Topic: Steps To Take If You Believe Your Seed Has Been Found/Compromised? (Read 149 times)

If your PC got compromized then most probably all your exchanges accounts, email accounts... got compromized too if you ever logged into them from that device. In that case, it doesn't matter whether the account is verified or not.

The safest thing to do is to create a new wallet on a safe and secure device and send all your coins to it. You don't have to set a very high fee rate. Just choose a reasonable fee rate and make sure to disable rbf.

Yes i know if you are have malware on your computer, then thats bad.  That is why i was saying sending it to your electrum isnt that safe if your computer has malware/virus.


So i thought... send it to an exchange where you are already verified... like coinbase.  I mean your funds there would be safe right if you send it immediately?  Also everyone would agree you should send it with the highest fee possible in a situation like this?


Now imagine someone with a lot of btc.  Like someone with say 5 btc to make it really serious.  If someone like that think their seed could be possibly compromised, they should immediately send all that btc with highest fee possible to their coinbase account right?  But before this, make a test transfer just to make sure the tiny bit of btc gets there... and if a situation like this arises, then they could send the whole balance of btc at once?

Preparation for the future:

Make new wallets. Back them up. Keep them secure. Print out or save a bunch of addresses. These are your emergency addresses to send to in case something like this happens.

If you need to do it now, then get a more secure computer (separate from whatever you are using) or set up a brand new Electrum or Bitcoin for Android wallet on a brand new phone which you just factory reset.

I would point out that if your computer has malware, you wont be able to trust any output from your computer. This means if you log into your coinbase account from your computer, the deposit address displayed is not something you should trust as actually belonging to coinbase. This means you will need to have an out-of-band way of confirming the deposit address is correct, and you would need to confirm you are sending to the address you think you are sending to on your HW wallet display.

Well the reason I wasn't a fan of sending btc immediately to my electrum account is what if your computer is compromised?  Thing is i do still have my electrum installed on my windows ten laptop like i did back when i stored my btc in it before moving it all to my nano ledger s.  So thus the program is legit but what if i got malware by clicking on links during this time or going to certain sketchy site?  I try not to.  Thus unless you are for sure your laptop doesn't have any type of malware/virus/keylogger, then wouldn't you agree its not one hundred percent good idea to send it to electrum on your computer vs an exchange like coinbase/binance?



Now let say your exchange account is already confirmed... as in coinbase.  Then you would agree its fine sending the btc immediately to coinbase if you think your nano ledger s seed is compromised right?  But if you never did any KYC, then it might not be a good idea?



Yea i asked about the 25th Word in Nano Ledger S.  As you know I never did that since I didn't want to try it on my nano ledger s in case something goes wrong.  Thus i didn't want to do that... then try to send btc from my current nano ledger s wallet to it... in case something goes wrong. 



I mean let say for example someone has 3 BTC to make it simple and that is obviously a lot of money.  They would create that  25th word... then send a tiny amount of btc to the new address... then send the bulk of it right?  Thus in their main wallet, they might have 0.3 BTC but 2.7 BTC in their hidden wallet right?



So even if someone has your seed, well they can only access the 0.3 BTC right?  Since they wouldn't know there is another 2.7 BTC in a hidden wallet right?  Now if they had access to your computer and you were to open ledger live, then aren't you screwed since it will show two wallets on ledger live?  Thus someone would know hey you have two wallets in that nano ledger s?  Lets assume they have no clue how much btc you have.  Obviously situation is much different if they know... there is no way you only have 0.3 BTC.



But i got to assume most ppl do not write their 25th Word down right?  Then again you need to write it down if something were to happen to you.  I don't know why people say don't use a very simple passphrase and use long word/characters.  If you do that... isn't that going to increase the risk of you not knowing what it is?


I can't imagine ppl here have a passphrase that is say twenty words/characters and it looks like this


mBEda6978798Ba.x.zjljkoalas?/   



Right?  No way anyone going to remember this.  I mean i don't see an issue if its like a sentence that you can always remember because if a thief has your seed... they going to still try to add a passphrase to it to try to see if you have a hidden wallet?

All other things being equal, I think Electrum is still safer than an exchange, no matter how "legit". For example malware is likely to affect your interactions with an exchange too, on top of having no control over the keys, risk of phishing sites, etc. And with all the 2FA/verify-your-new-IP/etc rigmarole that exchanges hassle you with, you can probably create a new Electrum wallet faster. You can even do it offline, although that's a bit complicated if you then need to broadcast the TX from the same computer.

If you have to act fast, each wallet will serve as a temporary solution to prevent someone from stealing your coins, there is not much to think about when it comes to the minutes that separate you from being robbed. An option that would be an alternative for me is definitely to have an extra account on your hardware device (same seed extended with strong passphrase) which can be accessed quickly with a secondary PIN (in case of Ledger).

jerry0, you have already asked similar questions, why don't you actually learn all the advantages of a hardware wallet? Make a new account with same seed, add passphrase and keep them separate, someone steals your seed and can't do anything without a password (passphrase).

There is no point in repeating ourselves, everything is explained to you in detail here -> 25th Word in Nano Ledger S

There is nothing wrong or risky with keeping any amount of bitcoin in Electrum wallet as long as it is kept safe. For example Electrum could act as a cold storage on an air-gap computer or a cold storage as in paper wallet (offline live Linux > create seed > write it on paper) and with proper care and encrypted it could be just as safe as any other method including hardware wallets. In fact in some cases it is more secure than a hardware wallet since these devices have flaws too.

You might describe coinbase or gemini as "legit" today, but all exchanges that lose customer money are generally considered as "legit" before said losses. You can evaluate the risks the exchange will become insolvent, or otherwise not honor your despoit with the risk of the alternative if your seed is compromised.

Having a lot of coin on your internet-connected computer is superior to having coin on a seed that an adversary has knowledge of. You could move your coin onto your internet-connected computer and keep it there until you have a chance of creating a new seed/new private keys with more security precautions.

Well if i send it to any exchange it would be a legit exchange... coinbase or gemini or binance.



Also i could send it to electrum but the thing is again, it is a program on your computer and you shouldn't keep much coins in it.  That is why a while back i moved it from electrum to nano ledger s.

I assume many of us here are maintaining more than one safe wallet. The safety level varies from one wallet to another with the largest bulk of your funds, probably for long-term hodling, stored in the safest. Should it happen that the seed of one of your wallets is compromised, you just have to urgently move all of your funds from there into another wallet. I don't think a test transaction is necessary. First, you're already familiar with the wallet you'll move your funds into. Second, and more importantly, you're in a race against losing all your funds.

If it happens that the seed that was compromised was from your one and only hardware wallet, you've got no choice but to withdraw it all and move the funds to another wallet considered less safe. That's temporary, though. Pending your next move, you just need to be quick making sure your funds will not be stolen. Having said that, I shouldn't mind paying the highest fee for the quickest confirmation.

Finally, of course, I would condemn the wallet thought to be compromised.

Creating/signing/broadcasting one transaction is going to take more time than it will to create/sign/broadcast two transactions.

If you have good reason to believe your seed is or is about to be compromised, you need to move your coin as quickly as possible. This is one rare situation in which, I would advise that if you don't have anything to hide, you should be willing to give up privacy for the sake of preserving the security of your coin. Keep in mind that if an attacker uses your seed to steal your coin, your privacy is lost anyway, along with your money.

As I mentioned above, time is of the essence to move your coin out of private keys that can be derived by the compromised seed. If you have an existing exchange account, moving your coin to that account may be a quick way to move your coin. There are risks to moving your coin onto an exchange, such as the exchange getting hacked (or "hacked") or your exchange account being compromised.

If you decide to generate a new address or new seed, you may decide to skip some safety procedures, including creating backups before using the private keys, in the interest of time. Which precautions you decide to skip is up to you, and you should weigh the risks of taking an additional minute to complete a precaution, and in that minute the attacker stealing the coin secured by your seed versus the risk of loss resulting from not implementing the precaution.

I believe the question has been well answered.

For privacy reasons right? You can split it if you want, but the more the transaction fee.

Noncustododial wallet will be the best if you need privacy.

To know the feerate (sat/vbyte), you can use mempool.space/ to know the fee you can pay to get transaction confirmed in a block fast.

I wouldn't send it to an exchange. So many extra risks (like KYC) for no extra benefit and if you have malware then your transaction to an exchange could get compromised too. Just create any wallet that is reasonably safe (Electrum, paper wallet, possibly some mobile wallets could qualify here too) and send to it, and then you can figure out what to do next.

So I have a nano ledger s.  I'm abroad outside the US but a US citizen.  My seed is back in the US. 



Now let say you suspect or know your seed has been found and someone had access to it... what is the immediate steps one should take once they know of this?  Of course it could be too late already especially if its an online hack.



But let say you believe someone had physical access to your seed and they could even be going to their computer to enter your seed and get into your account.  What are the immediate steps one should take if this happens?



I did keep coins in electrum a while back and still have the software on my computer but i transferred the coins from it to my nano ledger s a while back.  But if something like this happens, would the best immediate thing to do be immediately send the btc from the nano ledger s to either electrum or say an exchange like your coinbase or gemini or binance account?



Obviously if you do send it to electrum, you need to make sure your laptop is malware/virus free.  But wouldn't sending it to your coinbase or gemini or binance account probably be the best option? 



Most importantly in cases like this, would you make sure you pay the highest sending fee possible?  I believe it cost over twenty five dollars now to send btc now right?  But obviously if you have a good amount of btc since well even one btc is a lot now, that is what most would do here right?  Because you would have to worry about the other person sending it to their wallet before you right? 



Also would you send the whole balance at once or you try to break it into two or three transactions?  It would be stupid to do that since time is very important right?  But assuming you never send any btc from your hardware wallet to your coinbase or gemini or binance account, well there should be still no concern right since well when you logged in, they tell you this is your btc address.  For me, I always prefer sending a test transfer to a new site i never used just to make sure it works.  But with how expensive sending btc is now... is it worth just to test it out in case a situation like this arises?