Turn photos into Bitcoin wallets

[Mbitr]

I just came across this .. how to turn photos into a Bitcoin wallet and it had me quite intrigued

https://github.com/mikemilla/photo-seeds by Mike Miller on GitHub

I’m not him and not affiliated in any way - FYI.
It just caught my eye and was thinking if this actually has a use case or is it just a bit of fun.

I like the idea and apart from security issues, would it actually take off??

[1714600714]

1714600714

[1714600714]

1714600714

[1714600714]

1714600714

[1714600714]

1714600714

[1714600714]

1714600714

[1714600714]

1714600714

[crwth]

I immediately thought that this was like selling your photos, but now I understand. It's a great idea to have, and you would only need to have the original combination of photos with it or something.

Would there be a sequencing with it or something with all of the metadata of the single image to produce the seed?

[LoyceV]

I like the idea and apart from security issues, would it actually take off??

Security issues are the main problem, so I hope this won't take off
My first idea when reading the title was to sha256 an image file, enter that into Bitaddress.org's Wallet Details tab, and get a private key. It's easy! But creating a backup is not easier than backup up a "normal" wallet.

I think Photo Seeds has a fundamental flaw:

Odds are much higher that someone will remember a photo or a number of photos, and the order of those photos before they remember 12 random words.

If you've ever played the memory game (kids are much better at it than adults), you'll know you can barely remember a few pictures. And every new picture you see makes it more confusing.

[NeuroticFish]

I think Photo Seeds has a fundamental flaw:

Odds are much higher that someone will remember a photo or a number of photos, and the order of those photos before they remember 12 random words.

If you've ever played the memory game (kids are much better at it than adults), you'll know you can barely remember a few pictures. And every new picture you see makes it more confusing.

Well, one can easily have a few super-memorable photos he wants to turn into wallet. He won't have to remember how the photo looks like.
Like "the main photo from my wedding", "the first photo with my boy" and so on. But.. your point is valid because nowadays one may have 20 photos with the first day of his kid, and then the things indeed get confusing.

---
Also, in case nobody noticed:

How can we make idea even better?
Use bitmaps instead of files

Imho the current implementation can be considered flawed, since one may want to print the photos that make the seed, for example, for remembering easier.
(Of course, it can be seen as a feature too, since one may want to do this from certain historic files - the images of his first few floppy disks, or the first version of whatever application and so on)

Back to the images: if the implementation gets corrected/improved as the dev wants... I am not so sure if a 4k photo and its scaled down to 2MP version would return the same seed.

---
Conclusion: it can become an interesting project, but it may be better to not be linked to the idea of photos, it may be better with (any) actual files. It avoids confusion and other possible problems.

[LoyceV]

Imho the current implementation can be considered flawed, since one may want to print the photos that make the seed, for example, for remembering easier.

A brain wallet (also not recommended) could work from photos and other objects too: on the wall in my living room from left to right I see: Heater Speaker Bob Alice TV Speaker Fireplace Wedding Lamborghini Piggybank Drawer Litterbox and Curtain. Enter it into Bitaddress: 1pZNXZ6PUfpHjmgcQhcYkEVJnMStJfj7C!
As long as you don't change your living room, you can probably recover these funds. But it's not the most secure storage system.

[NeuroticFish]

A brain wallet (also not recommended) could work from photos and other objects too: on the wall in my living room from left to right I see: Heater Speaker Bob Alice TV Speaker Fireplace Wedding Lamborghini Piggybank Drawer Litterbox and Curtain. Enter it into Bitaddress: 1pZNXZ6PUfpHjmgcQhcYkEVJnMStJfj7C!
As long as you don't change your living room, you can probably recover these funds. But it's not the most secure storage system.

Indeed. But is it not-so-safe because the list of English words, or is it because they're objects in your house? I mean that if one uses this "trick" with a list of (image) files, somebody else will also have to know that the seed comes from a list of files. I'd guess that the hash of a number of files can give stronger seed than from some words, but I am not good at this.

[Mbitr]

Thanks for the informative replies folks.
I’m not very technical, but I get the gist. Think I’ll probably stick to the basics and I presume most wallet users will as well 

[o_e_l_e_o]

Conclusion: it can become an interesting project, but it may be better to not be linked to the idea of photos, it may be better with (any) actual files. It avoids confusion and other possible problems.

The problem remains that any tiny change to the file in question will radically change the output of the hash and therefore generate a totally different wallet. With no checksum or error correction built in, it then becomes essentially impossible for the user in question to recover their wallet.

