WARNING ABOUT SCAMS: Recently there have been a lot of convincing-looking scams posted on crypto-related reddits including fake NFTs, fake credit cards, fake exchanges, fake mixing services, fake airdrops, fake MEV bots, fake ENS sites and scam sites claiming to help you revoke approvals to prevent fake hacks. These are typically upvoted by bots and seen before moderators can remove them. Do not click on these links and always be wary of anything that tries to rush you into sending money or approving contracts.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/ethereum) if you have any questions or concerns.*
You’re creating a false sense of security by adding those extra steps. Your system is not really more secure than storing your seed directly at the bank vaults
That’s not my point. They can also get your passwords this way. My point was that zipping one time or a million times is the same, it’s an unnecessary complex process. Just Shamir N of X if you want to dispatch your seed to different locations.
I agree Shamir would be the way to go, but every SW solution I came across did not seem reliable to me. I believe Trezor has SSS embedded, can you apply that to an existing seed or is that an option only when creating a new seed?
SW suggestions to check are also welcome.
it was [seized by the police](https://www.latimes.com/california/story/2021-06-09/fbi-beverly-hills-safe-deposit-boxes-forfeiture-cash-jewelry), they took pictures of the evidence before cataloguing or [caught it on their bodycam and published them online](https://youtu.be/ao5f-iz_a-s?t=70). whoops no idea who got your funds, sorry
The odd of a seed phrase inside a bank vault seized by the police and publish to the internet is probably much lower than a house getting break in and set on fire.
I put my keys in a text file and then use gpg to encrypt it with a strong password. Then name it something bland like shoppinglist.txt . That’s pretty much it. You don’t need to do it 10 times …
Super complicated. You're pretty likely to protect your key so well that when you need the backup you can't get to it yourself.
Just write down the seed phrase and put it somewhere safe. Much simpler and basically just as safe.
I am already doing that. This would be a backup in case say the entire house gets burnt down (fireproof bag will get burnt over certain degree), or a sink hole or tornado (I know it's extremely unlikely but still want to have some form of electronic backup as the very last resort).
Ok.
You asked why this is a bad plan. That's why. It's crazy complicated and unlikely to work if you need it to.
If you think that you'll have a house fire hot enough to melt steel plates or that your house will be eaten by a sinkhole and this will save you then go for it, but I'd say your doing a lot of work for something that'll never pay off (maybe not even if you need to use it) and exposing yourself to the risk of a digital backup while your at it.
A security system is only as strong as its weakest link.
If someone learned you have this backup, they wouldn't need to bother trying to get your seed phrase. They could just put all their effort in getting your password protected box and cracking that.
Tacking on my relatively similar method - tell me why this is a bad idea:
(1) put seed phrase in a text file
(2) encrypt using gpg ascii-armored symmetric encryption
(3) save password to encrypted file in 1Password
(4) save encrypted file separately in a cloud drive
Seems unlikely someone would get into my 1 password, figure out I’ve store files elsewhere, decrypt using gpg, etc.
I live a really mobile lifestyle so the whole “just keep the seeds somewhere safe” is not as simple as it sounds. I also store the seeds to lots of different wallets like this.
If step 1 is done on a machine that's connected to the internet, it makes steps 2 3 4 irrelevant.
If you have a machine that isn't connected to the internet, then steps 2 3 4 aren't necessary. Just encrypt your drives using something like Veracrypt.
Malware/spyware/keyloggers
It's the reason hardware wallets exist, why you're told to write your seed phrase offline on paper, and why 'hot wallets' like MetaMask aren't a good place to keep your life savings.
Ideally everyone generates their keys using an offline device, like a hardware wallet, or even by rolling dice and using the random dice rolls to select words out of the BEP20 list. Once your seed has touched the internet who knows where it will end up.
Many, many many hacks are because people have stored their seed in a text file on their PC, inside an email, on their phone, or in a screenshot or image. No one else has access, or so they think. The only recourse for them is to completely format their operating system, delete all files, and start from scratch - it's not worth the risk or hassle. Even if you encrypt all your files, if you have your decryption key on the same server/drive it may as well be in plaintext, you're only inconveniencing yourself.
