Topic: Thinking of separating my holdings into two physical locations. - page 5. (Read 1079 times)

No. From the beginning I am talking about having my holdings or rather the management of my holdings divided in two places, that is to say that they would take 50% of my holdings. If we add the layers according to the advice of the thread it could be less.

Anyway. If you have a lot of bitcoin and they know it, if they are bitcoin savvy people who think you have 50 Bitcoins, they are not going to stop cutting off your body parts because you show them 0.3 Bitcoins in your HW.


Yes, I think so. The situations that we pose are movie situations, violent or even horror, but it's always good to be cautious. In any case, they are not going to come to cut my legs off to get my bitcoin because most of my net worth is in KYC assets that are not instantly transferable, but in this forum there are those who have a very important part of their net worth in Bitcoin and also have a considerable net worth, so it is understandable that they are concerned about their privacy to the maximum.

Most of the things we worry about 99 percent of the times don't happen, OP and everyone else should take the necessary precautions of securing their bitcoin rather than worrying about getting beaten up by thieves. It's a weird thought and could lead to unnecessary panic even when nobody has the intention of attacking us. Separating his bitcoin in different locations can help in situations like emergency, offering his loved ones help when on vacation or traveled for something else they can be instructed to access the little amount of bitcoin kept in the room to solve a money related problem till he is back. Things like that can help ease the mind instead of worrying about fire and floods.

Where have you seen that bro?   Please don't troll, try to be civilized instead even if you don't speak english very well, ask questions if you don't understand something and explain with arguments if you disagree with it.  

bx seed -b 256 generates a 256bits seed in hexadecimal radix. https://github.com/libbitcoin/libbitcoin-explorer/wiki/bx-seed

bx ec-to-ek "my passphrase" just takes this seed from the pipe and encrypt it with the passphrase "my passphrase" through the BIP38 algorithm. https://github.com/libbitcoin/libbitcoin-explorer/wiki/bx-ec-to-ek

It's just an encryption of the seed with a password basically, and you can use your own 256bits seed instead of generating a new one. So when you will deciphering it using the opposite function bx ek-to-ec "my passphrase" you will get back your initial 256bits seed.

You can try it yourself buddy

Then it wouldn't matter. Everyone who can be attacked will be attacked. If the target is a user of cryptocurrencies, then it would be easier to find them if they own a hardware wallet. Because you debate that "it's also common that users of credit/debit cards are attacked" doesn't mean that hardware wallet users will be safe from robbery and theft. It's more reason to protect yourself from being exposed as a Bitcoin HODLer. To be honest, one of my regrets is telling close friends and family that I have Bitcoin.

you're talking this dude that this stuff is his 32-byte seed base58 encoded while it's his public key from which he'll never get his coins back. fuck you

Don't troll please, why you couldn't use base58check-decode? Feel free to explain it. Did you try it at least? When I try it, it works perfectly for me as you can see below. You can use bx base58-decode and bx base58-encode instead if you want but base58check-decode/encode works nicely too, and it shows the real (hexadecimal) value of the key at least, not a fake/virtual one. If you've got an error with bx base58check-encode it's certainly because you forgot to add the version argument (-v1) https://github.com/libbitcoin/libbitcoin-explorer/wiki/bx-base58check-encode

This is what I get :

[quote ]

So now, you need to transform this string into a phrase with BIP39 words, you can do that this way :
First, thanks to bx base58check-decode you can get the hexadecimal value of this string.

[/quote]
it's garbage. you need base58 not base58check. this guy doesn't have a clue

The device itself is just a means to get to your crypto. It's not that important. It's the seed backup that is the main worry. One piece of software or hardware can easily be exchanged for something similar but the lost seed words are irreplaceable (if no other backups exist). 

