Topic: Bitcoin Wallet & Seed Storage Question? - page 2. (Read 660 times)

I would also do one more thing.
If you get robbed, and the robber knows what Ledger is and that a Ledger device needs the seed to get access to the funds, create a fake seed and put it together with your unused Nano X. Create it from the available word list.

That seems "OK"... I'm still not sold on the use of invisible ink, but that's just my personal preference and as long as you're satisfied with it's longevity and/or you check it regularly, then I don't see any really obvious flaws.

One more thing I would like to add would be to ensure that you stay somewhat up to date with happenings in the Ledgersphere... ie. firmware updates etc. There have been one or two users in recent history who have had issues trying to update very old firmwares. Hopefully this won't be repeated going forward and Ledger have put plans into place to prevent a reoccurrence, but they cannot foresee all eventualities!

O.K., So I think I have made up my mind as to what I'm going to do. Tell me what you think of my ideas.

1. As stated, I purchased two Ledger Nano X's. I will hide one with my Bitcoin on it somewhere in my apartment. I will keep the second Ledger brand-new, unused in my desk drawer. This way if a thief comes into my apartment they will think that they found the Ledger with the Bitcoin on it. Also, in the future, if the Ledger with the Bitcoin on it wears out for some reason, I will have a back-up.

2. I will use the random BIP39 seed word that the Ledger Nano X generates. (Thank you for saving me here, guys!) I will also use a PIN.

3. Perhaps the most controversial part. I will write my 24 word seed phrase with "archival" permanent invisible ink in a book. I will duplicate this in another book and keep the second book in a safety deposit box or in a P.O. Box at the post office. (I will check from time-to-time the longevity of the ink.)

O.K., So there it is. Is it a sound and effective plan? Thank you.

P.S. I wish I had the "NeuroticFish" username because that's what I've become. A computer I am not.

This a risky move if you don't have first hand experience with the particular invisible ink you are using. Unless you are for some reason opening your safe deposit box weekly to check the ink is still visible, then you probably wouldn't know it had faded until you needed to recover your wallet in an emergency, by which point it is too late.

And see here for proof that poems are a bad idea: https://www.reddit.com/r/Bitcoin/comments/1ptuf3/brain_wallet_disaster

Line from an obscure poem in Afrikaans and he got robbed!!?! 

As for storing the 24 word seed mnemonic backup... there are two components to consider, being that you need to keep it "safe" and "secure". "Secure" in that you need to prevent it being stolen/accessed by a 3rd party who could then steal your coins... and "safe", in that you need to prevent accidental "loss" of the seed (destroyed by fire, water damage, accidentally throwing it out, memory loss if memorised etc.)... which could potentially mean loss of the coins if something happens to the device as well.


Storing the actually hardware device itself is somewhat less of a problem... as someone would need to know your PIN to be able to use it and they only get 3 attempts at "bruteforcing" it before the device wipes itself. If it does get stolen/lost/damaged, you can always recover from the seed mnemonic backup, so IMO... the seed mnemonic backup is the critical component.

See here for why a poem is a bad idea here: https://bitcointalksearch.org/topic/m.3345309

Why do you think someone who stole your entire safe couldn't open it at their leisure?

I am still getting caught up to speed so thank you for your continued help. O.K., I've now accepted and get why I must use the random 24 random word phrase that comes with my Ledger. So we are all good on this front. : )

So I have another idea where I can keep the 24 word seed phrase. Please tell me what you think. Instead of keeping the word phrase on a Billfodl why not write the 24 word phrase with invisible ink in one of my favorite books? I could keep the book in a safety deposit box or at a P.O. Box at the post office. No one would ever suspect that the word phrase is written inside the book. I could have a back up book too if I wanted. My only concern would then be how permanent the invisible ink is. I know in sunlight it disappears after a week but in the dark it will last indefinitely... so they say. Maybe there a different qualities of invisible ink but I haven't found any.

