Nostr Web Client

Ever wondered if you should use a 12 or 24 word seed for your Bitcoin?🔑

Wonder no longer as our most recent blog post details why 12 words should be the standard across the space as they bring better UX and no loss in real-world security.

https://foundationdevices.com/2023/06/make-12-words-the-standard/

Seth For Privacy 2y ago

This article was a passion project of mine as it's something I've long wanted to answer, and surprisingly seems to have no one-stop resource out there.

Let's make 12 word seed phrases the standard across the Bitcoin ecosystem!

Would love to hear y'all's thoughts on this one as it's a pretty divisive topic sometimes, but hopefully this can put things to rest and help simplify people's Bitcoin journey a bit by reducing the size of the secret they have to store.

Steel stampers everywhere will be happy 😅

A huge shoutout to my friend Luke Parker, a brilliant developer and cryptographer, for providing amazing cryptography feedback for me throughout.

Couldn't have done it nearly as well without him, and he always keeps me humble and makes me want to keep learning!

nostr:nevent1qqsv44d9zw8mqhc4p8mn7287jayrm64zed3hx7uyv2mnkty0uhea4vspzemhxue69uhhyetvv9ujumn0wd68ytnzv9hxgq3qs0vtkgej33n7ec4d7ycxmwt78up8hpfa30d0yfksrshq7t82mchqxpqqqqqqz7frkvl

Reply to this note

Please Login to reply.

Discussion

Crizzo 2y ago

I was thinking about having a recovery plan where I gave my brother and my parents 16 of the 24 words of my phrase, plus I kept 16. Then it would only take 2 of 3 to recover. In the event that one of the fragments is compromised it would be a lot harder to brute force with only 16 of 24 words vs 8 of 12.

I saw the article says that protection from brute force is the only real advantage of 24 words, and it's trivial when someone is trying to brute force all 12 vs 24 words. However I think it still matters quite a bit in the case of partial seed phrases. For a HWW I think the extra protection is worth it.

Seth For Privacy 2y ago

I generally wouldn't recommend seed splitting schemes as they're very easy to brute force in most common configurations.

Finding the remaining 8 words of your seed wouldn't be very difficult at all (remember difficulty goes up exponentially per additional seed word).

Splitting into 12 word shards would at least be resistant to brute forcing but has other issues. Could do 12 word seed + passphrase, perhaps? Or an encrypted microSD backup?

Crizzo 2y ago

I have a passphrase and an SD backup as well. There is some Bitcoin held under just the seed, but most of it is behind the passphrase. The SD backup I keep myself hidden somewhere innocuous. The partial seed phrase would be kept in my fireproof safe which is what a thief would target first.

I am much more concerned about accidental loss than theft. First of all I trust these family members implicitly, so I'm not worried about them trying to steal or collude. They will know my passphrase without having to have it written down.

If the partial phrase was stolen it would likely be by a petty thief that doesn't have the knowledge or expertise to brute force a partial seed phrase on their own. Once I learned the partial was compromised I would move my stack to a new address immediately.

If I were ever targeted specifically for my Bitcoin I think I'd be fucked no matter how I do my setup. Most likely it would be a wrench attack, and if I was physically unable to give them what they want because of a multisig it wouldn't stop the torture anyway.

This is the best I've come up with and I feel pretty good about it. I already have the 24 word phrase (that Passport gave me btw), so I'm not switching now.

Seth For Privacy 2y ago

Love it, sounds like a solid setup overall!

And no need at all to switch seed lengths, that was never the goal of the article.

If you've got a solid setup with 24 you're set, more for new entrants and defaults to use 12 words 🙂

84e06fa6... 2y ago

Could you elaborate on the issues of splitting 24 word seed in 12/12 parts? Thank you

Fryheid 2y ago

I’m trying to zap you, but I’m getting an invalid lightning address error