Safer than paper wallet: password-protected and replicated private key file

[Lionel]

Suppose you are keeping your paper wallet at home, even in a safe box.

A thief or a cop, sneaking into your house may force you to open the box, or if you just hid the paper somewhere, someone may find it.

And the paper has clear data in it : a non-encrypted BIP seed.

It would be better to write an AES-encrypted seed in it, keeping the password in your mind.
But it's very inconvenient to write such a long and random sequence, let alone decrypting it, which requires to re-write it by hand on your computer before decrypting it.

Solution 1: scan the paper with some kind of OCR app on your phone, or PC app + webcam,
then decypher it on the PC with some software or HTML/javascript page run from local ( disable the network interface first ).
Are there apps/programs or javascript pages able to do this?
But this procedure is still not very straightforward

Solution 2: write your seed in a .txt file, then make an encrypted .7z file with 7Zip. Replicate this file on multiple storage drives, cloud drives,  file storage blockchains like SIA or Filecoin.
Maybe hide a few USB thumb drives with that file in it, at different places even outside your house.
 Shield the USB drives to not be affected by humidity.

I prefer the solution 2 as it also avoids another potential problem with paper wallets (encrypted or not); suppose you relocate or, in general, you're on a trip for other reasons.
If you relocate, you need to take your paper wallet with you. If you are on a trip for other reasons, maybe, if you are going to make a transaction for a purchase
or a coin trade OTC.
During your trip, suppose a cop stops you for a security check ( in Europe, they do that all the time even to pedestrians ).
The cop may find your paper and start asking questions about that strange encoded message.

What do you think? Any security considerations?

[1714677761]

1714677761

[1714677761]

1714677761

[1714677761]

1714677761

[1714677761]

1714677761

[1714677761]

1714677761

[btc-room101]

Suppose you are keeping your paper wallet at home, even in a safe box.

A thief or a cop, sneaking into your house may force you to open the box, or if you just hid the paper somewhere, someone may find it.

And the paper has clear data in it : a non-encrypted BIP seed.

It would be better to write an AES-encrypted seed in it, keeping the password in your mind.
But it's very inconvenient to write such a long and random sequence, let alone decrypting it, which requires to re-write it by hand on your computer before decrypting it.

Solution 1: scan the paper with some kind of OCR app on your phone, or PC app + webcam,
then decypher it on the PC with some software or HTML/javascript page run from local ( disable the network interface first ).
Are there apps/programs or javascript pages able to do this?
But this procedure is still not very straightforward

Solution 2: write your seed in a .txt file, then make an encrypted .7z file with 7Zip. Replicate this file on multiple storage drives, cloud drives,  file storage blockchains like SIA or Filecoin.
Maybe hide a few USB thumb drives with that file in it, at different places even outside your house.
 Shield the USB drives to not be affected by humidity.

I prefer the solution 2 as it also avoids another potential problem with paper wallets (encrypted or not); suppose you relocate or, in general, you're on a trip for other reasons.
If you relocate, you need to take your paper wallet with you. If you are on a trip for other reasons, maybe, if you are going to make a transaction for a purchase
or a coin trade OTC.
During your trip, suppose a cop stops you for a security check ( in Europe, they do that all the time even to pedestrians ).
The cop may find your paper and start asking questions about that strange encoded message.

What do you think? Any security considerations?

Write the private-key on the inside jacket of the most boring book in the house, and forget about it, write the key in binary, or base-99, or base-32, nobody is going to know shit.

If you use a computer in any way to store a key, then its compromised


Hell, you could make floor tiles that have the key, or use morris code to encode the key and store in plain sight,  you could have a phone book where the phone numbers are your key, the cops you worried about aren't looking for you

Hide shit in plain sight, and tell nobody that you even own bitcoin, ... Then your safe.

Biggest problem is people who can't keep their mouth shut.

Carry around your bitcoin keys in your wallet, yep now we know we got a HODL-r here.

[pooya87]

your solution #2 is a digital storage and digital storage can be corrupted and lost. although storing it in multiple places can reduce this risk but i personally still prefer a hard copy on a piece of paper. and for your solution #1 you can always use QR codes which is an easy way of converting data into dots on a square which you can print and scan for easy read and write process with error correction features.

but encryption is a must. instead of AES encryption you can also use BIP38 encryption which will also encode the result using base58encoding with a checksum that makes import/export easier if you do it by hand instead of printing.

[HeRetiK]

Solution 2: write your seed in a .txt file, then make an encrypted .7z file with 7Zip. Replicate this file on multiple storage drives, cloud drives,  file storage blockchains like SIA or Filecoin.
Maybe hide a few USB thumb drives with that file in it, at different places even outside your house.
 Shield the USB drives to not be affected by humidity.

7zip's encryption is supposedly fairly solid but I definitely would not trust it with any significant amount of money. Moreso if I plan on storing the file online and who knows where. Even trusting 7zip's encryption you'd still need a fairly strong password to protect it from a would-be online attacker. Might as well just memorize a BIP seed or use a wallet that allows for a custom additional seed word (e.g. Trezor, Ledger, Wasabi).

During your trip, suppose a cop stops you for a security check ( in Europe, they do that all the time even to pedestrians ).
The cop may find your paper and start asking questions about that strange encoded message.

Where do you live? The only time I was ever stopped by the police as a pedestrian was when I crossed a red light. And even then they didn't require any papers. And I'm a guy that used to get mistaken for a dealer more often than not.

[Theb]

Suppose you are keeping your paper wallet at home, even in a safe box.

A thief or a cop, sneaking into your house may force you to open the box, or if you just hid the paper somewhere, someone may find it.

And the paper has clear data in it : a non-encrypted BIP seed.

Isn't your scenario a little bit farfetched? Not unless that cop or thief is particularly searching for non-encrypted BIP seeds in your house I doubt that even if they found your seed phrase in your safe they would have any idea on what those words are used for. Supposed that they are looking for seed phrases in your house wouldn't it be much simpler for you if you just jumbled up your seed phrases stored in your safe and just keep the decoding sequence for that paper wallet elsewhere? I just doubt that any of your solutions are more secure especially if it involves around other services which requires a device.

[20kevin20]

Whatever you do, just go for offline storage or using hardware wallets like Ledger/Trezor, although they don't have all the functions other BTC wallets have (for instance, you can't sign a message from their new Ledger Live software).

I would never upload my BTC-related files anywhere on the internet, especially the seed or private keys... and especially on cloud servers. Although you encrypt them, you never know how your password can become accessed. I think burying it outside your home would be many times safer than that.

I don't think a cop would stop you for finding some characters/words on a paper. However, we have examples like Australia (I might have mentioned the wrong country here) which could require you to give your passwords to them, and that may also include your private keys/seed. Now I'm not sure if this has ever happened to a cryptocurrency holder, but I wouldn't risk it. Anyways, offine storage is the best so I have never (and never will) agreed to the "cloud" and "blockchain storage" part of your second solution.

EDIT: My only fear about paper wallets is the fact that they are not waterproof, fireproof, shockproof etc. For this we have people writing their keys or seeds on metal which protects them from almost anything. The best solution to protect your BTC is the one that's the farthest from anyone else but you.

[Lionel]

Whatever you do, just go for offline storage or using hardware wallets like Ledger/Trezor, although they don't have all the functions other BTC wallets have (for instance, you can't sign a message from their new Ledger Live software).

I would never upload my BTC-related files anywhere on the internet, especially the seed or private keys... and especially on cloud servers. Although you encrypt them, you never know how your password can become accessed. I think burying it outside your home would be many times safer than that.

I don't think a cop would stop you for finding some characters/words on a paper. However, we have examples like Australia (I might have mentioned the wrong country here) which could require you to give your passwords to them, and that may also include your private keys/seed. Now I'm not sure if this has ever happened to a cryptocurrency holder, but I wouldn't risk it. Anyways, offine storage is the best so I have never (and never will) agreed to the "cloud" and "blockchain storage" part of your second solution.

EDIT: My only fear about paper wallets is the fact that they are not waterproof, fireproof, shockproof etc. For this we have people writing their keys or seeds on metal which protects them from almost anything. The best solution to protect your BTC is the one that's the farthest from anyone else but you.

Legit.

But, assuming that the password is long and random enough, i would not be that worried about crackers.
After all , many investigative journalists , hackers, free-speech supporters, intelligence agents use TOR or PGP to communicate, so their lives (not just money)  rely on encryption.
And their messages are not likely to be deciphered even though they can be logged all the time.
AFAIK it never happened that a PGP message or SSL session got cracked.

[DaCryptoRaccoon]

Few trick I know are used are..

1. Select your fav book and select one word per page note the page number, line number and word number.   

2. Use a book cypher to save your private key in a scrambled format. 
If you use this method make sure you TEST it to make sure you have made no mistakes and you indeed have the correct info noted down to allow you to decode your PK

Reference :  http://www.drdobbs.com/security/the-book-cipher-algorithm/210603676

A book cipher algo uses letters of subsequent words in some text or book as a key to encode a message. Figure 1 is the simplest form, usually called the "running key cipher." In this case, text (usually from a book) is used to provide a very long key stream. T

he book used is agreed upon in advance, while the passage used is chosen randomly for each message and secretly indicated somewhere in a previous message. In this example, we agreed to use J.K. Rowling's Harry Potter and the Order of the Phoenix and to start on page 335, line 28, with the sentence, "Hermione bit her lip and did not answer." We write this text under the plaintext and use it as the running key. The particular message to send is "DRDOBBS." We XOR the corresponding characters of the message and the running key to get the ciphertext 12 23 22 2 11 13 29.

Plaintext         D   R   D   O   B   B   S
Plaintext (hex)   44  52  44  4F  42  42  53
Running key       H   E   R   M   I   O   N
Running key (hex) 48  45  52  4D  49  4F  4E
Ciphertext (hex)  0C  17  16  02  0B  0D  1D
Ciphertext        12  23  22  2   11  13  29

[gentlemand]

Out of those choices I'm a number two girl. Txt files, plus photos of any relevant QR codes but I'm mainly seeds. I have a lot of old jpegs that seem to be corrupted so that's a format I wouldn't trust.

Absolutely no way would I put the encrypted file anywhere online. Multiple copies of the encrypted file in multiple places gets the job done. I'd refresh each bit of flash storage every year or two to be sure as well.

Attempting to memorise a seed sounds like a surefire recipe for disaster.

[20kevin20]

Whatever you do, just go for offline storage or using hardware wallets like Ledger/Trezor, although they don't have all the functions other BTC wallets have (for instance, you can't sign a message from their new Ledger Live software).

I would never upload my BTC-related files anywhere on the internet, especially the seed or private keys... and especially on cloud servers. Although you encrypt them, you never know how your password can become accessed. I think burying it outside your home would be many times safer than that.

I don't think a cop would stop you for finding some characters/words on a paper. However, we have examples like Australia (I might have mentioned the wrong country here) which could require you to give your passwords to them, and that may also include your private keys/seed. Now I'm not sure if this has ever happened to a cryptocurrency holder, but I wouldn't risk it. Anyways, offine storage is the best so I have never (and never will) agreed to the "cloud" and "blockchain storage" part of your second solution.

EDIT: My only fear about paper wallets is the fact that they are not waterproof, fireproof, shockproof etc. For this we have people writing their keys or seeds on metal which protects them from almost anything. The best solution to protect your BTC is the one that's the farthest from anyone else but you.

Legit.

But, assuming that the password is long and random enough, i would not be that worried about crackers.
After all , many investigative journalists , hackers, free-speech supporters, intelligence agents use TOR or PGP to communicate, so their lives (not just money)  rely on encryption.
And their messages are not likely to be deciphered even though they can be logged all the time.
AFAIK it never happened that a PGP message or SSL session got cracked.

No matter how long and random my password is, I wouldn't make it vulnerable by uploading it anywhere. It might be just me though - if you had a file containing your private key (or wallet.dat) encrypted with a very long and random password and containing $100k on it, would you have the courage to upload it anywhere?