reply on: How does SN feel about storing secrets in a safety deposit box? \ stacker news ~bitcoin

pull down to refresh

100 sats \ 2 replies \ @orthwyrm 3 Dec 2023 \ on: How does SN feel about storing secrets in a safety deposit box? bitcoin

Good back-up schemes do not have single points of failure and require multiple secrets to spend funds (such as passphrases and multi-sig).

Ideally these secrets are spread across several different geographic locations. This helps to protect against theft. With a seed + passphrase you'd want three locations (x2 for seed, x1 for passphrase, passphrase memorized). For a 2-of-3 multisig you'd also need three locations for each signer.

The problem is that most people don't have access to three secure locations they can trust. You have your house, maybe a trusted family member... and then what?

Bury it in the woods? Then you need to trust your memory or store the coordinates somewhere. Encrypt it and store it on the cloud? Then you need to store the password somewhere. The problem irreducibly boils down to having access to enough trusted locations.

So I'll go against the grain here and say that I can see a place for custodians if one doesn't have access to many secure places to hide their secrets.

Some custodians are emerging to handle keys for multi-sig setups, such as Unchained, Casa, Nunchuk. I don't use these myself, but they look slick and I can see the appeal.

There are some concerns I have though:

They have access to the xPub quorum (privacy concern)
You can never know if the secret they hold has been breached

IMO that second point is the main distinction between Casa et al. and a safety deposit box at a bank. With the bank, you can store your secret in a tamper-proof bag. If you check it regularly (say every 6 months), you can monitor if the secret has been breached and move funds accordingly.

50 sats \ 1 reply \ @elysia OP 3 Dec 2023

What about storing this in a safety deposit box? Only store the grid, not the pattern. https://www.borderwallets.com/

0 sats \ 0 replies \ @orthwyrm 3 Dec 2023

I don't know too much about border wallets. My understanding is that it works like a 2-of-2 scheme where you need both the word grid and the pattern (memorized) to recover the seed.

In many respects it functions similarly to a seed + passphrase setup. But I think that the border wallet might make some trade-offs for improving accessibility at the expense of security, and that it's an "emergency use" sort of thing that shouldn't be considered as a long-term solution.

I'm not sure what a border wallet gives you over a seed + passphrase in this circumstance. Passphrases are commonly used, so I'd wager that their risks and mitigations are more thoroughly understood.