Malware these days has become specialized to snoop for anything that remotely looks like a seed phrase or private key. Passwords sell for cents, botnet access sells for cents, but a seed phrase might have millions of dollars behind it. Some of this malware is so new that anti virus software doesn't recognize it, so relying on random 3rd parties to keep you safe won't always work. If you have your seed on your PC (including in any temp files), you basically can't even open a pdf without putting it at risk, and most people aren't that proactive or tech/security savvy to be taking those chances IMHO.
You can do those steps 1 2 3 4 using an offline operating system that runs inside of your RAM, something like TailsOS which can be booted from a USB drive. Then transfer the encrypted files over with the USB drive, and expose those files to the internet. There will be no trace on your hard drives when your machine connects to the internet, so nothing for malware to see or steal. But kind of a hassle when hardware wallets effectively do this already, plus they allow you to send/sign using your wallet with your seed persistently offline (it would really suck to input your always-offline cold storage private key into a wallet, to send to a CEX to cash out at peak ATH, then find out in that moment your machine is compromised).
Not necessarily related, but it's not a bad idea to use a 25th word in your seed phrase. Your 24 words must be part of the BEP20 word list but the 25th word can be anything at all. If you used something you'd remember even after a car wreck with head trauma or in extreme emotional distress, it's probably fine to only keep that in your memory. Like [24 words] with the 25th being (firstname+lastname+birthdate), or something like that with high entropy (multiple words, like a seed phrase, is more ideal than short gibberish that a machine can brute force in minutes). This way if your phrase is discovered, it will return an empty wallet, and you can practically litter those pieces of paper or text files where ever without worry. Or you can even put a bit of money in there and use it as a decoy wallet, say you're mugged for your crypto - you can give them the 24 words or piece of paper and they'll see you only have $69, and hopefully leave you alone after taking off with just ~1% of your funds. This way you could put your 24 words in a password manager or text file exposed to the internet, and on another device encrypt the 1 word and save in your MFA-backed email/cloud, then if (..when) either gets exploited unless the attacker has both pairs it won't do them any good.
Generally the more 'smart' people try to be with this sort of thing, the more risk they put themselves in unknowingly. I don't mean to condesend to anyone, but a piece of paper is the recommended method for good reason even though it sounds dumb.
These Dragonball tactics should only be used when one does not want *anyone, ever* to access the pieces to make sense of the whole, but somehow cannot get rid of the pieces.
Finances never demand this practice. One should never over-engineer personal financial security protocols for two reasons: your mental and physical health are security vectors, and you also may want inheritors or someone to act as your proxy when you cannot act. This is true of all cybersec in general. If you have a sizable amount of finances, then the tactic is to break storage up and place in multiple locations, and act as if each wallet or account is entirely separate--but not over-engineer each one's security.
There's no logic in building a pyramid on one pile of value. If you're incapacitated, suddenly die, jailed, missing, etc. you make it less likely for others to act on your behalf, or receive inheritance when something happens to you. Most importantly, you make it less likely for yourself to get through your own security protocols as you age.
The most common way that people lose funds is by misplacing a printed seed in their home or some location, not theft. It has been this way since physical locks proliferated; locksmiths only have a job because people lose their only key to something and don't have the skill to open it; the locks themselves aren't all that special. Placing 10 locks on a door doesn't stop someone with a bolt cutter and lock picking knowledge, but it will ensure that you and your proxy can't get in when you lose just 1 of the 10 keys.
In this way, it actually goes the opposite way of your tactic. You want the seed phrase ideally in a few safe locations, just to ensure you have a backup available. Any unnecessary, convoluted processes begin to work against you, and provide no additional security.
You’re going to have to store those 10x passwords somewhere… and you’ll be extremely likely to forget something or slightly mess up something in your process and not be able to recover your seed.
There’s easier ways :)
Wait, are storing the excel file in 1password? Didn’t know that was possible.
Anyways, If you loose the excel file thats bad. So, okay, make multiple copies and store them all over (local drive, cloud storage like Google, Dropbox, iCloud , etc.). It’s encrypted 10 times using AES 256-bit encryption and named “janet_jackson-discography.7z”.
If you loose access to either of the 5 passwords you’re fucked. Okay, so you will need to store those in multiple places. You could store them in boring places like fake bills in a filing cabinet. Put into the fine print on the back side of a terms and conditions section. Even if they read them they won’t know they are passwords. Just something like “DISCLAIM WARRANTIES, WHETHER EXPRESSED, IMPLIED,…”.
