Topic: Why I Am Not Using Hardware Wallet For Cold Storage (Read 7295 times)

This thread is just Dorky and HCP flaming/trolling each other which is against the forum rules. Therefore this thread will be locked and potentially trashcanned.

No, I just got tired of trying to explain things that you didn't seem to be comprehending.

You keep inventing more and more convoluted scenarios to try and do "end-runs" around logic and reason... like how a supposed attacker has full access to my entire Bitcoin transaction history and knowledge of every single one of my addresses... so they'd be able to determine whether or not passphrases being provided are "real". Which, of course, is defeated simply by running any cold-storage funding transactions through a mixer etc. and using my "decoy" wallet for day to day transactions.

In the same scenario using your system... exactly the same thing would happen... except, if they've found a bunch of encrypted files and ask for the password, you have no defense. They can see the files, they know they exist, they know there are passwords that decrypt them and will know instantly whether the password you give is correct. With a hardware wallet using a passphrase, there is NO evidence that the wallet exists... because it doesn't until you enter the passphrase.

And this is what you don't seem to want to admit... there is NO 100% secure method of securing your stuff. I admit that hardware wallets are not perfect... there are still attack vectors... just like with your system... but a hardware wallet helps minimise these and provides, in my opinion, a number of benefits that your system doesn't.


You even claimed at one point that your method is "unhackable"

Then conceded that nothing is safe:

And then denied that you conceded that point...


You then descended into just calling every one of my points "Bullshit"... calling me an idiot, dumb nut, silly and a low life and accused me of just being a trouble maker
Personal attacks aside, that's not how you "win" a debate...



Then you started down the whole "hardware wallets are more inconvenient because you have to remember a passphrase AND a PIN" path... I guess I should have just pointed out at the time that with your setup you potentially need to remember a whole bunch of extra stuff as well, like your email account+password where you stored your backup... or your online storage account+password where you stored your backup... or where you put that CD with the backup data on it... because that is just as "difficult" and "inconvenient" as remembering a 4-8 digit PIN



And now you also seem to think that for some reason hardware wallet users are forever tied to hardware wallets:
Which is just plain wrong...

If I lose my hardware wallet... I can simply take my seed backup and generate a paper wallet or import it into a software wallet or import it into a web wallet should the need arise... or simply do nothing and continue using those addresses as cold storage knowing that I still have access to all my coins should I so require in the future.



TL;DR:
I prefer hardware wallets as they offer all the benefits of cold storage and provide added security for hot wallet/day to day spending in a handy, convenient, portable package that still provides me complete control of my private keys, at a relatively reasonable price for anyone with modest/substantial amounts invested in cryptocurrency.

Dorky prefers his digital version of paper wallets as he believes it provides the benefits of cold storage with the best security at near to zero cost, without some of the issues associated with paper wallets (like susceptibility to loss/damage/theft) while still maintaining control of private keys.

Neither method is 100% secure.

Well, my debate with HCP shows that even the loss of the hardware wallet does not mean the BTC is lost too because the owner can recover the BTC thru the seeds and passphrases (which needs to be secured too).

However, my point is if BTC can be recovered thru seeds and passphrases, then why not just secure the BTC with very strong encryption directly on the private keys instead, for cold storage?

With a hardware wallet, the owner will have to keep buying a new one if the previous one is lost. HCP argued that's not the case, but of course if the owner wishes to continue using BTC for cold storage plus spending, he has no choice but to spend for a new hardware wallet. And for purpose of spending, hardware wallet is not the only option available. Desktop wallets can serve the purpose too. However for purpose of cold storage only, then a digitized paper wallet (i.e. store it digitally instead of printing it out) that is strongly encrypted is the best and cheapest way possible. For short, a strongly encrypted private key that is generated offline. It's digital, which makes it 100% portable anywhere in the world. You can store it in your email inbox, instead of dependent on bank vault or something like that. Multiple backup can be made cheaply (because it's digital) without the need to buy another wallet. Hardware wallet can do the same too, but without the convenience and control.

It all depends on the investor. Some, in fact, a lot, uses hardware wallet for cold storage. For them, it is practicable and efficient in the sense that they are as if carrying their coins wherever they may be. It is synonymous to a tangible property which gives a good sense of belief that one is able to see/experience ones possession. On the other hand, some do not use hardware wallet for cold storage which is premised on the belief that it is creating more risks on the safety of ones property. An example of the latter is when the hardware wallet is stolen or broken. Its natural effect is that it will presumably lose all BTC investments.   

Alright, has HCP lost the debate?

I don't use hardware wallets. Otherwise I would have to blindly trust the actual hardware isn't somehow designed to steal anything. I rather trust an offline laptop and usb. Gives me peace of mind.

agree with you, you just need to have quality paper or print in plastic sheet, so the key is just there safe for you to read.
Beside all hardware can fail and you need a backup anyway, you can't just relay on hardware wallet...

You're still not quite getting it. Maybe I'm not explaining it properly?

If you give the hacker JUST the seed (ie. they've found your encrypted seed file wherever you stored it and you've handed over the password to that file)... and they import JUST the seed into a wallet... then it will generate a complete and valid wallet. You use this wallet as your "decoy"... put some coins in it... run a few transactions to generate history etc.

There is absolutely no way for the hacker to know or prove that you have a passphrase, that when combined with your seed, will generate a completely different wallet with your actual stash in it. In fact, you could even generate a second "decoy" using a different dummy passphrase if you wanted to be super paranoid about it all.

Seed words only = Valid Wallet
Seed words + Dummy Passphrase = Completely different, valid wallet#2
Seed words + Actual Passphrase = completely different, valid wallet#3

You can theoretically use an infinite number of passphrases and generate an infinite number of wallets, because of the way the system works, ANY passphrase you give, when combined with seed words, will generate a valid wallet. Even if the hacker is aware that you can use passphrases with seed words, they cannot prove that you actually do or have used one... you have plausible deniability. There is no evidence of your hidden wallet existing. This is what renders the $5 wrench attack useless.



You don't actually need to remember the PIN... the PIN only protects access to the hardware wallet itself... generally speaking, most of the hardware wallets that I'm aware of will factory reset after X number of incorrect PIN attempts. As long as your seed is safely backed up somewhere, you can simply restore using the seed (and passphrase) and your wallet is regenerated.

