Pages:
Author

Topic: Thinking of separating my holdings into two physical locations. - page 5. (Read 1079 times)

legendary
Activity: 1372
Merit: 2017
Completely removing the ability to give thieves a part of your bitcoin holdings isn't the smartest way to go about it. Would you rather die and have parts of your body chopped off, or give the thieves an already prepared amount of BTC that isn't passphrase-protected?

No. From the beginning I am talking about having my holdings or rather the management of my holdings divided in two places, that is to say that they would take 50% of my holdings. If we add the layers according to the advice of the thread it could be less.

Anyway. If you have a lot of bitcoin and they know it, if they are bitcoin savvy people who think you have 50 Bitcoins, they are not going to stop cutting off your body parts because you show them 0.3 Bitcoins in your HW.

Most of the things we worry about 99 percent of the times don't happen, OP and everyone else should take the necessary precautions of securing their bitcoin rather than worrying about getting beaten up by thieves.

Yes, I think so. The situations that we pose are movie situations, violent or even horror, but it's always good to be cautious. In any case, they are not going to come to cut my legs off to get my bitcoin because most of my net worth is in KYC assets that are not instantly transferable, but in this forum there are those who have a very important part of their net worth in Bitcoin and also have a considerable net worth, so it is understandable that they are concerned about their privacy to the maximum.
hero member
Activity: 1302
Merit: 561
Leading Crypto Sports Betting & Casino Platform
If we apply it in crypto, we know that data in a hard wallet is important to access our holdings, so if the hard wallet is destroyed due to fire or food, that means we also lose our funds.
The device itself is just a means to get to your crypto. It's not that important. It's the seed backup that is the main worry. One piece of software or hardware can easily be exchanged for something similar but the lost seed words are irreplaceable (if no other backups exist). 

So, how would you resist a $5 wrench attack? Willpower?
Completely removing the ability to give thieves a part of your bitcoin holdings isn't the smartest way to go about it. Would you rather die and have parts of your body chopped off, or give the thieves an already prepared amount of BTC that isn't passphrase-protected? You are not going to have much pleasure with your bitcoin if you are blind or deaf from the beating you took. Not to mention the guilt that could be eating at you if something happened to your family members because you didn't have what the robbers wanted.

Most of the things we worry about 99 percent of the times don't happen, OP and everyone else should take the necessary precautions of securing their bitcoin rather than worrying about getting beaten up by thieves. It's a weird thought and could lead to unnecessary panic even when nobody has the intention of attacking us. Separating his bitcoin in different locations can help in situations like emergency, offering his loved ones help when on vacation or traveled for something else they can be instructed to access the little amount of bitcoin kept in the room to solve a money related problem till he is back. Things like that can help ease the mind instead of worrying about fire and floods.
legendary
Activity: 2604
Merit: 2353
you're talking this dude that this stuff is his 32-byte seed base58 encoded while it's his public key from which he'll never get his coins back. fuck you
Where have you seen that bro?  Cheesy Please don't troll, try to be civilized instead even if you don't speak english very well, ask questions if you don't understand something and explain with arguments if you disagree with it.  

bx seed -b 256 generates a 256bits seed in hexadecimal radix. https://github.com/libbitcoin/libbitcoin-explorer/wiki/bx-seed

bx ec-to-ek "my passphrase" just takes this seed from the pipe and encrypt it with the passphrase "my passphrase" through the BIP38 algorithm. https://github.com/libbitcoin/libbitcoin-explorer/wiki/bx-ec-to-ek

It's just an encryption of the seed with a password basically, and you can use your own 256bits seed instead of generating a new one. So when you will deciphering it using the opposite function bx ek-to-ec "my passphrase" you will get back your initial 256bits seed.

