Author

Topic: Effective & safe recovery of a wallet with multiple accounts (Read 249 times)

legendary
Activity: 2730
Merit: 7065
As  o_e_l_e_o mentioned, a good software will do that for you. It will scan the first x number of addresses on derivation path m/84'/0'/0' and then go to m/84'/0'/1', m/84'/0'/2' until it finds an empty wallet. That's why it's in your interest to make it easy for the software to find all your accounts by using a logical derivation path sequence. It won't be able to find something unusual, and if you don't write it down, your coins are almost lost. It would be like having the coins to a NYC apartment but you don't know where the apartment is. Good luck finding it.

Ledger Live does a decent job of finding all accounts in a logical derivation path sequence.
When I changed laptops some time ago, I had to install Ledger Live on my new machine. After recovering my coins from seed and installing the BTC app, you need to select the correct address type and let the software scan funded accounts. And it does that by going from .../0'/0' to .../0'/1' and upwards.   
hero member
Activity: 1659
Merit: 687
LoyceV on the road. Or couch.
$1000 today can be $100k in 20 years
That's they main reason to pay your taxes now, it gives you a plausible story later if we ever reach the million dollar Bitcoin.
hero member
Activity: 560
Merit: 1060
I 've never thought about it this way.
Another thing to consider: the amount. If it's $100, it's not really a problem spending it anywhere. But if it's $10 million, you're going to need a car wash in Albuquerque.

Hahah I don't think I would be here asking if we were talking about $10 millions. But I get your point, despite the fact that $1000 today can be $100k in 20 years
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I 've never thought about it this way.
Another thing to consider: the amount. If it's $100, it's not really a problem spending it anywhere. But if it's $10 million, you're going to need a car wash in Albuquerque.
hero member
Activity: 560
Merit: 1060
Sorry, I have asked in multiple threads about non-KYCed bitcoin etc. I understand what you say. For me, it is important, because there is no legislation at all in my country. So I am worried, what can happen if they, at some point, decide to apply laws regarding bitcoin. Especially laws against it. The fact that Binance knows I own crypto, is super bad, but I thought I could just make things better now.
That's (kinda) my point: what if they make Bitcoin illegal, they find out you used to buy Bitcoin on Binance, and then ask you where it is now. Can you have a plausible story (other than "a boating accident")?

For me, it's the opposite: banks want to know where the money came from, and the more anonymous it is, the harder this is to explain. Using P2P in combination with a bank account raises more questions than using an established exchange. P2P in person has a whole set of different risks (for $5 wrenches and for privacy).

I 've never thought about it this way. However, I suppose, that if they decide to make it illegal, they will say "from now on!" and ignore the past transactions, since it is almost impossible to trace them. I may have lost the keys, or spent it somewhere or sold it (not through a bank transfer).
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Sorry, I have asked in multiple threads about non-KYCed bitcoin etc. I understand what you say. For me, it is important, because there is no legislation at all in my country. So I am worried, what can happen if they, at some point, decide to apply laws regarding bitcoin. Especially laws against it. The fact that Binance knows I own crypto, is super bad, but I thought I could just make things better now.
That's (kinda) my point: what if they make Bitcoin illegal, they find out you used to buy Bitcoin on Binance, and then ask you where it is now. Can you have a plausible story (other than "a boating accident")?

For me, it's the opposite: banks want to know where the money came from, and the more anonymous it is, the harder this is to explain. Using P2P in combination with a bank account raises more questions than using an established exchange. P2P in person has a whole set of different risks (for $5 wrenches and for privacy).
hero member
Activity: 560
Merit: 1060
Is this really worth all the transaction fees, just to "not have KYC coins"? Depending on who you're hiding from, the exchanges you used in the past will still have a pretty good idea you own crypto. They may not know your addresses, but that's it.

Sorry, I have asked in multiple threads about non-KYCed bitcoin etc. I understand what you say. For me, it is important, because there is no legislation at all in my country. So I am worried, what can happen if they, at some point, decide to apply laws regarding bitcoin. Especially laws against it. The fact that Binance knows I own crypto, is super bad, but I thought I could just make things better now.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Ok so, to coclude.
Is this really worth all the transaction fees, just to "not have KYC coins"? Depending on who you're hiding from, the exchanges you used in the past will still have a pretty good idea you own crypto. They may not know your addresses, but that's it.
hero member
Activity: 560
Merit: 1060
...