And lets be honest here... if you're going to struggle with a 4 digit pin, what hope do you have to remember a 20+ character alphanumeric+symbol password to an encrypted file?

Sure, I still have to remember 2 things (password to encrypted seed + wallet passphrase) as opposed to one (password to encrypted key)... but that's like saying that walking 2 steps is harder than walking 1 step.



Not necessarily... with a seed+passphrase, if the seed is compromised then the passphrase is your protection layer. I vaguely seem to recall that someone put up a bounty by publishing a seed that had some coins stored in a "hidden wallet", protected by a passphrase... and it got taken down after a year or so as no-one had hacked it and taken the coins. I've been trying to find the source, but I can't seem to find it. My point is that your seed only really needs to be "safely" backed up (ie. written down). It doesn't necessarily need to be "securely" backed up (ie. encrypted).

Additionally, if you just wrote your seed down and stored it someplace "safe", then your requirements for remembered passwords would drop down to 1... the passphrase for your "Actual" wallet... and you've shifted part of your security model from "digital" to "physical".



That's the point... they CAN'T verify whether or not I have a passphrase... or if the passphrase that I have given are "real" or "dummy"... unlike a password for an encrypted container, that either decrypts the file or it doesn't.

If the hacker needs the seed + passphrase to unlock the keys, then they will ask for them both, not just the seed.
Like I said, any way a hardware wallet user would use to recover his keys if ever his wallet got lost, stolen, destroyed, i.e. he does step 1, then step 2, then step 3, etc for recovery, so will the hacker ask for the necessary information to commit the same steps for the keys.

If you have a lot of things to remember/memorize, i.e. the seed, the passphrase, the PIN, etc, then the weakest link in the whole security is your brain.
Ultimately you will still need to record/store all these in one place just in case you forgotten any of them.
And that will still boils down to the need for encryption of all of them just so you only need to remember less things, i.e. remember 1 vs remember 3.
My method tries to simplify the steps so the requirement is to remember only 1 thing in order to prevent the brain from being a weak link.

In case you still don't realize this, the method I laid out in my article covers from the very start to the very end of securing the cold storage.
Using the hardware wallet for cold storage, on the other hand, describes the steps only half way thru.
Hardware companies don't explain to users that while they need to do a paper backup of their seeds/passphrases, they also need to back it up securely, i.e. using a 2nd computer to encrypt the backup.
Instead, the companies leave this area of discussion out for users' imagination and that opens to huge security risks that the hardware companies avoid addressing.
Because if they choose to address how to secure the paper backups of the seeds/passphrases, they may give the correct impression that users don't need hardware wallet after all.

Why did I say my method explains going from Point A to Point B?
Why did I say you (being pro-hardware wallet) explains going from Point A to Point C, then from Point C to Point D, and finally from Point D to Point B?
Because when you talk about securing the keys thru hardware wallet only, you only give the direction from Point A to Point C.
And when you talk about dummy wallets (to fake savings) and passphrases (to make things hidden), you give direction from Point C to Point D.
Finally when you mention about encrypting the seeds/passphrases, you give the direction from Point D to Point B (the final destination).
For you to keep arguing about how and why hardware wallet is safe and secure certainly gives the false impression that no backup is necessary, i.e. the direction to go from Point D to Point B.
However a backup (of the seeds, passphrases, and PIN if you are using hardware wallet) is STILL necessary to complete the whole steps in securing the keys.
And that's where the direction to Point B is needed, which the hardware wallet companies try to avoid covering.
Because if they do, the users will realize if they have to go thru 2 extra Points to reach Point B, then might as well just encrypt the keys direct to save themselves the hassle of going thru Point C and Point D unnecessarily.

Will the extra steps (i.e. going thru Point C and Point D, to reach Point B) worth the trouble?
Will that help make the cold storage more secure?
The answer is a big NO.
Having to go thru extra unnecessary steps complicates things and may create higher chance of user error.
If a hacker is savvy enough to recover your keys from your hardware wallet, I assume he will be savvy enough to know what necessary information to ask for the recovery, thus vulnerability to the $5 wrench.
I do not see a hacker being Dorky enough like me who doesn't know about hardware wallet and just kidnap you, ask for the seeds, let you go, then found out I need more than just seeds, and figured out I need to re-kidnap you again for more information.
I see a hacker being very savvy, does his homework completely, kidnaps you and ask for the seeds, passphrases, and PIN, all in one go, and verify everything on the spot to make sure you tell the truth before letting you go with everything stolen.
Going thru unnecessary steps to secure the keys is not worth the complications, which is why I came out with my method, which is not really even a proprietary stuff.
Anyone who cares about his own security will most likely arrive at the same/similar method too.

No, I'm not telling lies... it would appear that you are still not understanding how a seed + passphrase combination works

Encrypted Private key = traces/evidence...
Encrypted Seed = traces/evidence...

However, the advantage of the seed system over an encrypted private key is this:

Handover password to encrypted private key = private key exposed, all coins controlled by that key exposed.
Handover password to encrypted seed = seed exposed... ONLY the default wallet is exposed... all other wallets generated using passphrases from that seed are invisible/hidden with no traces/evidence

You cannot prove the existence of ANY of these hidden wallets... as there is NO EVIDENCE OR TRACE of them anywhere... they are only generated by a passphrase that exists purely inside your head.

Hopefully, that helps clear things up for you.

Here I address HCP's fallacies...

I am a person that says going from Point A to Point B is superior.
HCP is a person that says going from Point A to Point C, then from Point C to Point D, and finally from Point D to Point B is superior.

HCP says using hardware wallet for cold storage is cheaper than buying a new computer, which is FALSE (as I explained).
HCP says encrypting the keys is visible while encrypting the seeds is hidden, which is FALSE (as I explained).
HCP says his concern is storing encrypted keys while he has no concern storing encrypted seeds, which is FALSE.

Edit:
I forgot to add another point...
HCP says encrypting the keys gives no security (zero) while encrypting the seeds gives security, which is FALSE.
The act of encryption is the same regardless of what object is being encrypted, be it txt, jpg, png, pdf, djvu, epub, etc, including keys and seeds.
So why is HCP saying encrypting the keys gives zero security?
Why is HCP lying?

You contradicted yourself within 2 paragraphs.

First, you said you are concerned with storing encrypted keys as it leaves traces/evidence behind, so your hardware wallet leaves no traces/evidence.
Then, you said you can store encrypted seeds in email/cloud/bank vault/etc which leaves plentiful traces/evidence behind, but then you said they are hidden!
My goodness, what lies you are telling.

I am correct to say you are arguing purely for the sake of winning an argument.

You keep saying my method leaves traces/evidence behind, which is not true.
And I successfully debunked your disinformation countless times.
Please do everyone a favor and explain in detailed how my method leaves traces/evidence behind.
And please also explain in detailed how you encrypting the seeds and storing them in email/cloud/bank vault will leave no traces/evidence behind.

If you say my method leaves traces/evidence behind, then please tell me where exactly I stored my stuff by pinpointing the specific location out.

I simply can't believe a person like HCP say encrypting the keys is visible while encrypting the seeds is hidden.
Both the keys and seeds can be in text format or in picture format, and encrypting them is EXACTLY the same.
Whether they are visible or hidden is not a point of argument in my original steemit article.
But HCP keep bringing it up here saying encrypting the keys is visible but encrypting the seeds is hidden.
Wow, seriously.
What kind of disinformation and confusion is HCP trying to spread here?

I think it should be very clear by now to everyone (excluding HCP) that using hardware wallet for cold storage actually increases unnecessary complexities.
And these unnecessary complexities are actually one of the reasons why many users lose their bitcoin stored in hardware wallets.

The disadvantages (in addition to my original points in my steemit article) of using hardware wallet are very clear:
1. Costs more (for use as well as for recovery, i.e. the whole package).
2. Vulnerable to $5 wrench attack.
3. Inconvenient.
4. Complicated.

The more you argue, the more you reveal your folly.
I've made myself super clear already in my steemit article and here.
I believe almost everyone (excluding you) already got my points.

Seeds? Why would you have multiple seeds? You still don't seem to understand how a single BIP39 seed and use of passphrases work for being able to hide your coins in totally invisibile, undetectable, hidden wallets...

It goes more like this:

Hacker: Hey, gimme your seed. And we have our computer standing by to validate the seed on the spot.
Victim: Okay, here you go. Have my seed... all 24 words of it...
Hacker: Is that everything?
Victim: Yep... that's all my coins!
Hacker: Well, thanks for the coins... wooo $20K, I'm rich! you're free to go
Victim: Phew... good thing they didn't know about the hidden wallets/addresses containing my other 20 BTC generated from that seed + my personal private passphrase(s) that only I know about... BECAUSE THERE IS NO EVIDENCE ANYWHERE THAT THIS HIDDEN WALLET EXISTS... I'd best go regenerate my hidden wallet and move my coins to a new seed (+passphrase) using one of the freely available desktop wallets or buy another hardware wallet and restore it or use something like the opensource BIP39 mnemonic code converter websites to get the keys and sweep them.

compared with say:
Hacker: Hey, we hacked your email/cloud storage... we found these 5 encrypted files... give us the password(s) to decrypt the files. And we have our computer standing by to validate the passwords on the spot.
Victim: Okay, here you go. Have my password(s)... Please let me go now.
Hacker: Thanks for the 25 BTC... wooo $100K, we're superrich!... you're free to go
Victim: Damn... that was ALL my coins, now I'm broke

Do you see my concern with storing encrypted keys now? It leaves traces/evidence behind. It has to, as these encrypted files need to exist somewhere for me to be able to decrypt them to get my keys out. Sure, you could try and hide all your keys around multiple email accounts... or stored on different encrypted devices in different locations... but there is still tangible/physical evidence that these devices/files exist and that means they could be discovered. It also completely negates the "convenience" of your method, having stuff spread everywhere.

With a seed (+ passphrase)... I can store it encrypted, and if my email/cloud backup is hacked, and they find my encrypted seed, I can hand over the password to decrypt the seed... The seed on it's own will generate a valid wallet and valid addresses that I can put some coins in as a decoy (or even for use as a relatively secure hot wallet).  However, my main stash of coins can be hidden using the SAME seed in combination with a passphrase. This will generate a completely different wallet with completely different addresses.

Now the hackers might be smart and be like... "Ok, buster we know all about passphrases... hand it over!"... but you can say "I don't bother using one it's too hard to remember these things!"... and they simply cannot prove that you have a passphrase. There is NO evidence anywhere of this hidden wallet existing... but it can be generated at anytime by using the seed+passphrase... Can you recreate an encrypted file containing your private key(s) from 24 words written on a piece of paper and a passphrase?

Quote

Even Trezor recommends paper backup @ https://doc.satoshilabs.com/trezor-faq/software.html#why-should-i-do-a-paper-backup-of-my-seed
Unfortunately enough, that is actually one of the weakest link in Trezor's security.

No one is denying that securing the seed is the weak link in the hardware wallet chain. However, you can encrypt the seed and put it in various places like emails/cloud storage... and even if these are compromised by a hacker, you can still be protected by having your hidden wallet as outlined above, whereas a simple encrypted file only has 1 layer of protection...

Quote

Besides, if you want to use hardware wallet, you need to remember:
1. The 12-word/24-word seeds.

You don't need to remember this... you just need to store it securely.

Quote

2. The PIN.

Yeah... 4-6 digit numbers that you get to choose are so hard to memorise...

Quote

3. The passphrase.

Yes, just like your encryption password for your encrypted keys

Quote

4. The encryption password for the seeds (if you do backup on that).

Yep... so that's one extra password I need to remember...

Quote

5. The encryption password for the PIN (if you do backup on that).
6. The encryption password for the passphrase (if you do backup on that).

Seriously? Encrypt my pin? and why would you encrypt your passphrase? It is the same thing as remembering your encryption password AND it potentially leaves evidence that your passphrase exists

In total... you only need to remember 2 passwords/passphrases... One is the encryption password for the secure backup of your seed... and the other is the passphrase that protects your hidden wallet.

Quote

With the method I laid out in my steemit article, you only need to remember:
1. The encryption password for the keys.
If my method is not far more convenient, I don't know what is.

1 passphrase vs 2. Technically, yes it is more convenient... but it certainly isn't "far more" convenient.

