Subnostr

Just like dice, the weak point in this scheme is loading the privkey into a computer to generate the checksum and/or pubkey. The galaxy brains at block stream have come up with a manual approach. https://www.secretcodex32.com/

jimbocoin 🃏 2y ago

> the weak point in this scheme is loading the privkey into a computer to generate the checksum and/or pubkey

Entering the seed material into a computer of some kind at some point is inevitable. Even if you use a hand-computable checksum offline, you still eventually need to generate a fingerprint, XPUB, addresses, etc.

There are at least three different risks we want to mitigate: weak entropy, leaked keys, and lying wallets. Rolling one’s own offline seed material takes care of the weak entropy.

To mitigate the other two risks, use multi-vendor multisig. So long as your separate vendors are not compromised at the same time by the same entity, your funds should not be movable by anyone other than you.

Reply to this note

Please Login to reply.

Discussion

vnprc 2y ago

Codex32 mitigates all three risks if used correctly. The real magic is being able to manually produce a pubkey and checksum your results with pen and paper. You can also shard the key with SSS for geographic distribution.

Important caveat: you need a digital computer to generate addresses. So it is best used as a receive only wallet. Stash the xpriv somewhere or somewheres safe and import the xpub to a watch only wallet. Once you load the xpriv into a computer to spend it's best to sweep the entire wallet. It's a perfectly offline cold storage piggy bank. Break in case of emergency.

I think this is the future direction for self custody.