Ok so, to coclude.

I just started downloading Monero blockchain to run a monero node.

I plan to:

1. Convert to Monero
  • 1. Convert some bitcoin to monero using UnstoppableSwap. A friend of mine have used it and he will guide me, even though it must be trivial. He is full into monero at the moment. He believes in it.
  • 2. Convert some bitcoin to monero using RoboSats.
  • 3. Convert some bitcoin to monero using Bisq.

2. Move Monero from wallet to wallet a bit

3. Do some LN Swaps using Bisq and Robosats

4. Sell some BTC for FIAT using Bisq and Robosats

5. Re-buy BTC with P2P using fiat and re-convert XMR to BTC using various services and exchanges and in smaller chunks.

6. Create fresh wallet (perhaps singlesig + passphrase) and start sending new coins there in various transactions and random times (not all in one hour for example.
legendary
Activity: 2268
Merit: 18711
Does swapping in and out of LN with other people help? I mean send them on-chain, receive LN and vice-versa.
I'm not sure. I do use Lightning, but not to anonymize coins.

In theory, you will indeed be breaking the link between the bitcoin you send and the bitcoin you receive. But there are a lot of caveats to that:
https://bitcoinmagazine.com/technical/state-of-bitcoin-lightning-network-privacy
https://abytesjourney.com/lightning-privacy/

It's going to be better than nothing and just sending a regular on chain transaction, but I'm not convinced it's the panacea that some people believe it to be.

I don't really know which should be my receiving method.
If you don't want to use electronic methods, then that only really leaves cash in person or by mail. Depending on your country/jurisdiction, you may have options like a cash deposit to a bank account or a money order.
hero member
Activity: 560
Merit: 1060
You can either use a peer to peer exchange such as Bisq or AgoraDesk to swap with another person, or you can use an instant exchanger such as UnstoppableSwap or eXch. You'll find plenty more to choose from here: https://kycnot.me/?type=exchange
So (using your own nodes and Tor) you swap your bitcoin to monero. Then you hold the monero for a while, maybe split it in to a few different wallets, maybe move it around a bit, and then use a different service to swap it back in to bitcoin in different amounts at different times. Since monero is untraceable, your new bitcoin will be unlinked to your old bitcoin. (Obviously don't swap all your bitcoin for monero, and then an hour later swap it all back again using the same service. Even though monero is untraceable, the bitcoin transactions will be fairly easily linked.)

I have no more merit man. You 've taken it all  Tongue Super helpful as always. thanks

What is making you hesitant? Just that you've never used them before? Start out with small amounts and do a couple of "test trades" first to get a feel for things.

Does swapping in and out of LN with other people help? I mean send them on-chain, receive LN and vice-versa.

I have used it a lot only as a buyer. I don't really know which should be my receiving method. For example, I hate giftcards (I don't know if it's just me). At the same time, I don't like SEPA or Revolut.
legendary
Activity: 2268
Merit: 18711
Could I swap to monero now? And what would I do with the XMR I buy? I want BTC, not XMR. How would I re-buy BTC when I have XMR?
You can either use a peer to peer exchange such as Bisq or AgoraDesk to swap with another person, or you can use an instant exchanger such as UnstoppableSwap or eXch. You'll find plenty more to choose from here: https://kycnot.me/?type=exchange

So (using your own nodes and Tor) you swap your bitcoin to monero. Then you hold the monero for a while, maybe split it in to a few different wallets, maybe move it around a bit, and then use a different service to swap it back in to bitcoin in different amounts at different times. Since monero is untraceable, your new bitcoin will be unlinked to your old bitcoin. (Obviously don't swap all your bitcoin for monero, and then an hour later swap it all back again using the same service. Even though monero is untraceable, the bitcoin transactions will be fairly easily linked.)