You can try it yourself buddy
Code:
$ bx seed -b 256
> 67b2b4678c92df31befed008aa0007d3d93ab42cafb4f5a819fcf804e1492088

$ bx ec-to-ek "I love orange juice (with vodka)" 67b2b4678c92df31befed008aa0007d3d93ab42cafb4f5a819fcf804e1492088
> 6PYKb4e2HmmmtwuSYiBEknFv2XdaGmu1Ad4DmA4ypjg22FdRPKh1V5vJNk

$ bx ek-to-ec "I love orange juice (with vodka)" 6PYKb4e2HmmmtwuSYiBEknFv2XdaGmu1Ad4DmA4ypjg22FdRPKh1V5vJNk
> 67b2b4678c92df31befed008aa0007d3d93ab42cafb4f5a819fcf804e1492088

$ bx mnemonic-new 67b2b4678c92df31befed008aa0007d3d93ab42cafb4f5a819fcf804e1492088
> guilt noble boring bomb combine occur winner sure anger exotic acid police neck foam razor walk volcano dolphin left useless evoke pig lion amount
legendary
Activity: 2898
Merit: 1823

The same reasoning can also be applied to credit/debit cards, leather wallets, and other "containers" of money: people who have or use them in public are clearly not that poor. Yet, we rarely see people being attacked just after paying at the checkout of a grocery store.

Because they have grown to be very common in modern society. Especially the usage of Credit Cards today, they're more viewed as something that's holding debt to the banks than a status symbol. Perhaps 70 years ago when the first Credit Cards were issued to important clients, they were good targets for robberies. Currently, no. Credit Card holders usually have more debt than wealth.

That doesn't really matter because credit card fraud is still a very real thing and they will not only drain all the money in your cards but also max out your credit limit as well.


Then it wouldn't matter. Everyone who can be attacked will be attacked. If the target is a user of cryptocurrencies, then it would be easier to find them if they own a hardware wallet. Because you debate that "it's also common that users of credit/debit cards are attacked" doesn't mean that hardware wallet users will be safe from robbery and theft. It's more reason to protect yourself from being exposed as a Bitcoin HODLer. To be honest, one of my regrets is telling close friends and family that I have Bitcoin.
member
Activity: 351
Merit: 37
you're talking this dude that this stuff is his 32-byte seed base58 encoded while it's his public key from which he'll never get his coins back. fuck you
legendary
Activity: 2604
Merit: 2353
Don't troll please, why you couldn't use base58check-decode? Feel free to explain it. Did you try it at least? When I try it, it works perfectly for me as you can see below. You can use bx base58-decode and bx base58-encode instead if you want but base58check-decode/encode works nicely too, and it shows the real (hexadecimal) value of the key at least, not a fake/virtual one. If you've got an error with bx base58check-encode it's certainly because you forgot to add the version argument (-v1) https://github.com/libbitcoin/libbitcoin-explorer/wiki/bx-base58check-encode

This is what I get :
Code:
$ bx seed -b 256|bx ec-to-ek "my passphrase"
> 6PYVhGuMvof7SDQpy598QRuSUhChaoimM4YzoX4VYBJ4veWBqLAUTHHR69

$ bx base58check-decode 6PYVhGuMvof7SDQpy598QRuSUhChaoimM4YzoX4VYBJ4veWBqLAUTHHR69
> wrapper
{
    checksum 2325530819
    payload 42e0d8294d0ed28bc97dc3d319e1c1dd67b32f3f0c4882394c88a5c0bec5c4979793fb72a0d1
    version 1
}

$ bx base58check-encode -v1 42e0d8294d0ed28bc97dc3d319e1c1dd67b32f3f0c4882394c88a5c0bec5c4979793fb72a0d1
> 6PYVhGuMvof7SDQpy598QRuSUhChaoimM4YzoX4VYBJ4veWBqLAUTHHR69

member
Activity: 351
Merit: 37
[quote ]

So now, you need to transform this string into a phrase with BIP39 words, you can do that this way :
First, thanks to bx base58check-decode you can get the hexadecimal value of this string.

[/quote]
it's garbage. you need base58 not base58check. this guy doesn't have a clue
legendary
Activity: 2730
Merit: 7065
If we apply it in crypto, we know that data in a hard wallet is important to access our holdings, so if the hard wallet is destroyed due to fire or food, that means we also lose our funds.
The device itself is just a means to get to your crypto. It's not that important. It's the seed backup that is the main worry. One piece of software or hardware can easily be exchanged for something similar but the lost seed words are irreplaceable (if no other backups exist). 

