Why is the brain wallet not better than regular paper wallet?

o_e_l_e_o

legendary

Activity: 2268

Merit: 18748

Quote from: LoyceV on August 28, 2019, 08:08:15 AM

Correct. But for the "hit by a bus"-scenario I don't think every small transaction matters, it's about securing access to the majority of your coins.

Sure, but if your cold storage is one big input, even if you spend a single Satoshi from it then your printed transactions will now be invalid and need updated.

Quote from: LoyceV on August 28, 2019, 08:08:15 AM

I thought it was more or less common sense to know this method

I've never put much thought in to inheritance, since my back up is my wife knowing how to access all our wallets and knowing where all our seed phrases are stored. Cheesy

kryptqnick

legendary

Activity: 3248

Merit: 1402

Join the world-leading crypto sportsbook NOW!

Quote from: Unsaint32 on August 26, 2019, 07:16:29 PM

Quote from: rdluffy on August 26, 2019, 06:51:27 PM

Do you really think is it worth to do all this effort, instead of just buy a hardware wallet because you want to customize?
The key here is safety, and for now the hardware wallets are one of the best methods available and it's simple

I believe my 1 btc will be worth $100,000 in 10 years. So, I don't mind having to do all that work if I have to. Just for the sake of education, would you disagree with me that the wallet method I described is less secure than a Ledger nano S? If you do disagree, can you explain why? Thanks.

Look, leaving clues about the remaining words and not having them written down anywhere makes your money safe, sure. But what if you somehow forget the words, stop understanding the clues? Then your investment is lost forever. And it might be that the probability of you forgetting the words is higher than your wallet getting hacked. I use 2FA and I feel pretty safe. There are a confirmation link on my email address and a temporary personal code sent to my phone. Oh, and also a password which is a mixture of words and symbols. The password is stored in a way I find secure. There's a chance that it can be stolen and hacked, but the chance is low, and I am okay with that.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: o_e_l_e_o on August 28, 2019, 02:53:24 AM

With your set up Loyce, you would also need to remember to update the transactions every time you removed from your cold storage, so the transaction remained valid.

Correct. But for the "hit by a bus"-scenario I don't think every small transaction matters, it's about securing access to the majority of your coins.

I thought it was more or less common sense to know this method, since it's so "standard", but considering the positive response in this topic, I'm going to create a dedicated thread for it when I have the time (inclusing a real example).

Quote

Now, would there be a way to set up a time locked "sweep all" transaction? That would be interesting.

I think that is possible with the Time lock thing, but you won't be able to access it on your own before the Time lock expires. And I feel far too uncomfortable with it to try it. I don't like storing Bitcoin in methods I don't completely understand.

funchiestz

sr. member

Activity: 1134

Merit: 342

Quote from: Unsaint32 on August 26, 2019, 03:58:08 PM

I don't understand why people say BTC brain wallet is a bad idea. Of course I have to be careful how I write the seed words. For example, if I used words such as "roof Tokyo 1313 cucumber .... wrestling 62 blue," there is no way someone can guess them intentionally or otherwise. If I wrote the words down on a piece of paper somewhere safe, and if water damage smeared a bunch of the characters, the chance of me guessing the correct characters would be immensely better than guessing random characters. Am I missing something?

I can't say that the brain wallet is not a good option. But I also have to say that the paper wallet is one of the safest options. Actually, I've been using a paper wallet for years, and I haven't had the slightest problem.

SirLancelot

hero member

Activity: 2646

Merit: 582

Leading Crypto Sports Betting & Casino Platform

Remember that cryptocurrency is not the only thing that you come across every day or you have engaged yourself in, you cannot over work your brain, ordinary password to email, people do forget it over time as time goes on.

I remember that I created an access database one day which we used for a year, I actually memorized the password during that time that I and the people I developed it for used it, but we had an issue that took us away for 2 years, fighting to win the company back from government, you would not imagine that I forgot the password completely and everything that I tried to remember it till date was to no avail, so sometimes, no matter how smart you are, brain wallet can fail, but the only thing you can do is to make use of both brain and paper wallet.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18748

With your set up Loyce, you would also need to remember to update the transactions every time you removed from your cold storage, so the transaction remained valid. You could add to your cold storage safely enough, but obviously the new coins wouldn't be included until you updated. I suppose you could keep your cold storage inputs split up in to, say, 0.5 BTC sized UTXOs rather than consolidating in to one input to partially mitigate this.

Now, would there be a way to set up a time locked "sweep all" transaction? That would be interesting.

pooya87

legendary

Activity: 3472

Merit: 10611

Quote from: LoyceMobile on August 27, 2019, 11:01:06 PM

@pooya87: I didn't mean to send it to an address owned by a family member. The private key is stored in the paper wallet accompanying the signed message.

i guess i missed that. i thought the paper wallet was the cold storage.
removed my post because the solution makes sense now Tongue

i still think playing with SIGHASH types is a cool way of doing it though.

LoyceMobile

hero member

Activity: 1659

Merit: 687

LoyceV on the road. Or couch.

@pooya87: I didn't mean to send it to an address owned by a family member. The private key is stored in the paper wallet accompanying the signed message.

hatshepsut93

legendary

Activity: 3024

Merit: 2148

Quote from: gentlemand on August 27, 2019, 03:26:02 PM

The seed is just a few words. Who says it has to be written down on something anyone can physically find? You can store the seed as a txt file in encrypted form anywhere in the world. Stick it on a few SD cards and tape them to a few different places.

Hardware wallets often also offer a 25th word to encrypt the seed. That's going to be rather easier to remember than the other 24.

Software wallets that use BIP39 also allow the use of additional word, which basically is a password, and in terms of security is equal to your advice of encrypting the seed - both ideas fully rely on the strength and secrecy of a password.

There are some more advanced schemes, like Shamir's Secret Sharing, which allow you to split a key into chunks, where each chunk is useless on its own and doesn't provide any information that would weaken the encryption (unlike with naive splitting of plaintext key).

gentlemand

legendary

Activity: 2590

Merit: 3015

Welt Am Draht

Quote from: bitart on August 27, 2019, 03:19:00 PM

So in my opinion, hardware wallet is OK for a little amount, but for a larger amount, you should think it over again...

The seed is just a few words. Who says it has to be written down on something anyone can physically find? You can store the seed as a txt file in encrypted form anywhere in the world. Stick it on a few SD cards and tape them to a few different places.

Hardware wallets often also offer a 25th word to encrypt the seed. That's going to be rather easier to remember than the other 24.

bitart

hero member

Activity: 1442

Merit: 629

Vires in Numeris

Quote from: LoyceV on August 27, 2019, 01:42:07 PM

Quote from: Unsaint32 on August 26, 2019, 06:45:02 PM

Now, here is my solution. I can create a private key using 20 words. And I can make the last 5 words something only I know. I can email my family (and myself) the first 15 words. Then, I can email them the clues of my last 5 words. Of course, I have to do a damn good job that only the ones I fully trust know the answers. So, I guess my method is 3/4 paper - 1/4 brain wallet?

Apart from the risks from your proposal: why would you give your family access to your Bitcoins? If it's meant for the "hit by a bus scenario", there might be another option. I've been thinking about this for a while now, but haven't actually used it:
1. Print a normal paper wallet.
2. Sign a transaction to send funds from your cold storage to the normal paper wallet, but add a Locktime so it's only valid from a block far far in the future. Say 1 million block count or even more (but not so far none of your family members will still be alive). Or while you're at it: create a few versions (1 million blocks, 1.5 million, 2 million) and print them on different sheets of paper.
3. Print the transaction and store it with the paper wallet.
4. If you're still alive a couple of months before the first transaction becomes valid: burn it, the next one becomes your new fail safe.
If your family ever needs it, all they have to do is wait a few years, broadcast the transaction, and the paper wallet becomes valuable.

Wow
I'll quote this for reference, I'll read it over again, because it seems to be a good solution for this 'bus scenario'

Something else:
Someone mentioned that storing significant amount of bitcoin on hardware wallet is safe enough...
OK, it can be safe, because if the hardware wallet fails, you have your 24 words on a piece of paper packed in a pair of socks in your wardrobe drawer (everyone has them there Cheesy

)
Now this is where we should hold on for a minute.

If we have the 24 word seed (which you need to restore the hardware wallet) written on that piece of paper laying somewhere, the security of the hardware wallet equals to the security of the method you store your paper wallet... because if someone finds that piece of paper, he/she can restore the hardware wallet and can spend the bitcoins, without the need to physically access your original hardware wallet.
So in my opinion, hardware wallet is OK for a little amount, but for a larger amount, you should think it over again...

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: Unsaint32 on August 26, 2019, 06:45:02 PM

Now, here is my solution. I can create a private key using 20 words. And I can make the last 5 words something only I know. I can email my family (and myself) the first 15 words. Then, I can email them the clues of my last 5 words. Of course, I have to do a damn good job that only the ones I fully trust know the answers. So, I guess my method is 3/4 paper - 1/4 brain wallet?

Apart from the risks from your proposal: why would you give your family access to your Bitcoins? If it's meant for the "hit by a bus scenario", there might be another option. I've been thinking about this for a while now, but haven't actually used it:
1. Print a normal paper wallet.
2. Sign a transaction to send funds from your cold storage to the normal paper wallet, but add a Locktime so it's only valid from a block far far in the future. Say 1 million block count or even more (but not so far none of your family members will still be alive). Or while you're at it: create a few versions (1 million blocks, 1.5 million, 2 million) and print them on different sheets of paper.
3. Print the transaction and store it with the paper wallet.
4. If you're still alive a couple of months before the first transaction becomes valid: burn it, the next one becomes your new fail safe.
If your family ever needs it, all they have to do is wait a few years, broadcast the transaction, and the paper wallet becomes valuable.

hatshepsut93

legendary

Activity: 3024

Merit: 2148

You are mixing many things up here, so let's sort the terms first.

Brainwallet is a type of wallet that derives Bitcoin keys from user-supplied password.

Mnemonic format is a format data that is meant to be memorizable by humans.

Brainwallets are also memorizable by humans, because you can choose a password that you can remember. However, mnemonic seeds, like BIP39 or Electrum seeds ARE NOT brainwallets, because they are generated randomly. Brainwallets are inherently insecure, because humans are not good at generating random data. Mnemonic seeds are okay, because it's just a representation of some long random buffer.

If you want to keep your wallet in your brain, use a wallet that supports mnemonic seeds. Remembering 12 words might sound hard, but it's actually not, just establish a habit of repeating it on a daily basis, like when you brush your teeth or drive to work. However, never rely on your memory to store your seed - there's always a risk that you will forget it. Your memory should only be used as secondary backup, and the seed should be stored on other mediums, like paper, usb sticks, cd's, etc.

Kez1817

member

Activity: 909

Merit: 17

www.cd3d.app

Brain wallet is not better than paper wallet because there is a bigger possibility that you can't remember your password or passphrase specially it was consist of 12-24 words. I think even you have a good memory,time will come you will forget the combinations of your password or the random of passphrase or seed. Much better to secure your wallet not only using brain wallet but also keep it on a paper wallet or have a back up files of it. Don't wait to have a memory lost or memory diffeciency before you secure your wallet or else you will say good bye to your bitcoin and other cryptocurrency if ever.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18748

Quote from: Indamuck on August 27, 2019, 06:47:01 AM

Brain wallet is the safest method if your words are random and you have a good memory.

No, they aren't. There are a thousand and one reasons, from accidents to aneurysms, that you could suddenly run in to severe and irreversible memory problems. This could happen to anybody, of any age, at any time, without warning. If you are the unlucky one, then say goodbye to your bitcoin.

And I'm assuming here you are remembering a 24 word mnemonic phrase. If your brain wallet is something like a line from a book, a movie quote, a song lyric, a few dictionary words, a handful of random characters, or something similar that humans generally use for passwords, then you can expect to lose your coins within seconds. There are hundreds of bots out there monitoring hundreds of thousands of brainwallet addresses, just waiting for a newbie to be naive enough to send coins to one of them.

gentlemand

legendary

Activity: 2590

Merit: 3015

Welt Am Draht

Quote from: Indamuck on August 27, 2019, 06:47:01 AM

Brain wallet is the safest method if your words are random and you have a good memory.

