Topic: State of secrets management, recommendations and improvement proposals 2022 (Read 278 times)

With descriptors available in recent Core versions you can create a Core wallet that is based on BIP39 or even Electrum mnemonic recovery words. You can even choose arbitrary derivation paths if you want. But frankly, it's not that easy and you need some trusted tools and a secured airgapped environment because you have to deal with extended private keys (xprv...) to accomplish it. You don't want to get those any near an online device.

HD wallets were an important improvement in Core, descriptors are a logical and welcome step forward for sure, especially with interoperability with other wallets in mind. Maybe, one day we get a simple to use mnemonic words setup for Core, too.

The pass (and it's GUI QtPass; by Jason A. Donenfeld) may be viable alternative.

These are all valid questions but I believe they have been asked and addressed many times. Nothing has really changed I would say in the last 4 or 5 years.  and nothing is likely to change in the next 4 or 5 years. what worked yesterday still works today. I'm not sure what exact purpose this thread brings to the table but as always lots of helpful replies. but it's the same info as always pretty much. 

It is a legitimate concern, that some malware could copy itself to your USB drive along with the new version of your software (or indeed an unsigned transaction), and then from their copy itself to your airgapped computer. Of course you can use QR codes to move transactions to avoid this, but you can't use QR codes to move an entire piece of software, such as a new wallet version. So for this I tend to download the new wallet software on a live OS before transferring it to a USB drive, so I know there is no malware lurking in my daily OS waiting to activate itself.

This is the benefit of using seed phrases and HD wallets. Once you have backed up your seed phrase, then your back ups are permanently up to date and in sync with your main wallet. As soon as you recover that seed phrase, you can regenerate all the private keys and addresses you have ever used.

The NitroKey looks good at first glance. I take a closer look at it.

... and up-to-day/in-synchronization with one another.

There are relevant points by Open Web Application Security Project for consideration: "https://cheatsheetseries.owasp.org/cheatsheets/Key_Management_Cheat_Sheet.html".

That makes lot of sense. I was overthinking the situation and considering the risk of some malicious app or file being on my online device, as I use it more often and it is considered less secure than the airgapped one.

Since this does not have to be done often and I still have to maintain some level of security on my online device, there is a reduced risk or a breach.

- Jay -

I see. Although if you're looking for device which support RSA keys (example you mentioned) or arbitrary data, NitroKey would be better option.


I'd say default 3-2-1 is good enough since it's already better than many user do (1 seed backup on paper and 1 wallet file/application on their online device). Although it might burden user to make sure all copies is properly secured/protected.

If your airgapped wallet is already set up securely and working fine, then there is a lower requirement to keep up to date with new versions. It is essentially functioning simply as a signing device, and as long as you double check everything you are signing and have signed, then the risk of a vulnerability being exploited is almost zero. I don't care about any new features, Lightning support, etc., on my airgapped wallet. I keep an eye on the change log of each new version, and only if there is some critical bug fix will I upgrade my airgapped software. It's as simple as downloading and verifying the software on your online computer, and then securely transferring it to your airgapped computer.

I should have been more clear - I was referring to non-bitcoin related sensitive electronic data, such as PGP keys, or copies of important documents, that kind of thing.

I think it is a reasonable minimum to use. For any wallet you create, write down the seed phrase twice, and store one of those copies off site. 3 copies of your data (the wallet itself plus the two paper back ups), 2 different mediums (electronic wallet and paper), 1 offsite. If you are worried about storing your raw seed phrase offsite, then use a system where compromise of the seed phrase on its own does not lead to compromise of your coins, such as multi-sig or passphrases (again all backed up separately).

Maybe. I don't have already opinion about it.

One more question: whether to modify 3-2-1 backup rule (for bitcoin private keys)?

Alright, I understand now. An arigapped device require more careful attention to set up and use properly. I am aware of how to sign a transaction on an airgapped device and another device with a watch only wallet, but I am not sure how to properly check for updates and maintain the latest version of the software.
A hardware wallet efficacy would depend on the particular product and its specifics.