So, how would you resist a $5 wrench attack? Willpower?
Completely removing the ability to give thieves a part of your bitcoin holdings isn't the smartest way to go about it. Would you rather die and have parts of your body chopped off, or give the thieves an already prepared amount of BTC that isn't passphrase-protected? You are not going to have much pleasure with your bitcoin if you are blind or deaf from the beating you took. Not to mention the guilt that could be eating at you if something happened to your family members because you didn't have what the robbers wanted.
legendary
Activity: 2604
Merit: 2353
Quote
The hardship is about getting it right since there is no standard for it and generally speaking inventing your own cryptography algorithm is not a good idea. I basically got the inspiration from BIP38[1] but instead of encoding the result using base58 I encode it like BIP39 to get words. The salt would add an extra word (128-bit entropy and a 32-bit salt to get 15 words) which could be increased in size to get 24.

[1] https://github.com/bitcoin/bips/blob/master/bip-0038.mediawiki
Are you encrypting a seed phrase with this algorithm and not just single private keys? Why not just follow it pedantically instead of modifying some parts like encoding? What if, several years from now, you forget what encoding you used when constructing your encrypted words? Maybe I am wrong, let alone I am not a security or cryptography expert, but I see many shortcomings in this approach.
You're right it implies to take care of your script or at least to be able to write it back again, even in several years from now, if you lose it.  
So it's maybe safer to use Bitcoin eXplorer and "your hands" instead.

As it is explained here in the BX manual, you can encrypt a fresh generated entropy, or your own 256bits one, with the BIP38 encryption algorithm by using this command :

$ bx seed -b 256|bx ec-to-ek "my passphrase"
> 6PYN8wh8nNr18UvTf78s95cwNAgdd3zBsiB1b1H3vdn7A5SHmUb7XnHjqd



So now, you need to transform this string into a phrase with BIP39 words, you can do that this way :
First, thanks to bx base58check-decode you can get the hexadecimal value of this string.

Now you will "just" need to convert this hexadecimal number into a binary one, and with your hands, to split it into groups of 11 bits, each encoding a number from 0-2047, serving as an index into a wordlist as BIP39 does and to find the word corresponding to the index(+1) into the BIP39 dictionary of the language of your choice.


For decyphering your seed you'll consecutively take the index(-1) from the dictionary of each word of your phrase, convert each decimal index into its 11bits binary value (with enough 0 for padding) , group de 11bits words into a whole binary number that will be converted into its hexadecimal value, apply bx base58check-encode to this value and finally decrypt it with your passphrase thanks to bx ek-to-ec "my passphrase".

From the entropy, you just need to use bx mnemonic-new to get the bip39 mnemonic seed.


legendary
Activity: 2268
Merit: 18771
So, how would you resist a $5 wrench attack? Willpower?
Deniability, and giving the attacker what they want.

I have my stash split among a range of wallets. These wallets are a range of single-sig, multi-sig, passphrased, etc., as well as a range of software, hardware, paper, airgapped, etc. I can easily hand over a couple of these wallets to an attacker. Meanwhile, all the wallets are completely separate, both from a physical perspective and a blockchain perspective, so no wallet gives any indication as to the presence of any other wallets.

This is part of the reason I am such an advocate for good privacy. Good privacy lends itself to good security. If an attacker does not know your addresses, your wallet configuration, or even if you have bitcoin at all, then you are less of a target.

The modus operandi is that they make sure no one is home, enter, and look for something of value to take, but they do it quickly. I would say that in 5 or 10 minutes they are gone.
Seems unlikely then that they would find a well hidden seed phrase, but personally I would still be looking to move any coins from any seed phrases hidden in that location to a new wallet.

I think we agree that the best protection against attempts to steal your bitcoins is that no one knows you have them.
Absolutely.
legendary
Activity: 1372
Merit: 2017
You couldn't obviously if you had no other back ups. I personally prefer to have all my back ups in at least two locations.

So, how would you resist a $5 wrench attack? Willpower?

And how long did it take your family to be alerted to the break in?

Not too long. Maybe a couple of hours. It is an area where there are many vacation homes. Of middle class people let's say, not ultra-rich. Some have home alarms, but those have also been broken into. The modus operandi is that they make sure no one is home, enter, and look for something of value to take, but they do it quickly. I would say that in 5 or 10 minutes they are gone.

