Topic: Secure private key restore (Read 172 times)

I don't see this as a challenge, when you are given a private key in a process of opening a wallet all you need to do is to keep it safe and secured, now there are many ways to keep your private key safe.
You can write down your private key on a book and then keep it in a place where you know no one can reach, a lot of people are using this method you can decide to write it in two different books and then keep it.
You can also use cold store by storing your private key on a device that is never connected to internet for example USB drive.
Some people will write down there private key on paper and then snap it with there phone back it up with there email or Google account and then delete the photo of the private key from there phones if maybe they are in need of it they will just restore it and the picture of the private key will show this is also a good way to save your private key, which ever way you want to use just make sure is good and your key is safe and won't get missing.
One thing I will like to add again is that don't connect your wallet to airdrop if you do then you have given hackers an opportunity to get access to your wallet.

The major factor of bitcoin is being your own bank by holding the private keys to your wallet directly.
If we are giving it away to somebody else to hold then how can we guarantee that our funds won't be compromised.
If you are allocating few people to recover your seeds then they can join hands together to access your funds can't they.
You have hardware wallets already and you can seggregate your funds to different hardware wallets and keep them secure too.
Why take the hassle to compromise on security ?

If you still consider the same thing then why not buying other assets like stock, bonds etc... as they don't require you to remember any seedpharse.

But BIP 39 exist, where user expected to backup 12 or 24 words securely without ever touching private key directly.


Your usual multi-sig (N-of-M) address isn't enough. You need to create P2WSH or P2TR with custom spending condition.


CMIIW, but it means knowing someone else phone number, IMEI or similar data open possibility to steal Bitcoin.

That's the principle idea behind Bitcoin and without it, there is no reason for it to exist. So if that discourages some people from getting into bitcoin, that's a good thing.


Your idea is adding complications and is relying on other layers that are not part of the Bitcoin protocol itself which makes it not-work.

Additionally what you are dealing with is lacking uniqueness and reliable identifiability. For example in Bitcoin when you have a key, that key is unique and can not be produced by anybody else. Others cannot produce a signature from your key without having your key.
But when it comes to something like IP address, many users don't have a unique IP since their ISPs give them dynamic IP. Secondly unlike a private key, that IP address can be spoofed and a malicious actor can pretend to be someone else!

I believe that SLIP-39 is exactly what you are looking for.

Trezor created a mnemonic seed protocol similar to BIP-39 called SLIP-39. It is an improvement over BIP-39 and it supports key sharing. It can be used with the Trezor wallet as well as a few others.

Take a look at https://content.trezor.io/slip39

Hi,

You've outlined an intriguing concept for improving the security and recoverability of Bitcoin private keys using a form of multi-signature (multi-sig) and network-layer identifiers like SIM or MAC addresses. By involving trusted friends and family members and leveraging network access identifiers, you aim to create a secure and practical method to recover lost keys without sacrificing complete control over one's assets. This could help more people feel secure in their Bitcoin ownership by providing a fallback KMFusa mechanism through trusted individuals. It's an innovative idea that could indeed find interest in the crypto community!

It is very important and it is recommended in How to back up a seed phrase? There are more important steps but I quote a point that is similar to your advice.

Test your back up by recover your wallet from it and compare it with your original wallet, to see whether adddresses are the same. If possible, you can fund that wallet with small money, and test its balance from two wallets (original one and recover one). If addresses are the same, balances are the same, you are doing well from backup and recovery, it's time to fund it fully.

Don't focus too much on private keys as users normally shouldn't have to deal with those. That's the purpose of wallets to manage and use your private keys. If you want safety for your wallet, use a decent good hardware wallet or a proper cold software wallet (offline).

Take and accept responsibility for your non-custodial wallet(s).

Do practice recovery BEFORE you load your wallet with real value coins, whatever your wallet is. I have the feeling that a large percentage of users simply don't think of this important step. Verify(!) that you're able to properly recover your wallet from scratch! Do not postpone this step. There's no excuse, you can play around with Testnet coins practically for free (you should not pay for Testnet coins, usually there are some free faucets or donors where you can get enough Testnet coins to practice a lot of recovery experience).

Then recovery boils down to usually mnemonic recovery words and if used in addition to not expose the wallet's security to the recovery words alone, an optional mnemonic passphrase. (You can also have a multisig-setup, if you understand it properly and if it actually aids security.)
I'm not going into much details here, some decent knowledge always helps (https://learnmeabitcoin.com). Never store mnemonic recovery words and optional mnemonic passphrase together, that should be obvious. Prefer analog backup on decent paper and/or stamp your recovery details into resistant metal washers or similar for fire/elements protection. Online digital backups is usually asking for later desaster (not in all cases, but in most). It's simple: something never being online, can't be stolen online.

Document enough details so you know after years what purpose a particular wallet has and that you have all details for successful recovery later (you did practice it, didn't you?). Prepare documentation for your heirs should something bad happen to you.

Make an assessment of what risks could lead to a loss of your wallet(s). Pick the most likely ones and find reasonable remedies for them. It's not likely you can cope with every risk and over-complicating solutions are a risk on their own. It's surprisingly easy to shoot yourself in your foot.

Keep it simple, keep it decent. Practice, practice, practice and never forget good documentation. You can't rely on human memory!

thanks for your feedback.

I don't think the private key or seed should go online, but maybe allow it to be distributed to a trusted group of people.

And I don't think there must be an instant recovery for lost keys, it's like you lost you credit card, you may have a short term problem and you are unable to pay. But the fact that you can go back into your bank, is still there. It's not like you lost your whole amount.
I am really talking about the "last resort". And as an independent person, I want to decide to whom I give acces to my keys. And not just an institution, which, then becomes more and more powerful (which might be the insurance industry, if you think of it in the future).

And technology is only useful it it solved problem to people or to the real world. Otherwise there is no value (that's why customer centric design etc. was evolved). And imho this problem is not solved with Bitcoin. And we cannot expect that everyone will manage this by themself, or educate themself in that details as people do who are very much involved with Bitcoin.

Since private key or seed should never go online, I find this direction... wrong.

Nowadays people recover seed, not private keys, English words and maybe some added protection are more.. human.
For seed recovery there's for example Shamir's secret, but not the only way.

Then, you seem to be keen on the fact one has to recover his private key "right now". Why the haste?
You may have it in your hardware wallet or cold storage and only if that gets broken you'll need your backup. Plus, you may have a backup hidden in a way or another at hand (even if probably encrypted in a way only you can recover it).
So the others are imho a "last resort". And if they'll give you their share of the backup even if 30 days later would not be the end of the world.


I don't want to be too harsh, since you are right, the lack of means for recovery are a real problem, you are going into a wrong direction.
The problem is human: people are lazy or they're lacking the proper knowledge to make a good backup.
The problem is not technical. And yet you want to find a technical solution that imho weakens the security of the wallet, i.e. not good.
Sorry.

While your idea is creative, it introduces some potential downsides that could conflict with bitcoin's principles and practicality.

1. Linking bitcoin keys to personal network identifiers like sims or mac address could expose users to tracking or hacking. This goes against bitcoin'ss core value of anonymity.

2. Network identifiers can be spoofed, stolen or hacked. If someone gains control over trusted person's identifier, they might compromise the key recovery process

3. Sim cards, mac addresses and other identifiers can change due to upgrades, switching providers or technical issues. Managing these changes securely without risking access loss could add complexity

4. Incorporating network-layer identifiers might introduce reliance on internet or telecom providers which could conflict with bitcoin's decentralized ethos

Hi, I would like to open a discussion about an idea which I have since couple of months. So maybe some people here are interesting in joining this discussion.

I think one of the biggest challenge with Bitcoin is that there is no standard process to recover a private key. When you lose it, it's gone. You are fully responsible for keeping it secure, but also to keep it safe. This gets a lot of people out of Bitcoin, because all of sudden, they become fully responsible for their own money. It's like you have a lot of cash, and now only you need to make sure that you (A) you hide it to prevent it from being stolen (B) you never forget where you have hidden all your money.

Because it's difficult to solve a and b together, it becomes easier to trust a third party like a bank. Most people have other problems than constantly worrying about their money, which is, of course a good thing

So, if would have a physical key to my secure deposit, i would hand over a copy to the most trustful person in my life (which is usually a partner or someone within your family). But you can also slice the key into smaller chunks, and give it to some of your friends, where you know only them together can open it up. And if one friend disappears, the others can still open it. As far as I understood, this is multi-sig, which already exists for Bitcoin.

Now, the crucial question: Could the name (or let's say some identifier) of my friends somwhere be stored secure, in an encrypted way? The "name" of my friends would usually something like a SIM or MAC address; in TCP/IP stack at network layer (or physical link in OSI model). Because this is where we all get connected, either with a modem at home (for fix line access), or with a SIM card for mobile networks. And I would argue that most of people using Bitcoin have either one of those two access (unless you are constlantly using public WiFi / enterprise WiFi).

So if we could bring this part into Bitcoin, we could probably solve the issue with lost keys. It doesn't mean that anyone has to use it, but for those you want to define some people who could act as a backup, that would be awesome, if this gets standardized, and without having any other blockchain, token etc.

Because if that's the case, I could define a group of real people, which are able to recover my key, in case I would lose my key, e.g.

Alice
Bob
Charlie
David
Eve
Frank
Grace

Out of these 7, at least random 5 people must agree to unlock the key. Or Alice & Bob can do it alone, because they are my kids, and I trust them that they would never steal my money. Because we trust people in our life all the time, and, at least my perspective as a bitcoiner, I would rather trust some very close people around me than an anonymous institution like a bank, to solve problem (B) from my introduction text..

I know this is probably the part of multi-sig (which I don't fully understand technically, but the concept).

But I think the issue is, that those people should not have to carry part of this key with them, but rather having is somehow automatically technically assigned in a way they access the internet (and this data being encrypted).
For mobile network access (SIM), there are MSISDN (phone number), IMSI, ICCID, IMEI (device)
For fixed network access (depending on technology, if xDSL, Docsis or Fiber) it's MSIDN (phone number), OTO number, and/or MAC.

Of course there are some other identifiers which could be used. And the tricky thing is they can change over time (SIM switch, network operator switch, relocation etc.) But it's unlikely that all identifiers change for all of your 7 people immediately, under "normal" circumstances.

But I am basically wondering if it's possible to use something from the network layer and combine it with the application layer (where Bitcoin is, at least from my understanding how the internet is working)

And yes, this may break anonymity for people, but made for some people it's a good trade off.

Happy to hear some good input I hope I could explain a bit the idea.