pull down to refresh
50 sats \ 2 replies \ @scampy 9 Oct 2022 \ on: Securing Your 24 Words bitcoin
So if I understand correctly your setup would be 12 words + encryption passphrase, and 12 words + encoding method.
This would be similar to a 4-of-4 multisig, which isn't a scheme commonly recommended due to the lack of redundancy. If any of those parts are irretreivable for whatever reason, then your funds are toast.
Consider the main threats to losing your funds. These are:
A) Backups are lost / destroyed
B) Restoration method lost (complexity)
C) Backups are stolen
You've covered C, but seem rather weak against A and B due to the large number of parts and using a non-standard method.
Look into standard backup schemes and evaluate whether these cover your bases. Chances are that they are more than adequate. You can use a seed + passphrase for example (which also offers plausable deniability), or a 2-of-3 multisig (redundancy). Keep it simple.
Look through Lopp's guide for more info: https://blog.lopp.net/how-to-back-up-a-seed-phrase/
Also, consider how easily your funds can be retreived by a beneficiary in the event of your death.
Hope that helps. Be careful. Oftentimes funds are lost by the user, not by a thief.
Thanks for the thorough reply!
I do acknowledge that funds are often lost by the user, so I have been careful to err on the conservative side when setting this up, trading off security for redundancy. I stayed a year with this setup while having the words loaded in a hw wallet too.
I see 12 words + encryption passphrase as one unit, because they're always kept together. That is stored in 3 physical locations as I mentioned.
The other 12 words (2nd piece out of 3) are kept in 4-5 digital locations.
The encoding method is also stored in 4-5 digital locations.
It is also easy enough to remember, so can be brute-forced by me if I forget the exact details of it. I think this solves B) pretty well.
As for A), I think a replication factor of 3 is sufficient - although I can certainly improve it a bit further (e.g even bank custody) given that even those words can be encoded. The encoding I really like because it opens up a lot of practical applications that I otherwise would have been uneasy to do (e.g storing plaintext 12w at a bank, at a friend's house, etc.)
Look into standard backup schemes and evaluate whether these cover your bases.
Thank you, I will research more into that and really dive into Lopp's post -- this is the second recommendation now.
reply
That’s twelve different potential safe places to leave your secrets. That’s a lot.
reply