I can sell on robosats / bisq, but I am hesitant.
What is making you hesitant? Just that you've never used them before? Start out with small amounts and do a couple of "test trades" first to get a feel for things.
hero member
Activity: 560
Merit: 1060
By not owning any in the first place. (Probably not the answer you want to hear. Tongue)
Haha, yeah definetely not the answer I expected.

I have never, and will never, complete KYC on any crypto platform. All the bitcoin I have ever bought have been bought through peer to peer trading without KYC.
All the friends I 've got have started buying BTC through exchanges. And I did too. It surprises me that as a beginner (when you were a beginner) you started buying through P2P trading. Congrats!

Having said that, I still have bitcoin from different sources which I do not want to link together, and so almost all the bitcoin I receive via any means goes straight to a mixer, a coinjoin, or a swap to monero. I use a variety of platforms to do all this, as well as different platforms to trade bitcoin, since if I only traded via a single platform and then always sent all my coins to the same privacy tool, then that provides another potential link.
Could I swap to monero now? And what would I do with the XMR I buy? I want BTC, not XMR. How would I re-buy BTC when I have XMR?

If you do own KYC bitcoin, then you have two options really. Do as I have done above to get rid of your KYCed bitcoin and end up with private bitcoin. The exchange that you bought the bitcoin from (and therefore the government and associated agencies) will still know you own x amount of bitcoin, but they won't be able to trace it. Or the better option - send your KYC bitcoin back to where you bought it from and sell it for fiat. You now have a clear record that you have sold all your bitcoin and no longer own any bitcoin. Take that fiat elsewhere and buy fresh non-KYCed bitcoins.
I closed my Binance account. No more Binance for me. So I can't really do the second step.
I can sell on robosats / bisq, but I am hesitant.
legendary
Activity: 2268
Merit: 18711
May I ask directly, and of course you may not answer. How do you deal with KYCed coins?
By not owning any in the first place. (Probably not the answer you want to hear. Tongue)

I have never, and will never, complete KYC on any crypto platform. All the bitcoin I have ever bought have been bought through peer to peer trading without KYC.

Having said that, I still have bitcoin from different sources which I do not want to link together, and so almost all the bitcoin I receive via any means goes straight to a mixer, a coinjoin, or a swap to monero. I use a variety of platforms to do all this, as well as different platforms to trade bitcoin, since if I only traded via a single platform and then always sent all my coins to the same privacy tool, then that provides another potential link.

If you do own KYC bitcoin, then you have two options really. Do as I have done above to get rid of your KYCed bitcoin and end up with private bitcoin. The exchange that you bought the bitcoin from (and therefore the government and associated agencies) will still know you own x amount of bitcoin, but they won't be able to trace it. Or the better option - send your KYC bitcoin back to where you bought it from and sell it for fiat. You now have a clear record that you have sold all your bitcoin and no longer own any bitcoin. Take that fiat elsewhere and buy fresh non-KYCed bitcoins.
hero member
Activity: 560
Merit: 1060
In case I had arbitrary paths, I am curious to know how I would go about backing them up. On the same backup with my seed phrase? Separately? Any cool ideas?
Write them down. If you use a totally crazy derivation path and back it up separately to your wallet, then it can act as a surrogate passphrase, as an attacker who finds your seed phrase would need to brute force potentially billions of combinations (depending on your derivation path) in order to steal your coins. I would also note, however, that loss of the derivation path would mean you also lose access to your wallets, and backing up a long string of random numbers is significantly more error prone than backing up a seed phrase.

However, let's say I have 2 wallets on Sparrow. Different wallets, different seeds, different addresses etc. The problem you mention would still occur, if I was connected to a public electrum server.
Correct, but people are simply more likely to restore the same seed phrase with different derivation paths in the same software on the same machine than they would be with two entirely different seed phrases.

May I ask directly, and of course you may not answer. How do you deal with KYCed coins? I ask cause I want to get ideas. I 've been struggling with this issue really a lot. And at the end of the day, I think I shouldn't care all that much.
legendary
Activity: 2268
Merit: 18711
In case I had arbitrary paths, I am curious to know how I would go about backing them up. On the same backup with my seed phrase? Separately? Any cool ideas?
Write them down. If you use a totally crazy derivation path and back it up separately to your wallet, then it can act as a surrogate passphrase, as an attacker who finds your seed phrase would need to brute force potentially billions of combinations (depending on your derivation path) in order to steal your coins. I would also note, however, that loss of the derivation path would mean you also lose access to your wallets, and backing up a long string of random numbers is significantly more error prone than backing up a seed phrase.

