Topic: Best Way to Encrypt Recovery Words for Wallet for Heirs? - page 2. (Read 435 times)

Exactly - you will need 3 parts to access the balance. Of course there is always a question which part should be given to someone or left at notary.
Another question is - what if one of 'owners' die first (or lost his 'piece') and if others will be able to access wallet at all.

Read the OP, and you'll know why.
This simply does not work the way OP wants/needs it.

It is about collaborated access to the funds, not multiple layers of security.

How many 'groups' you want to create? 3?
Why not load hardware wallet with your seed + add extra password + add pin?

But a 3 out of 3 scheme does.



Using a container is probably the best approach for people with little technical knowledge.
Although, one could argue that googling "AES decryption" or "secret sharing scheme X" shouldn't be too hard.

OP wanted a system which would make it difficult for the cousin and friend to collaborate with each other and steal his coins. A 2-of-3 secret sharing scheme does not achieve that.

Bear in mind that whatever difficulties you are facing at the moment will also be faced by your cousin/friend when they try to decrypt the phrase you have given them. Depending on their technical knowledge, you may end up making it very difficult for them to recover your coins.

If it were me, I would simply use a reputable open source encryption program such as VeraCrypt or GNU Privacy Guard.

I would agree something like Shamirs secret sharing would be the best option for splitting up your words.

Lets say I have 12 words.

example :


for this example we will use the online demo page for SSSS

(DO NOT USE THIS FOR LIVE FUNDS NEVER SHARE YOUR SEED TO ANY ONLINE SITE!)

http://point-at-infinity.org/ssss/demo.html

Lets say I chose a recover threshold of 2 shares from a 4 share split.

I enter the seed above into the SSSS tool and I am given 4 shares


Now there is no way for someone to recover the seed words without 2 of the above shares 2 / 4 to recover the seed.

if you pick any 2 of the above and enter them into the decode tool and recover the seed words.

I picked shares 1 and 4 to make the recovery.




You can set any amount of share or any threshold to recover them.

If you decided to do this I would recommend downloading the source code for SSSS and running it in a offline environment.

And again DO NOT enter your seed with funds to the demo page of SSSS only use it as a reference.

A secret sharing scheme has the property of not disclosing any information about the secret with less than the required amount of shares.
With N-1 shares where N is the amount of required shares, you don't gain any information about the secret at all.

A secret sharing scheme does not mean you split the words in two halves, since this indeed does reveal information about the secret.

using secret sharing in place of encryption is crazy in my opinion. you are basically reducing the security of your key by 50% when you split it into two parts and that is a huge security reduction.
you also don't know what flaws the secret sharing algorithm may have or how optimized it could get in the future to recover such keys that also have 50% less security.

You don't necessarily need to encrypt your mnemonic code this way.

A different approach would be to use a secret sharing scheme and divide the secret into 3 parts where at least 2 (or 3) are required.
Each group gets one part of the mnemonic, and the last one will be stored in your will.

This way, no information is being leaked with n-1 shares (where n is the required amount to unhide the secret).
With n = 3 (so 3 out of 3 sharing scheme), all shares are needed: Group A, Group B and the share from your will.


Not saying that you should use this approach. Just giving you some ideas and other possibilities.




Don't use websites for that.
The easiest would probably be to write 10 lines of python code to do that.

There is an interesting reading here almost on your subject, Using Locktime for inheritance planning, backups or gifts
The transactions are time locked so people will have access after given time, so they will not have access on the time when your will enters into force.
I'm sure you will find some answers there.
In addition, here is already a company working on those timelocked transactions, read the Ann thread here > [ANN/PoC] Coldkey Cryptobond - FIRST Timelocked Physical Bitcoin

I'm using a wallet which has 24 recovery words.  I want to make it so that my heirs can access the money while making it relatively difficult for those whom I trust with the recovery words to collaborate and steal the money for themselves.

Plan:
Divide Recovery Words into Part 1 and Part 2.  Give Half the Recover Words to Group A and Half to Group B

Group A (Recovery Words Part 1)
Bank 1 Safety Deposit Box
Close Cousin

Group B (Recovery Words Part 2)
Bank 2 Safety Deposit Box
Childhood Best Friend

The Twist:
Group A and Group B are not given the actual recovery words but actually just an encrypted phrase which when decrypted will reveal the recovery words.  Only my Will will stipulate the secret key needed to properly decrypt the encrypted Recovery Words for each half.  Only my immediate family will have a copy of my will and neither Bank nor close cousin nor childhood best friend will have a copy of the Will and thus they will be unable to collude.

I'm trying to find a simple yet robust and reproducible decryption algorithm to leave instructions to my heirs to be able to decrypt the phrases Group A and Group B will give them.  I'm thinking of AES 256 CBC .  I've found 3 websites which can decrypt the same phrase reliably, but I'm trying to find a downloadable Executable or VBA Macro which can also decrypt it and am having trouble finding something which can decrypt properly.  Any suggestions?