I have about three regulars passwords that I jumble up for stuff I don't really care about all that much. There are multiple encrypted folders I can no longer access and I'm certain they have variations on passwords I've used forever.

It's not worth the bother attempting to crack them but if I can't remember things based on 2-3 phrases burnt into my memory for decades there's no way I'd ever trust my memory for anything important, and that's long before we get to the average human's inability to be properly random.

Indamuck

hero member

Activity: 1120

Merit: 554

Brain wallet is the safest method if your words are random and you have a good memory. The only downfall is if you die and you don't have a back up system to share your coins. Of course this isn't an issue if you don't have anyone besides yourself.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18748

Quote from: Unsaint32 on August 26, 2019, 06:45:02 PM

Now, here is my solution. I can create a private key using 20 words. And I can make the last 5 words something only I know. I can email my family (and myself) the first 15 words. Then, I can email them the clues of my last 5 words. Of course, I have to do a damn good job that only the ones I fully trust know the answers. So, I guess my method is 3/4 paper - 1/4 brain wallet?

This is a terrible idea.

You should never store your seed, mnemonic, passphrase, password, anything online, and especially not on something as horribly insecure as an email server. You are essentially making your first 15 words public.

You have now reduced to security to 5 words. These 5 words are picked by you, and so not truly random. Since you are storing your first 15 words and your "clues" on the same insecure email server, if someone has access to one, they have access to both. You are also essentially making public "clues" to these 5 words. This is probably going to be both brute-forceable and maybe even guessable.

Even if you picked 5 truly random words (which no human can do) from the entire subset of the English language (approximately 200,000 words), then you still only have 3.2*10²⁶ bits of entropy. For comparison, a 24 word seed phrase has 1.16*10⁷⁷ bits, meaning your set up is somewhere in the region of 1000 trillion trillion trillion trillion times less secure.

There is a reason there are near universally accepted "best practices" for storing your keys - they work. Use a BIP39 compatible 24 word seed, write it down on paper (never store it electronically), and hide it somewhere secure.

jseverson

hero member

Activity: 1834

Merit: 759

Quote from: Unsaint32 on August 26, 2019, 06:45:02 PM

Now, here is my solution. I can create a private key using 20 words. And I can make the last 5 words something only I know. I can email my family (and myself) the first 15 words. Then, I can email them the clues of my last 5 words. Of course, I have to do a damn good job that only the ones I fully trust know the answers. So, I guess my method is 3/4 paper - 1/4 brain wallet?

How do you intend on creating the first 15 words? If it's by using the old brainwallet concept:

Quote from: https://en.bitcoin.it/wiki/Brainwallet

An early old-style brainwallet was created by by memorization of a passphrase and converting it a private key with a hashing or key derivation algorithm (example: SHA256). That private key is then used to compute a Bitcoin address.

Then the source also points out that humans are not a good source of entropy, and nearly everything you can come up with is likely insecure.

If you plan on generating the first seed words by something like Electrum (12 seeds, derived from the master private key, not the other way around), and extend it with extra words, it theoretically should be fine. Since you can add just about any character or word to the pool of seeds, it would probably be nearly impossible to brute force it. I would still be very wary about keeping partial copies online though.

avikz

legendary

Activity: 3080

Merit: 1500

Quote from: Unsaint32 on August 26, 2019, 03:58:08 PM

I don't understand why people say BTC brain wallet is a bad idea. Of course I have to be careful how I write the seed words. For example, if I used words such as "roof Tokyo 1313 cucumber .... wrestling 62 blue," there is no way someone can guess them intentionally or otherwise. If I wrote the words down on a piece of paper somewhere safe, and if water damage smeared a bunch of the characters, the chance of me guessing the correct characters would be immensely better than guessing random characters. Am I missing something?

Memorizing a big list of seed words is a risky venture, no matter how good you are at it! I would rather suggest you to use a hardware wallet like Trezor or Ledger Nano S is the best way to safeguard your bitcoins if you are holding a significant amount. For small amounts of bitcoin, you can simply use an online desktop client like electrum among others. Remembering seed words is a bad idea. If you're serious about the safety of your bitcoins, go get a hardware wallet!

Topic: Why is the brain wallet not better than regular paper wallet? (Read 433 times)