Topic: [Android] Seedcake App Open-Source Bitcoin Seed Storage (Read 119 times)

What is the difference between using Seedcake and any other wallet apps that also stores seed phrases?
For example I can use old smartphone, install any open source wallet app, disable any connection to internet, and use it like cold storage.
Advantage compared with Seedacake is that I can use this app booth for storing keys (that I can later export), and as wallet for making offline transations.
It makes much more sense that using phone only as backup device.
 

I am afraid you won't receive a lot of support and users for a piece of software that stores recovery phrases digitally on a smartphone. I wouldn't be interested in doing it, regardless if it's your app or one created by a more popular brand or individual. Offline paper and metal backups should always have priority in my opinion. But don't get discouraged, and keep working on the ideas you have. Who knows, your next project and creation could be a real killer. Keep up the good work. 

While i appreciate your effort to create this app, i fear it'll probably will be just another way to hide or secure BIP 39 words where people forget how to recover/access it after many years.


With exception of wallet on mobile device, why don't we just make a copy of our encrypted wallet file and store it elsewhere?


FWIW, border agent these days might search or even confiscate your phone. And it happens even on country which generally not seen as authoritarian country.

No offense, but as with all methods for storing your seed phrases electronically this is a terrible idea. Your explanations regarding how safe this system is assume perfect use from the user and zero leaks from the device. In reality, these two things rarely happen. People use weak passphrases, store them electronically as well, use devices filled with malware and viruses, download random apps and software, visit random webpages, and more. All of these put at risk any electronic back ups, even encrypted ones.

This is even worse! You should never store anything sensitive on the cloud. Why would you want your sensitive data copied across dozens of computers in dozens of countries, all with unknown physical and digital security, and all accessible by an unknown number of people? That's an enormous risk.

I've lost track of the number of times I've seen people lose everything because they stored their seed phrase electronically, in the cloud, or in a password manager. Just don't do it.

In your analogy, if you are in a situation of being physically coerced in to revealing a passphrase, why would the attackers not just physically coerce you in to revealing the decryption key to your encrypted seed phrase? Encryption is worse than a passphrase in such a situation. Encrypted data clearly has a decryption key, whereas using a passphrase allows you to use the base wallet generated from just the seed phrase as a decoy, and give that away to the attackers while keeping the passphrase secret. Even better if you use multiple passphrases.

i understand that you here want to design an application that is useful for helping people to store seeds on their devices, but what you are offering is already offered by several other bitcoin wallets and they have been tested and trusted by many users. as @yamane_keto said, electrum is an example of a wallet that offers features like that and is very secure.

so i feel that the project you are offering is less attractive to other people because who wants to entrust their seeds to be stored in a third party application that doesn't have a reputation? moreover, your application still has gaps and does not have a clear system. but i appreciate those of you who have taken the time to develop an application like this.

Hello @Yamane_Keto, I hope you are well. 

I appreciate the opportunity to discuss this topic, which is enriching for the entire community, but I disagree with the notion that AES/GCM is inferior to AES-256-CBC. AES/GCM offers significant advantages, particularly in its ability to perform encryption and authentication simultaneously. This not only improves security against attacks such as padding oracle but also increases efficiency due to its parallel processing capability. Furthermore, the integration of authentication in AES/GCM eliminates the need for additional hashing functions, simplifying the implementation while maintaining robust security.

In future updates, I will include a feature for the selection of encryption methods that will include AES-256-CBC and others.

I recognize that using an app to camouflage the seed like Seedcake introduces an additional layer of complexity.
However, this approach still makes sense to me, and I emphasize that I am not suggesting it as the only viable solution for everyone.
The choice to use or not use Seedcake should align with individual needs and personal security strategy.