You use a bunch of photos to generate a wallet, great. You then decide to back up those photos to a USB stick, but your OS didn't copy all the metadata. Wallet lost. Maybe you back them up to some cloud storage, but the cloud storage automatically converts them all to .jpg or to a standard resolution or changes the metadata to attach the name of their service to the photo somehow. Wallet lost. Perhaps you do something as simple as rotate or crop one of the images. Wallet lost. This is far easier for an average user to get wrong than writing down a seed phrase.

Using any other files still poses the same risk from all the metadata that most average users don't even know exists, plus opens the door to using very insecure "entropy", such as a .txt file of some famous quote.

[LoyceV]

I'd guess that the hash of a number of files can give stronger seed than from some words, but I am not good at this.

If you take one photo and sha256 the (a few MB large) jpg, I'm pretty sure that won't ever be reproduced. But you'll need to keep the file secure, which basically brings you back to square one. Anything can be turned into a hash

Example:

Code:

I'd guess that the hash of a number of files can give stronger seed than from some words, but I am not good at this.

sha256: 52030939dd434020d77b86f83a6cbc462b1021e41550797253cbba551b291dfc
Bitaddress: 1MNwEcFgZXi3ukqui1SUD6NQ12JHFL6XjJ
But given the no doubt high hash rate of no doubt many people continuously trying to brute-force Bitcoin addresses, I wouldn't risk my money on anything ever published.

[NeuroticFish]

If you take one photo and sha256 the a few MB jpg, I'm pretty sure that won't ever be reproduced. But you'll need to keep the file secure

It's 100% clear that the file has to be kept securely. The thing is that it's only you who will know which is the file (or files) needed for the seed. It can be stored on USB sticks, or even better, on cloud, without anybody knowing what's that for. I find it a not-so-bad way to store your seed.

With no checksum or error correction built in, it then becomes essentially impossible for the user in question to recover their wallet.

You are indeed very right on this. The user will have to keep the seed-source super safe. Even more, he will have to also keep super-safe the code that generates the seed from the source files and.. yeah, they should not be stored together.


It is an ingenious way imho. And some may like it. But it's also super risky, especially for really long term (like any non-standard way to keep the seed, after all). You guys are right.

[LoyceV]

The thing is that it's only you who will know which is the file (or files) needed for the seed. It can be stored on USB sticks, or even better, on cloud, without anybody knowing what's that for. I find it a not-so-bad way to store your seed.

How is this better than just taking a picture of 12 seed words, and storing that on the cloud? It would be trivially easy to hash all hacked data to check if it returns a balance. At least a picture of 12 actual words will have some captcha qualities.

[NeuroticFish]

The thing is that it's only you who will know which is the file (or files) needed for the seed. It can be stored on USB sticks, or even better, on cloud, without anybody knowing what's that for. I find it a not-so-bad way to store your seed.

How is this better than just taking a picture of 12 seed words, and storing that on the cloud? It would be trivially easy to hash all hacked data to check if it returns a balance. At least a picture of 12 actual words will have some captcha qualities.

Because it's only you who will know what those file are for (unless you store them together with wallet, unless you name them seed1.jpg...seed12.jpg), unlike storing a seed or a picture of the seed.

I mean, if I put into Dropbox a folder with 5-10 jpeg files, it's only me who will know that they're more than nice memories. (of course, as o_e_l_e_o pointed it out very good, online services tend to mess with image files, but let's ignore that for now). Unlike a backup of the seed containing the actual seed, a file is a file, really. And if you want to tell otherwise, I can tell you that I have over 3000 pictures on cloud, so if one wants to guess a seed based on (some of) those.. it won't be easy.

I find it less secure because the owner may forget the logic of his "hidden HD seed" than because one would start hashing and mixing those files to get the seed off them.

[pablocokeninja]

I like the idea and apart from security issues, would it actually take off??

Security issues are the main problem, so I hope this won't take off
My first idea when reading the title was to sha256 an image file, enter that into Bitaddress.org's Wallet Details tab, and get a private key. It's easy! But creating a backup is not easier than backup up a "normal" wallet.

I think Photo Seeds has a fundamental flaw:

Odds are much higher that someone will remember a photo or a number of photos, and the order of those photos before they remember 12 random words.

If you've ever played the memory game (kids are much better at it than adults), you'll know you can barely remember a few pictures. And every new picture you see makes it more confusing.

I mean, some people may remember photos much better than seed words i believe, and everyone and his own capabilities and all, like memory is flexible and different from one person to the other.
However, kinda a good implementation, looking forward on how the project will turn into.

[o_e_l_e_o]

How is this better than just taking a picture of 12 seed words, and storing that on the cloud? It would be trivially easy to hash all hacked data to check if it returns a balance. At least a picture of 12 actual words will have some captcha qualities.

It's security through obscurity, which is not a great way to store your seed phrase or anything sensitive, but if someone was to break in to a cloud storage account with say 10 GB of data on it, then a hash of a few photos in a specific order will take an attacker much longer to figure out (unless they know exactly what they are looking for) than a .txt file with a seed phrase in it. If your privacy is top notch and an attacker has absolutely no idea you are involved in bitcoin at all and just happens to break in to your account, then they probably won't waste their time trying this method since the hit rate would be so low.

But, even with all that considered, I would still never do this for all the reasons I listed above. There is far too much that can very easily go wrong for the very small additional security it brings. Far better to write down your seed phrase on paper. If you want to store your seed phrase electronically, then far better to encrypt it with a strong encryption key than to come up with some crazy encoding scheme involving hashing specific pictures in a specific order.

I mean, some people may remember photos much better than seed words i believe, and everyone and his own capabilities and all, like memory is flexible and different from one person to the other.

But seed phrases are not supposed to be remembered. Swapping from remembering 12 words to remembering x number of pictures in a specific order and the algorithm you used to turn them in to a wallet is no better.

[Welsh]

Personally, I think it's a terrible idea, and o_e_l_e_o pretty much nails it on the head on why. The current system we have is perfect, you don't really need to remember your seed, however if you choose to you could go, and learn the "loci" memorisation technique, which I've given a little example below of.

The current system is random, and therefore you aren't going to be including common household items, that someone could just sit in their room, since my room will likely be the same as yours, there or about. So, randomisation, as much random as possible is always best, then all you have to do is have a secure system put in place of storing it, which varies from user to user.

We don't need to keep coming up with fancy ways of generating the seeds, it's fit how it is.

I think Photo Seeds has a fundamental flaw:

Odds are much higher that someone will remember a photo or a number of photos, and the order of those photos before they remember 12 random words.

If you've ever played the memory game (kids are much better at it than adults), you'll know you can barely remember a few pictures. And every new picture you see makes it more confusing.

While I do agree with the majority here, photo seeds or generating a seed via photos isn't a good idea mainly due to the metadata issues brought up, I've always thought that pictures are easier to remember than words. In fact, a common memorisation technique "loci" is basically assigning whatever you want to remember in a particular order, and basically imagining images in your mind.

For example, a logical one is a house, which is located on 12 seed lane (imagine a street sign), then you memorise the rooms, so first you go to the front door (word number 1), and you picture a massive red door, then you enter, and go through door number two, which upon entering you picture a donkey playing drums (second word "drums"). So on, and so forth, recommended that you imagine some pretty weird pictures, since you'll better remember them. Point being, images are much easier to remember than some random word.

[n0nce]

Deriving randomness from picture(s) isn't a bad idea, and it's a feature of SeedSigner, if I remember correctly.
Using it for backup is tricky, as was mentioned. I can definitely see people taking screenshots of the relevant pictures or sending them via a messenger, which in 99% of cases alters the image hash and makes the backup unrestorable.

As for remembering which image it was, it can be actually hidden in plain sight, like printing it out and keeping it in your wallet or hanging a large print on a wall. But you definitely need to be able to retrieve the actual file from which the randomness was generated and I'm not sure how to accomplish it. Maybe you could zip up like 1000 pictures and upload that to cloud storage. If needed, download the zip and unpack it, that should return the original 1000 images and then pick the right one (by looking at the wall) to restore your wallet.
Something like this should pretty surely work. You can upload that zip to many places, copy it to a few hard drives and such. Especially if this is not a commonly used / standardized scheme, this 'security by obscurity' approach might work nicely.

Only issue is as with all 'custom crypto' (don't roll your own crypto), if let's say you pass away and your family knows nothing about this scheme, they won't randomly think to unzip a file from your cloud storage, take the image that is hung in your office and pass it through a program from GitHub to restore a Bitcoin wallet.
Instead, if they find some paper with 12 words, they might look online and find out this is a Bitcoin wallet seed.