Quote

Buying a 2nd computer is compulsory for maximum security, regardless of whether you go for hardware wallet or not.

Why do you need a 2nd computer? Hardware wallets allow you to use any computer/device you like... as they don't expose the keys to the device. That's the whole point. You don't need to be using an "offline" computer to set them up or use them.

For those using hardware wallet, what will really happen in real life is as below...

Hacker: Hey, gimme your seeds.
Victim: Okay, here you go. The passphrase. You can have everything in it. Please let me go now.
Hacker: Har har harrr.... Nice try, pal. I am not asking for the passphrase. I am asking for the seeds! And we have our computer standing by to validate the seeds on the spot.
Victim: Ops. Oh nooo....

Hardware wallet seller: We sell super secure wallets. We use super secure seeds.
You: Yeah, but how are you going to secure the seeds? You can't expect to remember them with your brains without some risk of memory loss. Even a single tiny spelling/memorization mistake causes everything to be totally gone for good.
Hardware wallet seller: Sure, you should encrypt the seeds as well.
You: In that case why do I even need hardware wallet for cold storage? I can do the same directly to the keys instead of the seeds.
Hardware wallet seller: Our hardware wallet is secure for spending as well.
You: For spending, we can use desktop wallet too, which is free.
Hardware wallet seller: Ummm.... urrrr.....


Even Trezor recommends paper backup @ https://doc.satoshilabs.com/trezor-faq/software.html#why-should-i-do-a-paper-backup-of-my-seed
Unfortunately enough, that is actually one of the weakest link in Trezor's security.
For more details, check out the disadvantages of paper backups.

Besides, if you want to use hardware wallet, you need to remember:
1. The 12-word/24-word seeds.
2. The PIN.
3. The passphrase.
4. The encryption password for the seeds (if you do backup on that).
5. The encryption password for the PIN (if you do backup on that).
6. The encryption password for the passphrase (if you do backup on that).

With the method I laid out in my steemit article, you only need to remember:
1. The encryption password for the keys.
If my method is not far more convenient, I don't know what is.

And if you want to use Trezor with backups, you still need to buy a 2nd computer for the backup too, for maximum security.
So your total cost of using Trezor is the additional unnecessary cost of buying a hardware wallet.
Buying a 2nd computer is compulsory for maximum security, regardless of whether you go for hardware wallet or not.

Yes, in fact one of the main reasons why I wrote the article is to help people avoid getting cheated off their savings.
The more noobs dabble in "high tech" stuff, the more vulnerable they are to getting cheated unless they become savvy in this.
Getting paper wallet has its risks too, as it is very easily destroyed, stolen and/or lost.
Best is to digitally-encrypt the paper wallet with very strong encryption as my steemit article suggested, for cold storage.

Paper wallets are hands down the best method of storing Bitcoin, it really surprises me that so called "experts" do not mention and promote them more considering how much theft and hacking goes on in this industry.

If everyone were to use paper wallets, I am convinced hackers would stop targeting these poor noobs as much given how easy it is these days. They just make a fake URL, use SEO to get a high rank and boom you make like $200,000 in a few days (I actually saw this happen right here on this forum).

The first thing all noobs should learn is how to make a paper wallet. It is so simple. Go to a site, generate your keys, write/print them, laminate or whatever, and then send Bitcoin to them and you can recover them on sites like Blockchain.info. There are just a few steps and the best part is it is like paper money which makes it easy for noobs to truly understand. This is opposed to hardware/software wallets which are a nightmare to setup for beginners.

Just use 2-3 flash drives in diff places - same functionality, low price, lower risks, independence from possible firmware bugs

Nah i'm form europe. That's the magic of Xapo, when you have btc in your xapo wallet, you can order a debit card that automatically converts your bitcoin to euros when purchasing something

You seem to have the assumption that all hackers and kidnappers are evil and sadistic enough to keep beating people for the hell of it... just in case you have more money. My point is that with a hardware wallet, there is no actual evidence anywhere how many wallets a person happens to have. They simply don't exist until a passphrase is entered...

However, if an attacker happens to find 20 items in my email account that are all encrypted... what do you think they're going to do if i stop at #1 and say I have nothing else? Perhaps they'll just ignore items 2 through 19?



I've taken the liberty of bolding it for your eyes to see
I'd already bolded that one before... so I've underlined it as well this time...



It's no different to using encryption software to decrypt your keys now is it? Or are you going to do the decryption by hand?



How can they? There is no proof. No evidence of how many wallets I have. I could 1 or I could have 10000000. They don't know because there is no tangible evidence of anything past the seed existing, unlike having a series of encrypted items on disk or in email etc. that are visible.



I never said it wasn't a 3rd party security risk... you claimed your method was better than hw wallet as it didn't rely on a 3rd party... but clearly it does rely on 3rd parties... unless you've gone ahead and written yourself an OS and some encryption software from scratch... I've been trying to point out, since I made the mistake of offending your ego, that NO method is 100% safe. There is always risk.



Pretty sure that there aren't any laws saying that 12/24 word seeds can't be stored in multiple places using multiple methods... but then legal systems around the world can be kinda crazy... so you never know. I'm also fairly sure that the hw wallet manufacturers don't limit purchases to 1 per person... Trezor sells 3 packs if I'm not mistaken.



Feel free to show where I have said that seeds don't need to be securely backed up somewhere...



Obviously people are spending cryptocurrencies every day without using hardware wallets... I never said they were required to spend. I stated they offer a level of convenience without sacrificing security, which I believe your method does not.



No solution for what exactly? How to store bitcoins securely while maintaining convenience? I thought that my solution would be fairly obvious... use a hardware wallet. In my opinion it offers the same level of security in some areas (securing seed), more in others (spending and dummy wallets) and is more convenient (portability, spending)... arguably it could be considered cheaper too, as a hw wallet is cheaper than a 2nd computer for spending or setting it all up offline.

While we're talking about solutions... I'm still waiting to hear how you propose to leave no evidence of multiple encrypted addresses in your email or on your thumbdrive etc and/or how you would implement a dummy wallet solution with your method.

Telling me I'm not creative enough to see it or that "my heart will point the way" doesn't really explain it... and is the sort of answer people resort to when they don't actually have a solution either. Despite what you think, I am genuinely interested in possible solutions to these issues...

