Help me improve on this. \ stacker news ~security

6992 sats \ 25 comments \ @Fabs 23 Dec 2023 security

What's your go-to way for saving and backing-up your wallet information?

I'm asking 'cause as of now, i'm not all that happy with my current setup (words + passphrase all in one location).

I've got the words backed-up in steel, the passphrase is still on paper, though.

Also, what are some good alternative ways of storing said information? I dont intend to do much sending from that wallet, so it's no problem if logging-in is a pain in the ass.

Also-also; While setting up my current wallet, I've done everything "right" as far as opsec goes, at least I think I did.

I've shut the blinds, covered every camera in the room and tried to not mumble any words or details I typed in (the hardware wallet) or wrote down.

I also bought a brand new laptop and a reputable hardware wallet from the manufacturer, verified the hardware wallet's software on authenticity (checked the Hash) and done nothing fishy with anything involved... And I still feel vulnerable.

I'm getting the "urge" of creating a brand new wallet (reset the device and move funds to the newly generated wallet) just to be "clean" again. Im overreacting ain't it?

If anyone would have access to my stack, it'd be long gone already, and I've played everything to the book so nobody will get to my stack anyways...

Anyways, how do I improve on my current situation of storing said information?

view all related items

82 sats \ 1 reply \ @nullcount 23 Dec 2023 freebie

99% of "stolen" coins were practically handed over on a silver platter or they were sitting in plain sight (using bad entropy).

99% of "lost" coins would have been just fine on a piece of paper in a safe at home. But the holder got too paranoid and locked themselves out somehow.

Whoever sold you a HWW is profiting off your paranoia. Keeping a secret doesn't require a fancy calculator. You're doing just fine bro.

0 sats \ 0 replies \ @Fabs OP 23 Dec 2023

Nah dude, I've worked hard and long for the stack I've got, I gotta have the extra protection, albeit a bit fancy for some...

131 sats \ 0 replies \ @kepford 23 Dec 2023

For those that don't know about cost effective ways to put your seed phrase on steel. Here's a cheap, safe, and easy way to do it.

Buy a bolt and washers. Buy a letter and number stamp set. Press your seed into the washers and put it on the bolt. Secure it somewhere safe.

For more info check out Econo Alchemist's write up.

20 sats \ 0 replies \ @orthwyrm 23 Dec 2023

Anyways, how do I improve on my current situation of storing said information?

So you currently have:

Seed Backup #1: HWW Seed Backup #2: Steel Plate Passphrase Backup #1: Paper Passphrase Backup #2: Memorised (?)

That covers the back-up redundancy, but there are some weak points here.

Some ideas:

You currently have S1, S2 and P1 stored together at the same place. Consider moving S2 and P1 to secondary secure locations if you have access to them and can check them regularly (say every 3-6 months).
As you won't be accessing S2 and P1 regularly (only to restore the HWW), consider placing these in opaque, tamper-proof envelopes. This way you can check if either of the secrets have been compromised.
There is some other data you may wish to consider backing up too, such as the derivation path, HWW PIN, and anti-phishing code (supported by some devices like the ColdCard).

50 sats \ 0 replies \ @ryu 24 Dec 2023

Is this THO's Stacker News account, lol?

You're fine aside from the few week points @orthwyrm pointed out, just make sure not to forget certain information; being too secure makes its easier to lose track of information that ensures your ability to access that secured info.

10 sats \ 0 replies \ @yinibould3 24 Dec 2023

Consider using a password manager for secure storage. Encrypt the information.

10 sats \ 1 reply \ @piecover 23 Dec 2023

Before resetting the device make sure you've got the words exactly right otherwise you may lose your money. My 2 sats

0 sats \ 0 replies \ @Fabs OP 23 Dec 2023

Check.

0 sats \ 1 reply \ @PRA3S3NT1A 4 Mar

Is it still safe if someone knows the private keys but do not know the added passphrases ? Therefore, there is nothing on the origin wallet. Only passphrases has balance.

0 sats \ 0 replies \ @Fabs OP 4 Mar

Doesn't change the fact that either one of them works with addresses, thus nothing changes: in both options a private key could be guessed, albeit it that the chances for that are impossibly small.

0 sats \ 10 replies \ @GlobalThreat 23 Dec 2023

i encrypt it with gpg -c seed.txt

0 sats \ 0 replies \ @megaptera 23 Dec 2023

No way

0 sats \ 0 replies \ @antic 23 Dec 2023

Moreover, make it a 2/3 multisig, GPG encrypt the seeds and then distribute the encrypted seeds to friend/family in other states/countries.

#356269

0 sats \ 7 replies \ @Fabs OP 23 Dec 2023

I'd rather have it offline.

0 sats \ 1 reply \ @Fabs OP 23 Dec 2023

Multisig requires the x/y/z Keys to be backed-up too, correct?

0 sats \ 0 replies \ @orthwyrm 23 Dec 2023

Yes, that's right. The public keys themselves don't grant permission to spend of course, so you can make many copies.

A multi-sig backup scheme could look like the following:

1: HWW #1 + Seed #1 + xPubs #1, #2, #3 2: HWW #2 + Seed #2 + xPubs #1, #2, #3 3: HWW #3 + Seed #3 + xPubs #1, #2, #3

Where the seeds and xPubs are stored on laminated paper.

0 sats \ 4 replies \ @GlobalThreat 23 Dec 2023

yes, that is good. but an encrypted backup you can just email yourself is good too imo.

21 sats \ 2 replies \ @Fabs OP 23 Dec 2023 freebie

Dude, that'd trigger my paranoia to the max.

0 sats \ 1 reply \ @SwearyDoctor 23 Dec 2023

I mean.. you'd have to type it before you encrypt it. There's a half dozen vulnerabilities on the way to that