I think we agree that the best protection against attempts to steal your bitcoins is that no one knows you have them.

legendary
Activity: 2268
Merit: 18771
They broke into that house once, there was money hidden there and they didn't even find it.
And how long did it take your family to be alerted to the break in?

The main point here is that if thieves break in again it's most likely they will not be looking for Bitcoin. They won't find the seeds among a mountain of papers, and I think I can camouflage the HW quite well too.
I've spoken about this before, but there are dozens of places you could hide a seed phrase on a piece of paper in a house that would be near impossible for an attacker to find unless they knew exactly what they were looking for and had days or weeks to take apart your entire house. Unscrew some electrical socket or light fitting and stuff the piece of paper inside your wall or ceiling (just be careful of the cables, obviously). Slice a tiny hole in to some piece of fabric furniture such as a sofa, put it inside, and sew it back up. Drill a hole in to to some piece of wooden furniture which would not ordinarily be visible and stuff it in - for example on the top of an internal door, or the join between a table leg and the top of the table.

A hardware wallet is obviously more bulky, but many of the same possibilities are still viable.

I don't see how I could move the funds if I leave the HW and the seeds there.
You couldn't obviously if you had no other back ups. I personally prefer to have all my back ups in at least two locations.
legendary
Activity: 1372
Merit: 2017
Does anyone else use it? Do you rent it out?

Close family only. Don't rent it out.

Does anyone check on it when you are not there? Does it have a security system you can log in to remotely to check? If someone breaks in, will you be notified immediately, and can take immediate steps to move any coins to a new wallet?

They broke into that house once, there was money hidden there and they didn't even find it. The main point here is that if thieves break in again it's most likely they will not be looking for Bitcoin. They won't find the seeds among a mountain of papers, and I think I can camouflage the HW quite well too.

I don't see how I could move the funds if I leave the HW and the seeds there.


legendary
Activity: 2268
Merit: 18771
Obviously, I don't think it is worth buying another house just for that, but if you already have them, if you have two houses, why not take advantage of that to store the HW with their corresponding seeds separately?
The second biggest consideration when storing a back up off site (second obviously to the security of that location), is how you would be notified of compromise, and how long that would take. If I buried a back up somewhere under cover of darkness (for example), then the only way I'm going to know if someone has dug it up is if I visit that site to check. That in itself might lead someone to my back up, or I might go weeks or months without realizing that someone has accessed by seed phrase and is currently searching for or trying to brute force my passphrase.

What is the set up of your vacation home? Does anyone else use it? Do you rent it out? Does anyone check on it when you are not there? Does it have a security system you can log in to remotely to check? If someone breaks in, will you be notified immediately, and can take immediate steps to move any coins to a new wallet?
legendary
Activity: 1372
Merit: 2017
However, it is not worth it to rent out or buy a property just for the storage of seed phrases, unless you also plan on using it for other things.

Obviously, I don't think it is worth buying another house just for that, but if you already have them, if you have two houses, why not take advantage of that to store the HW with their corresponding seeds separately?
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
One drawback I see is that if the house burns down I would lose everything I manage with one HW, but well, that risk I also had now, having 100% of the management of my holdings in one site.

Don't keep your backup HW wallet inside Florida (floods) or California (wildfires) then  Wink

Your best bet is to store it inside a basement in an area that is not known to have frequent natural disasters.

I mentioned the basement specifically to avoid tornados if that's a thing in your backup location.

However, it is not worth it to rent out or buy a property just for the storage of seed phrases, unless you also plan on using it for other things.

The same reasoning can also be applied to credit/debit cards, leather wallets, and other "containers" of money: people who have or use them in public are clearly not that poor. Yet, we rarely see people being attacked just after paying at the checkout of a grocery store.

Because they have grown to be very common in modern society. Especially the usage of Credit Cards today, they're more viewed as something that's holding debt to the banks than a status symbol. Perhaps 70 years ago when the first Credit Cards were issued to important clients, they were good targets for robberies. Currently, no. Credit Card holders usually have more debt than wealth.