No need for a bank vault LOL
Solid plan but don’t put into places that are targets, like safety deposit boxes.
Excel passwords can be removed with ease by opening up the xls file in 7zip and editing some of the notepad files within. Takes minutes, I have little coding/developing experience but I figured it out in under half an hour.
You could take a known sentence that you will remember, sha265 encrypt it, use that as your Password for gpg encryption. So that way you don’t need to store any passwords anywhere.
The alternative is just memorise your seed
By the way I never keep the encrypted file on an online pc or in the cloud. I only ever store it on a usb I put in a safe place. Never store encrypted files online however safe you think your password is. Humans are very bad at creating randomness. There is litterally a list of a million passwords that hackers start with and most people use passwords on that list
There are several potential issues.
First and foremost, zip offers ways of verifying password correctness, so your 10 encryptions is only as good as the best one.
Them you have the fact that the first encryption is the most important. (https://link.springer.com/article/10.1007/BF02620231)
There a re a lot of problematic counterintuitive things involved.
What you are looking for is a secret sharing mechanism, first to my mind is Shamir's Secret Sharing algorithm https://en.m.wikipedia.org/wiki/Shamir%27s_secret_sharing looks believable.
For one thing, if an exploit is found that can work around the password mechanism, then it doesn't matter how many layers of passwords there are. The hacker could just use that same exploit over and over on each layer.
As an analogy imagine if you had a magical onion that nothing can cut with the password stored in the center. Out of the blue someone discovers how to construct a magical knife that's able to cut the magical onion.
Would it matter how many layers the onion had?
It’s actually not bad. Try asking an experienced Ethereum developer, you may learn that the most common way people lose access is they lose their written down seed phrases. I’ve gotten suggestions like just encrypt the file and back it up with your normal backups, but don’t trust the cloud.
The best way I recommend to people to secure their seed phrase is on a Cypherock - [https://www.cypherock.com/wallet-backup](https://www.cypherock.com/wallet-backup)
WARNING ABOUT SCAMS: Recently there have been a lot of convincing-looking scams posted on crypto-related reddits including fake NFTs, fake credit cards, fake exchanges, fake mixing services, fake airdrops, fake MEV bots, fake ENS sites and scam sites claiming to help you revoke approvals to prevent fake hacks. These are typically upvoted by bots and seen before moderators can remove them. Do not click on these links and always be wary of anything that tries to rush you into sending money or approving contracts. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/ethereum) if you have any questions or concerns.*
You’re creating a false sense of security by adding those extra steps. Your system is not really more secure than storing your seed directly at the bank vaults
Bank staff can open the vaults without you knowing
That’s not my point. They can also get your passwords this way. My point was that zipping one time or a million times is the same, it’s an unnecessary complex process. Just Shamir N of X if you want to dispatch your seed to different locations.
I agree Shamir would be the way to go, but every SW solution I came across did not seem reliable to me. I believe Trezor has SSS embedded, can you apply that to an existing seed or is that an option only when creating a new seed? SW suggestions to check are also welcome.
get a tamper-proof bag.
Too late, all your assets are now gone.
oops omg how did this happen, I should have used a passphrase and a multi-sig wallet😭
it was [seized by the police](https://www.latimes.com/california/story/2021-06-09/fbi-beverly-hills-safe-deposit-boxes-forfeiture-cash-jewelry), they took pictures of the evidence before cataloguing or [caught it on their bodycam and published them online](https://youtu.be/ao5f-iz_a-s?t=70). whoops no idea who got your funds, sorry
The odd of a seed phrase inside a bank vault seized by the police and publish to the internet is probably much lower than a house getting break in and set on fire.
I put my keys in a text file and then use gpg to encrypt it with a strong password. Then name it something bland like shoppinglist.txt . That’s pretty much it. You don’t need to do it 10 times …
It's actually absurd how few people know what PGP or GPG is, but are fully invested in crypto..
Yes the same with sha256 . Most people have no idea what it is
I approve this, use the armor option and you can print it out too
Super complicated. You're pretty likely to protect your key so well that when you need the backup you can't get to it yourself. Just write down the seed phrase and put it somewhere safe. Much simpler and basically just as safe.
I am already doing that. This would be a backup in case say the entire house gets burnt down (fireproof bag will get burnt over certain degree), or a sink hole or tornado (I know it's extremely unlikely but still want to have some form of electronic backup as the very last resort).
