a

[smesv]

a

[1715248840]

1715248840

[1715248840]

1715248840

[1715248840]

1715248840

[1715248840]

1715248840

[HeRetiK]

If I store backup seed at friends house and it is secured by additional passphrase is this safe? I wonder what could happen if they do something stupid like make digital copy of seed or even post it on reddit. Is it to hard to brute force passphrase?

Trezor passphrases can be up to 50 ASCII characters in length, Ledger can handle up to 100 characters. Both of which should still protect your holdings short- to mid-term if you avoided using publicly available phrases such as song lyrics or literary quotes. However, you shouldn't be considering your wallet as safe anymore since once the seed has been compromised your wallet security will be taken down quite a notch. Otherwise why would go through to all the lengths of keeping the seed airgapped?

In short, if your seed gets public, you should consider your passphrase only as a temporary security measure that will buy you just enough time to move your coins to a new wallet. So if you don't trust your friend enough to not do anything stupid with your backup seed... find somewhere else to store it

[lukaexpl]

I think I am to paranoid to leave option of somebody copying seed and put it online to leave it at friends. Te problem is leaving it in bank is also risky as thieves might be prepeard for bitcoin wallets. What kind of storage do you recommend? Is it smart to change one word when writting down seed and writte on some other location what word it is? Seems like simple and secure option.

No. The seed comes from a word list of 2048 known and published words (lookup bip39 worldlist). So if you replace one word with the name of your pet someone can check almost instantly which word does not fit in and now has a problem of 2048 cycles through the known dictionary in order to steal your seed, hence bitcoins.

[HeRetiK]

I think I am to paranoid to leave option of somebody copying seed and put it online to leave it at friends. Te problem is leaving it in bank is also risky as thieves might be prepeard for bitcoin wallets. What kind of storage do you recommend? Is it smart to change one word when writting down seed and writte on some other location what word it is? Seems like simple and secure option.

Someone posted a possible approach to this problem a couple weeks ago, but I unfortunately can't find the thread. The idea went something like this:


1) Create a list of 24 random numbers from 1-2048

2) Find the position of your seed words in the word list
https://github.com/trezor/python-mnemonic/blob/master/mnemonic/wordlist/english.txt

3) Create a second list containing the positive offset to the position of your seed words, wrapping around 2048.

eg. your first seed word is "achieve" at position 11, so on one list you write down "2" and on the second list you write down "9". Or alternatively the first list would contain "2046" and the second "13". To then retrieve your seed words, you simply add those two numbers, subtract 2048 if necessary, and look it up on the bip39 word list.


This way you can split your seed on two separate sheets of paper that each on their own are meaningless. It's also safer than storing 12 seed words in one location and 12 seed words in another, as in that case a single list would already reveal half your seed. Keep in mind that in either case your seed is lost if one of the lists can't be retrieved.

Remember that a single paper backup might not be enough and whatever you decide to do, make sure you're 100% able and understand how to access your paper backup. Check and check again. The dangers of losing coins due to a faulty backup is much higher than losing your coins due to a compromised private key (unless you're an extraordinarily attractive target such as an exchange, of course).

[lukaexpl]

I had something similar in mind but possibly less error prone.

You use random.org or something of that nature to generate a random sequence of 24 numbers i.e. words in a seed list.

You write your seed in that order.

You encrypt the order of your seed using passguardian.com (number of shares according to your preference) by writing something like:
"eight 8 ; twentyone 21 ; four 4..." for double cheking
Alternatively you could use probably some other encryption tool with a simple passphrase.
You store something that looks like:
"802c27e53fc4a1c45fadb9c07e2ffcf71dc156fd6c661a7f61c169ebd668f0d659df5cab4297853 fb74733900c30f35166a6b78da8bcca67cd7e8"
at multiple locations.

You store the seed at home/friend/safe deposit box.

You can do all of this offline.

What it achieves:

1. Some malignant party retrieving your randomly ordered seed is helpless although they know it is a BIP39 mnemonic seed.

See
https://doc.satoshilabs.com/trezor-faq/threats.html

2. You can memorize your seed in the right order by rote learning or by using memory techniques such as loci / storytelling / mnemonic peg.

3. Someone finding a share of your secret order can not do anything with one/two or multiple shares (depending on your preference) even if they understood it was a part of a secret (which is unlikely).

4. Even if they got hold of multiple parts of your secret order and be able to reconstruct the order they still need the seed.

So it is a tall order for someone to be able to get hold of all this.

Comments welcome!

[Chillance]

I actually went ahead and created a little command line tool for this.

Here is an example run. I use the defaults of 2 minimum, 3 amount of shares. After creating the shares, I remove "Share 2". And as you can see, it still works to get back the "secret".

~$ ./gsssa create "my secret sentence"
# Share 1
assume another atom adjust attract believe athlete attitude ball bulb base apple boss blossom bulk broccoli blossom abuse bring acquire betray brass blur bacon above amateur blind bachelor bomb bench any artefact
board answer birth budget barrel basic bird become banana bring alcohol banner boat absurd assume anxiety ankle aspect angle before arrest boss animal around bring alone alone area aerobic avoid buzz baby

# Share 2
broccoli author boil acquire budget budget because aunt between abstract auction apology blind actual black alert arrive action already balance brother brush bubble boring board address bleak balcony area brain bench bundle
ball brother battle apart blind bless believe about attitude bleak bounce age age busy addict cabbage act balcony assault alter breeze bring bottom battle around balance atom absorb awake across brief attend

# Share 3
anchor album accident cabbage barrel brain allow alien april address brass arch addict among bundle become asthma beach axis arch busy axis april any arctic away bind brother because affair august air
bamboo angle attend artefact auto blood broken arrow boy alpha before brother below body balcony absurd attract arrest barely abuse assist aspect blast bicycle bachelor behind bench balance average acquire buffalo awkward

# You need 2 shares out of these 3 shares to be able to get your secret back.

 The file "shares.txt" is now created with above shown information.

~$
~$ vim shares.txt
~$
~$ cat shares.txt
# Share 1
assume another atom adjust attract believe athlete attitude ball bulb base apple boss blossom bulk broccoli blossom abuse bring acquire betray brass blur bacon above amateur blind bachelor bomb bench any artefact
board answer birth budget barrel basic bird become banana bring alcohol banner boat absurd assume anxiety ankle aspect angle before arrest boss animal around bring alone alone area aerobic avoid buzz baby

# Share 3
anchor album accident cabbage barrel brain allow alien april address brass arch addict among bundle become asthma beach axis arch busy axis april any arctic away bind brother because affair august air
bamboo angle attend artefact auto blood broken arrow boy alpha before brother below body balcony absurd attract arrest barely abuse assist aspect blast bicycle bachelor behind bench balance average acquire buffalo awkward

  ~$
  ~$ ./gsssa reveal
RESULT: my secret sentence

Basically the idea here is that you can then print/write down the different shares and place them in different locations. And to get back the secret you need the minimum amount back like shown in the example above. I know, it's a lot of words, and it will be even more for more secret words, but still. It's my first version. There might come better solutions later. For now this works fine. I made this as part of a project of mine, but I'm thinking I could release this to the bitcoin community for free to help you out, if it would be of interest?