Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on [email protected] for help. Thanks :)
Private profiles - please note that profiles marked as private will soon be public. This will facilitate moderation so mods can view users' warning histories. All of your posts across the site will appear on your profile page (including PI, RI). Groups posts will remain private except to users who have access to the same Groups as you. Thread here
Some important site news, please read here. Thanks!

Security

  • 20-08-2019 6:29am
    #1
    Moderators, Home & Garden Moderators Posts: 1,916 Mod ✭✭✭✭ karltimber


    Hi,

    Want to store my btc off exchange.
    Not interested in trading btc, so want a secure off-exchange wallet/usb

    what do ye use so I can research ?

    Ideas - Nano (x or s), online wallet ?

    Thx

    K


Comments

  • Registered Users Posts: 10,905 ✭✭✭✭ Bob24


    You can go for a Ledger or Trezor device plus a very resilient support to store your backup seed phrase (cryptosteel type of thing). IMO the Nano X is the nicest option, but any Ledger or Trezor device will do the job.

    You also need to think very hard of where and how you are going to safely store the support which contains your seed phrase, as anyone who gets access to it gets access to your funds (and if the phrase is lost you have no way to recover your funds shall the Ledger/Trezor device fail). Needless to say, storing it in a drawer at home on a piece of paper is not the best option :-)


  • Moderators, Home & Garden Moderators Posts: 1,916 Mod ✭✭✭✭ karltimber


    Thanks

    Was looking at reviews for the X alright.
    Might be the best option.

    Plus getting a fireproof small security box/safe to keep the usb safe
    Need to think about the seed-phrase paperwork too.

    Q - if the device fails - I use the seed phrases to recover the keys ?
    I understand I will never keep the phrases on a connected pc, of phone etc.

    Thnaks for the reply.


  • Registered Users Posts: 10,905 ✭✭✭✭ Bob24


    karltimber wrote: »
    Thanks

    Was looking at reviews for the X alright.
    Might be the best option.

    Plus getting a fireproof small security box/safe to keep the usb safe
    Need to think about the seed-phrase paperwork too.

    Q - if the device fails - I use the seed phrases to recover the keys ?
    I understand I will never keep the phrases on a connected pc, of phone etc.

    Thnaks for the reply.

    Yes, basically the seed phrase is just an easily human readable sequence of words which the device can use to recreate your private keys from. It is a standard as well (called BIP 39), so a seed phrase generated by a Ledger device can even be used to recover your keys to a Trezor device, and vice versa (or any other brand which might support BIP 39 in the future). Basically when you first setup the device it will give your the seed words, and at any point those words can be input on any other device which will instantly get access to your wallets. This is a completely offline process and at no point of the initial process or the recovery does the seed phrase or your private keys leave the secure chip of the device. So yes you got it right: for safety reason never ever store the seed phrase electronically (at least not on a device which is online and/or could potentially be hacked).

    With that said, you can go ahead with your safe proof box for the device, but your focus should really be on how your are storing the seed phrase (both in a way which can prevent unauthorised access and accidental destruction). As the name implies, this really is the seed for accessing your funds and the device itself is just a replaceable extension which lets you easily and safely transact with those funds. If the seed is stored safely, theft or destruction of the device itself isn’t really an issue as the destroyed/stolen device is passcode protected and you can just buy a new one and restore access to your funds with the seed words. The main risk with the device itself is if someone knows it is yours and what it is, and physically threatens you to give them the passcode. They then would have access to your funds. So the best advice is to remain discret about having one and not to carry it with you or put it anywhere obvious.


  • Registered Users Posts: 10,905 ✭✭✭✭ Bob24


    And one more point: if you go for a Trezor or Ledger device, but it directly from the manufacturer’s website. The peace of mind of removing as many intermediaries as possible which could have tempered with it is worth more than any savings your could make by buying it elsewhere.


  • Moderators, Home & Garden Moderators Posts: 1,916 Mod ✭✭✭✭ karltimber


    Excellent local info - really appreciate that.

    When I get it, i'll test moving a s-coin to and from the device.

    again - thx.

    K


  • Advertisement
  • Registered Users Posts: 10,905 ✭✭✭✭ Bob24


    No worries! Yeah you are right - you should experiment a bit before using it for serious stuff. My advice: when you get the device, create a test wallet, try to transact and load it with a small amount, reset the device, and make sure your are able to use the seed phrase to restore it so that you are 100% familiar with how everything works. And then dump the test wallet and create your real one.


  • Moderators, Home & Garden Moderators Posts: 1,916 Mod ✭✭✭✭ karltimber


    Good advice - appreciate it.

    K


  • Registered Users Posts: 2,723 ✭✭✭ stockshares


    Some of you be might interested in this article by Jameson Lopp. He has stress tested many of the Metal plates that are recommended for storing Seed phrases. This is considered safer than storing them on paper.

    https://blog.lopp.net/metal-bitcoin-seed-storage-stress-test--part-ii-/amp/?__twitter_impression=true


    His Conclusion

    When deciding upon a metal data storage solution, it’s best to follow the KISS principle: Keep It Simple, Stupid! If the device has any moving parts, they are going to be prone to failure under various stresses.

    Etching & stamping are arduous experiences in comparison to a simple center punch. It’s hard to screw up a center punch strike and even if you do get a light strike, it’s easy to perform a second strike in the same spot without creating a “ghosting” effect that actually makes it harder to read.

    With these considerations in mind, I’d suggest that Blockplate and Steelwallet seem to be the most robust and simple options.

    There’s still the issue of physical theft — it’s worth noting that any of these devices are vulnerable to theft if you use them to store an unencrypted BIP39 seed phrase. My optimal setup using retail options would be a Blockplate or Steelwallet to hold a passphrase protected seed, then use a stamped Coldbit passphrase to store it in a separate location. In order to improve your robustness against loss, preferably multiple of each in a variety of locations.

    An alternative solution is to go seedless. This requires a software solution such as Casa Keymaster in order to manage your keys and can result in a more flexible solution that is even more robust against a variety of loss vectors.


Advertisement