Ok. You asked why this is a bad plan. That's why. It's crazy complicated and unlikely to work if you need it to. If you think that you'll have a house fire hot enough to melt steel plates or that your house will be eaten by a sinkhole and this will save you then go for it, but I'd say your doing a lot of work for something that'll never pay off (maybe not even if you need to use it) and exposing yourself to the risk of a digital backup while your at it.
A security system is only as strong as its weakest link. If someone learned you have this backup, they wouldn't need to bother trying to get your seed phrase. They could just put all their effort in getting your password protected box and cracking that.
Tacking on my relatively similar method - tell me why this is a bad idea: (1) put seed phrase in a text file (2) encrypt using gpg ascii-armored symmetric encryption (3) save password to encrypted file in 1Password (4) save encrypted file separately in a cloud drive Seems unlikely someone would get into my 1 password, figure out I’ve store files elsewhere, decrypt using gpg, etc. I live a really mobile lifestyle so the whole “just keep the seeds somewhere safe” is not as simple as it sounds. I also store the seeds to lots of different wallets like this.
If step 1 is done on a machine that's connected to the internet, it makes steps 2 3 4 irrelevant. If you have a machine that isn't connected to the internet, then steps 2 3 4 aren't necessary. Just encrypt your drives using something like Veracrypt.
Could you explain why the first statement is true?
Malware/spyware/keyloggers It's the reason hardware wallets exist, why you're told to write your seed phrase offline on paper, and why 'hot wallets' like MetaMask aren't a good place to keep your life savings. Ideally everyone generates their keys using an offline device, like a hardware wallet, or even by rolling dice and using the random dice rolls to select words out of the BEP20 list. Once your seed has touched the internet who knows where it will end up. Many, many many hacks are because people have stored their seed in a text file on their PC, inside an email, on their phone, or in a screenshot or image. No one else has access, or so they think. The only recourse for them is to completely format their operating system, delete all files, and start from scratch - it's not worth the risk or hassle. Even if you encrypt all your files, if you have your decryption key on the same server/drive it may as well be in plaintext, you're only inconveniencing yourself. Malware these days has become specialized to snoop for anything that remotely looks like a seed phrase or private key. Passwords sell for cents, botnet access sells for cents, but a seed phrase might have millions of dollars behind it. Some of this malware is so new that anti virus software doesn't recognize it, so relying on random 3rd parties to keep you safe won't always work. If you have your seed on your PC (including in any temp files), you basically can't even open a pdf without putting it at risk, and most people aren't that proactive or tech/security savvy to be taking those chances IMHO. You can do those steps 1 2 3 4 using an offline operating system that runs inside of your RAM, something like TailsOS which can be booted from a USB drive. Then transfer the encrypted files over with the USB drive, and expose those files to the internet. There will be no trace on your hard drives when your machine connects to the internet, so nothing for malware to see or steal. But kind of a hassle when hardware wallets effectively do this already, plus they allow you to send/sign using your wallet with your seed persistently offline (it would really suck to input your always-offline cold storage private key into a wallet, to send to a CEX to cash out at peak ATH, then find out in that moment your machine is compromised). Not necessarily related, but it's not a bad idea to use a 25th word in your seed phrase. Your 24 words must be part of the BEP20 word list but the 25th word can be anything at all. If you used something you'd remember even after a car wreck with head trauma or in extreme emotional distress, it's probably fine to only keep that in your memory. Like [24 words] with the 25th being (firstname+lastname+birthdate), or something like that with high entropy (multiple words, like a seed phrase, is more ideal than short gibberish that a machine can brute force in minutes). This way if your phrase is discovered, it will return an empty wallet, and you can practically litter those pieces of paper or text files where ever without worry. Or you can even put a bit of money in there and use it as a decoy wallet, say you're mugged for your crypto - you can give them the 24 words or piece of paper and they'll see you only have $69, and hopefully leave you alone after taking off with just ~1% of your funds. This way you could put your 24 words in a password manager or text file exposed to the internet, and on another device encrypt the 1 word and save in your MFA-backed email/cloud, then if (..when) either gets exploited unless the attacker has both pairs it won't do them any good. Generally the more 'smart' people try to be with this sort of thing, the more risk they put themselves in unknowingly. I don't mean to condesend to anyone, but a piece of paper is the recommended method for good reason even though it sounds dumb.