I have no idea which wallet is the best choice to spend btc like a credit/debit card would.
But I personally do not use Xapo, and do not recommend using it.

Which country has such level of adoption already that you can spend btc at local shops?
Are you from Japan?

I use electrum it's okay everything is fine, but i want the ability to go a local shop that accepts bank cards, and use the xapo card to directly pay for my purchase in Euros using the xapo card that has a btc balance

For spending bitcoin, you should at least consider using a wallet that gives you control of the private key first.
Desktop wallet like Electrum is fine with me at the moment.
Hardware wallet is fine too, if you use it for spending (but I do not recommend it if it's for cold storage).
Xapo is a 3rd-party service provider that does not even give the user any control of the key.

You can check this out @ https://bitcoin.org/en/choose-your-wallet
Mobile wallet and web wallet should be 100% avoided.
So I would say go for desktop wallet and/or hardware wallet for spending only.

Hey thanks for the warning, I definitely did not read about xapo at all. Was recommended by a friend so i forgot to double check it  Could you recommend an alternative to xapo ? I mean for the visa card that you can withdraw $$ at an atm from bitcoin, or make purchases?

In a roundabout way, it would be stupid for any company to risk their reputation and their whole business on creating something that can be exploited by themselves. Ok, they might make a shitload of money, but they will also have to face jail time, once this goes public and go to court.

We unfortunately place our trust in third parties with every financial transaction we make. We use banks and ATM's and we make credit card payments and all of these services has been compromised in the past.

Online banking has been targeted the most and we still use it. ^hmmmmm^

I strongly do NOT recommend using Xapo for anything.
If you care enough, please go check the reviews given by others. I personally used it for a negligible while and the first experience is far more than enough to make me stay away from it. Even the founder (Wences Casares) has unethical business practice in the past that collects customers personal information and sold such data to 3rd-parties for profits. You use Xapo at your own risk. You have been warned.


Keyloggers are the biggest menace today. The malware can pretend to be a valid program and request the system to access certain file/registry or monitor clipboard changes.

What I do (beside installing anti-keylogger and anti-malware softwares) is that I encrypt my cold storage in an offline + formatted 2nd computer with very strong + long passwords and I never use these passwords on the computer I use for online purposes. As a last resort, I switch off the internet before using any password.

Edit:
I personally suggest SpyShelter Premium/Firewall.
Someone suggested Norton Power Eraser (@ https://www.bleepingcomputer.com/forums/t/640092/is-it-possible-that-i-have-been-hacked-strange-case/).
Generally, you better scan your system while in safe mode.

1. You are assuming hackers and kidnappers are so stupid that they do not know about dummy wallets. You have wrong assumption.
2. If you have tons of change addresses, your backup will be very problematic. You don't believe? Try it out. You should pray your hardware wallet will stay fine without glitches, or else you can say sorry to all your savings. Oh, yeah. Don't worry. You have the seeds written down and stored somewhere just in case for recovery. I assume they cannot be eaten, stolen, or destroyed.
3. What I mean is that 19 addresses are part of the change addresses as well, or else you will have far more than 20 addresses to look after.
4. You are avoiding the question on how to secure your hardware wallet's seeds/mnemonics/passphrases, which I believe you can never answer satisfactorily.
5. If you want to spend, you don't necessarily must use hardware wallets to do the job. Desktop wallets can work fine and they cost $0.

Come on. Give me a break. You are here arguing against my method without giving even a single credit to it, as if it is useless. Clearly you are here to argue for the sake of winning an argument and rest assured I will never let you win this argument.

Edit:
Notice I bold the 4th point for your eyes to see.


Nope, you are wrong. My method is not the same as using a hardware wallet.

A hardware wallet:
1. Doesn't give you 100% control of your keys. Using some source code to derive the keys from the seeds is bullshit as that's not the company's intention.
2. Doesn't protect you from a $5 wrench. Using dummy wallet as excuse is bullshit as we all know what you have is more than just dummy wallet.
3. Is a 3rd-party security risk. Denying this is bullshit. Saying/implying it is compulsory to use WinRar for my method is also bullshit.
4. Doesn't allow unlimited backups, vs my method that allows so.
5. Requires the same/similar need for encryption/security/backup (of seeds/mnemonics/passphrases). Implying they do not need so is bullshit.

There is NO such thing as needing hardware wallet to spend the cryptocurrencies easily, conveniently, safely, and securely. Implying that we need hardware wallet to spend is bullshit. In my article, I've said it clearly that hardware wallet is an option (but not the only option) when it's time to spend. You being a smartass, either do not read my article, or read it but have partial understanding of it, try to seek the pleasure of arguing with me. I will not let you win this argument. It is very easy to spot someone arguing for ego, and someone arguing for solution. You argue for ego, because you give NO solution.

To break can not, but you can lose the keys. If you store them on the computer then hack your PC and steal your codes much easier than to hack e-wallet. I think that in General it is impossible to store a large amount of bitcoins in one place.

What about a bank cold storage, where you place your bitcoins in a cold storage online, but they put it on a paper ant store it for you ? Xapo for example does this. What are your thoughts on this type of cold storage?

Wait... what?? The fraction of the 5 btc not spent will go to either a completely new "change" address, totally unrelated to all my other 19 addresses... or if I choose to not use change addresses as per the functionality offered in several wallets, the wallet will send the unspent amount back to the original address... which is also totally unrelated (from an external point of view) to all my other 19 addresses.

You have read BIP32 and BIP44 and understand about "external" (aka receive) and "internal" (aka change) addresses right? Pretty much all the hardware wallets that I'm aware of implement BIP44... and keep receive and change addresses separated as per the specification, that is to say using Derivation Paths of m/44'/0'/0'/0 and m/44'/0'/0'/1 respectively.

Most of them are also smart enough to prevent address re-use so while you could follow a chain of transactions that start with one 5 btc input... it'll never touch any of the other inputs (or their chain of transactions) until such time as you don't have enough coins in a single input to be able to send the amount you want to send and it needs to use 2 or more inputs.

All of which is relatively moot for "cold storage" anyway... and works pretty much the same way as your "paper" wallet system.

Like I've been saying all along... your system is pretty much the same as using a hardware wallet, without the convenience of being able to spend easily if required... or sign messages... or use on an online machine while maintaining security... or use easily with a mobile phone wallet... or use as a FIDO U2F secure key...