Now where to store the Ledger. I was thinking two things. I could put the Ledger in a magnetic hide-a-key holder and magnetize it to any metal surface in my apartment. I also live in an old apartment. I could bury the Ledger underneath a floor board. I could also hide it in plain site, in a safe in my closet. I really like the following safe because it has an alarm that would go off if someone tampers with it. It also has a time stamp on it showing when it was tampered with. The only thing it doesn't have is it won't send a notification to my phone. This would be cherry if I got a notification on my phone if a thief tried to snag it.

https://www.amazon.com/Verifi-Smart-Safe-Top-Opening-Biometric-Fingerprint/dp/B06XG2F5LN/ref=sr_1_1_sspa?keywords=Verifi+Smart+Safe+S4000&qid=1561587964&s=gateway&sr=8-1-spons&psc=1

So which of the ways do you think is the safest way to store the Ledger? Definitely not my underwear drawer... : )

I know some of you are speculating about how many peanuts I actually have. Too funny. Honestly, I am a regular worker and I've worked full-time my whole life with very little vacation time. I've never had health insurance. So this is why it is so important to me. I would like to be able to afford health insurance and take a nice vacation from time to time.

On the Ledger Nano S, your PIN can by anything from 4 to 8 numbers long, and the device gives no indication of how long it is. Given that:

4 digits = 10k combinations
5 digits = 100k combinations
6 digits = 1M combinations
7 digits = 10M combinations
8 digits = 100M combinations

This means that there are 111,110,000 possible PIN combinations. A thief would get 3 attempts, and then the device wipes itself. Not great odds to be able to break in to it.

This. If you are worried about someone breaking in to your house and stealing your seed, then hide it somewhere it will never be stolen. Write it on paper, fold it up tight, and seal it in an air and water tight bag. Unscrew a light fitting or an electric socket and stick the bag in the wall/ceiling. Lift a carpet or a floorboard, hide it underneath, replace, and move some heavy furniture on top. Avoid obvious places like the back of your underwear drawer.

I can confirm that for Ledger Nano S: after 3 incorrect attempts for the PIN I had to recover the wallet from seed.



For Nano S it's 8 characters. I expect at least the same for Nano X. And you can make it 8 chars or you can make it shorter - that could also confuse the thieves.

You're wrong As long as it's generated at random, there's no way to crack it. Just to compare: Electrum by default uses a 12 word seed. That means there are 2048^12 times more possibilities to check.
For Electrum, lets assume 10 billion people each have 100 different seed phrases in use, and all 10 billion people have a computer that does 10 billion tries per second, then one of them may find one seed phrase from one person after a year.
And that's with just 12 words. So in short, you don't have to worry about this as long as you don't make a seed phrase by yourself.

That would increase the risk of making a mistake writing it down. And since it's very safe already, that's unnecessary.

I still haven't found a good solution for this problem: on the one hand, I don't want to rely on my memory, and on the other hand, I don't want to risk exposing a seed.
Just a thought: you can write it down anywhere you want: on the bottom of a door for instance, or use a metal punch to write it at the back of your safe. Just make sure you can't lose it.

Finding the Ledger shouldn't be much of a problem: the thief can try the PIN a few times, then it erases itself.
Note: I still don't have a hardware wallet, so haven't tested this by myself.

I'm not sure how many characterse long the PIN is, but the chance of a thief stealing your funds is quite small. The "wrench to the head scenario" where the thief forces you to share the PIN is probably more likely.

My suggestion: try it! Get a hardware wallet, secure the seed, deposit a small amount, try to recover it, and keep experimenting until you feel confident.

You can also look at paper wallets. It has some pitfalls (most importantly: create it from a LIVE Linux DVD on a system without internet connection, and when you empty it you should use all funds at once). Here too: experiment a bit until you feel confident.

It's hidden.

O.K. so I think I'm starting to get it. With BIP39 I can only make my 24 word seed phrase from an existing 2048 word list? For instance, I could not have some of these words be in Spanish, French, or Italian? I did see how complicated it would be for a computer to crack the code with from your example but it seems to me computers are getting smarter every second and they'll eventually will be able to crack BIP39 security. Am I wrong?

I found this information -
Ledger has a position on this: PBKDF2 is an interesting function allowing to derive a low-entropy password into a larger cryptographic key. The lack of entropy is balanced by a CPU intensive derivation function preventing Brute-force.The main problem in BIP39 is that the number of iterations is set to only 2048, which is far lower than the last NIST recommandation (from 2016) which is 10,000. When the mnemonics are well generated and can be kept secret, they represent 256-bits, consequently, the "only" 2048 iterations are not a problem. On wallets where the mnemonics extraction is easy, manufacturers suggest using a passphrase to mitigating the mnemonics extraction threat. In this case, the "only" 2048 iterations become a problem and bruteforce is then possible. If ever, you use a wallet on which mnemonics extraction is possible, my recommandation is to maintain the mnemonics' level of security and using a 256-bit entropy passphrase: 36 random characters passphrase.

Is it possible to get a wallet with a 10,000 wordlist or a 36 word passphrase?

I have another idea for generating a seed phrase. It just bugs me that if someone finds a Billfodl then they will immediately know that it is used to store a seed phrase. Let's go back to my book idea. What if I used the first word at the beginning of each chapter in a random book? If I know which book has my seed phrase it would be safe because no one else would know which book I'm using and it's just one of many in my library. Also, I could even keep the book off premises? Is this a good idea? The problem I see is that the first word in each chapter probably will not be in the BIP39 2048 word list?

Also, I am rethinking the idea of purchasing a safe. If I had a safe in my closet and a burglar broke into my apartment they would automatically know where the Ledger is. Since it is small it may be better to hide the Ledger in a inconspicuous place? It would be much harder for a thief to find. What's better, getting a safe for the Ledger or just hiding the Ledger somewhere?

Also, since my critical information is the seed word, what should I do if someone stole the Ledger? I was thinking since I already bought a back-up Ledger Nano X, it might be better to not back up the second Ledger with the same seed phrase. I could just keep it new in the box and if anyone were to steal my original Ledger with Bitcoin on it I could activate the second Ledger and move my Bitcoin over from the first Ledger to the second Ledger before anyone tries to hack the first Ledger? Is this a good idea?

I know I keep asking questions but you're all so brilliant and I'm very insecure at this point as to how to move forward with this. Everyone is saying I must get my Bitcoin off of Coinbase and I just want to have the most secure method of storing my Bitcoin. Thank you for your continued support.

One more question about this forum? I hope my email is hidden in my profile. I would hate to have a hacker read this thread and have access to my email.

Of course, you're right, but since I expect that OP keeps more than peanuts there (else he would not have bought two ledgers!) so waiting a little and signing with a new ledger would mean proper safety.

The total possible number of words to choose from is actually much smaller than that. The BIP39 wordlist I linked to before contains 2048 words. Some 24 word combination of those 2048 words will give you the seed to every bitcoin wallet that has ever or will ever exist. Why the bots don't do that is simply because of how staggeringly large a number that is.

Each one of those words encodes 11 bits of entropy. 24 words give you 264 bits, but as the last 8 bits are a checksum, your 24 word seed is actually 256 bits of entropy. 2^256 is a very big number:

115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,936

More easily written as 10^77. For comparison, there are 10^18 grains of sand on Earth. There are 10^50 atoms on Earth. Even a bot running on a supercomputer 24/7 for your entire life will never find a single match. Here's another way of thinking about it I explained in another thread a few weeks ago:

I can’t help but think what would’ve happened if I did not join bitcointalk... 😳  I thought I was being smart about this but I was instead being totally naive. So let me ask you this: If bots are that powerful why can’t they just take every word in Webster’s dictionary and figure out every possible 24 word combo possible? It would seem like an impossible task but just a few years ago the idea of a computer beating the smartest person in Jeapordy was considered impossible... until it happened.

This is scary stuff. Maybe I should just leave my Bitcoin in cold storage in a Coinbase Vault? I hate to trust a third party to protect my Bitcoin but I trust myself even less!

Kind of, but not really.

It's not that a brute force attacker could figure out your words one at a time, and "narrow things down" as you put it. They would have to figure out all the words/the entire phrase in one go. If they used a slightly different phrase, it would still generate a valid wallet, just not your wallet. However, if you pick a phrase that appears pretty much anywhere else in the English language (song lyrics, movie quotes, book or poem passages, famous sayings/quotes/idioms/speeches), it's like to be broken anywhere between a matter of seconds to minutes. There are many attackers constantly scanning such phrases for coins to steal. Even if you pick some words or characters you think are random, chances are they aren't, and even if they are, anything that you can remember probably contains far, far less entropy than the 256 bits of entropy contained within a properly generated 24 word mnemonic phrase. The general advice is let your Ledger generate your wallet for you, write down the 24 words it gives you on paper (never store these words electronically!), and securely store the paper somewhere.

Now, I don't want to overload you with information here, but since you have said you have concerns regarding storing your seed phrase, the other option you could explore with a Ledger is adding on a passphrase. There are details on how to do this here: https://support.ledger.com/hc/en-us/articles/115005214529-Advanced-passphrase-security. Essentially, in addition to your 24 word phrase that Ledger generates for you, you can add on your own passphrase to the end. This passphrase could very well be the opening line to your favorite poem. With this in place, an attacker would need both your 24 word phrase and your secret passphrase to steal your coins. This can be quite complicated process, so I would make sure you try creating, accessing, and restoring a wallet with only a very small amount of bitcoin first, to ensure you fully understand how it works and know how to set it up properly. You don't want to send all your bitcoin to a wallet you later discover you have set up incorrectly and can no longer access.

Guys, again, thank you. I’m starting to understand. So let’s say my first word is, “OUT”. There are robots that scan for phrases that start with, “OUT”. Then let’s say my second word is also, “OUT”. The robot will immediately have narrowed down the likely phrases from the first word and intuit my second word which is also, “OUT”. Then I’m done for because the robot will know my seed phrase is from Shakespeare:

“Out, Out, brief candle. Life is but a walking shadow, who struts..., etc.”

Oh geeze. Thank you guys. I’m so grateful to you. 🙏🏻

You don't even need Ledger if your original Ledger HW is lost/stolen, as long as you have the seed, you could extract the xprv or private key (with tool such as https://iancoleman.io/bip39/) & import/sweep it into Electrum.


Additionally, it would be disaster if you forget your poems, especially if you either :
1. Forget multiple words
2. Forget few words & it's exact position

A 2nd or 3rd Ledger isn't really needed. As you know your assets aren't really on your hardware device. They are on the blockchain and your Ledger wallet is just holding the corresponding keys that gives you access to those coins. If one, two or five devices malfunction your seed words will give you another entry point to your coins.

Since you live in a shady environment it might not be the best idea to have a safe delivered to your home, because you never know who is watching.
Also, don't tell people you own Bitcoins, don't try to impress someone by saying you will be rich in a few years.   

The safety of your seed is more important than the number of wallets you use and as I said above, one would be just fine.

I can't emphasize this enough.

Even if you think you are safe when choosing a poem.. There are people out there bruteforcing brainwallets by using most common passwords (e.g. the rockyou.txt wordlist) or any kind of poems / stories / quotes / etc..

The chances are high that you will lose your coins.


There is nothing better than a truly randomly generated seed.
Human brains are not (and can never be) random enough.

Trust math, not your brain.

That's not how mnemonic seeds work.

When you create your wallet, your Ledger device will generate 24 words for you, from this list of 2048 possible words: https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt. (Actually, it generates a very long random number known as your seed, and the converts that in to 24 words, but the result is the same - it gives you 24 words.)

You could pick your own 24 words, but it is highly advisable not to do so for several reasons. Firstly, many combinations aren't actually valid, because the last 8 bits of your random number are a checksum, which have to match up with the rest of the number. Secondly, humans all have significant amounts of unconscious bias and are extremely bad at picking randomly.

Using the first 24 words of a poem as a mnemonic phrase is simply not possible. As I said above, your mnemonic words have to come from the BIP39 list of 2048 possible words. You could create what is known as a brain wallet using words from a poem, but this is an extremely bad idea and your coins would likely be stolen by a simple brute force attack within a matter of hours. No one would need access to your Ledger, seed, wallet, or anything else to be able to brute force a brain wallet. Don't do this.

In short, your Ledger will generate 24 random words which it is then up to you to store securely.