Topic: How Whales Store Their BTC - page 2. (Read 445 times)

In the era of MtGox nobody knew about air gapped machines or hardware wallets. They had it all on bitcoin core wallets and we know how it went from there. At least the hookers that Karpeles was paying for were happy with the money they were making.

Most whales need fast access to their money so I'd expect them to hold it at home with keys on some engraved metal plate so it can't be destroyed in a fire. That's what I'd do. A wallet can be made small enough for you to hide it anywhere like in the floors or behind a lose tile in the kitchen. I have my coins on a hard drive in a fireproof safe. Even if someone manages to steal that I'll have backups hidden in a safe place that will allow me to access and move the funds before anybody can crack the password. The more money you have the more security you need.

I've watched a video that a crypto company in Japan keeps their most bitcoins/crypto into a hardware wallet. It's safe and it has glass covers and only a few executives has direct access on it.

I can't remember the name of that company but it was an exchange.

I think that there's really no difference on how an individual bitcoin investor keeps his bitcoins safe on a hardware wallet and the same as the enterprises.

Cringe.  Conflating signatures (authentication) with encryption (confidentiality) is such a basic error that I am not sure if you may be trolling me Slashdot-style, making a ridiculous statement to attempt wasting my time with a long, detailed correction.

Unfortunately, clueless newbies who may somehow imagine that multisignature could “encrypt” (!) seed phrase words (!!) are the same clueless newbies who would attempt naïvely, linearly dividing up the words of a seed phrase—as you originally suggested, and you continue suggesting.  Suffice it to say:  You are unqualified to give security advice.  Stop giving bad security advice.


Quoted for the lulz.


I added highlighting to the internal quote above, for a reason.  The problem that you state is well-known and completely obvious.  The solution is that “M/N” thing:  Any M signatures out of a set of size N can authorize a spend.  Say, a 3-of-5 signature, or a 7-of-11 signature.  IIRC, some high-value escrow deals on this forum have used something like 2-of-3 or 3-of-4 multisignature with multiple high-trust escrow agents.

(2-of-3 multisignature also allows coöperative close of an escrow deal:  If Alice and Bob both acknowledge that the deal is properly completed, they send the money as agreed.  In case of a dispute, the escrow agent—effectually here, an arbiter—can sign together with Alice to send the money to Alice, or sign together with Bob to send the money to Bob.)

For dividing up secrets, a very different approach than multisignature, Secret Sharing also does M/N.  But it has many sharp edges, footguns, and bad implementations.  I disagree with gmaxwell’s categorical condemnation of Secret Sharing; but as things stand with implementations, I will not recommend it to anyone who is not a security expert with an appropriate use case.  Just use multisignature instead.

Depends on how much money you're storing.
1 billion?

For that kind of money I wouldn't be surprised if they had a specially designed computer that doesn't use typical branded components but is military grade. For those of you who don't know what that means, military grade components are made robust, with thicker boards, all components covered in a layer of insulation that protects it from moisture and put in durable shock protecting cases, so that a soldier can use a laptop in the rain, or in a sandstorm. If I were to store a billion dollars I'd order one of those.

most likely, such amounts are stored in large exchanges under certain agreements and security guarantees, for example, the Winklevoss twins store their keys to wallets in different US cities in bank cells so that attackers cannot find, in general, there are enough ways.

From the highlighted sentence in the text, it turns out that whales should store their crypto in a titanium safe, and the safe in an underground bunker under a mountain with protection? I expected someone from whales to share his personal way here, at least incognito, but it looks like my expectations will be in vain.

Most likely (even you are talking about it) whales use the same methods of bitcoin storage as all other crypto investors.

We can only speculate on this topic, and none of whales needs to reveal the secrets of storing his multimillion-dollar wealth.

Cold wallet is something that people do all the time. That would be pretty hard to hack since it's offline, not impossible but as close to impossible as it gets. Which means that they are spending a good chunk of their time on making sure that they do not have too much on their hot wallets, and have enough on their cold wallets that make sure that they are protected.

So, for example if you are Binance, you put enough on hot wallet that you personally own, if you could possibly make that happen that means even if it gets hacked everyone else's money is always protected. This is why I believe that cold wallet is their solution and offline storing is the way to go when you are too rich.

Uh.. Saying "Bitcoin wallet" could even mean web wallets, which are definitely not hack-proof.

..or maybe offline non-digital backups like a piece of paper so no hacker can reach it? You know, like people always recommend newbies do.

Satoshi's wallet is uncompromised because safe to assume that he knows what he's doing security-wise. Probably only less than 1% of people are capable of such digital security.

The safest way to store everything in a hardware wallet. Even if you are a whale or not. It is good practice to keep them offline and away from scammers.
Also they will invest in many platforms to grow the amount.
Price different eventually caused by the whales. So they store some and invest in the right time.

I think they store bitcoins just like everyone else store them because bitcoin wallets are guaranteed not to be hacked, maybe they store keys in software not store them on internet connected devices. like the satoshi wallet until now it is still safe no one can hack the satoshi wallet.

There is the exact same topic atm: https://bitcointalksearch.org/topic/how-do-whales-keep-their-massive-amounts-of-bitcoin-5408578 . As it was said there the best is to use a hardware wallet or some other form of cold storage. In general it is also recommended to do multisig and more then one backup.

I think your average FIAT whale that bought a lot of coins for speculation, will use reputable Exchanges to store their coins. They do not want to burden themselves with too much technical hardware or software solutions...and they want those coins to be readily available... for those times when there are wild volatility in the market. (They do the same with Forex trading and commodity trades, so they will stay with what they know)

The early investors are more technically inclined and they also understand the advantages and the goal of every Bitcoiner to have financial freedom. (Controlling your own Private keys) <== They use hardware wallets & air-gapped systems.  

