Topic: How to design a perfect cold storage? - page 4. (Read 6294 times)

That was my concern also. That is why I would leave only encrypted paperwallets/stamped seeds in 2 different safes which would require from a bank thieve to know about both and rob both.


I thought about that but I do not know of any easy tool to put multisig or timelock into practice. Any suggestions?

I feel that by using something I am not comfortable with I would be my own worst enemy and essentially lock myself out of funds.

I always found these security questions funny. I know first names of many pets from multiple families. And by now, a family holiday would probably be documented with pictures on Facebook
You can also more often then not, ask people those security questions and they would very gladly tell you, even if you are a stranger to them.
You need to use something that is considered atleast kind of secret in the first place, something that you won't just show to anyone or tell anyone.
However the most useful thing is to just make a password with your family, that would be the most reliable and quite simple way. Or as with the will, use the multisig with the person you are leaving the funds to and your lawyer, if your lawyer is hip to that.

Ask yourself this question : How are your other assets and wealth being handled at the moment? You use a Will, right? I would suggest that you make it a riddle that only your family would be able to understand and put it in your Will.

The Passphrase could be the answer to a question that only your family would be able to answer. Example :

~ Where was our first family holiday.
~ What was the name of our first dog.

You also hide the paper wallet < Metalstamped seeds/keys > in a location only they will know about.

~ Lemon tree at the orchard.

Do not use safe deposit boxes, because they are raided regularly by banks and thieves.

There are some things in your requirements that are not exactly clear, but depending on the exact details of the requirements, I'd consider using locktime and multisig to handle most of your concerns.

The biggest issue you'd run into with such a solution is that there could be a significant gap in time between when you die and when your heirs can access the bitcoins.

When you make a usb with a live boot OS on it, you can make a different partition on it on which you can keep files that you want to carry on when you boot up that OS next time. It is called persistent, as it survives the reboots, unlike the other changes you make to the live boot OS. The whole partition should be encrypted for security and privacy.
Electrum is apparently preinstalled on TailOS, as you can see here https://tails.boum.org/doc/anonymous_internet/electrum/index.en.html

Could you expand on that?

What is enrypted persistent volume?
Where is Electrum preinstalled?

Live boot usb stick with TailsOS. Encrypted persistent volume.
Electrum is preinstalled and can be activated.

Nobody can do anything with your usb if confiscated and you can recover with electrum seed too.

Watch Memento - that should give you some ideas.

And remember Sammy Jankis:

I am a medical professional and I have seen perfectly sane people lose their memory "instantenously" due to sepsis, meningitis, brain haemorrhage etc.

So it is a concern.

This would really be only the flaw on which your memory would be the issue here no matter what good precautions or measure of security you do made on your wallet if your memory wont able to remember that as the time goes by then that would really be a problem. Perfect cold storage is already in the market and theres no need to search or create even more, the important thing is that you wont able to forget about it as the time goes by.

Only thing that is truly only accessible by you is your memory, so if you forget everything then there is no way to do it without trusting someone else.
Not to mention that you wouldn't even remember you had a wallet in the first place.
You can't not trust yourself and others at the same time, there is no one with any access to the wallet then.
If one part of the wallet is lost, all is lost. If a group of people have all the parts of the wallet, then they and only them can use it. If you are part of the group, you can't forget your part, if you are not, then you have to trust the group.

I lost many accounts due to forgetting my passwords, but there is no other way except giving someone else access or have another way of access.

You need to trust yourself and if you have a backup, for yourself or others, then figure out a place that you can always protect while you are alive. When you are dead, they can take it from you. If you are afraid that someone will kill you for it, then you need to only be able to get it by your memory.

You can't have both perfect security and perfect availability. If you care more about security, then carry full responsibility. If you care more about it not getting lost, then you have to trust someone in one way or the other.

I am paranoid by design and by professional deformation.

Suppose you have the following tools available:

1. two Trezor hardware wallets
2. offline bootable PC with Ubuntu
3. bitaddress.org site burned to a CD
4. BIP39 passphrase and mnenomic code generator burned to CD
5. passguardian.org Shamirs secret sharing page burned to CD
6. offline printer to print and laminate paper wallets
7. metalstamps to stamp seeds/keys to metal plates if need be
8. two rented safe deposit boxes in two banks in two different European jurisdictions

How would you go about designing a "perfect" cold storage that should fulfill the following criteria:

1. be resistant to my death hence inheritable
2. be reistant to my amnesia
3. be resistant to being denied physical access to both safe deposit boxes
4. be resistant to malevolent staff opening the contents of the safe deposit boxes
5. be resistant to goverment confiscation/access denial to your safe deposit boxes

So basically I want no other entity (spouse, underage children, bank staff, evil government officials) to be able to spend my bitcoins as long as I am alive and with a functioning brain.
I also want to be able to comitt to memory a seed or an encryption method that would grant me access to bitcoins if I am not able to access the cold storage in safe deposit boxes.
Ultimately I would need to leave clear instructions in case of my death so that the family would be able to reconstruct access to those bitcoins.

I have some ideas but would like to hear flaws in my design.

1. PAPER WALLET ROUTE

One way to go about it would be to create paper wallets, print them offline, encrypt them with a strong passphrase (for example Diceware generated) using BIP38 and store them in two separate safe deposit boxes.
The secret passphrase would be easy to memorise for me and could be split using sharding into 3 pieces (2 safe deposit boxes and my home for example) so that you would need access to all of those in order to decrypt the paper wallets.

It prevents goverment or the bank staff from spending your bitcoins but if you find yourself unable to access the physical location of your paper wallets you are doomed.

2. TREZOR MNEMONIC SEED

You load your Trezor hardware wallet and stamp the seed on metal plates in a randomly generated order that you put in one safe. In another safe you put an encrypted message that is simply the order in which you have to put the mnemonic seed to be able to access bitcoins. You distribute the passphrase to unlock the order in the same way as in design No. 1.

You carry your Trezor with you (your home) hoping that even if it gets stolen nobody will be able to break the PIN.

This method has the advantage that with some memory technique you should be able to remember the seed yourself and reuse it should you be locked out of access to your safe deposit boxes.



Is all of this an overkill? Are there simpler ways?