However, let's say I have 2 wallets on Sparrow. Different wallets, different seeds, different addresses etc. The problem you mention would still occur, if I was connected to a public electrum server.
Correct, but people are simply more likely to restore the same seed phrase with different derivation paths in the same software on the same machine than they would be with two entirely different seed phrases.
hero member
Activity: 560
Merit: 1060
If you use some completely arbitrary derivation paths, then the only way you can recover those wallets is by either knowing/backing up the derivation path, or by blind brute force.

If you use logical derivation paths as you have suggested (m/84'/0'/0', followed by m/84'/0'/1', followed by m/84'/0'/2', and so on), then there are various tools which will automatically scan these paths for you. The simplest way will be to import your seed phrase in to Electrum, and then hit the "Detect existing accounts" button. This will automatically check the 18 common derivation paths listed here for any transaction history. If it finds an active account it will automatically check the next account too. So after detecting activity at m/84'/0'/0', it will check m/84'/0'/1', and so on, until it reaches an inactive account.

I am talking about logical derivation paths, yes.

In case I had arbitrary paths, I am curious to know how I would go about backing them up. On the same backup with my seed phrase? Separately? Any cool ideas?

I would note  that using the same seed phrase and the same wallet software for both KYCed and non-KYCed accounts presents a huge risk to what you are trying to achieve. Recovering both accounts simultaneously will make it completely obvious to whichever third party server(s) you are connected to that all those coins are owned by the same individual. You should do this all via your own full node/server.

I run my own node and because of some mistakes I have made in the past, I use only one specific software for my wallet management, which is Sparrow.

However, let's say I have 2 wallets on Sparrow. Different wallets, different seeds, different addresses etc. The problem you mention would still occur, if I was connected to a public electrum server.
legendary
Activity: 2268
Merit: 18711
If you use some completely arbitrary derivation paths, then the only way you can recover those wallets is by either knowing/backing up the derivation path, or by blind brute force.

If you use logical derivation paths as you have suggested (m/84'/0'/0', followed by m/84'/0'/1', followed by m/84'/0'/2', and so on), then there are various tools which will automatically scan these paths for you. The simplest way will be to import your seed phrase in to Electrum, and then hit the "Detect existing accounts" button. This will automatically check the 18 common derivation paths listed here for any transaction history. If it finds an active account it will automatically check the next account too. So after detecting activity at m/84'/0'/0', it will check m/84'/0'/1', and so on, until it reaches an inactive account.

I would note  that using the same seed phrase and the same wallet software for both KYCed and non-KYCed accounts presents a huge risk to what you are trying to achieve. Recovering both accounts simultaneously will make it completely obvious to whichever third party server(s) you are connected to that all those coins are owned by the same individual. You should do this all via your own full node/server.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Can't you just write the number of accounts and derivation paths on the same paper with the seed phrase?
Sure, but I will give extra food for thought to a potential attacker if they gain access to my seed phrase and, at the same time, it is difficult to update it if I need to add one more account or remove an old account etc. I will do it, eventually, but ...
Whoever finds your seed phrase can try different derivation paths already. If that's what you're worried about, you can consider a password, I don't think the derivation path should be part of your security.
Depending on how far you hide the seed phrase, adding new information is as simple as just writing on it.
hero member
Activity: 560
Merit: 1060
Can't you just write the number of accounts and derivation paths on the same paper with the seed phrase?

Sure, but I will give extra food for thought to a potential attacker if they gain access to my seed phrase and, at the same time, it is difficult to update it if I need to add one more account or remove an old account etc. I will do it, eventually, but ...

If after 20 years a good wallet like electrum or sparrow is still there, you or your child will be able to load all the addresses containing the balances or UTXOs once you import the seed.
By default, electrum or other wallets like sparrow wallet will load the first 20 receiving address in the order of the derivation path, and they will be able to see the addresses containing Bitcoins, so I don't think you should worry about how many addresses you generated and deposited bitcoins into in the past.