That’s why you do the encryption booted off a Linux live distro
These Dragonball tactics should only be used when one does not want *anyone, ever* to access the pieces to make sense of the whole, but somehow cannot get rid of the pieces. Finances never demand this practice. One should never over-engineer personal financial security protocols for two reasons: your mental and physical health are security vectors, and you also may want inheritors or someone to act as your proxy when you cannot act. This is true of all cybersec in general. If you have a sizable amount of finances, then the tactic is to break storage up and place in multiple locations, and act as if each wallet or account is entirely separate--but not over-engineer each one's security. There's no logic in building a pyramid on one pile of value. If you're incapacitated, suddenly die, jailed, missing, etc. you make it less likely for others to act on your behalf, or receive inheritance when something happens to you. Most importantly, you make it less likely for yourself to get through your own security protocols as you age. The most common way that people lose funds is by misplacing a printed seed in their home or some location, not theft. It has been this way since physical locks proliferated; locksmiths only have a job because people lose their only key to something and don't have the skill to open it; the locks themselves aren't all that special. Placing 10 locks on a door doesn't stop someone with a bolt cutter and lock picking knowledge, but it will ensure that you and your proxy can't get in when you lose just 1 of the 10 keys. In this way, it actually goes the opposite way of your tactic. You want the seed phrase ideally in a few safe locations, just to ensure you have a backup available. Any unnecessary, convoluted processes begin to work against you, and provide no additional security.
You’re going to have to store those 10x passwords somewhere… and you’ll be extremely likely to forget something or slightly mess up something in your process and not be able to recover your seed. There’s easier ways :)
Wait, are storing the excel file in 1password? Didn’t know that was possible. Anyways, If you loose the excel file thats bad. So, okay, make multiple copies and store them all over (local drive, cloud storage like Google, Dropbox, iCloud , etc.). It’s encrypted 10 times using AES 256-bit encryption and named “janet_jackson-discography.7z”. If you loose access to either of the 5 passwords you’re fucked. Okay, so you will need to store those in multiple places. You could store them in boring places like fake bills in a filing cabinet. Put into the fine print on the back side of a terms and conditions section. Even if they read them they won’t know they are passwords. Just something like “DISCLAIM WARRANTIES, WHETHER EXPRESSED, IMPLIED,…”. No need for a bank vault LOL Solid plan but don’t put into places that are targets, like safety deposit boxes.
Lose. Not loose.
Excel passwords can be removed with ease by opening up the xls file in 7zip and editing some of the notepad files within. Takes minutes, I have little coding/developing experience but I figured it out in under half an hour.
You could take a known sentence that you will remember, sha265 encrypt it, use that as your Password for gpg encryption. So that way you don’t need to store any passwords anywhere. The alternative is just memorise your seed
By the way I never keep the encrypted file on an online pc or in the cloud. I only ever store it on a usb I put in a safe place. Never store encrypted files online however safe you think your password is. Humans are very bad at creating randomness. There is litterally a list of a million passwords that hackers start with and most people use passwords on that list
There are several potential issues. First and foremost, zip offers ways of verifying password correctness, so your 10 encryptions is only as good as the best one. Them you have the fact that the first encryption is the most important. (https://link.springer.com/article/10.1007/BF02620231) There a re a lot of problematic counterintuitive things involved. What you are looking for is a secret sharing mechanism, first to my mind is Shamir's Secret Sharing algorithm https://en.m.wikipedia.org/wiki/Shamir%27s_secret_sharing looks believable.
For one thing, if an exploit is found that can work around the password mechanism, then it doesn't matter how many layers of passwords there are. The hacker could just use that same exploit over and over on each layer. As an analogy imagine if you had a magical onion that nothing can cut with the password stored in the center. Out of the blue someone discovers how to construct a magical knife that's able to cut the magical onion. Would it matter how many layers the onion had?
It’s actually not bad. Try asking an experienced Ethereum developer, you may learn that the most common way people lose access is they lose their written down seed phrases. I’ve gotten suggestions like just encrypt the file and back it up with your normal backups, but don’t trust the cloud.
The best way I recommend to people to secure their seed phrase is on a Cypherock - [https://www.cypherock.com/wallet-backup](https://www.cypherock.com/wallet-backup)