Yeah obviously you should use multisignature for the encryption of each word in order to keep the naked text away third party eyes. But would you then not have the same problem except that you went from storing the seed phrase words to storing the private keys to the seed phrase words? I guess you can divide up the keys and keep on adding multisig layers for extra security but it would never be 100% secure. Just more distributed. Also what I meant by "decentralized version" but was too lazy to explain.

However now wouldn't the problem be that the more layers you add, the greater the chance becomes that you could lose access to the wallet by losing access to a signature? So thats a problem I think most corporations/whales would rather avoid. The scary thought would be someone withholding a key to blackmail or sabotage a business from within, with their own funds.

No matter how I think about it, there's a huge flaw in security.

for large wealth amounts, multisig work. because there is no central point of 1 individual/one key to hit
on an airgaped PC where you then manually copy a RAW TW to a active internet pc

for say monthly amounts that are not used daily. hardware wallets.

for daily amounts normal wallets/nodes

the idea is hoard the massive amount as secure as you can where even if a bugler entered your home and tried blackmailing you. you personally cant give them your huge wealth as you dont have complete access to all keys at the same time.
where as if you were blackmailed using threat to real life. the most you can hand them is a month or so of funds
..

its a simple task of have wallets for daily weekly amounts and when they deplete move funds from weekly/monthly hardware wallet.

when weekly/monthly hardware wallet funds deplete. small allotments of 'coldstore multisg' weal wallet to the hardware wallet

the reason to have the middle wallet of hardware instead of just cold wallet multisig-> hot wallet, is that losing daily amounts to some hack/malware doesnt hurt as much as a weekly/monthly amount.
so its an extra layer of separation for risk tolerance and loss prevention by not having monthly amounts on hot wallets

If we're talking about rich people storing their coins personally, they might do that in hardware wallets or something like that. But if we're talking about the company or state's funds, then there are probably financial managers handling that and making deals with some other companies. In case of El Salvador, they have Chivo wallet, and it would make sense if the state's crypto funds are stored there (maybe the president's personal funds as well). And as Lucius pointed out, Grayscale uses a Coinbase service, which goes in line with my assumption that things like that would happen via centralized storage. Unfortunately, I don't think we'll ever have reasonable knowledge about it because it's big money we're talking about, and it makes sense that the whales will do their best to hide as much info about how they store the coins as possible.

I agree and this reminded me of a topic here where the discussion was about this Nuclear vault-type safe to hold the wealthy Bitcoin access Info which some of us even believe was way too much then. I think we might be overthinking that those whales might be doing things way different from what some other Hodler do in storing their Bitcoin like the hardware wallets but I think they could be the same and also being more careful with the access info too. 

Last time I heard about the way a 'whale' was holding Bitcoin or anything secure is when Binance's Zhao showed that USB stick on Twitter.  While normally it should be the more money you hold the more security you should invest in, I doubt all whales care that much and Zhao proved it.  My guess is, many of them keep their money on Hardware Wallets and a few of them maybe on some old laptop on Electrum or Core.  I bet only a very select few have airgapped computers and all of that.

-
Regards,
PrivacyG

Dividing up a seed phrase that way is not secure.  Each word of the seed that you leak exponentially decreases security.  An attacker who recovers a large enough proportion of shares, but not the whole thing, will be able to bruteforce the rest of the seed.  Furthermore, there is no way to provide redundancy, or to specify M/N access policies.

A popular approach to try to solve that is Shamir’s Secret Sharing.  In M/N Secret Sharing, an attacker who obtains M-1 shares has no information about the seed.  That has had some horribly buggy implementations, and it has been criticized generally by some experts (notably, Greg Maxwell).  I do NOT recommend using it, unless you know exactly what you are doing; but I disagree with the general criticism.  It needs better implementations, better standards (such as the Satoshi Labs protocol for this), and application to use cases where it makes sense—not ridiculous use cases, where it is too often misapplied.  Reconstruction of the key is potentially a major problem for the use case stated in OP; therefore, it may not make sense at all here, depending on the circumstance.  I note that there exists some enterprise software using SSS to secure the keys for corporate secrets; most Bitcoiners have no idea about that, and it is not a Bitcoin thing.

Multisignature, as I suggested in my prior post, accomplishes the same objective for the use case addressed in OP.  With Taproot, a M/N multisig (and many other access control conditions) can be made indistinguishable on-chain from ordinary spends; this obviates any blockchain privacy and distinguishability concerns, one of my own general objections to multisig.

A few days ago we had a similar question, and according to the information we have, Microstrategy uses the self-custody option for most of the Bitcoins they bought, while, for example, Grayscale uses the custody service from Coinbase.

MSTR and GBTC (Grayscale) Custody in Coinbase?

---

The only thing that is right is that everyone keeps their private keys, everything else is wrong and represents a risk. Although I don't see why any of these extremely rich people would publicly share how they protect their digital assets.

Most whales stores their Bitcoins in a place that would be non accessible to the public eyes, what they can do in these circumstances ?

- They can indeed store it in paper wallets of hardware wallets but do understand that a whale is not a holder their sole purpose can be just moving it around to create some waves in the market making people sell/buy their coins

Therefore at the end of the day they can use different names and invest the bitcoins in companies, in other things as well, keep them sorted in a wallet so they can take it anytime and move it around as well. Ofcourse the wallets have impeccable security because who would wanna loose so much money ?