Topic: Multiple wallets mathematically more prone to loss? (Read 1742 times)

Brain wallets should really only be used if you have serious concerns about your computer being compromised in the future (and this is a legitimate concern).

An effective brain wallet must be memorized, otherwise it is no better then a paper wallet or a password protected wallet on your computer.

People use "mining farms" to calculate the public key of many brain wallets and monitor the blockchain for when btc is transferred to the address. When it is they use a script to push a TX to transfer the coins to an address they control.

Choose words from different languages.

Yes, but if you have your coins in 7 wallets like mine one loss won't be to bad. All mine are online though and that's obviously more prone to loss than offline.

A backup of the brainwallet, perhaps stored steganographically, or broken into sections and given to various trusted parties, is a good thing.

Whether you still consider it a brainwallet or not is semantics.

The key is to not have too many wallets so that you cant keep track of them all. Having a ridiculous amount is just going to be tedious and stressful.

Sure, but if you have a 160 bit brainwallet then what is that, 14 - 15 words?  You'll have to write it down.  So that's a paper wallet, where you're encoding the private key with words instead of base58.  It's not a brainwallet.

Brain wallet is VERY dangerous

Move your BTC ASAP to address generated with https://bitcoin.org/en/download and just print on paper (with big fonts) your private key (at least 3 copy)

Also is good idea to generate 4 or more wallets instead of one (I have 55 BTC in 4 offline wallets)

Anyone can also work on cracking a private key from anywhere too without the wallet file.
Bitcoin private keys have 160 bits of security, maximum.

So, you just have to make sure your brain wallet has enough
bits of security (128-bit or more).

It's not just that.  Everyone can work on cracking a brainwallet from anywhere.  To crack a wallet.dat file they have to have a copy of it.

...which is why electrum doesn't allow that.

As long as you have enough entropy, I do agree brain wallets are perfectly fine. The reason why many people including myself advise against it is that in general people are too lazy to properly choose random words instead substituting them for words they believe to be random or ones from famous films/songs/poems et al.

If I can remember two or three of the five words I could alway brute force the rest if necessary

This was my thought as well... I'd rather have a bigger chance to lose a LITTLE than a smaller chance to lose absolutely everything.

But then again you could use backups of each SD card as well and create a bigger buffer (same with wallets).

Are you saying the average person can't memorize  a 12 word pass phrase?

Well you have solved only half the problem. For most people, a set of words that can be reliably memorized is going to be easy to brute force.

Thats security on the order of 2^90.
Still strong, but electrum has 2^144.
so you should choose 8 or 9 words
from that dictionary.

Off-topic I know, but this seems to me to be a complete myth.

Chosen at random from my old Longman's Dictionary (pages opened at random)...deform lockage sedate daunt captive

The dictionary has 70,000 words:

70,000^5 = ~ 2*10^24

Try brute-forcing that 

I am pretty sure OP meant multiple different wallets.

With many copies of the same wallet, the situation get worse because the wealth can be stolen from any of the wallets, and there is no distribution of risk.  That said, backups are obviously needed in some form.   But that's another thing I like about electrum.  Your secret seed serves as the backup, so no additional backups are needed which could increase the risk.

In this thread:

A bunch of people who failed to consense on whether they were talking about many COPIES of one wallet, multiple different wallets with a little wealth in each, or some combination thereof.

This is not rocket surgery.

You're very simply spreading your risk and its a trade-off.  You're more likely to have any
one thing (wallet, card, whatever it is) fail, but if it does, your total loss is only a fraction of the whole.
And when it comes to money, it is generally prudent to spread your risk which is why
smart investors diversify their portfolios.

If you really want the math:

Assume you had five wallets, each with a 1 percent chance of failure.
(99% chance of success of safe storage).

.99 to the fifth power is approx 95%, so now it's a 5% chance you'll
Lose 20% or more of your money! rather than 1%.

But .01 to the fifth power means it's only 0.00000001% chance
You'll lose ALL YOUR money.  So you decide.   

As far as Electrum, I highly recommend it and also using the cold storage brain wallet.  Great choice!
Just make sure the cold storage really is cold and you have a secure way to recover your own seed.

I wouldn't worry about quantum computers.  The 12-word electrum seed is chosen from a 1626
dictionary, giving you 128 bit security, with an additional 16 bits of security added in with key
stretching for a total of 144 bits of security.  The maximum security you can get with bitcoin
private keys right now is 160 bits...therefore if quantum computers ever became a threat,
all of bitcoin would have to upgrade, not just electrum.

Also, to the critics of brain wallets, Electrum does it right using computer generated entropy
(you CANNOT enter your own arbitrary seed), so no one can guess it....and for those that say don't
use brain wallets because you never know if the method could change to retrieve the
private keys, I've provided a stand-alone python script using the current electrum method,
just in case you don't trust the electrum developers would consider backwards compatibility. (see the electrum subforum)