Introducing a New Cryptographic Solution for Bitcoin Recovery Seed Security

[encrypt-seed]

Dear Bitcointalk Community,

We are excited to introduce a new cryptographic solution aimed at enhancing the security of Bitcoin recovery seed. Our platform, available at encrypt-seed.netlify.app, utilizes the CryptoJS.AES library to encrypt recovery seed securely.

Key Features:

Cryptographic Security: Our platform ensures that recovery seed are encrypted using robust cryptographic techniques, providing users with a secure method for storing their valuable information.
Open Source: The platform is open source, with the source code available on GitHub for review and contribution from the community.
User-Friendly Interface: We offer a user-friendly interface, making it easy for users to encrypt and securely store their recovery seed.
Privacy: We prioritize user privacy and do not store any user data, ensuring that recovery seed remain confidential and accessible only to the user.
We believe that the security of recovery seed is paramount in safeguarding Bitcoin assets, and our platform aims to provide users with a reliable solution for this purpose.

For more information and to try out our platform, please visit encrypt-seed.netlify.app.

We welcome your feedback and contributions as we continue to improve and enhance the security of Bitcoin recovery seed.

Thank you for your attention and support.

Best regards,

[Hatchy]

And why do you think anyone would want a third party to help encrypt their seed phrase What happened to keeping your seed phrase offline.

[apogio]

It is using javascript, which is not very common for security related purposes, but I have some questions:

Use case
I entered the phrase '12345' and it produced a cipher. I decrypted it fine. Then I took the encrypted key and put it in another browser on another computer and it still worked.

Questions
1. How many iterations do you use for the key?
2. Is it normal that the same phrase always produces different cipher? I am not familiar with AES.
3. How do you plan to store the cipher? It must be stored offline, since if it is stored online, anyone can grab it and perform the same decryption algorithm to get the initial phrase. I used it in a different computer, so I have tested it. So, if it must be stored offline, and if someone grabs it, your funds can be compromised, why should anyone store the cipher instead of the original seed phrase, since the security level is equal, as the "thief" will need to do the exact same thing to compromise the wallet? Not to mention that storing the cipher offline is dangerous for obvious reasons. I mean a seed phrase consists of english words which are easily understood but the cipher is an unpredictable sequence of characters.

[ABCbits]

I can enter any text and there's no warning the text isn't part of BIP 32, BIP 39 or Electrum's seed. So at this point, IMO it's not really different to other website or app which offer feature to encrypt arbitrary text or file.

[BlackHatCoiner]

So, let me get this straight.

• You are not directly enhancing any security of the seed, you're just adding another barrier needed from the user to pass.
• You've written software that uses cryptography in Javascript, which is not recommended.
• You're asking from the user to submit their seed phrase, when the user is properly warned by every single wallet software to never do that.

What problem does this solve, again?

1. How many iterations do you use for the key?

According to their github repo, it uses 1000 iterations of a 256-bit key.

2. Is it normal that the same phrase always produces different cipher? I am not familiar with AES.

It is normal. That's the use of the initialization vector, which is a random value that is used along with the key. Every time you perform encryption, there is a new IV value, so it results in an entirely different ciphertext.

[ymgve2]

Your encryption greatly increases the complexity of the seed at basically no benefit. There is already a feature to have an extra password alongside your seed built into BIP39.

Note that BIP39 words are picked to be relatively distinguishable from each another so even a misspelling or vague letter is recoverable. In contrast, your encrypted seed phrase is a mess of upper case, lower case, letters and symbols.

I changed a single letter in the encrypted seed phrase from lower case to upper case (something that is very likely to happen if someone writes it down), and when decrypted it completely broke without any warning that there was an error in the phrase.

This is less than useless, this is a dangerous piece of software that WILL make people lose their seed phrase.