Which wallet for a long term storage?

pooya87

legendary

Activity: 3472

Merit: 10611

Quote from: o_e_l_e_o on March 08, 2020, 08:30:43 AM

I don't think it's necessarily fair to judge a method by how it can be misused.

this is what i also think.
as for BIP39 and usage of PBKDF2 i believe usage of this KDF has nothing to do with security. it seems to me that the creators of this BIP wanted a way to let the user store the entropy (which is seen as the set of words) but be able to derive a different BIP32 seed from it and end up with an entirely different set of keys.
to achieve that you'll need a cryptography function that takes two inputs: a data and a salt. there are a lot of options, from HMACs to KDFs. a simple HMAC-SHA512 would have done the same job and an extremely expensive scrypt KDF would have done the same job. but the former would have been too fast and the later too slow. and you have to consider users who wouldn't like it if their initial wallet setup took 1-2 minutes.
since the point was not security but at the same time they wanted to make it a bit expensive choosing PBKDF2 is a good choice in my opinion but as long as people don't see it as a security thing such as a way to encrypt their mnemonic.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: figmentofmyass on March 08, 2020, 06:34:29 AM

it doesn't make sense to assume everyone uses best practices.

one problem with BIP39 seeds is they can be generated as brain wallets

Agreed, which is why I mentioned either using a hardware wallet or manually generated entropy via Ian Coleman's site to generate the seed phrase. Although obviously brain wallets are a massive security risk, I don't think it's necessarily fair to judge a method by how it can be misused. I could create a wallet with Electrum, and then save my seed phrase in plain text on my email account. It wouldn't be the fault of Electrum or their method for generating seed phrases when all my coins are stolen.

Thanks for the quotes and the links. Made for interesting reading.

Quote from: figmentofmyass on March 08, 2020, 06:34:29 AM

anyway, we're going off on a tangent from the original issue---whether BIP39 is necessary re compatibility. i still say no. there is no reason to discourage people from using electrum in this capacity.

My thought process was more along the lines of thinking about OP's niece, who he says is very young and has zero knowledge about bitcoin and related matters. Unless he also leaves clear instructions that the seed is an Electrum seed, she could spend a long time inputting the seed in to a variety of different wallets (and risking its security each time) before realizing where she was going wrong.

figmentofmyass

legendary

Activity: 1652

Merit: 1483

Quote from: o_e_l_e_o on March 08, 2020, 05:41:08 AM

Genuine question, not just trying to be contrary: How does the weakness in using 2048 rounds of PBKDF2 make any difference here?

assuming the keys are generated securely, it probably doesn't, but we need to consider how people actually generate keys. it doesn't make sense to assume everyone uses best practices.

one problem with BIP39 seeds is they can be generated as brain wallets:

Quote from: gmaxwell on March 27, 2015, 07:10:42 PM

If the keys are chosen securely then there is no gain from having a KDF (and no real harm in having a weak one, except for code complexity). If people use it like a brainwallet then given what we know about how users choose "random secrets" then the KDF is seriously inadequate; considering the infrequency of use and the huge attacker advantages (precomputation because brainwallet schemes cannot be effectively salted, and hardware advantages) you'd likely want something that takes several seconds on the best hardware the user has access to.

Quote from: o_e_l_e_o on March 08, 2020, 05:41:08 AM

The secondary point regarding BIP39 phrases having less entropy than Electrum phrases is easily countered by using 24 words instead of 12.

the same can be done with electrum of course. https://bitcointalksearch.org/topic/m.19823236

this point is unimportant either way, but i would say default user behavior is what matters, not best practices. 12 word seeds = the default across most wallets. i suspect very few people would generate a 24 word seed when using ian coleman's site.

anyway, we're going off on a tangent from the original issue---whether BIP39 is necessary re compatibility. i still say no. there is no reason to discourage people from using electrum in this capacity.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Genuine question, not just trying to be contrary: How does the weakness in using 2048 rounds of PBKDF2 make any difference here? Provided the seed phrase is generated securely on an airgapped machine and written on a single piece of paper, then the only weakness* is the piece of paper being found by an attacker. If that happens, then it is irrelevant whether the seed phrase is BIP39 or Electrum, the funds will be stolen.

The secondary point regarding BIP39 phrases having less entropy than Electrum phrases is easily countered by using 24 words instead of 12.

*Assuming we are not including someone attempting to brute force every possible 128 bit seed.

figmentofmyass

legendary

Activity: 1652

Merit: 1483

Quote from: o_e_l_e_o on March 08, 2020, 04:24:17 AM

Quote from: pooya87 on March 07, 2020, 11:43:42 PM

a better solution is to use an HD wallet (like Electrum for example) and create a mnemonic (seed phrase) and print that on paper.

This is a good solution, but I wouldn't recommend Electrum since it generates non-BIP39 phrases, meaning that importing to other wallets in the future could run in to compatibility issues.

this point is debatable IMO.

electrum doesn't implement BIP39 specifically because it has compatibility/portability issues. they documented their motivation for not using it here: https://electrum.readthedocs.io/en/latest/seedphrase.html#motivation

core developer andrew chow has said this about BIP39, to explain why it will never be implemented in bitcoin core:

Quote

Also, more generally, many Bitcoin Core contributors don't consider BIP 39 to be secure. It uses PBKDF2 which is generally regarded to be a fairly weak KDF so it isn't considered to be good for the secure storage of all of your Bitcoin. Some software (such as Electrum) used BIP 39 in the past but have switched to using their own mnemonic algorithm because of this weakness in BIP 39.

https://bitcoin.stackexchange.com/questions/88237/is-there-a-reason-to-why-bitcoin-core-does-not-implement-bip39

also this:

Quote

However, some of the data in a BIP39 phrase is not random,[2] so the actual security of a 12-word BIP39 seed phrase is only 128 bits.
https://en.bitcoin.it/wiki/Seed_phrase#Explanation

Quote

With the standard values currently used in Electrum, we obtain: 2^(132 + 11 - 8 ) = 2^135. This means that a standard Electrum seed is equivalent, in terms of hashes, to 135 bits of entropy. https://electrum.readthedocs.io/en/latest/seedphrase.html#motivation

i have cold storage wallets generated with electrum on an airgapped PC. i feel secure with this setup. the electrum developers have shown a lot of foresight re compatibility.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: pooya87 on March 07, 2020, 11:43:42 PM

a better solution is to use an HD wallet (like Electrum for example) and create a mnemonic (seed phrase) and print that on paper.

This is a good solution, but I wouldn't recommend Electrum since it generates non-BIP39 phrases, meaning that importing to other wallets in the future could run in to compatibility issues. Any time I have wanted to generate a seed from scratch, I have either used a freshly reset hardware wallet or https://iancoleman.io/bip39/ run on a live OS on an airgapped machine. For extra security, you can use Ian Coleman's site to input your entropy from flipping a coin or rolling a die.

pooya87

legendary

Activity: 3472

Merit: 10611

Quote from: rdluffy on March 07, 2020, 10:44:37 AM

I'll use a paper wallet generated on https://www.bitaddress.org/

FWIW you don't need to use a "paper wallet generator" to generate a "paper wallet". in fact it may be best if you don't use that because it only generates single unrelated keys for you.
basically a paper wallet is a "secret" printed on piece of paper (or any other medium). so you can use any wallet that lets you export keys to do that. for example you could use bitcoin core and dumpwallet to get a private key and print it.

a better solution is to use an HD wallet (like Electrum for example) and create a mnemonic (seed phrase) and print that on paper. this method solves a problem with paper wallets that you must throw them away after you use them. for example if you store 1BTC in a paper wallet and the other day wanted to spend 0.1BTC you must create another paper wallet and spend 0.1BTC while sending the remaining 0.9BTC to that NEW wallet. with an HD wallet (the mnemonic) you don't need to do that anymore since you can create as many key pairs as you want and when you use one you simply send the rest to the next key.

rdluffy

legendary

Activity: 2366

Merit: 1408

Thank you guys, again to help me
I'll use a paper wallet generated on https://www.bitaddress.org/

This method will fit my needs, I'll print a paper wallet, generated with the app above, totally off-line, and them I'll send 100 USD and gave this to my niece
As I said before, she's not so old, so I have to create for her and gave in a paper format, it's awesome, and I'll grab a copy for me just in case she lost, but the lesson here is to learn about BTC, investments, and how to deal with money

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: Dabs on March 06, 2020, 11:18:59 AM

Since you are giving it to a family member, I would also recommend that you keep a copy of this private key as well. I have family members who do not touch the address, and have "lost" the only copy of the private key, fortunately I have a backup for them.

If they can't be trusted to keep a paper wallet safe, then why give it to them at all? If you are going to keep a copy safely yourself anyway, then why risk them losing their copy and having someone steal the coins? Why not just create a wallet for them, store it yourself, and hand it over to them in 5/10/whatever years' time? You can tell them you've done so and where to find/access the wallet should something happen to you in the meantime.