References for further reading:
1. Comparison of Symmetric Encryption Methods
https://soatok.blog/2020/07/12/comparison-of-symmetric-encryption-methods/
2. Selecting the Best AES Block Cipher Mode (AES-GCM VS AES-CBC)
https://isuruka.medium.com/selecting-the-best-aes-block-cipher-mode-aes-gcm-vs-aes-cbc-ee3ebae173c
3. Change Encryption Cipher in Access Server
https://openvpn.net/vpn-server-resources/change-encryption-cipher-in-access-server/
4. What's the Difference Between AES-CBC and AES-GCM?
https://helpdesk.privateinternetaccess.com/kb/articles/what-s-the-difference-between-aes-cbc-and-aes-gcm
5. Detailed Explanation on AES-CBC and AES-GCM
https://helpdesk.privateinternetaccess.com/kb/articles/pdf/what-s-the-difference-between-aes-cbc-and-aes-gcm

Here you need to compare your method of 256-bit key AES/GCM encryption with the wallet file that is encrypted in the Electrum wallet (or any open source wallet) that uses AES-256-CBC, so we can say that the wallet file that is encrypted with Electrum is safe if it is generated with a strong password, and it is more secure than Seedcake, assuming that the Electrum wallet has sufficient reviews.

I can understand the need for Seedcake to have a second layer of security or double encryption, so that if Seedcake's encryption is broken, the wallet file is still encrypted, but it will add more complications as you need to remember two passwords, in addition to the presence of other options that are open source and easy to use.

Hello Yamane_Keto, - TL;DR

Thank you for raising valid concerns about the security of Seedcake. Let's focus on the brute force attack issue in relation to root access.

1. Brute Force Attacks:

The encryption model used would make brute force attacks extremely inconvenient and impractical. Even if an attacker obtains root access and can access the encrypted data file.
   - Key Complexity: The 256-bit encryption key is generated with a high number of iterations (200,000 in the case of `StrongGCM`), meaning any attempt to decrypt the key using brute force would require an immense amount of time and computational resources, making it an inefficient and impractical effort.
   - AES/GCM: The use of AES in GCM mode (Galois/Counter Mode) ensures not just strong encryption but also authentication, increasing security against tampering.

A pitfall here would be storing the passphrase used to encrypt the seed in the same place or file used to store the encrypted data, that indeed could be a disaster since you would be handing both the knife and the cheese to an attacker.
Self-custody is a fundamental step for digital assets, as said the intention of the project is not to convince anyone to use it, but to have it as another ally in your custody strategy.

—

2. Strategies and Analogies:

But it seems there's a slight misunderstanding about the intention of the app, which I'd like to clarify.
Think of Seedcake as a multifunctional toolbox, not just as a closet for storing items. Your point of view, focused on local storage, is akin to considering a Swiss Army knife only for its blade, while ignoring the other useful tools it offers.

In the case of Seedcake, local storage on the device is just one of the options. Indeed, if the proposal were simply local storage, it would be more prudent to use a physical method, like a metal plate or a piece of paper. However, the real proposal of Seedcake is to offer a flexible and secure alternative that goes beyond the limits of physical storage, as an additional layer for your self-custody strategy.

At the end of the encryption process in Seedcake, the user has the freedom to choose where to store their encrypted seed, whether on a device, in the cloud, or in a password manager like Bitwarden, which would offer an additional layer of encryption and cloud synchronization. This provides additional security and adaptability, especially in emergency or unforeseen situations, like the ones you mentioned.

The true value of Seedcake lies in its ability to adapt to the self-custody needs of each user, don't get stuck on a static storage solution.

You are absolutely right when you talk about using a multi-signature strategy or even using a passphrase in your seed generated in the wallet itself, and that is encouraged.
But think of it as a game of camouflage: you have your seeds protected by a passphrase and, with Seedcake, you take an additional step, transforming those words into an encrypted hash. This is like disguising a valuable diamond as a common stone, making it less attractive to the eyes of a casual observer, or even some authority in adverse scenarios.
Imagine a hypothetical scenario where your seeds are discovered, but still protected by a passphrase. Having your 12 or 24 words exposed, shouting "I am a BTC seed", is not desirable, especially under authoritarian regimes.

Now, let's move forward in this analogy, not so far from the reality of some, where you are under an authoritarian regime. In this environment, where privacy is a rare luxury, your Bitcoin seeds, protected by a passphrase, would be like valuable jewels stored in a transparent box. Visible, tempting, but still locked.
Following the analogy, you would now be in an extreme situation, where you are confronted with the threat of a drill machine to your knee, a brutal and invasive pressure that such regimes can exert. Would you endure such torture and not give away your passphrase?

With the advent of cryptography, we are in an era where it's possible to take inconfiscable secrets to the grave, a feat unprecedented in history. This capability brings with it a crucial interrogation: Would you resist torture to protect such secrets? I'd prefer to disguise my jewel as a worthless stone and use various strategies (The Seedcake app is for use where local storage becomes unviable), maybe this is not your reality.
By transforming your seeds into an encrypted hash, Seedcake acts as a cloak of invisibility, hiding your precious seeds from everyone's sight, turning them from sparkling jewels into common stones in the eyes of inquisitors.
The app's proposal is to prevent its seeds from being obvious words that scream their nature and purpose, that is, transforming what is valuable and visible into something resilient and hidden.

—

3. Open-source But Without Reviews and with Low Level of Trust:

I understand your observation about the lack of reviews in the project, and I agree that this is crucial. This is a very recent project, initially developed for personal use. I recently decided to open it up to the community, seeking contributions and external audits. I am fully aware of the importance of reviews and detailed feedback to ensure the reliability and security of the application. Being an open initiative, I invite enthusiasts and developers to collaborate and conduct their own audits, enriching the project and strengthening its foundation of security and reliability for those who find its use appropriate.

It adds more risks without any advantage, as I can encrypt the seeds using a password and keep the wallet file on my phone. This file is hidden and can only be accessed via root privileges. The Electrum wallet is open source and has been tested many times, electrum wallet file can be encrypted using a password. It is powerful enough to store seeds offline in case something happens to the phone.
It is true that your application is open source, but there are not enough reviews. There are better alternatives and many wallets support the wallet encryption feature using a strong password.



Use the BIP39 Passphrases feature, where you add a word to the seed, and you can keep this word in a separate place or even on your phone in an encrypted form.

Use a multi-signature wallet in different places.

Then you will not be able to reach your phone or any digital device, as steel and metals withstand harsher conditions than most electronic devices.

---

I have not found a convincing reason to use the service, and I have not read the code yet.

Introducing Seedcake: Open-Source App for Bitcoin Seed Storage


Greeting and Introduction:
Hello everyone, I'm new here and share the belief that Bitcoin is a tool for freedom. I'm thrilled to introduce the Seedcake app (Android), an open-source project I created.

Context and Motivation:
Seedcake offers a secure way to store Bitcoin seeds based on Bip-39. It might sound crazy to store seed phrases on smartphones. However, considering the risks of physical methods in emergency scenarios, and recognizing that not everyone uses a passphrase (though they should), I thought: if we trust encryption with our digital assets, why not use it to protect our seeds as an additional layer of security beyond the passphrase?

Features and Functionality:

• Encryption Method: AES/GCM data protection.
• Key Strength: Utilizes a 256-bit key, processed through 200,000 iterations.
• Seed Phrase Compatibility: Supports standard from 12 to 24 Bip-39 English words.
• Colored Seed Feature: A unique, less secure method for seed phrase storage.

User Responsibility:
This app is a contribution to the community, without advocating for one method over another. Users are responsible for their data's security. Seedcake does not store any sensitive information, ensuring users maintain control.

Invitation for Contributions:
If anyone has ideas for functionality, audits, or code contributions, they are very welcome. As an open-source project, Seedcake encourages community involvement for enhancements and feedback.

GitHub Link:
For more details, visit the Seedcake GitHub page: https://github.com/F4bioo/Seedcake

Closing Thoughts:
Thank you for your time! I look forward to the community's input and support in making Seedcake a valuable tool for those seeking a digital solution for seed phrase storage.