Author

Topic: Compartmentalized brainwallet (Read 422 times)

legendary
Activity: 1624
Merit: 2481
June 07, 2020, 10:30:58 AM
#6
(for added security I run it inside an encrypted single purpose virtual machine where 99.9% of malware won't find it).

Well yeah.. you don't gain anything security-wise with that.
Your virtual machine is worthless if the host is compromised.

And security by obscurity is (and always has been) a bad practice.


What I want is a single wallet, based on that single seed phrase, which has separate compartments that work like separate wallets.

What you are looking for, is basically any wallet which lets you adjust the derivation path.
BIP 32 / BIP 44 specifices the derivation path. And one parameter ("account") is being used for exactly that.

m / purpose' / coin_type' / account' / change / address_index
HCP
legendary
Activity: 2086
Merit: 4361
June 06, 2020, 11:56:23 PM
#5
You should note that Trezor only lets you add addtional accounts once the previous one is "used" (ie. at least transaction has been received on that account)



Ledger Live is the same, it will only add extra accounts once the first ones are used:



Electrum will allow you to do it as you can specify whatever derivation path you want... but you have to create an individual wallet file for each account.

copper member
Activity: 1652
Merit: 1325
I'm sometimes known as "miniadmin"
June 06, 2020, 05:41:33 PM
#4
If I have not misread the situation; Trezor web wallet lets you create different accounts (wallets) within the same device/recovery phrase. It does also support extended passphrases and lets you create multiple wallets within the same passphrase.

The downside to this? You have to buy and set up the device. You'll be gaining a lot in security tough.

And basically this is only a more visual way of creating a new wallet with a new derivation path. So it's mostly what nc50lc has already said
legendary
Activity: 3472
Merit: 10611
June 05, 2020, 10:32:53 PM
#3
i don't even think there is any client made for this. it is even unlikely to find the customized tools to have something like that. because businesses that handle funds usually don't mind mixing their coins so there is only one wallet and many different addresses.

so you either have to run multiple instances of the same wallet with different child extended key (which could be derived from the same parent as @nc50lc said) or you have to create this (or pay a developer to build it). good news is that it could be built on top of most popular clients including core and electrum.
legendary
Activity: 2534
Merit: 6080
Self-proclaimed Genius
June 05, 2020, 10:00:38 PM
#2
Alternatively, maybe I should run several instances of electrum with separate wallets based on appending alpha, bravo, charlie, etc to the original seed phrase.  Will it let me do that?
You can:
[1] Set a different derivation path for the second, third and fourth account for alpha, bravo and charlie wallets.
Generate a "BIP39 seed" offline and create an Electrum wallet (Standard wallet-> I already have a seed) by enabling "BIP39 seed" in the "Option" below the seed text box.
To set the derivation path for the second account, select the address type and (for legacy) change m/44'/0'/0' into  m/44'/0'/1', m/44'/0'/2' for the third and so on.

This is technically the same as your "old solution", but this time it's Electrum.

or

[2] Generate a "BIP39 seed" offline and set a "BIP39 passphrase" for alpha, bravo and charlie wallets.
To set a BIP passphrase, enable "extend this seed with custom words" above "BIP39 seed" and provide the BIP39 passphrase in the next window.
Different passphrase will generate different "wallets" (note: BIP39 passphrase is not the wallet's passphrase).

The obvious security flaw here is having a single seed for all the businesses' funds is dangerous.
Once the seed or one wallet was compromised, it's only a matter of time for the other wallets to get hacked,
Specially the first option that can all be hacked instantly once the seed was compromised; the latter will depend on the strength of your BIP39 passphrases.

For the main idea: using a brainwallet is a very bad idea;
If you really want to use a single seed phrase, I recommend the BIP39 passphrase method instead.
newbie
Activity: 23
Merit: 22
June 05, 2020, 06:32:45 PM
#1
Suppose:
1. You run a few separate businesses that send and receive coins, and you don't want them to be associated with each other via spending each other's coins.
2. You don't want the hassle of manually selecting which coins to spend for each transaction because you do 20 transactions manually every day.  Also for convenience it has to be a PC wallet.  (for added security I run it inside an encrypted single purpose virtual machine where 99.9% of malware won't find it).
3. You memorized the 12 word seed phrase that Electrum automatically generated, and you want all your funds to be recoverable by it.

My old solution is to have several separate wallets inside a single account on blockchain.info.  But this is extremely laggy and I don't trust them because the site is so buggy, plus it started offering loans and interest like a bank. So I'm switching to self custody.

What I want is a single wallet, based on that single seed phrase, which has separate compartments that work like separate wallets.  I'm not too concerned about retaining segregation of funds in the event that I need to recover from the seed phrase (although theoretically encrypted metadata for that purpose could be hidden on the blockchain)

Alternatively, maybe I should run several instances of electrum with separate wallets based on appending alpha, bravo, charlie, etc to the original seed phrase.  Will it let me do that?

What do you guys think I should do?
Jump to: