seed. And we have our computer standing by to validate the seed on the spot.
Victim: Okay, here you go. Have my seed... all 24 words of it...
Hacker: <Enters seed and discovers default wallet with only 5 BTC in it> Is that everything?
Victim: Yep... that's all my coins!
Hacker: <Unable to prove existence of any other wallets> Well, thanks for the coins... wooo $20K, I'm rich! you're free to go
Victim: Phew... good thing they didn't know about the hidden wallets/addresses containing my other 20 BTC generated from that seed + my personal private passphrase(s) that only I know about... BECAUSE THERE IS NO EVIDENCE ANYWHERE THAT THIS HIDDEN WALLET EXISTS... I'd best go regenerate my hidden wallet and move my coins to a new seed (+passphrase) using one of the freely available desktop wallets or buy another hardware wallet and restore it or use something like the opensource BIP39 mnemonic code converter websites to get the keys and sweep them.

Thanks for the giveaway. That makes sure the next time a hacker attacks you he will ask for the seed + passphrase.
You FAILED.
And no, I don't need to encrypt my keys the way you wrongly and falsely imply.
As I have 100% control, I can encrypt each of them in any secure way I freely desire.

Do you see my concern with storing encrypted keys now? It leaves traces/evidence behind.... It also completely negates the "convenience" of your method, having stuff spread everywhere.

Nope, you are wrong.
1. There is no traces/evidence.
2. The "convenience" of my method beats the hassle of remembering + encrypting the hardware seeds, PIN, and passphrase. This is obvious for all.

With a seed (+ passphrase)... I can store it encrypted, and if my email/cloud backup is hacked, and they find my encrypted seed, I can hand over the password to decrypt the seed... The seed on it's own will generate a valid wallet and valid addresses that I can put some coins in as a decoy (or even for use as a relatively secure hot wallet).  However, my main stash of coins can be hidden using the SAME seed in combination with a passphrase. This will generate a completely different wallet with completely different addresses.

Hackers will ask for your seeds + passphrase.
Then you will lose everything.  

Can you recreate an encrypted file containing your private key(s) from 24 words written on a piece of paper and a passphrase?

Answer: Absolutely a resounding YES, I can.
Any way a hardware user would use to recover all his keys in case of the hardware wallet being lost, stolen, or destroyed, will be the EXACT same way a hacker access the keys.
If a user needs the seeds + passphrase to recover his keys, so will the hacker ask for the same.
If a user needs to do ABC and then XYZ to recover his keys (in case of hardware wallet being lost, stolen, or destroyed), so will the hacker do the same.

No one is denying that securing the seed is the weak link in the hardware wallet chain. However, you can encrypt the seed and put it in various places like emails/cloud storage... and even if these are compromised by a hacker, you can still be protected by having your hidden wallet as outlined above, whereas a simple encrypted file only has 1 layer of protection...

Nope, you are wrong. An encrypted file can have multiple layers of protections + no traces of evidence.

In total... you only need to remember 2 passwords/passphrases... One is the encryption password for the secure backup of your seed... and the other is the passphrase that protects your hidden wallet.

LOL, see your self-contradiction right below, bolded and underlined for you.

1 passphrase vs 2. Technically, yes it is more convenient... but it certainly isn't "far more" convenient.

LOL. If my method already convenient to you, then why beat around the bushes?

Why do you need a 2nd computer? Hardware wallets allow you to use any computer/device you like... as they don't expose the keys to the device. That's the whole point. You don't need to be using an "offline" computer to set them up or use them.

I was not talking about using a 2nd computer for hardware wallet.
I was talking about using a 2nd computer for encrypting the keys.
And that also includes using the same computer for encrypting the seeds + passphrase.

The more you argue, the more you reveal your folly.
I've made myself super clear already in my steemit article and here.
I believe almost everyone (excluding you) already got my points.

[Dorky]

I think it should be very clear by now to everyone (excluding HCP) that using hardware wallet for cold storage actually increases unnecessary complexities.
And these unnecessary complexities are actually one of the reasons why many users lose their bitcoin stored in hardware wallets.

The disadvantages (in addition to my original points in my steemit article) of using hardware wallet are very clear:
1. Costs more (for use as well as for recovery, i.e. the whole package).
2. Vulnerable to $5 wrench attack.
3. Inconvenient.
4. Complicated.