Of course, you yourself might also forget how you generated that wallet if you find your backup again after decades and maybe already have symptoms of dementia.

[psycodad]

Thanks for bringing this up Mbitr, but I think it is a very bad idea in many ways.

First of all this caught my attention:

Apple and Google have very robust security measures and Photo Seeds indirectly depend on their security procautions.

If I get it right, you then rely on a cloud service provider (which me and most of my colleagues just call "someone else's computer"). You rely on them to not fumble with the images in any way (like others have mentioned for example the image metadata). I can see the faces when Apple announces a new privacy initiative and declares they have scrubbed all images stored with them from location data. Also very exciting would be Google telling you that they invented a new lossless compression algo that saves 20% space on their storage, kind as they are they already processed your images (remember it's lossless, no problem for you - image looks 100% the same  ). Also you rely on them to keep your images stored at all, that is you actually store a seed that is probably more than 100MB (from 12 images) on their computer and just pray that they won't inform you that they lost a few megatons of data due to "the human error of an engineer during a storage maintenance". But wait, they don't need to lose all 12 images, having one slightly altered is enough for all of it being worthless.

At this point I am wondering: Why have a seed at all, when you rely on Google to store a complex dataset from which you can produce a seed (as long as not a single bit has changed), why not just keep the moneys on an exchange in the first place?
I'd say that is more secure for the user, if a regulated exchange loses your money, you can sue et al (I am not saying you get it back). If Google loses images that you had stored on their platform (most probably for "free") you might get a discount offered for Google drive, but your data/seed is gone and no chance for legal action as for sure you signed/clicked some agreement saying basically "anything can be lost anytime and it will be just bad luck, no compensation or whatever".

To me this looks a lot like a half-baked solution in search of a problem:
If you have big moneys in your wallet you don't store the seed online (no matter in which form) and even more so not on someone else's computer. If you have not so much moneys in your wallet, what's wrong with writing them 12 words down on a post-it (not everybody needs the fire safety of filippone's Securing Your Seed Phrase with Washers) and keep it at home so you still have it when you lose your phone?
As welsh said:

The current system we have is perfect, you don't really need to remember your seed..
<snip>

I could not agree more to that the system we have is perfect, I might add it is also simple and secure.

If one doesn't understand or comprehend "write this 12 words down and store them securely to restore your wallet in case you lose or damage your fondle slab." will (s)he understand why to remember 12 images and pray they don't get lost or altered? I guess not.

IMO the general idea of backing up your valuable data (which a seed seems to be the perfect example of) on a single cloud provider is a very bad concept by itself.

[Mbitr]

It seems the general consensus is the security issue and also the fact that “if it ain’t broke, don’t fix it”.
I’ve learnt a lot from this thread and makes me realise AGAIN that there’s always more to learn.
But , there’s something still niggling at me  - I can pretty much generate a wallet out of anything - I like the idea of taking a picture of The Mona Lisa and generating a wallet from it for example. That would be pretty damn cool . Don’t worry I won’t though . Thanks for all the info folks 

[o_e_l_e_o]

Maybe you could zip up like 1000 pictures and upload that to cloud storage.

And you are 100% sure that your cloud storage won't do anything at all to that file? And you are 100% sure that unzipping will create the exact same files as before? Bear in mind that even changing a singe bit anywhere renders your wallet lost and essentially impossible to recover. Too risky.

If one doesn't understand or comprehend "write this 12 words down and store them securely to restore your wallet in case you lose or damage your fondle slab." will (s)he understand why to remember 12 images and pray they don't get lost or altered? I guess not.

This is my argument every time someone comes up with some new back up method which is supposed to be more user friendly or easier to use. I would just arguing this in another thread in relation to Block's new multi-sig wallet they are releasing with (apparently) no seed phrases. How much more user friendly can you get than "Write this down and keep it safe". It is so simple and yet so secure.

But , there’s something still niggling at me  - I can pretty much generate a wallet out of anything - I like the idea of taking a picture of The Mona Lisa and generating a wallet from it for example. That would be pretty damn cool .

Cool, sure, but far less secure than a properly generated wallet using a true source of entropy. Although if you do use this kind of system to generate a wallet (which I wouldn't recommend), then far better to turn your (insecure) entropy source in to a seed phrase and back that up instead.

[LoyceV]

Maybe you could zip up like 1000 pictures and upload that to cloud storage.

And you are 100% sure that your cloud storage won't do anything at all to that file?

Never rely on only one backup