But hey, you're happy with it... and you saved yourself $100.

I know this... but you seem to insist that your method is completely trustless... I'm simply pointing out, that it is not as you are trusting WinRAR or . This directly counters what you consider to be advantages of your methods. Namely:
- maximum security (free of 3rd-party trust) - It isn't... you are trusting a 3rd party, with closed sources at this point in time.
- maximum trustless - Again, you are trusting a 3rd party.

Quote from: Dorky on August 09, 2017, 06:40:12 AM

If WinRar is not safe/secure, then tell me which software is. Or at least tell me or point out to me real-life cases of it being hacked, despite using very strong alphanumeric + symbol passwords.

That's my whole point... I (and others) have said several times now... that no method is 100% secure... but you seem to think yours is... who is not being objective again?

Quote from: Dorky on August 09, 2017, 06:40:12 AM

You talked about hardware wallet's dummy wallet, as if doing your own encryption will render you incapable of doing the same, as if doing dummy wallet is only a possibility if you rely on a 3rd-party. To me, that is very subjective and not smart at all.

And I also pointed out how having multiple copies of encrypted keys spread about the place in emails and on physical media leaves evidence behind that there is something hidden... whereas dummy wallets from seeds/passphrases do not. There is no evidence of anything existing other than the default wallet from the seed. You keep talking about being able to implementing a similar system using your method... but then just imply that I am unintelligent because I don't know how to do it... so would you care to enlighten us? I'm actually genuinely interested.

Quote from: Dorky on August 09, 2017, 06:40:12 AM

Quote

Huh Why would your total of 100 BTC be shuffled with every transaction?

Huh? I thought you know something about change addresses? If you are using hardware wallet, you should know what I mean.

I know what change addresses are used for and how they work... but I'm not sure why you think that hardware wallets only contain "a bunch of change addresses that reshuffle your .. btc with every transaction".

If I have 20x 5 BTC inputs in my hardware wallet and I spend 5 BTC like in your example... how are the rest of my 19 inputs being reshuffled?

Quote from: Dorky on August 09, 2017, 06:40:12 AM

All that hardware wallet can do for cold storage, my method can do the same. This appears to be beyond your comprehension.

You mean where I said "Is it "better" than a hardware wallet? A viable alternative sure, but better? I'd say that is somewhat debatable and likely dependent on the use case(s) of a given person"

You seem to be failing to grasp that I am not debating whether or not your system works... I've never once claimed that your system doesn't work... What I'm pointing out is that it is NOT 100% secure as you seem to believe... and that it is NOT 100% trustless (as currently implemented) and... in my opinion it is NOT better than a hardware wallet for the reasons I have explained.

Quote from: Dorky on August 09, 2017, 06:40:12 AM

You speak as if hardware wallet cannot be hacked. That's your subjectivity.

You mean where I have repeatedly stated that NO METHOD is 100% safe?? Unlike you and your magical "100% secure" method... subjectivity much?

Quote from: Dorky on August 09, 2017, 06:40:12 AM

I would like to send you a file encrypted with my method and see if you can actually hack it to rest the case.

Why? I'm not a hacker... I never claimed to be.

You claimed that a 24 word seed is easier to brute force than your 20+ alphanumeric+symbol password... I'm simply pointing out that you are incorrect and that seeds are in fact a lot stronger than a standard password. The maths already proves the case. But maybe you can just tell me what the seed is to my wallet and rest the case?

Quote from: Dorky on August 09, 2017, 07:04:54 AM

Above it all, refer to Matthew 6:19-21. The Bible is right.

Seriously? Now you want to make this a theological debate? According to those verses... you shouldn't even be using cold storage...

Let me say this to you:
Encrypting a paper wallet = encrypting a hardware wallet's recovery seeds/mnemonics/passphrases.
If only you can see this obvious truth...

Unless you say, "Well, there is no need to secure my recovery seeds/mnemonics/passphrases because I have 100% fail-safe brain memory."
In that case, I admit defeat.

Edit:
Or maybe I should be as specific as possible... just in case.
Digitally-encrypting or digitally-securing a paper wallet = digitally-encrypting or digitally-securing a hardware wallet's recovery seeds/mnemonics/passphrases.

The only difference with the former method is that I am 100% in control, don't need to do extra steps in securing/recovering the keys (like using a source code to derive the keys from the seeds), can customize the security to be as hardcore as I prefer, can do infinite backups, and don't need to spend more on any 3rd-party hardware.

Edit:
And please stop talking about dummy wallets.
In the future (or today?) hackers will know you will have a false seed standing by to trick them to a dummy wallet.
They will do far more than just accepting your dummy wallet.

Above it all, refer to Matthew 6:19-21. The Bible is right.

No, I'm not. You stated that you have "used WinRar for many several years and it never disappoint me, not even once" as some sort of proof that you can trust it 100%... so I pointed out that this is exactly the type of comment people have made about various services/software over the years... which then turn out to be a scam or buggy and financial and/or data loss occurs. Just because something hasn't "failed" yet, doesn't mean it won't.



Is that a serious question? Because it should be fairly obvious to "an intelligent man" how one could satisfactorily achieve that with a hardware wallet.

and I'm not quite sure what you mean by:
Do you realise that a 24 word seed... is effectively like having a 24 character password from an "alphabet" that has 2048 possible characters in it... whereas your proposed password of 20+ characters (we'll even be generous and say 24 character to compare apples to apples) using alphanumerics + symbols gives you a total of 26 upper + 26 lower + 10 numbers + say ~30 symbols... for a total "alphabet" size of ~92 total characters to choose from.

2048²⁴ combinations vs. ~92²⁴ combinations... Tell me again which one is going to be easier to brute force?

  ???cold storage is a good choice for me now.

The short + simple idea is to generate a "paper wallet" and then digitally encrypt it (but then the whole process is digital, without the paper printing).

You need a forever offline + formatted computer (to be free of viruses, malwares, keyloggers, etc), preferably a 2nd computer, never mind the OS.
You use a reliable 3rd-party address generator like Electrum to generate new addresses + keys, preferably one at a time instead of a bunch of 20s.
You export and encrypt (single, double or triple encryption) the private keys with software like WinRar into .rar file format with strong but personally memorable passwords (alphanumeric + symbol, over 20+ characters long).
You do the necessary backups online (like email to yourself) and offline (i.e. burn to multiple copies of optical disc, I recommend Verbatim's CD with AZO technology).

Once you get the idea how the whole thing is done, you can customize the entire process according to your preference.

I expected to get a tutorial, how to create a wallet. So no third party would be needed to save Bitcoins.

You are right, i dont use Hardaware wallet too, i believe in myself and there is only one person who has my private key, and that person is me.
Also, blockchain has a lot of security so it is safe to hold in there. there are a lot of security meassures and you are probably never gonna be stoled.

My article said it was only for cold storage, with an offline and formatted computer. But when it comes to spending, it isn't less convenient if you appreciate 100% control.

Example:
You have 100 btc.
You generate 20 addresses (with keys of course).
You transfer 5 btc to each address.
When you spend, you take out only 1 of the 20 addresses for use.
You spend only 5 btc and everyone knows you have at least 5 btc only (instead of 100 btc, because your addresses aren't a bunch of change addresses that reshuffle your 100 btc with every transaction).
If you get the $5 wrench attack, you can pretend you have only another 5 btc address (just as when you pretend you have only the dummy wallet with your hardware wallet).
If you want to cover the trace of your 5 btc, you use washers.

How can you do all the above with hardware wallet, satisfactorily?

Indeed, but if you can digitally-encrypt (maybe with double or triple encryption) your paper wallet with strong passwords (over 20-char with alphanumeric + symbol), that is even better than any paper wallet, as you can now store them anywhere online and multiple backups.

I find it easier to have half a dozen hidden wallets on my Trezors.  By entering my 7 digit Trezor PIN you would see the decoy wallet with < 2 coins at any time.  I therefore would have no clue such a thing as hidden wallets exist.  Its a better answer for the "$5 dollar wrench" than someone finding half a dozen paper wallets and me telling them there isn't a 7th or more around somewhere.  In a perfect NO adversary world both paper and hardware wallets are NOT able to be hacked at this point in time.  Only operator error would permit such an occurrence today.  Paper is more prone for errors when the time comes for coins to be moved, in my opinion.

And how are you going to spend/generate it? Offline wallet I suppose, for maximum security.

Everyone says paper wallets are the safest but they don't consider the generation and the spending process which exposes it to threats and once its spent, a new paper wallet will have to be generated. Hardware wallets are the closest you can get while balancing convenience and security.

Hahaha .like steemshit

SteemIt sounds like a new term for taking a shit on something.

Lot of people posting their Steemit articles here trying to make bank.

Anyway, this is common sense. TRUE COLD STORAGE = PAPER WALLET

Anyone who lost  a significant amount of Bitcoin will tell you a paper wallet is the safest way of storing it. Think of it like cash money, except you are holding a paper with your keys on it. No one can hack you if you use this method.

No, I'm not here to argue or anything.

You can't criticise them if you cannot find any fault with them. How are you going to be generating the keys with 100% security if you do not wish to verify the source code? No wallet will ever be safe for you then. You can only generate it by hand.
I don't really understand where you got that inference from. I merely said that the derivation method can be known. You can get the private keys from the seeds=getting your gold from the paper that holds your gold without any restriction at all.
Nah, I just feel that theres some misconception.
Wait... Didn't you mention that hardware wallets are flawed because you are depending on a third party to generate it for you? I think you misunderstood something.
Of course. I didn't say everyone SHOULD write their own OS in the first place, I don't even expect anyone using Bitcoin to be able to. If you love your privacy and security, you would be having thousands of private keys whenever you spend the coin. Isn't a 12 word seed way easier?
You uh, forgot to cover the way to spend your coins. Of course I can craft a transaction at the moment when you decrypt your encrypted rar file to send the coins to my address.

How it possible to capture sent packets without noticing user?

I'm sure there were people saying similar things about Mt. Gox... and Bitfinex... and right before all their coins/$$$/data disappeared.

Quote

And thank you for bringing up that $5 wrench attack because I came across such argument while writing my article.
Here's the thing, can anyone using hardware wallet be safe from the "$5 wrench attack"?
Here's an honest + objective answer... NO.

Actually, they can be safer than you... because the hardware wallet gives them the safety of "plausible deniability". You can create "dummy" wallets with "small amounts" of bitcoin... say 1-10% of your total holdings. If someone threatens you, you give them the password to the dummy wallet... they find your coins and think "Job done"... meanwhile your 90-99% of actual holdings are safely stored in a hidden wallet that they can't possible know or prove exists... rendering a $5 wrench attack nullified for a relatively minor cost.

Whereas, with your method, they'll keep hitting until they get the password (or passwords in the case of multiple encryption) that decrypts it correctly.

Quote

And is it better to use my approach vs hardware wallet? Yes.

See... I was going to let the "Saying no procedure is 100% safe sounds like speculation to me" slide... but now you're just coming off as a little bit arrogant.

"Saying your procedure is 100% safe sounds like arrogance to me"

Quote

Why? Using hardware wallet is a physical dead giveaway that you have bitcoin and/or other cryptocurrencies.
Using digitally-encrypted private keys that I suggested is not, unless you try to brag and boost that you are rich because you have plenty of cryptocurrencies, in which case you are the security risk, not my approach.

No, you just used a very public forum like Steemit to declare to the entire world that you use Crypto... and how you choose to store them. Guessing you trust them more than hardware wallet devs/manufacturers too... so I'm sure your IP address is safe when them.



I'm not declaring that hardware wallets are 100% safe, or the only answer to everyone's crypto storage needs... there are still attack vectors that exist (no solution is 100% secure). What they are is safer than using just a software wallet on a desktop PC/tablet/mobile device... and more convenient than locking everything away on paper wallets in secure storage (or triple encrypted, digitally stored private keys)...

But hey, like I said... Horses for courses... you've got a system that works for you, so that's great. Is it "better" than a hardware wallet? A viable alternative sure, but better? I'd say that is somewhat debatable and likely dependent on the use case(s) of a given person...

People discussing security when using Windows - come on! Don't you see the gap here? Windows has a long, long record of insecurity, and there is no sign, that this will ever stop. (Oh, yes - Microsoft last recently announced, they'll embrace Linux. That might be a first step.)