This is not strictly true. They will need to add it as a feature, at least for Sparrow which is the wallet app I use.
copper member
Activity: 2170
Merit: 1822
Top Crypto Casino
<...>

If after 20 years a good wallet like electrum or sparrow is still there, you or your child will be able to load all the addresses containing the balances or UTXOs once you import the seed.
By default, electrum or other wallets like sparrow wallet will load the first 20 receiving address in the order of the derivation path, and they will be able to see the addresses containing Bitcoins, so I don't think you should worry about how many addresses you generated and deposited bitcoins into in the past.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Can't you just write the number of accounts and derivation paths on the same paper with the seed phrase?
hero member
Activity: 560
Merit: 1060
I already have a passphrase, so I would need to add another one, which again adds extra hassle in backing up everything.
Exactly. If you use passphrase already, you can decided to add another passphrase to the seed phrase which will generate different wallet (keys and addresses) entirely. You can use more passphrase with the seed phrase and each will be generating different keys and addresses. All you have to do is to backup your passphrase differently in different locations and your seed phrase should be backed up differently as well. Having two strong passphrase and a seed phrase should not be hard for different location backup for each.

No, you are definetely right. It's difficult to find different places though. This is my point. I 've been struggling a lot with it.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
I already have a passphrase, so I would need to add another one, which again adds extra hassle in backing up everything.
Exactly. If you use passphrase already, you can decided to add another passphrase to the seed phrase which will generate different wallet (keys and addresses) entirely. You can use more passphrase with the seed phrase and each will be generating different keys and addresses. All you have to do is to backup your passphrase differently in different locations and your seed phrase should be backed up differently as well. Having two strong passphrase and a seed phrase should not be hard for different location backup for each.
hero member
Activity: 560
Merit: 1060
I prefer to use another seed phrase instead.

I could do that, but in fact, I don't like dealing with multiple wallets. I mean, a new seed phrase for me would mean 2 additional backups.
Personally I backup a singlesig wallet in 2 different locations. If I add another wallet, I will have this extra hassle, which I don't actually want.

If you want to use the same seed phrase, use passphrase to extend the seed phrase to generate you another different wallet (keys and addresses) entirely. If you lose your passphrase, it is also like you lose your seed phrase because you will need both (seed phrase and passphrase) to access your coins.

I already have a passphrase, so I would need to add another one, which again adds extra hassle in backing up everything.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
1. How can I know how many accounts I have ever created - funded? For example, I know that I have 2 accounts, but what if I actually had a 3rd one and I have forgotten about it? What if I gave my seed phrase to my child and told them to recover it? How could they know how many accounts have addresses that have been funded?
You have to let them know about it. You can use practical example.

2. Do you know any way to "note" or "backup" safely how many accounts have been created using my recovery phrase?
It is you that should remember it.

The only wallet that I noticed this is the non recommendable Coinomi which is close source. Most wallets do not allow it as they will allow you to create/use another seed phrase instead which is recommended.

I prefer to use another seed phrase instead.

If you want to use the same seed phrase, use passphrase to extend the seed phrase to generate you another different wallet (keys and addresses) entirely. If you lose your passphrase, it is also like you lose your seed phrase because you will need both (seed phrase and passphrase) to access your coins.
hero member
Activity: 560
Merit: 1060

Hello.

Situation
I have just created a wallet offline. I will monitor the UTXOs and generate addresses. I plan to use 2 accounts:

Account 1: KYC bitcoins. (m/84'/0'/0')
Account 2: Non-KYC or Mixed bitcoins. (m/84'/0'/1')

Questions
Let's say that in 20 years from now, I get my seed phrase and start recovering the wallet.

1. How can I know how many accounts I have ever created - funded? For example, I know that I have 2 accounts, but what if I actually had a 3rd one and I have forgotten about it? What if I gave my seed phrase to my child and told them to recover it? How could they know how many accounts have addresses that have been funded?

2. Do you know any way to "note" or "backup" safely how many accounts have been created using my recovery phrase?

Jump to: