Topic: Compartmentalized brainwallet (Read 421 times)

Well yeah.. you don't gain anything security-wise with that.
Your virtual machine is worthless if the host is compromised.

And security by obscurity is (and always has been) a bad practice.



What you are looking for, is basically any wallet which lets you adjust the derivation path.
BIP 32 / BIP 44 specifices the derivation path. And one parameter ("account") is being used for exactly that.

m / purpose' / coin_type' / account' / change / address_index

You should note that Trezor only lets you add addtional accounts once the previous one is "used" (ie. at least transaction has been received on that account)



Ledger Live is the same, it will only add extra accounts once the first ones are used:



Electrum will allow you to do it as you can specify whatever derivation path you want... but you have to create an individual wallet file for each account.

If I have not misread the situation; Trezor web wallet lets you create different accounts (wallets) within the same device/recovery phrase. It does also support extended passphrases and lets you create multiple wallets within the same passphrase.

The downside to this? You have to buy and set up the device. You'll be gaining a lot in security tough.

And basically this is only a more visual way of creating a new wallet with a new derivation path. So it's mostly what nc50lc has already said

i don't even think there is any client made for this. it is even unlikely to find the customized tools to have something like that. because businesses that handle funds usually don't mind mixing their coins so there is only one wallet and many different addresses.

so you either have to run multiple instances of the same wallet with different child extended key (which could be derived from the same parent as @nc50lc said) or you have to create this (or pay a developer to build it). good news is that it could be built on top of most popular clients including core and electrum.

You can:
[1] Set a different derivation path for the second, third and fourth account for alpha, bravo and charlie wallets.
Generate a "BIP39 seed" offline and create an Electrum wallet (Standard wallet-> I already have a seed) by enabling "BIP39 seed" in the "Option" below the seed text box.
To set the derivation path for the second account, select the address type and (for legacy) change m/44'/0'/0' into  m/44'/0'/1', m/44'/0'/2' for the third and so on.

This is technically the same as your "old solution", but this time it's Electrum.

or

[2] Generate a "BIP39 seed" offline and set a "BIP39 passphrase" for alpha, bravo and charlie wallets.
To set a BIP passphrase, enable "extend this seed with custom words" above "BIP39 seed" and provide the BIP39 passphrase in the next window.
Different passphrase will generate different "wallets" (note: BIP39 passphrase is not the wallet's passphrase).

The obvious security flaw here is having a single seed for all the businesses' funds is dangerous.
Once the seed or one wallet was compromised, it's only a matter of time for the other wallets to get hacked,
Specially the first option that can all be hacked instantly once the seed was compromised; the latter will depend on the strength of your BIP39 passphrases.

For the main idea: using a brainwallet is a very bad idea;
If you really want to use a single seed phrase, I recommend the BIP39 passphrase method instead.

Suppose:
1. You run a few separate businesses that send and receive coins, and you don't want them to be associated with each other via spending each other's coins.
2. You don't want the hassle of manually selecting which coins to spend for each transaction because you do 20 transactions manually every day.  Also for convenience it has to be a PC wallet.  (for added security I run it inside an encrypted single purpose virtual machine where 99.9% of malware won't find it).
3. You memorized the 12 word seed phrase that Electrum automatically generated, and you want all your funds to be recoverable by it.

My old solution is to have several separate wallets inside a single account on blockchain.info.  But this is extremely laggy and I don't trust them because the site is so buggy, plus it started offering loans and interest like a bank. So I'm switching to self custody.

What I want is a single wallet, based on that single seed phrase, which has separate compartments that work like separate wallets.  I'm not too concerned about retaining segregation of funds in the event that I need to recover from the seed phrase (although theoretically encrypted metadata for that purpose could be hidden on the blockchain)

Alternatively, maybe I should run several instances of electrum with separate wallets based on appending alpha, bravo, charlie, etc to the original seed phrase.  Will it let me do that?

What do you guys think I should do?