In the professional world of security you do not talk Windows. Otherwise it is snake oil (thx to Bruce Schneier for this wording).

>> Saying no procedure is 100% safe sounds like speculation to me.
this sentence makes me puzzled
Security is not about emotions, not about opinions or speculation.
it is a race between experience and development. Similiar to banks, who protect the wealth. The layers of protection were increased step by step, until it gets too expensive to try and steal money. So security is all about trade-offs: you have a certain amount of value to protect, then you also need to invest a certain amount for the protection layer. You can not protect a 1 million value with 5 cents of security thoughts. And then there is not only security against theft, it is also about privacy.

So best practices might look a bit like this:
Trades at the 100 Dollars/Yen/Euros/Satoshis level can be on a phone wallet.
The 1000 range can start to be used with multisig.
The 10.000 range requires some cold storage.
All beyond requires cold storage and multisig.
And when it comes to privacy, you may want to add a layer of tumbler/coinjoin/mimblewimble.

I would say I have used WinRar for many several years and it never disappoint me, not even once.

All those videos saying WinRar's .rar files can be hacked is fake because they use brute force on negligible passwords like "abc" and "123".

And thank you for bringing up that $5 wrench attack because I came across such argument while writing my article.
Here's the thing, can anyone using hardware wallet be safe from the "$5 wrench attack"?
Here's an honest + objective answer... NO.

And is it better to use my approach vs hardware wallet? Yes.
Why? Using hardware wallet is a physical dead giveaway that you have bitcoin and/or other cryptocurrencies.
Using digitally-encrypted private keys that I suggested is not, unless you try to brag and boost that you are rich because you have plenty of cryptocurrencies, in which case you are the security risk, not my approach.

The theme is good and I myself do not use a hard wallet.

So you can say... with 100% certainty... that there are no "bugs, glitches, backdoors, ... etc that either allows them to be hacked or they screws up on their own, or both." in RAR software... with it's closed sources?

And for the record... your method would probably fail the "$5 wrench attack":

Or maybe you can just be clear and point out how my approach of cold storage will be hackable.
Saying no procedure is 100% safe sounds like speculation to me.


You don't need to read if you don't want to. No, I don't use any hardware wallet. And no, whether I should or shouldn't be using bitcoin is 1) out of topic, and 2) is none of your business.


Yes, the hardware wallet has support, but please note the support is limited. I didn't suggest paper wallet. I suggested a digitally-encrypted paper wallet. Yeah, hardware wallet can be used for cold storage (but not recommended, except as hot wallet just as an example), in which you will secure the recovery seeds. And securing the recovery seeds is no different from securing the private keys. Some pro-hardware wallet people never realize they actually have to secure their recovery seeds precisely and exactly the way they would secure the private keys. In fact, for such people not realizing this means their security isn't really high despite using hardware wallet.

Not only Trezor has that capacity to import your seeds in another compatible wallet with the seed of a hardware wallet. Ledger Nano S has also support for it. I think that paper wallets are a pain in the a** while hardware wallets can be used both ways, even hot and even cold storage depending on the user.

I did not, thanks for point it out. You can still import from Trezor to (an old version of) Multibit to Electrum... or actually to Electrum directly, apparently [1]. Point being that with the key derivation logic being public there will always be a way to replace your hardware wallet with a software wallet. Of course this also means to stay away from any hardware wallet that isn't open source.

[1] https://doc.satoshilabs.com/trezor-apps/electrum.html

This guy doesn't even understand how Bitcoin works. Rambled on about a bunch of useless points to get paid through that Steemit platform. No, I didn't even read, because thankfully the other guy pasted his main points. By all means, don't use a hardware wallet. Maybe you shouldn't be using Bitcoin either, since you need everything done via holding your hand.

You do realize MultiBit no longer exists... right?

And there never will be.
Any security can be attacked, just like any bank can be robbed.

What you want to have is a cold storage wallet that is too expensive to attack.

And as for the hardware wallets, they are not "cold" per se - you always connect them to a PC that is connected to the internet.

To be very fair, open sourced=/safe. The user still has to independently verify and install the firmware himself to be 100% safe. Though I find that rather redundant.

---

---

Not sure if you are misled or just don't bother researching on the topic but:
Do you have any proof that the hardware wallet providers have access to your private key?

As long as you can audit the source code and install it yourself, and can capture the packets sent, I can't see how they can do this without users noticing.

Most hardware wallet uses a standard method of generating seeds. It is widely used and with the seeds, you can import it into LOTS of wallet or just simply write a script to extract it yourself.
Refer to my second point.
Jesus, I don't even know if I should continue but oh well.
How are they helping you to secure when you are free to review the code to find and test for bugs? If you don't like to rely on third-parties, it might be better for you to write your own OS or wallet.
Point 2 and point 2.

It's kinda hard to hack a wallet when the keys are never exposed to the outside world.

Currently there is absolutely no procedure to make a cold storage that is 100% safe. Best case scenario, you get pseudo-random keys. If I get some time in the future, I'll write a small library that translates dice rolls in real world into private key and calculates public address from it. Then you'll be able to run it on a CPU that does not have, will not have and never had any network access and THAT will be safe cold storage.

Yeah... I'm not sure about some of his claims either... It would seem that the OP must trust the RAR devs more than Crypto-wallet devs... Is RAR opensource? ummm NO. OP, do you know for sure that RAR has no: I'll go ahead and guess no...

Are you sure about that? All you are doing is switching your trust from one software/hardware provider to another (with closed sources)...


But hey, you found a system that works for you...  

The guy lost me at recovery seeds being "paper claims" to private keys. The source code for deriving said private keys from your recovery seeds are out there. You can derive your private keys yourself without the need for any third party support. Also, at least with Trezor, you can import your recovery seeds / private keys into a software wallet such as Multibit, so you're not forced to buy a new one.

Of course you don't need a hardware wallet to store your coins securely. I personally just find it way more convenient to use my cold storage with the ease of a hot wallet.

Not sure if I should post it here, but I just wrote a steemit article on "Why I Am Not Using Hardware Wallet For Cold Storage" @ https://steemit.com/wallet/@dorky/why-i-am-not-using-hardware-wallet-for-cold-storage to help people make better decisions.

Check it out.