[Dorky]

Do you see my concern with storing encrypted keys now? It leaves traces/evidence behind. It has to, as these encrypted files need to exist somewhere for me to be able to decrypt them to get my keys out. Sure, you could try and hide all your keys around multiple email accounts... or stored on different encrypted devices in different locations... but there is still tangible/physical evidence that these devices/files exist and that means they could be discovered. It also completely negates the "convenience" of your method, having stuff spread everywhere.

With a seed (+ passphrase)... I can store it encrypted, and if my email/cloud backup is hacked, and they find my encrypted seed, I can hand over the password to decrypt the seed... The seed on it's own will generate a valid wallet and valid addresses that I can put some coins in as a decoy (or even for use as a relatively secure hot wallet).  However, my main stash of coins can be hidden using the SAME seed in combination with a passphrase. This will generate a completely different wallet with completely different addresses.

You contradicted yourself within 2 paragraphs.

First, you said you are concerned with storing encrypted keys as it leaves traces/evidence behind, so your hardware wallet leaves no traces/evidence.
Then, you said you can store encrypted seeds in email/cloud/bank vault/etc which leaves plentiful traces/evidence behind, but then you said they are hidden!
My goodness, what lies you are telling.

I am correct to say you are arguing purely for the sake of winning an argument.

You keep saying my method leaves traces/evidence behind, which is not true.
And I successfully debunked your disinformation countless times.
Please do everyone a favor and explain in detailed how my method leaves traces/evidence behind.
And please also explain in detailed how you encrypting the seeds and storing them in email/cloud/bank vault will leave no traces/evidence behind.

If you say my method leaves traces/evidence behind, then please tell me where exactly I stored my stuff by pinpointing the specific location out.

I simply can't believe a person like HCP say encrypting the keys is visible while encrypting the seeds is hidden.
Both the keys and seeds can be in text format or in picture format, and encrypting them is EXACTLY the same.
Whether they are visible or hidden is not a point of argument in my original steemit article.
But HCP keep bringing it up here saying encrypting the keys is visible but encrypting the seeds is hidden.
Wow, seriously.
What kind of disinformation and confusion is HCP trying to spread here?

[Dorky]

I am a person that says going from Point A to Point B is superior.
HCP is a person that says going from Point A to Point C, then from Point C to Point D, and finally from Point D to Point B is superior.

HCP says using hardware wallet for cold storage is cheaper than buying a new computer, which is FALSE (as I explained).
HCP says encrypting the keys is visible while encrypting the seeds is hidden, which is FALSE (as I explained).
HCP says his concern is storing encrypted keys while he has no concern storing encrypted seeds, which is FALSE.

Edit:
I forgot to add another point...
HCP says encrypting the keys gives no security (zero) while encrypting the seeds gives security, which is FALSE.
The act of encryption is the same regardless of what object is being encrypted, be it txt, jpg, png, pdf, djvu, epub, etc, including keys and seeds.
So why is HCP saying encrypting the keys gives zero security?
Why is HCP lying?

[Dorky]

Here I address HCP's fallacies...

Besides, if you want to use hardware wallet, you need to remember:
1. The 12-word/24-word seeds.

You don't need to remember this... you just need to store it securely.

Seriously? Are you honest?
You NEED to remember the seeds AND store them encrypted in case of recovery.
Storing it securely is the same as encrypting them and doing backups of the encryption.
Storing them in paper that you slip in between the pages of a book is NOT secure storage.

2. The PIN.

Yeah... 4-6 digit numbers that you get to choose are so hard to memorise...

Whether it is hard to memorize.... or too easy to memorize.... does NOT discount the fact that you are REQUIRED to memorize a set of 4-6 digit numbers. Forgetting the PIN is not desirable, no matter how simple it is to memorize.

3. The passphrase.

Yes, just like your encryption password for your encrypted keys

Of course. And you are being pretentious all along the entire argument.

4. The encryption password for the seeds (if you do backup on that).

Yep... so that's one extra password I need to remember...

That's one extra memory burden for you to handle. Thank you for acknowledging that.

5. The encryption password for the PIN (if you do backup on that).
6. The encryption password for the passphrase (if you do backup on that).

Seriously? Encrypt my pin? and why would you encrypt your passphrase? It is the same thing as remembering your encryption password AND it potentially leaves evidence that your passphrase exists

In total... you only need to remember 2 passwords/passphrases... One is the encryption password for the secure backup of your seed... and the other is the passphrase that protects your hidden wallet.

Nope, according to your points above, I can see you need at least 3 things to remember/memorize:
1. The encryption password for the secure backup of your seed.
2. The passphrase that protects your hidden wallet.
3. The PIN (not encrypting it does NOT mean it needs not remembered/memorized).