Bitcoin Forum>Bitcoin>Bitcoin Discussion
Author

Topic: iancloman+bitaddress.org and passphrase as a privatekey for coldstorage ? (Read 157 times)

o_e_l_e_o
legendary
Activity: 2268
Merit: 18711
iancloman+bitaddress.org and passphrase as a privatekey for coldstorage ?
October 12, 2021, 08:38:34 AM
#6
Quote from: abhilodha on October 11, 2021, 01:18:44 PM
step7: note down the seed and passpharese.
Note them down at least twice each on at least 4 separate pieces of paper. Noting them down together renders the passphrase pointless, as if someone compromises one of the two pieces of information then they have compromised them both. Noting each of them down only once gives you no redundancy and leaves you open to risk of total loss. Store all 4 pieces of paper separately.

Quote from: abhilodha on October 11, 2021, 01:18:44 PM
note : i would have used talis and electrum but i want to make a bip39.
You can still use Tails, and instead use /dev/urandom to generate your entropy and import that in to Ian Coleman to get around the issues discussed above of generating entropy in a browser.

Quote from: hatshepsut93 on October 11, 2021, 06:42:56 PM
OP, why not use Shamir's secret sharing? I think Ian Coleman has mnemonic tool for that, and it would allow for a better setup than this.
Because https://en.bitcoin.it/wiki/Shamir_Secret_Snakeoil. If you want some sort of m-of-n system, then a better option is to use multi-sig.
OcTradism
hero member
Activity: 1722
Merit: 801
Re: iancloman+bitaddress.org and passphrase as a privatekey for coldstorage ?
October 11, 2021, 08:58:54 PM
#5
It is not necessary. You complicate the process and are you sure that you will have good backups of all the steps you are doing?

Because it is a complex process, if you lose backup of one of these steps, you will lose your Bitcoin.

Do it simple. Choose a non custodial wallet, download it, verify the wallet and install it to use.

Create your wallet offline and backup your private key or mnemonic seed. It is the best if you use an air-gapped computer to create and store your wallet.

[Guide] Secure air-gapped crypto wallet storage method
Good topics on security and privacy. Check it out for more topics.
hatshepsut93
legendary
Activity: 3024
Merit: 2148
Re: iancloman+bitaddress.org and passphrase as a privatekey for coldstorage ?
October 11, 2021, 06:42:56 PM
#4
Quote from: BlackHatCoiner on October 11, 2021, 01:29:55 PM
It is also not recommended to generate random numbers from javascript. Read

This used to be the case 20 year ago, but today browsers come with secure RNG seeded with device's entropy. Wallets like MEW use it and it's not a problem.

OP, why not use Shamir's secret sharing? I think Ian Coleman has mnemonic tool for that, and it would allow for a better setup than this. Currently you have a seed which is useless alone and passphrase that is impossible to memorize and is useless alone. But with SSS you can create N of M setup where each shard is equal and you don't need them all to get the key.
jackg
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
Re: iancloman+bitaddress.org and passphrase as a privatekey for coldstorage ?
October 11, 2021, 03:12:39 PM
#3
Aside from what bhc says which uou should consider (also maybe find a wallet you can download and trust that does accept bip39 if you do really need it for some reason).

I don't know if it's even possible to use a private key as a passphrase but it's not very useful either way - especially since you can just use part of an electrum seed.
BlackHatCoiner
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Re: iancloman+bitaddress.org and passphrase as a privatekey for coldstorage ?
October 11, 2021, 01:29:55 PM
#2
Quote from: abhilodha on October 11, 2021, 01:18:44 PM
step 6: create 24 word seed in iancoleman and use the private key created in step5 as passphrase.
This isn't just unnecessary, but it'll makes the point of seed phrases meaningless. Why would you add a passphrase you cannot remember in another thing you cannot remember, and that's why you've written it down instead, when it provides you no more essential security?

There's not even a reason to use bitaddress.org above iancoleman. Just generate twelve words and write them down. It is also not recommended to generate random numbers from javascript. Read Concern about RNG.

Quote from: abhilodha on October 11, 2021, 01:18:44 PM
note : i would have used talis and electrum but i want to make a bip39.
Is there a specific reason you don't mind sharing with us?
abhilodha
newbie
Activity: 25
Merit: 5
Re: iancloman+bitaddress.org and passphrase as a privatekey for coldstorage ?
October 11, 2021, 01:18:44 PM
#1
is this considered secured

step 1: find a clean online pc and download iancoleman html file from github and verify signature and hash
step2 : on clean pc go to bitaddress.org and download the file using github link there and verify the signature
step 3: burn linuxmint on dvd and
step4:  take dvd and both html files on usb to an always offline pc.
step 5:  run the dvd live session create a private key in  bitaddress
step 6: create 24 word seed in iancoleman and use the private key created in step5 as passphrase.
step7: note down the seed and passpharese.



is there any flaw in the method for making a coldstorage

note : i would have used talis and electrum but i want to make a bip39.
Bitcoin Forum>Bitcoin>Bitcoin Discussion
Jump to: