tag:blogger.com,1999:blog-13837899923310669332023-11-15T05:26:21.484-08:00LevidgeHigh Performance Crypto ExchangeLevidgehttp://www.blogger.com/profile/08198202105984565821noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-1383789992331066933.post-15302545422774748612018-08-23T21:56:00.001-07:002018-08-23T21:56:48.784-07:00 If you can’t provision a good hiding place for your hardware wallet seed phrase… maybe you don’t need to back it up in the first place. (Use multiple wallets plus pin instead)<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
Hiding stuff is hard. Too easy, and an attacker can find it. Too hard, and you may wind up hiding it from yourself. Or from the people that should inherit if you die.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
This is the dilemma of people who hold their bitcoin in hardware (HW) wallets, where the ultimate backup is the seed phrase. For the purposes of this article, we are talking about bip39 compatible HW wallets, of which the two top contenders are the Trezor and the Ledger Wallet.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
From conversation with large bitcoin holders, I think there is a population of users that would like to be “in control” of their crypto assets, but is uncomfortable with the idea of hiding the seed phrase in the event of an ultimate failure scenario.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
The obvious thing is to hide the seed phrase in a safe deposit box.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
But</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
1) bank safe deposit boxes are starting to become hard to come by (long waiting lists)<br />2) maybe you don’t trust the bank</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
Here’s a thought.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
If you</div>
<ul style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; line-height: 1.4; list-style: square; margin: 0px 0px 24px 1.5em; padding: 0px; vertical-align: baseline;">
<li style="background: transparent; border: 0px; margin: 0px; padding: 0px; vertical-align: baseline;">want quick access to high value bitcoin wallet</li>
<li style="background: transparent; border: 0px; margin: 0px; padding: 0px; vertical-align: baseline;">are bad at hiding things (can’t keep seed phrase safe)</li>
<li style="background: transparent; border: 0px; margin: 0px; padding: 0px; vertical-align: baseline;">are bad at, or too lazy for, high paranoia computer security (no offline computer, no live cd boot)</li>
<li style="background: transparent; border: 0px; margin: 0px; padding: 0px; vertical-align: baseline;">don’t trust your bank — <a href="https://en.wikipedia.org/wiki/Executive_Order_6102" style="background: transparent; border: 0px; color: #743399; margin: 0px; padding: 0px; text-decoration-line: none; vertical-align: baseline;">or the government</a> — not to swipe your bitcoin</li>
</ul>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
The following is a solution such that you don’t need to keep the seed phrase backed up *anywhere*.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
The trick is, instead of backing up the seed phrase, you set up multiple HW wallets with the same seed phrase, and then destroy the seed phrase. Keep main wallet handy, backup wallets in car, office, and give a few other backups to friends for safe keeping. Friends can’t do anything with just the wallet, they need second factors (pin code for trezor, plastic card with long code for ledgerwallet).</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
Keep the second factor(s) somewhere safe yet obvious — and separate from hardware wallet — in case you have a head injury or something and forget the pin, or you die and your heir needs to dig up the bitcoin. Ideally a safe deposit box. Even if bank employees are crooked, they can’t access coins with just the second factor but no HW. Safe deposit box should be accessible by heirs if you die. An easy, no-lawyers, hacky way to do this is to have joint account for box but keep both keys. Your heir will have to drill the box to recover pin code if you die. An evil heir could have box drilled without your permission… so don’t have an evil heir.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
Now, a few words about second factors. Trezor wallet second factor is a pin, which can be memorized. Ledger wallet second factor is a long code printed on a plastic card, which really can’t be memorized unless you take up some <a href="https://en.wikipedia.org/wiki/Method_of_loci" style="background: transparent; border: 0px; color: #743399; margin: 0px; padding: 0px; text-decoration-line: none; vertical-align: baseline;">strange hobbies</a>. Trezor can get away with the simpler second factor because it has a built in screen. So all things being equal, Trezor is more convenient. But all things aren’t equal, because Trezor is about $100 and you can get ten el-cheapo hw.1 Ledger wallets for the same price.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
To keep costs down but security high, you could use Trezor as primary wallet and Ledger as backup. Since both HW wallets use bip39, their word lists are compatible. You will need <a href="https://www.ledgerwallet.com/products/7-ledger-starter" style="background: transparent; border: 0px; color: #743399; margin: 0px; padding: 0px; text-decoration-line: none; vertical-align: baseline;">ledger starter bootable usb</a> to reset the seed on the ledgers, which is a little more work, but not a deal breaker. Keep all second factors in the bank box — both Trezor pin, and all Ledger security cards. For the Ledger wallets, take care to clearly label which device is paired to which card. Or if money is no object, I would just use Trezor for all backup HW wallets, using same pin for every device.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
If all HW wallets are destroyed the coin is gone, but then again if the seed phrase is forgotten or destroyed, same thing. Hardware does wear out, so you need to set a calendar item to test hardware every six months or so, and replace all wallets every couple years. This involves moving coins to new seed phrase, since you don’t have old phrase any more.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
A superficially similar, but inferior, approach would be to write down the seed phrase and keep several copies of it distributed among your friends, but use a (memorizable) supplementary pass phrase on top of this, and keep a backup of the pass phrase in the safe deposit box. (Note that supplementary pass phrase is Trezor only. Ledger does not currently support this feature of the bip39 spec.)</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
I don’t like this though.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
The main advantage is cost. Paper wallets among your friends, and a pass phrase in the safe deposit box, saves you from having to buy multiple HW wallets.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
But, it’s a lot less safe.</div>
<ol style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; list-style-image: initial; list-style-position: initial; margin: 0px 0px 24px 1.5em; padding: 0px; vertical-align: baseline;">
<li style="background: transparent; border: 0px; margin: 0px; padding: 0px; vertical-align: baseline;">with the hardware backups you retain the ability to move bitcoin immediately if the main wallet stops working. My thinking is that with seed phrase backup only, one might panic and enter the seed phrase on an unsafe machine, rather than wait for new hardware to arrive in the mail.</li>
<li style="background: transparent; border: 0px; margin: 0px; padding: 0px; vertical-align: baseline;">supplemental pass phrase can be stolen on compromised computer, whereas second factors cannot. Pin number is scrambled on trezor screen, and the Ledger security card is just additional entropy that is paired with the device (nothing for hacker to sniff).</li>
</ol>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
So with seed + pass phrase, the attack is merely stealing one of the backup seed phrases (or betrayal by friend) plus stealing the supplemental phrase by bugging the owner’s laptop. Pin number which is stored only in owner’s head plus very secure place (like safe deposit) is much, much safer than supplemental pass phrase.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
To summarize it all, you can keep bitcoin safe on a hardware wallet plus a few backups, without storing the seed phrase anywhere. If you are bad at hiding things, but don’t mind a bit more work at setup time, plus more work testing HW wallets and moving to new wallets periodically, this might be a good way to keep your bitcoin safe. Or at least keep your peace of mind that no one has gotten to the seed phrase. Trezor as main wallet keeps things convenient — just need to memorize a pin code. Handful of Ledger HW.1 backup wallets with same seed saves on costs.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
Keep calm and bitcoin on!</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
UPDATE: One potential flaw is that you are not guaranteed access to coins on forks if you don’t have the secret. In the case of BCH both trezor and ledger did support the fork without seed phrase, but this is a case by case thing. (More comments below.)</div>
standardcryptohttp://www.blogger.com/profile/17286126610801307909noreply@blogger.com5tag:blogger.com,1999:blog-1383789992331066933.post-79121645291155988002018-08-21T12:24:00.000-07:002018-08-21T12:24:52.047-07:00How Satoshi Could Sell his Stash without Tanking the Bitcoin Price<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
Satoshi Nakamoto, the anonymous creator of bitcoin, is believed to hold up to 10% of all bitcoins in existence, from his mining operation in 2009 before bitcoin was on the scope of anyone outside a handful of cypherpunks on a mailing list.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
The market concensus is that these coins are lost. Backup failed, paper wallet got wet in the 2012 Tsunami. Something destroyed those coins forever.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
But they are not <a href="https://en.bitcoin.it/wiki/Proof_of_burn" style="background: transparent; border: 0px; color: #743399; margin: 0px; padding: 0px; vertical-align: baseline;">burned</a> — an operation that Satoshi could have performed, to prove the coins were unrecoverable — by sending to an unspendable address.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
The “lost” coins are priced in. If they are ever found, and the consensus is broken, the result would be catastrophic for the bitcoin price. There are monitoring scripts watching the suspected “satoshi” addresses, so any movement would be news instantly.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
<img alt="price_drop" class="alignnone size-full wp-image-520" data-attachment-id="520" data-comments-opened="1" data-image-description="" data-image-meta="{"aperture":"0","credit":"","camera":"","caption":"","created_timestamp":"0","copyright":"","focal_length":"0","iso":"0","shutter_speed":"0","title":"","orientation":"0"}" data-image-title="price_drop" data-large-file="https://standardcrypto.files.wordpress.com/2016/01/price_drop.png?w=640?w=405" data-medium-file="https://standardcrypto.files.wordpress.com/2016/01/price_drop.png?w=640?w=300" data-orig-file="https://standardcrypto.files.wordpress.com/2016/01/price_drop.png?w=640" data-orig-size="405,301" data-permalink="https://standardcrypto.wordpress.com/2016/01/27/how-satoshi-could-sell-his-stash-without-tanking-the-bitcoin-price/price_drop/" sizes="(max-width: 405px) 100vw, 405px" src="https://standardcrypto.files.wordpress.com/2016/01/price_drop.png?w=640" srcset="https://standardcrypto.files.wordpress.com/2016/01/price_drop.png 405w, https://standardcrypto.files.wordpress.com/2016/01/price_drop.png?w=150 150w, https://standardcrypto.files.wordpress.com/2016/01/price_drop.png?w=300 300w" style="background: transparent; border: 0px; height: auto; margin: 0px; max-width: 100%; padding: 0px; vertical-align: baseline;" /></div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
Can satoshi ever sell his coins, without rendering them worthless?</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
In fact, there *is* a way satoshi nakamoto could move his “lost” coins without tanking the bitcoin price. A way to retain ownership, whilst reassuring bitcoin owners that no sudden moves will destroy their investment.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
The means to accomplish this became possible in November 2015, with the activation of the <a href="https://github.com/bitcoin/bips/blob/master/bip-0065.mediawiki#Freezing_Funds" style="background: transparent; border: 0px; color: #743399; margin: 0px; padding: 0px; vertical-align: baseline;">OP_CHECKLOCKTIMEVERIFY</a> protocol op code, CLTV for short, or as it is popularly known, OP_HODL.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
This transaction op code makes it possible to send bitcoins to an output that only become spendable after a set amount of time has past. OP_HODL was widely hailed as a necessary building block for <a href="https://lightning.network/" style="background: transparent; border: 0px; color: #743399; margin: 0px; padding: 0px; vertical-align: baseline;">lightning network</a>, a technology in-the-works that would enable bitcoin transaction volume to safely scale many orders of magnitude. With lightning, funds would be locked up for a short amount of time (usually under a day) while clearing nodes shuffle funds between themselves in a risk-free way before eventually settling funds. But CLTV is just an op code. It doens’t care what it’s used for, or how long the lock times are.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
Using OP_HODL, satoshi could (for example), move 1% of his coins to an address that is spendable immediately, and spread the other 99% between outputs spendable between one one week and ninety-nine weeks in the future.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
As the coin lockouts expire, satoshi could either dump his coins gradually, tumbling them of course to preserve anonymity, or send them unspendably into the future again with a rolling lockout, reassuring the market that there will be no sudden moves from his end. Depending on his lifestyle needs, I suppose there would be a little of both.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
There’s already a lot of eyes on the “lost satoshi coins” today, but this is nothing compared to the attention public “hodl” addresses would get if satoshi followed this plan. In effect, satoshi would become like the bitcoin fed, the de facto prime influencer of bitcoin monetary policy. The weekly rebalancings would be one of the prime indicators of what the future would hold. And of course, the end game here would be an orderly liquidation with funds finallly widely distributed.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
I don’t know if this can really be accomplished while maintaining anonymity, but it would be fun to try.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
It’s heartening to see how the bitcoin technical evolution can be repurposed into tools that can secure its long term stability.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
So if you are worried about satoshi selling his coins: keep calm and hodl.</div>
<div style="background: rgb(255, 255, 255); border: 0px; color: #333333; font-family: Georgia, "Bitstream Charter", serif; font-size: 16px; margin-bottom: 24px; padding: 0px; vertical-align: baseline;">
<img alt="bitcoinItrust_hodlImust" class="alignnone size-full wp-image-531" data-attachment-id="531" data-comments-opened="1" data-image-description="" data-image-meta="{"aperture":"0","credit":"","camera":"","caption":"","created_timestamp":"0","copyright":"","focal_length":"0","iso":"0","shutter_speed":"0","title":"","orientation":"0"}" data-image-title="bitcoinItrust_hodlImust" data-large-file="https://standardcrypto.files.wordpress.com/2016/01/bitcoinitrust_hodlimust.jpeg?w=640?w=500" data-medium-file="https://standardcrypto.files.wordpress.com/2016/01/bitcoinitrust_hodlimust.jpeg?w=640?w=300" data-orig-file="https://standardcrypto.files.wordpress.com/2016/01/bitcoinitrust_hodlimust.jpeg?w=640" data-orig-size="500,378" data-permalink="https://standardcrypto.wordpress.com/2016/01/27/how-satoshi-could-sell-his-stash-without-tanking-the-bitcoin-price/bitcoinitrust_hodlimust/" sizes="(max-width: 500px) 100vw, 500px" src="https://standardcrypto.files.wordpress.com/2016/01/bitcoinitrust_hodlimust.jpeg?w=640" srcset="https://standardcrypto.files.wordpress.com/2016/01/bitcoinitrust_hodlimust.jpeg 500w, https://standardcrypto.files.wordpress.com/2016/01/bitcoinitrust_hodlimust.jpeg?w=150 150w, https://standardcrypto.files.wordpress.com/2016/01/bitcoinitrust_hodlimust.jpeg?w=300 300w" style="background: transparent; border: 0px; height: auto; margin: 0px; max-width: 100%; padding: 0px; vertical-align: baseline;" /></div>
standardcryptohttp://www.blogger.com/profile/17286126610801307909noreply@blogger.com3tag:blogger.com,1999:blog-1383789992331066933.post-64121873085769886932018-08-17T11:42:00.001-07:002018-08-17T11:42:40.019-07:00testhello world.standardcryptohttp://www.blogger.com/profile/17286126610801307909noreply@blogger.com3