That doesn't really matter because credit card fraud is still a very real thing and they will not only drain all the money in your cards but also max out your credit limit as well.
legendary
Activity: 2898
Merit: 1823
For safety from $5.00 wrench attacks, or any kind of robbery that involves violence, what's everyone's opinion in keeping away from purchasing, and owning any hardware devices that are directly associated with Bitcoin and other cryptocurrencies? I believe that it's going to be a problem when some people see you own a hardware wallet, the presumption would be = you own "a lot of Bitcoin".
The same reasoning can also be applied to credit/debit cards, leather wallets, and other "containers" of money: people who have or use them in public are clearly not that poor. Yet, we rarely see people being attacked just after paying at the checkout of a grocery store.


Because they have grown to be very common in modern society. Especially the usage of Credit Cards today, they're more viewed as something that's holding debt to the banks than a status symbol. Perhaps 70 years ago when the first Credit Cards were issued to important clients, they were good targets for robberies. Currently, no. Credit Card holders usually have more debt than wealth.

I'm debating because of the novelty of cryptocurrencies, and how some of its HODLers are probably in a path of accumulating wealth because they are HODLing the right coins. A smart criminal would target them, and one way to find that target? Hardware Wallets.
legendary
Activity: 1372
Merit: 2017
The same reasoning can also be applied to credit/debit cards, leather wallets, and other "containers" of money: people who have or use them in public are clearly not that poor. Yet, we rarely see people being attacked just after paying at the checkout of a grocery store.

Well, because paying with cards is the norm, but if we go the similar way, if every time you pay, even $20 amounts, you take a wad of bills out of your pocket for a total of $5k you become an easy target for thieves. It's only a matter of time before they try to mug you. Cards are different because they would have to hijack you, go to the ATM get you to put in the PIN and take money out.

Even worse, unlike banknotes or credit cards, a hardware wallet as such is almost useless and impossible to spend from because it is unlikely that a victim will provide a PIN code voluntarily.

In the face of a $5 wrench attack, it depends on your resistance to pain and anxiety.  Most people would transfer their funds to the robbers right away after a couple of hard blows to the head.
legendary
Activity: 2464
Merit: 4415
🔐BitcoinMessage.Tools🔑
For safety from $5.00 wrench attacks, or any kind of robbery that involves violence, what's everyone's opinion in keeping away from purchasing, and owning any hardware devices that are directly associated with Bitcoin and other cryptocurrencies? I believe that it's going to be a problem when some people see you own a hardware wallet, the presumption would be = you own "a lot of Bitcoin".
The same reasoning can also be applied to credit/debit cards, leather wallets, and other "containers" of money: people who have or use them in public are clearly not that poor. Yet, we rarely see people being attacked just after paying at the checkout of a grocery store. Even worse, unlike banknotes or credit cards, a hardware wallet as such is almost useless and impossible to spend from because it is unlikely that a victim will provide a PIN code voluntarily.
legendary
Activity: 2268
Merit: 18771
For safety from $5.00 wrench attacks, or any kind of robbery that involves violence, what's everyone's opinion in keeping away from purchasing, and owning any hardware devices that are directly associated with Bitcoin and other cryptocurrencies?
It depends how far you want to take this line of thinking. Using a hardware wallet in public could certainly be seen as a potential advert to criminals that you hold a not insubstantial amount of bitcoin. So you only use your hardware wallet in private. However, when you bought that hardware wallet, you probably handed over your real name and address to the manufacturer. That information could very well have been sold, shared, or leaked, and so now your real name and address are linked to ownership of a hardware wallet. So maybe instead you bought the hardware wallet using a pseudonym, paying with anonymized bitcoin, and shipped to a PO box or other pick up location not directly linked to your real address. So far so good. But then all the bitcoin you have bought and sent to the hardware wallet were bought using fully KYCed accounts on centralized exchanges who we know sell your data to a huge number of third parties, not to mention being hacked for this data as well.

Not flashing your hardware wallet in public is probably a smart move, but you will never be able to completely mitigate against $5 wrench attacks unless all your use of bitcoin is completely anonymous, and almost nobody does this. It is wise, therefore, to have a system of plausible deniability set up just in case, such as the one I outlined above - additional passphrases which can be revealed to an attacker while your main stash remains safe behind different passphrases.
Pages:
Jump to: