I have a stack in a single sig passphrased wallet. The key (but not the passphrase, which I have to enter every time) is stored on a hardware signer, and I have a seed phrase backup on a couple of steel plates.

I was looking into securing this setup further in the 'positive' direction (i.e. preventing losing access to it, as opposed to preventing others from gaining access) by using something like steganography or references to a book, and thought I'd verify the seed phrase backup again before copying it.

The best way to verify is by using another hardware signer. But the only other signer I had was a Ledger Nano X, left over from my shipcoin days. I don't trust the device and as it turned out, the only way to enter a new seed phrase into it required using their software Ledger Live, which I trust even less. I decided not to pursue that route.

I didn't want to spend money on another Bitcoin-only hardware signer either.

I decided on using a software-only way, namely:

I downloaded, verified and etched Tails on a USB stick. For 2, my first attempt involved writing a Python script using bip_utils that asks the seed phrase and passphrase and calculates the zpub, to subsequently compare it to the control zpub (which I could see in my Sparrow/HWS setup).

While Python is included in Tails, and I was able to install pip, I couldn't get the latter to install bip_utils on my Tails instance. It complained about it being an external library or something like that, presumably something having to do with security (?). It suggested installing it within a VM as a solution, but it seemed like too much to figure out, especially since...

...I realized Tails had Electrum pre-installed already. So I thought: ok, I'll disconnect from the internet, import my seed + passphrase into Electrum, and compare the calculated zpub against the control one.

I went ahead with that. Electrum warned me along the lines of "You're running with permanent storage disabled, which is probably not what you want." It obviously was what I wanted!

I took basic precautions against side-channel attacks, like moving my phone away and putting a fan on to blow on it to mask the sound of the keystrokes.

I was running Tails on my mini PC (which is normally used as a full Bitcoin node, plus a couple of self-hosted services). Most of the time it runs headless, but it's connected to a smart TV via HDMI. And I realized the TV itself had an ethernet cable plugged in. 😱

I thought: "What if the smart TV is spying on me and broadcasting HDMI input via the internet to the manufacturer? They'd be able see the seed phrase I've just entered." I quickly turned off the router to make sure the entire building was disconnected. Luckily I still had the passphrase (and a strong one at that, 56 bits of entropy IIRC) to protect me, which I hadn't entered yet and it was asterisked out anyway.

I entered the passphrase with the internet off and verified visually that the zpub was correct.

But then I started ruminating. "What's the likelihood of such a scenario? Do they have a legitimate reason to spy on HDMI input? Might they have included a backdoor in their hardware for illegitimate reasons?" The smart TV was an old model, purchased in 2018, slow and somewhat shaky, and it didn't support installing apps, updating the firmware or anything like that - so it couldn't have been infected with a virus or malware. It could only spy on me if such functionality was built-in by the manufacturer from the get-go.

I thought I'd sleep on it and probably move my UTXOs to a new wallet. Thanks to the passphrase I had at least a few days to act.

The following day I decided to have a closer look at the TV and realized:

So the TV wasn't even connected to begin with at the time of my entering the seed phrase. Phew! No need to move my coins.