https://www.youtube.com/watch?v=PJu2P4bFvi0

Plenty of cases of random people, banks, and feds, etc - raiding peoples safety deposit boxes...

Pretty simple for the bank workers, or feds, to see that you bank account has interacted with crypto exchanges, and pretty easy for them to check your safety deposit box for private keys

Seems like there is really no way to keep your private keys safe other than in your own home...hidden well...

>>60545631 (OP)
I keep my private keys buried somewhere only me and one other person know

>>60545631 (OP)
>Seems like there is really no way to keep your private keys saf
Just encrypt a txt file with a strong password and back it up to 4+ devices. Its really not that hard.

>>60545634
You keep the keys in your butt plug and only you and your boyfriend know?

>>60545634
>one other person
Oops LOL say goodbye to your coins

>>60545644
If your keys ever get written on a computer file, those keys are now considered hot, no longer cold... thus... you're at risk.

>>60545650
How do you generate them then? You do the math by hand on paper?

>>60545631 (OP)
It starts with a remote location in the desert. There are several concentric rings guarding the secured location. There's a large moat filled with sharks. The moat's water supply is regulated by the weather generating craft. The second ring is a literal ring of fire that is tripped by motion sensors that ignite the fuel under the grates that comprise the second innermost ring. The final ring consists of various traps such as spikes, landmines, bear traps, etc. Inside the rings is a solid steel building with a landing pad on top. The pad is a decoy and will explode upon landing. Inside the building are next generation solar powered robot sentries with custom weaponry including explosive rounds. The bots can only be deactivated by my own biometrics. On the floor is a metal door cover with a hidden keypad. The code changes every day and is air mailed to one of thousands of trusted entitities. The cold storage can be accessed soon. Several more layers must be accessed securely

>>60545658
Most people just generate their seed using their hardware wallet. That arguably leaves you vulnerable to flaws in its random number generator, so if you’re really paranoid you can roll dice or flip a coin a shitload of times and calculate it yourself (which isn’t that hard, the words just represent a really long number in a different format), though then you’re exposed to any bias in those physical objects, so you’d better use a different dice/coin for every roll/flip.

>>60545634
>>60545644
Keeping your whole set of keys in one place seems massively risky either way (though especially on your computer). Better to use a 24 word seed alongside a random passphrase and split them up in an AB BC AC configuration between three secure places which you can check on reasonably regularly. You’d be able to restore your wallet using any two so you’re protected against losing it completely to theft or accident, but if someone did steal one they’d not have enough information to get at your wallet without months of supercomputing.

>>60545706
>it's not hard to generate seed manually
>but a secure chip would not be able to do it securely for some reason

>>60545706
>if you’re really paranoid you can roll dice or flip a coin a shitload of times and calculate it yourself
The problem is, once you have your private key, you need a corresponding public key to which to actually send your bitcoin. You could try to math it yourself, but I'd say the probability of fucking that up is much much higher than the probability of getting hacked if you just generate it on a linux pc and then put it in an encrypted file.
>AB BC AC configuration
Pretty good idea dasu

>>60545752
I’m being a bit sarcastic, generating your own seed that way is an autistic level of crypto-paranoia.

>>60545761
The public key is derived from the private key, a hardware wallet will do it for you when you enter the seed phrase, same as they will when get them to generate their own seed phrase, or put one in to restore a wallet.

>>60545631 (OP)
Oh, that's my level of paranoia. The ideas ITT show one thing: Crypto is not ready for mass adoption.

>>60545706
>split them up
>>60545761
>Pretty good idea dasu
This is the problem with people who don't understand the math trying to roll their own encryption, they think the security is still preserved with their approach.

How long would it take to brute force the remaining 6 words?

There are 2048 possible seed words. any modern computer can brute force a 1-word long seed from those words instantly.

How about a 3 word seed? There are 2048^3 combinations or around 8 billion, and my 4 year old laptop ran thru all combinations in about 1 second. So that's 8 billion guesses per second for a pretty weak and cheap netbook.

How about a 6 word seed, which is what you get when you split a 12 word seed into half, and someone finds one half? That's 2048^6 combinations. If my computer can make 8 billion guesses per second, that will take me 2048^6 ÷ 8 billion seconds, which is around 272 years.

Whew, pretty safe right? Well, what if a state-level actor pools their resources to brute force the other 6 words? If their setup can make 100 trillion guesses per second, that will take 2048^6 ÷ 100 trillion.... which is just a little over a week, for them to crack the remaining 6 words.

Meanwhile, the full 12 word seed is 2048^12, which when computed is a 20 digit number of years, basically until the heat death of the universe.

Tldr: the security per word added is exponential, so reducing the word length also reduces the security exponentially

>>60545706
>split them up
>>60545761
>Pretty good idea dasu
This is the problem with people who don't understand the math trying to roll their own encryption, they think the security is still preserved with their approach.

Let's say you divide your 12 word seed into 2 parts, how long would it take to brute force the remaining 6 words?

There are 2048 possible seed words. any modern computer can brute force a 1-word long seed from those words instantly (i.e. going thru all 2048 possibilities is instant)

How about a 3 word seed? There are 2048^3 combinations or around 8 billion, and my 4 year old laptop ran thru all combinations in about 1 second. So that's 8 billion guesses per second for a pretty weak and cheap netbook.

How about a 6 word seed, which is what you get when you split a 12 word seed into half, and someone finds one half? That's 2048^6 combinations. If my computer can make 8 billion guesses per second, that will take me 2048^6 ÷ 8 billion seconds, which is around 272 years.

Whew, pretty safe right? Well, what if a state-level actor pools their resources to brute force the other 6 words? If their setup can make 100 trillion guesses per second, that will take 2048^6 ÷ 100 trillion.... which is just a little over a week, for them to crack the remaining 6 words.

Meanwhile, the full 12 word seed is 2048^12, which when computed is a 20 digit number of years, basically until the heat death of the universe.

Tldr: the security per word added is exponential, so reducing the word length also reduces the security exponentially

>>60545631 (OP)
steganography

>>60545799
That’s why you use a 24 word seed and split into sets of 12. At a certain point as well you have to accept that the risks of having your whole seed in one location far outweigh the risks of someone finding part of a split seed and brute-forcing the rest. You should also really have the seeds stored in a fashion where you find out reasonably quickly if part of them has been compromised so that you can move the funds to a new wallet before anybody would be able to break the encryption.

>>60545631 (OP)
Multisig with geographically disbursed keys.

Even if one was compromised they can't do anything with it.

>>60545880
Didn’t some schizophrenic math expert figure out that 24 word seeds don’t actually give extra protection because of entropy or some shit

And that Bitcoin only uses 12 words worth of numbers when keys are used… so the last 12 words don’t actually help…


Maybe I dreamt all of this up myself, but I am sure it was real and this is actually a thing

>>60545799
I'm no expert at all, wouldn't multi-signature patterns used in the crypto industry fix that?
And what about using a normal text with enough entropy to create private keys?
Then one could deposit a will in three banks, or a childhood memories album, so no one actively searching for keys would even recognize it.

>>60545900
>And what about using a normal text with enough entropy to create private keys?
Much less secure if the words are in some sort of rational order. Also, you’re misunderstanding what the seed really is. All the words have to be picked from a specific list of 2048 options, they’re just a way of representing numbers in a fashion which is easier for humans. You’re less likely to make a mistake copying a sequence of words than a very long number, they can still be understood if they’re written badly, or damaged so that you only have some of each word, or if several words are missing altogether whereupon you can brute force a solution (though past a certain point that becomes impossible). The intention of the seed phrase is to enable recovery, so the idea is to make it more easily recoverable than your traditional private key.

>>60545953
I should say, because of that limited word list the problem with trying to conceal a seed phrase in some other block of text is that anyone searching for one will probably be able to recognise it.

>>60545631 (OP)
Uh yea bro the whole point of unbanking yourself isn't to use a bank in another way. All institutions are still institutions at the end of the day.

>>60545790
This has nothing to do with crypto. The video shows jewelry and cash being stolen from banks too. Honestly this problem could be solved by just having different banks in multiple countries. But even for just crypto just use multiple wallets and spread out the seed phrases to different places and storage mediums and anyone who steals from one place will never have the full thing.

>>60545953
You could get around this by using your own cipher (afterward) but then you would probably need to write that down if you can't memorize it.

>>60545990
Complexity is the enemy in a lot of this stuff. The more complex your security arrangements are, the more potential routes of attack you might be introducing. The more complex your recovery process, the more likely it is to go wrong if you ever need to use it. Crypto enthusiasts are often fixated on introducing all of these layers of protection as if they were constantly under attack from hackers using supercomputers, but in reality more people have lost their stacks as a result of human error than any other cause.

>>60545880
Again, people who don't understand the math should REAAAALLLY not be rolling their own crypto solutions.

24 word phrases, while theoretically offering 256 bits of entropy, the practical security gain is actually very little because of the underlying cryptography: the effective security of Bitcoin's elliptic curve cryptography (secp256k1) is 128 bits. Like >>60545884 said

Use real crypto techniques designed by actual crypto experts, like multisig as >>60545900 mentioned.

>>60545880
>>60546432
To state it simply, they would be trying to brute force the private key that is derived from the seed words, and not the words themselves.

So even if an implementation with 36 seed words comes out, the number of bits in the private key remains the same and would require the same effort to brute force

Quoting https://cryptoslate.com/are-24-word-bitcoin-seed-phrases-better-than-12-words-for-security/

>This means that regardless of the seed phrase length, an attacker cannot reduce the number of steps required to calculate a private key

>>60546432
>>60546639
The 24 word seed is so that you can split it between multiple locations and still benefit from the security of 12 words if someone finds one of them. It’s a solution to the security implications of needing to maintain a physical copy of the seed phrase for the sake of recovering your funds in the event that you lose your cold storage. Ideally you’d split it up using shamir’s secret sharing, which some devices support, but more straightforward 2 of 3 approaches are probably sufficient for most people.

As for multisig, that’s a solution to a different problem, namely what happens if your hardware wallet is stolen or compromised. It provides an extra layer of protection in that instance, or if you’re a company who wants to ensure that one bad employee can’t drain your stack.

It's easy. Just memorize your seed phrase.

>>60545693
Once the first phase of security has been unlocked and the trusted individual uknowingly delivers the keypad code the sequence begins for the steel building is actually a hidden rocketship. The rocketship blasts off unmanned, reaches orbit and becomes a satellite where it can transmit data for the coordinates to the next location site guarding the cold storage. The coordinates are uploaded to my custom handmade PDA written in a language only known and understood by my trainees whom all exist in an underwater base scattered throughout the world's oceans. The chosen trainee will be alerted by code and transmit the data to my PDA. I will then covertly travel to the new location and begin the sequence for phase 2 cold storage unlock. Upon arriving at the location which happens to be on a remote island guarded by an army of natives commanded by myself. I instruct the natives to secure the perimeter and afterwards follow me to the volcano where the cold storage is held. Before entering the volcano I put on my suit and breathing mask that can withstand the lava.

>>60545631 (OP)

https://x.com/i/communities/1937606597745983561

>>60545631 (OP)
Yes, except my keys are split into key shares and sealed with tamper-evident seals. You could break open my safe deposit box, but you'd have to disturb the shrink wrap around them, remove the tamper evident seals by me and then delicately replace everything.

And then you only get one portion of the Shamir secret, so you'd still have nothing. And no, there's not enough keys in safe deposit boxes that simply breaking into bank safes across multiple banks would get you access to my keys.

>>60545634
Some boomer metal detector hobbyist will probably stumble upon it

>>60545634
anon.... you have to take down that other person....