Completely removing the ability to give thieves a part of your bitcoin holdings isn't the smartest way to go about it. Would you rather die and have parts of your body chopped off, or give the thieves an already prepared amount of BTC that isn't passphrase-protected? You are not going to have much pleasure with your bitcoin if you are blind or deaf from the beating you took. Not to mention the guilt that could be eating at you if something happened to your family members because you didn't have what the robbers wanted.

You're right it implies to take care of your script or at least to be able to write it back again, even in several years from now, if you lose it.  
So it's maybe safer to use Bitcoin eXplorer and "your hands" instead.

As it is explained here in the BX manual, you can encrypt a fresh generated entropy, or your own 256bits one, with the BIP38 encryption algorithm by using this command :

$ bx seed -b 256|bx ec-to-ek "my passphrase"
> 6PYN8wh8nNr18UvTf78s95cwNAgdd3zBsiB1b1H3vdn7A5SHmUb7XnHjqd


So now, you need to transform this string into a phrase with BIP39 words, you can do that this way :
First, thanks to bx base58check-decode you can get the hexadecimal value of this string.

Now you will "just" need to convert this hexadecimal number into a binary one, and with your hands, to split it into groups of 11 bits, each encoding a number from 0-2047, serving as an index into a wordlist as BIP39 does and to find the word corresponding to the index(+1) into the BIP39 dictionary of the language of your choice.


For decyphering your seed you'll consecutively take the index(-1) from the dictionary of each word of your phrase, convert each decimal index into its 11bits binary value (with enough 0 for padding) , group de 11bits words into a whole binary number that will be converted into its hexadecimal value, apply bx base58check-encode to this value and finally decrypt it with your passphrase thanks to bx ek-to-ec "my passphrase".

From the entropy, you just need to use bx mnemonic-new to get the bip39 mnemonic seed.

Deniability, and giving the attacker what they want.

I have my stash split among a range of wallets. These wallets are a range of single-sig, multi-sig, passphrased, etc., as well as a range of software, hardware, paper, airgapped, etc. I can easily hand over a couple of these wallets to an attacker. Meanwhile, all the wallets are completely separate, both from a physical perspective and a blockchain perspective, so no wallet gives any indication as to the presence of any other wallets.

This is part of the reason I am such an advocate for good privacy. Good privacy lends itself to good security. If an attacker does not know your addresses, your wallet configuration, or even if you have bitcoin at all, then you are less of a target.

Seems unlikely then that they would find a well hidden seed phrase, but personally I would still be looking to move any coins from any seed phrases hidden in that location to a new wallet.

Absolutely.

So, how would you resist a $5 wrench attack? Willpower?


Not too long. Maybe a couple of hours. It is an area where there are many vacation homes. Of middle class people let's say, not ultra-rich. Some have home alarms, but those have also been broken into. The modus operandi is that they make sure no one is home, enter, and look for something of value to take, but they do it quickly. I would say that in 5 or 10 minutes they are gone.

I think we agree that the best protection against attempts to steal your bitcoins is that no one knows you have them.

And how long did it take your family to be alerted to the break in?

I've spoken about this before, but there are dozens of places you could hide a seed phrase on a piece of paper in a house that would be near impossible for an attacker to find unless they knew exactly what they were looking for and had days or weeks to take apart your entire house. Unscrew some electrical socket or light fitting and stuff the piece of paper inside your wall or ceiling (just be careful of the cables, obviously). Slice a tiny hole in to some piece of fabric furniture such as a sofa, put it inside, and sew it back up. Drill a hole in to to some piece of wooden furniture which would not ordinarily be visible and stuff it in - for example on the top of an internal door, or the join between a table leg and the top of the table.

A hardware wallet is obviously more bulky, but many of the same possibilities are still viable.

You couldn't obviously if you had no other back ups. I personally prefer to have all my back ups in at least two locations.

Close family only. Don't rent it out.


They broke into that house once, there was money hidden there and they didn't even find it. The main point here is that if thieves break in again it's most likely they will not be looking for Bitcoin. They won't find the seeds among a mountain of papers, and I think I can camouflage the HW quite well too.

I don't see how I could move the funds if I leave the HW and the seeds there.

The second biggest consideration when storing a back up off site (second obviously to the security of that location), is how you would be notified of compromise, and how long that would take. If I buried a back up somewhere under cover of darkness (for example), then the only way I'm going to know if someone has dug it up is if I visit that site to check. That in itself might lead someone to my back up, or I might go weeks or months without realizing that someone has accessed by seed phrase and is currently searching for or trying to brute force my passphrase.

What is the set up of your vacation home? Does anyone else use it? Do you rent it out? Does anyone check on it when you are not there? Does it have a security system you can log in to remotely to check? If someone breaks in, will you be notified immediately, and can take immediate steps to move any coins to a new wallet?

Obviously, I don't think it is worth buying another house just for that, but if you already have them, if you have two houses, why not take advantage of that to store the HW with their corresponding seeds separately?

Don't keep your backup HW wallet inside Florida (floods) or California (wildfires) then 

Your best bet is to store it inside a basement in an area that is not known to have frequent natural disasters.

I mentioned the basement specifically to avoid tornados if that's a thing in your backup location.

However, it is not worth it to rent out or buy a property just for the storage of seed phrases, unless you also plan on using it for other things.


That doesn't really matter because credit card fraud is still a very real thing and they will not only drain all the money in your cards but also max out your credit limit as well.

Because they have grown to be very common in modern society. Especially the usage of Credit Cards today, they're more viewed as something that's holding debt to the banks than a status symbol. Perhaps 70 years ago when the first Credit Cards were issued to important clients, they were good targets for robberies. Currently, no. Credit Card holders usually have more debt than wealth.

I'm debating because of the novelty of cryptocurrencies, and how some of its HODLers are probably in a path of accumulating wealth because they are HODLing the right coins. A smart criminal would target them, and one way to find that target? Hardware Wallets.

Well, because paying with cards is the norm, but if we go the similar way, if every time you pay, even $20 amounts, you take a wad of bills out of your pocket for a total of $5k you become an easy target for thieves. It's only a matter of time before they try to mug you. Cards are different because they would have to hijack you, go to the ATM get you to put in the PIN and take money out.


In the face of a $5 wrench attack, it depends on your resistance to pain and anxiety.  Most people would transfer their funds to the robbers right away after a couple of hard blows to the head.

The same reasoning can also be applied to credit/debit cards, leather wallets, and other "containers" of money: people who have or use them in public are clearly not that poor. Yet, we rarely see people being attacked just after paying at the checkout of a grocery store. Even worse, unlike banknotes or credit cards, a hardware wallet as such is almost useless and impossible to spend from because it is unlikely that a victim will provide a PIN code voluntarily.

It depends how far you want to take this line of thinking. Using a hardware wallet in public could certainly be seen as a potential advert to criminals that you hold a not insubstantial amount of bitcoin. So you only use your hardware wallet in private. However, when you bought that hardware wallet, you probably handed over your real name and address to the manufacturer. That information could very well have been sold, shared, or leaked, and so now your real name and address are linked to ownership of a hardware wallet. So maybe instead you bought the hardware wallet using a pseudonym, paying with anonymized bitcoin, and shipped to a PO box or other pick up location not directly linked to your real address. So far so good. But then all the bitcoin you have bought and sent to the hardware wallet were bought using fully KYCed accounts on centralized exchanges who we know sell your data to a huge number of third parties, not to mention being hacked for this data as well.

Not flashing your hardware wallet in public is probably a smart move, but you will never be able to completely mitigate against $5 wrench attacks unless all your use of bitcoin is completely anonymous, and almost nobody does this. It is wise, therefore, to have a system of plausible deniability set up just in case, such as the one I outlined above - additional passphrases which can be revealed to an attacker while your main stash remains safe behind different passphrases.