Understood. I am aware not to store sensitive data like seedphrases electronically, but your first reply seemed to suggest you do that sometimes.

For regularly used wallets, I still keep this on an airgapped device. Once you get a hang of it, transferring out of such wallets get easier to do.

- Jay -

You should avoid storing your sensitive information such as seeds and passphrases (by which, I assume, you mean so-called 25th-word addition for your primary seed) on electronic devices: computers, laptops, USB sticks, HDDs, or SSDs. Consider using more durable physical media such as metal plates, washers, and even regular paper notebooks because they are more robust than any electronic device. Keep separately the backups of your seed and passphrase because you don't want hackers to find out that the latter even exists: it allows for plausible deniability that you even have what you have. For seed phrases that you use regularly, employ reliable protection hardware such as Trezor or any other open-source hardware wallet that has proven its reliability. Hardware wallets are designed to be used within hostile environments, and they offer the optimal balance of security and convenience.

I would consider it to offer more protection than most hardware wallets, if done properly.

Most hardware wallets are not truly airgapped and require to be connected to an internet enabled device to function. There have been a number of vulnerabilities discovered against various hardware wallets which could result in loss of coins. There is also the privacy aspect of them making it completely obvious that you are holding bitcoin, having to hand over personal details to the manufacturer, and often having to use the manufacturer's software. The significant benefit to hardware wallets are they are in general very easy to use, whereas correctly setting up and using an airgapped device without making a critical mistake is much more difficult.

I don't store these electronically. Such back ups I do on paper.

An airgapped computer can provide the highest level of security but at the same time it is very difficult to create correctly (paper wallet is in the same category since you have to create it on an airgap computer) since you have to know how to create a "clean" environment that can be considered air-gap.
On the other hand hardware wallet is pretty easy to acquire and use while provide an acceptable level of security.

Would you consider the permanently airgapped computer to offer the same level of protection as the hardware wallet or paper wallet?
If not, which would you recommend as the highest level of security for cold storage?

Also, how do you store seedphrases and passphrases on a computer? Simply as a file or do you have the wallet set up fully on the device.

- Jay -

For non bitcoin secrets such as PGP keys or other highly sensitive data, I generally store them on a permanently airgapped computer which uses full disk encryption and never leaves my house, or some encrypted removable storage which is only ever mounted on an airgapped computer.
For bitcoin private keys, seed phrases, passphrases, etc., I store some of them in the manner above, and some in a variety of other methods such as hardware wallets and paper wallets.
I use a password manager for online account log ins, but I don't use it to store anything related to my bitcoin wallets.

I don't store private keys, anywhere. Only the seed phrase, written once with pencil in paper, with closed curtains, generated in an air-gapped device, and with all other required protection measures.

KeePassCX. Open-source, cross platform, uses 256-bit AES encryption, and is maintained a decade now.

I wouldn't use Bitcoin Core as a wallet software to begin with, because backing up wallet seems more complicated than needed. Seed phrases should be the standard, and fortunately is.

Trezor and ledger have password manager extensions iirc (trezor definitely does). There's also a python module that can handle pgp that I've seen mentioned here before.

There also looks to be a trezor implementation of SSH: https://trezor.io/learn/a/ssh-with-trezor

I haven't tested any of these but just know others have used them or they're available.

What tools to use to protect (keep secret, store and backup) private keys?
What tools to use to protect other secrets, e.g. passphrases?
What tools would you recommend and why? What problems and risk need to be considered?

Bitcoin Core 24.0.1 users are left with setting passphrase and backing up (copying) their wallet.dat file to another machine from time to time, I suppose. Would you give additional recommendations or tips to make the setup better, please? There are a few limitations of it for regular HODLer, I think:
- not easy to hand-write secrets on paper in order to make "paper wallet" backup (use of a printer is out of the question),
- not easy to backup together with other secrets, like passphrases to safe deposit box, documents.

HSM/hardware wallets don't allow to store non-Bitcoin secrets like SSH (RSA) keys.

There are only a few tools to choose from, among others GPG. Any reviews of alternatives or Conjur?