This is partly why I think it's better to get someone to create their own wallet and them send some coins to them, rather than just handing them a pre-loaded wallet. If they are willing to spend the time to educate themselves on how to set up, back up, and securely store a wallet, then they are far more likely to keep it safe and not be careless with it.

bL4nkcode

copper member

Activity: 2142

Merit: 1305

Limited in number. Limitless in potential.

The thing is paper wallet can be damaged, wet, burned, so it should be saved, keep in a secure place which is a fire and waterproof.

Quote from: ?? on ??

Put the paper wallet on safe alongside with other important paper (e.g. birth certificate) should be good enough.

Okay, this might be considered, but it should be kept in a manner that the only family members know these important papers.

hulla

hero member

Activity: 1834

Merit: 566

Quote from: rdluffy on March 06, 2020, 06:52:10 AM

Thanks for ALL suggestions guys, I really appreciate that Cheesy

I'll use a paper wallet and try to teach her how to keep the BTC safe, my niece is very young yet, and this is just something different and useful that I'd like to gift her, I remember when I was young and my mother gave me some money on a bank account but just for use when I reach 18 years, and this was awesome and teach me great stuff about money

And this time is with BTC

Unfortunately I don't have a hardware wallet yet, but I'm planning to buy in a few weeks, and with your tips I can have a better idea how to do a long term storage

Thanks Grin

Such idea is really good and i hope every crypto enthusiast can use such a strategy to keep some fortunes for their kids.
With that been said, paper wallet is easy and cost you almost nothing to generate or create one but the most very important things is how to securely create it. I will advise you to read the best way to do it.
Good luck.

Dabs

legendary

Activity: 3416

Merit: 1912

The Concierge of Crypto

Paper wallet = can be actual paper, or any other material, cardboard, plastic, rock, metal = Same idea on how it works.

Aside from bitaddress and the iancoleman website, I would recommend using a verified latest version of Electrum to create the wallet and save the seed and/or private keys.

Since you are giving it to a family member, I would also recommend that you keep a copy of this private key as well. I have family members who do not touch the address, and have "lost" the only copy of the private key, fortunately I have a backup for them.

If they lost it again, I would recommend to move the coins to a new address and paper wallet, as who knows where they lost the private key, it may get picked up by a stranger ...

Yes, the family member would have to trust you, I think that's a given. They know even less than you about bitcoin or proper security to safe guard the coins, so safe to assume they would want to talk to you when they want to spend it later.

posi

hero member

Activity: 2268

Merit: 579

Vave.com - Crypto Casino

Quote from: rdluffy on March 05, 2020, 08:13:01 AM

Guys, I'm not a total newbie about wallets, but I'm planning to give someone of my family some BTC as a gift, and this person will be allowed to use in a few years,

We all learn every day not only newbies and holding a hero account doesn't make one have all knowledge about everything that has to do with crypto.

Quote from: rdluffy on March 05, 2020, 08:13:01 AM

Which wallet do I need to use to keep BTC for some years, without need to worry about lack of support?
I'm afraid to chose a wallet and for example, this wallet stops to be developed

Wallet developer's halt wallet development shouldnt be a problem if you actually keep the wallet seeds and private keys save which you can use to import the wallet on BTC wallet like electrum.

Quote from: rdluffy on March 05, 2020, 08:13:01 AM

I'm talking about 5 to 8 years of storage in this case

Thanks

I recommended a hardware wallet but you can still make use of the electrum wallet either.

sheenshane

legendary

Activity: 2492

Merit: 1232

A paper wallet is a safe Bitcoin wallet for storing your Bitcoin in the long term purpose but always remember that this has a crucial step especially if you dont know how to make and use. You can create multiple copies to have a backup seed phrase, in your wallet, drawer or money vault. Make sure you will use the correct open-source paper wallet site, ( https://www.bitaddress.org/bitaddress.org ).

Try to watch this old tutorial YouTube video but still very helpful content about making a paper wallet ( https://www.youtube.com/watch?v=I1uefzJJ6nM ) But if you don't really have an idea (as I say, very crucial steps) just choose hardware wallet as most likely suggestion above.

rdluffy

legendary

Activity: 2366

Merit: 1408

Thanks for ALL suggestions guys, I really appreciate that Cheesy

I'll use a paper wallet and try to teach her how to keep the BTC safe, my niece is very young yet, and this is just something different and useful that I'd like to gift her, I remember when I was young and my mother gave me some money on a bank account but just for use when I reach 18 years, and this was awesome and teach me great stuff about money

And this time is with BTC

Unfortunately I don't have a hardware wallet yet, but I'm planning to buy in a few weeks, and with your tips I can have a better idea how to do a long term storage

Thanks Grin

The Cryptovator

legendary

Activity: 2394

Merit: 2223

Signature space for rent

Its seems many users suggesting for paper wallet & hardware wallet as well. I know it's not bad idea, But I am not agree to generate paper wallet anywhere either offline or online. I will support those users suggest to use hardware wallet and save seed phrase. Instead of paper wallet I will suggest buy latest hardware wallet and save its seed like your paper wallet. Just imagine its paper wallet. Whatever updates wallet in future it shouldn't effect private keys and seed phrase. After save your seed on multiple safe places you may reuse your device by resetting and create new seed to use now. So when you want to use your bitcoin from old seed then you may restore your seed on another device (same brand) or on some software. I am suggesting reuse your device since you will store your bitcoin for long time like 10 years. So device battery might damage during that time if you store your device for 10 years. Saving seeds from hardware wallet better than use paper wallet IMO.

Pmalek

legendary

Activity: 2730

Merit: 7065

Too bad you don't want to use a hardware wallet. A properly generated paper wallet is the best choice in that case. But since you are giving it to your niece, (I assume she is young and still a child) I am not sure that is the best thing to do. Will she understand that it is not something to play with and take out every couple of days to show to her friends risking theft or loss.

I remember a post by a random girl on social media that went viral a few years back when she wanted to brag about the first credit card she got in her life. She made a picture of it and posted it on Facebook. Within a couple of hours that credit card was charged with thousand of $ in different purchases. You never know.

vycl87

hero member

Activity: 1204

Merit: 630

Quote from: bitmover on March 05, 2020, 01:31:01 PM

Quote from: rdluffy on March 05, 2020, 01:24:13 PM

Thank you all guys, I'll think about what you said

Hardware wallets are not an option because it´s not a lot of money, let's say I'll give a small amount of 100 USD dollars in BTC to my niece, and she will open and can spend in some years
This is a gift for her birthday and maybe it will draw attention to her into BTC and in the future this 100 USD can worth a lot if BTC reachs 50k or even 100k USD

Don't you have a hardware wallet for yourself?
Just reset it , generate a new key, note it down on a paper, and give this paper to whoever you want to send the gift.

It is a paper wallet, just the seed noted down on a paper.

You can also generate this seed in your smartphone using samourai or coinomi or whatever wallet you wish. I wouldn't use electrum because it doesn't generate bip39 seeds

Great idea!
As with creating a paper wallet, you won't have to worry about if someone can take over this wallet. Creating a Ledger wallet is a very reliable option and you can safely store it with 24 (+1) security words.

Moreover, you do not even need to buy an extra Ledger for this. As @ Bitmover says, you can do this with your own hardware wallet. Then you can print it yourself stylishly using a beautiful theme and present your gift in that way.
However, do not forget to do this with a reliable device offline.

pooya87

legendary

Activity: 3472

Merit: 10611

Quote from: rdluffy on March 05, 2020, 08:13:01 AM

to give someone of my family some BTC as a gift, and this person will be allowed to use in a few years,

so does this mean you are basically giving them something to HODL? in which case paper wallet is the most obvious choice. it is cheap and secure and since you print a "private key" on it, they never go out of style! they can be imported in almost all the wallets out there or at least be swept.

however, i personally dislike doing this. when you give someone bitcoin you should be encouraging them to use it not just hold it. in which case your second part of the question doesn't make sense. if you teach them how to use it then they can handle the situation if a wallet stopped being developed like Multibit. just use an easy to use but secure wallet such as Electrum to teach them.

NeuroticFish

legendary

Activity: 3668

Merit: 6382

Looking for campaign manager? Contact icopress!

If you generate properly a paper wallet - whether that means a pair of private key+address (https://www.bitaddress.org/ or your favorite wallet) or a seed (https://iancoleman.io/bip39/) - you are good.
Just make sure you generate it offline and preferably, also offline, verify it too. And make sure the generated data is wiped before you go online again.
And you have to keep super safely (not on computer, not in e-mails, ..) that "paper wallet".

This is hard to do if you are not computer savvy, so I'd recommend you a hardware wallet. An OK one should be max 70 EUR, you generate a 24 word seed which they tell you how to keep it safe.
Even if that device ever dies, it did the job, that seed works good without the device, other wallets will accept it too.

Edit: if it's a gift and you do have a hardware wallet, you can generate a new seed with your hardware wallet (and after checking everything you just put back your old seed).

Topic: Which wallet for a long term storage? (Read 411 times)