Another way to hide your Seed and Private Keys

[bob123]

Confidentiality: Your mnemonic code is not encrypted. It is visible for anyone who looks for it.

First that one should find it  , it is invisible.

And yet, does your method not protect the confidentiality of the information.

Integrity: Anyone can change your mnemonic, append new words, delete words etc.

Again. try to find it if it is supposed to be invisible 

And yet, does your method not protect the Integrity.

Your method does not increase the security of your data.

[guigui371]

What about this one :

You have a ledger or trezor.

You engrave your seed on a steel plate (many options available on the market).
You add a passphrase
You put your steel plate in a bank Vault (like a proper vault, that has been here for a couple of hundred years without any breach).
You write your passphrase in your will, let with your lawyer.

Case 1 : you die. Your heirs have access to the vault and the lawyer gives them the missing 25th word.
Case 2 : you break your ledger, you go to your vault, you go to your lawyer and you have your backup
Case 3 : the vault is breached (unlikely), well, that will definitely be in the news, and you have your ledger, you move your coins to a different wallet ASAP.
The thieves will need days to test all the possible passphrases (especially if you have large entropy). And usually, bank robber are not crypto experts.
Case 4 : someone rob you and take your ledger, they only have 3 chance before wipe out.
Case 5 : someone does a $5 wrench attack, you unlock your ledger (without the  passphrase) no one is supposed to know that there is a passphrase (plausible deniability).


Anyone is seeing serious flaws here?

[o_e_l_e_o]

Anyone is seeing serious flaws here?

Complete trust in the bank or vault operator. Further, when you die, depending on your jurisdiction it might not be as simple as your heirs going and opening the vault. The vault may have to be opened by the bank, and the contents passed to lawyers to take a full inventory of so the contents can then be distributed according to your will. There are quite a lot of intermediaries in that process who may be able to get their hands on your seed. I would consider encrypting it first and storing the encrypted seed in the vault.

You are also trusting your lawyer to store your passphrase safely and securely (and not go out of business) for 30, 40, 50 years.

And of course, bear in mind that the plausible deniability of a passphrase only works if its existence can be plausibly denied. That means no obvious blockchain links between your standard wallet and your passphrased wallet, and enough funds on your standard wallet to justify the ownership of a hardware wallet. If your standard wallet is completely empty, it raises a strong suspicion that there is something more to be found.

[Henri Cartier]

Things we need to avoid while storing the Private keys are -

• Never keep your private keys/seed online.
• Never store the copy in a cloud, on pc or phone.
• Never print on a paper or take a photo of a seed.

We can store the seed using a paper wallet, the cheapest, and the best way to hide the seed. For stronger security, we can use Cryptosteel metal to store the seed.

[20kevin20]

Is there any flaw if you were to put a laminated seed inside a bottle and then buried the bottle in the backyard or inside a large pot?

Unless you sell your lot completely forgetting the fact that you have buried a seed under the ground or you tell your friends where the "secret bottle" is located, I don't know what else could really go wrong: a house fire would not affect it if you bury it in the right place, no scanner or metal detector will ever find it and a thief won't start digging your garden whatsoever.

Might be the oldest way of hiding some valuable things, but I have a feeling it's giving the least headache overall.

[bob123]

Things we need to avoid while storing the Private keys are -

• Never print on a paper or take a photo of a seed.

We can store the seed using a paper wallet, the cheapest, and the best way to hide the seed.

How can you claim that storing the seed printed on paper is insecure, while at the same time recommending a paper wallet?

Storing the seed on a piece of paper is not insecure by definition. However it depends on the thread model, as always.
If an evil maid scenario is possible for you, storing it in plaintext on a piece of paper is insecure. If your physical storage however is safe, that's not the case.

[o_e_l_e_o]

Is there any flaw if you were to put a laminated seed inside a bottle and then buried the bottle in the backyard or inside a large pot?

Depends on the bottle. You'd need to make sure the cap was totally waterproof and airtight. The glue used in lamination can last decades if not exposed to the elements, but it will eventually break down, and exposure to water or moisture will expedite that. There are specific water and moisture proof tubes you can buy which would be better than just using an old drinks bottle, for example.

In terms of what else could go wrong - depending on where you live, you may need to bury it in the middle of the night to avoid any neighbors seeing you do it. You may also need to hide the evidence that you've dug a hole in your garden, and disguise it as part of larger garden work, a new flower bed, or something similar. Be sure there aren't any cables or pipes which run under you proposed burial site - you don't want it being discovered by a contractor trying to repair a leak.

[Lordhermes]

This set up alternative way to safe private key is good but seriously I don't understand the whole process. Looking difficult to understand. You made mention to delete the thread, No this isn't good, others may learn from it, use and practice it on a daily basis and will work basically.

Other ways to safe keys too have been written here as shown above, I think if I keep to that side would be more better for me  for better understanding. Thanks anyway for your shared idea.

[guigui371]

Anyone is seeing serious flaws here?

Complete trust in the bank or vault operator.

Same issues with diamonds, bearer share, family heirlooms...  A lot of very very rich people are trusting them, and they have been keeping secret/wealth of centuries.

Further, when you die, depending on your jurisdiction it might not be as simple as your heirs going and opening the vault. The vault may have to be opened by the bank, and the contents passed to lawyers to take a full inventory of so the contents can then be distributed according to your will. There are quite a lot of intermediaries in that process who may be able to get their hands on your seed. I would consider encrypting it first and storing the encrypted seed in the vault.

This is a good point, I believe that in my case I might need to change a few things to ensure a smoother transition between vault and heirs.
But no inheritance taxes where I am and pretty straightforward dealing with estates. Encryption is definitly needed to make sure that no one can have a look or take photos while it is being handed to heirs.

You are also trusting your lawyer to store your passphrase safely and securely (and not go out of business) for 30, 40, 50 years.

yes and lawyer have contingencies for this, how do you think that will are stored?

And of course, bear in mind that the plausible deniability of a passphrase only works if its existence can be plausibly denied. That means no obvious blockchain links between your standard wallet and your passphrased wallet, and enough funds on your standard wallet to justify the ownership of a hardware wallet. If your standard wallet is completely empty, it raises a strong suspicion that there is something more to be found.

Very true, only a fool would have an empty wallet and try to hide a juicy wallet with a passphrase.

[o_e_l_e_o]

A lot of very very rich people are trusting them, and they have been keeping secret/wealth of centuries.

Sure, but it still involves trust. Lots of people were trusting Mt Gox. Lots of people were trusting Lehman Brothers. Lots of trust doesn't mean too big to fail.

yes and lawyer have contingencies for this, how do you think that will are stored?

Again, yes, but how do the contingencies work? Making copies of the documents? Scanning them and storing them electronically? All this involves more people handling your passphrase and more additional risk.

Not saying your set up is necessarily bad, but it is worth considering all potential flaws.

[Charles-Tim]

Things we need to avoid while storing the Private keys are -

• Never keep your private keys/seed online.
• Never store the copy in a cloud, on pc or phone.
• Never print on a paper or take a photo of a seed.

We can store the seed using a paper wallet, the cheapest, and the best way to hide the seed. For stronger security, we can use Cryptosteel metal to store the seed.

You are right, but nobody is disputing that here and this makes your post not to be online with the topic. There are different methods we can store private keys, I can encode my private key the way I like, but I will advise before to follow standard ways of encryption rather than brain work.

[Henri Cartier]

Things we need to avoid while storing the Private keys are -

• Never print on a paper or take a photo of a seed.

We can store the seed using a paper wallet, the cheapest, and the best way to hide the seed.

How can you claim that storing the seed printed on paper is insecure, while at the same time recommending a paper wallet?

If you print your seed on a paper, it may leave a file on the system(PC or Laptop) where you are printing which is not safe. Writing seed on a paper using a pen is also safe.

<..>

I have just added a note that we need to avoid a few things before thinking about how to store the private keys securely.

[bob123]

If you print your seed on a paper, it may leave a file on the system(PC or Laptop) where you are printing which is not safe. Writing seed on a paper using a pen is also safe.

So, do you usually write down a paper wallet including the private key and the QR ?
Seems to be quite a lot of work.

Printing can under some circumstances leave traces, that's true.
Old print jobs might be accessible long time after the print job is done.

That's why it is recommended to print from a live booted USB distro and to use a non-network printer with storage for print jobs.
You can use a printer without leaving traces, but a few extra steps have to be made.

[Henri Cartier]

So, do you usually write down a paper wallet including the private key and the QR ?
Seems to be quite a lot of work.

Printing can under some circumstances leave traces, that's true.
Old print jobs might be accessible long time after the print job is done.

That's why it is recommended to print from a live booted USB distro and to use a non-network printer with storage for print jobs.
You can use a printer without leaving traces, but a few extra steps have to be made.

No, we can write the private key but not the QR code.

Printing without leaving any traces can be done. This would be safer! As you said, an extra step needs to be taken care and they should know the steps to remove the traces.

[pooya87]

No, we can write the private key but not the QR code.

you can actually write or rather draw the QR code too. QR codes are just a big square that have small dots filled or empty to create the "picture". and for a private key with 32 bytes it won't be that big. you could also play around with the encoding (eg. use base43 or use all uppercase in bases like base16 that let it) and reduce the size even further.

in any case if the plan is to write down the key it is best to use an HD wallet and write down the mnemonic since they are words and easier to write down by hand compared to writing a key base58 characters.