Can anyone give me a good reason why anyone who has long-term cold storage should ever keep that key(s) loaded on a signing device when they have their phrase stored in secure physical as well? I can't see a good reason to ever have a device loaded for long-term storage.
Discussion
A question I’ve been asking myself. If it’s long term cold storage saving, no device is required IMO. Those devices should be used for “spending accounts”
I don't see any point to it at all.
Except for spending of course, to be clear nostr:nprofile1qyv8wumn8ghj7cmjv4shgu3wdehhxarj9emkjmn99uq32amnwvaz7tm9v3jkutnwdaehgu3wd3skueqqyzw6wkclfcl44jthn6lv6f72sqetycer38slqr50n667e4q0ynwx68wf9hc
Redundancy. A single point of failure means you lose everything after one mistake. Ideally keep them in different locations. If the device has a strong pin and a self-destruct security feature then it’s solid. A lot of people couldn’t return to their homes during the California fires. That means that they would have lost everything if they kept it all in one place.
This is a fair point but redundancy can be achieved by multi physical seed word storage or coldcards excellent backup feature, but this is an excellent point to emphasize redunancy is good. I don't think it needs to be achieved by a loaded signing device though.
Well it’s more difficult to steal funds on a secure hardware device. For example, you leave your entire seed backed up in a bank, the bank could steal your money. It’s less likely if you leave a hardware device there.
This is also true, I would also recommend when people store their seed phrase if they are single-sig then to use a passphrase and not co-locate that with the seed, but yes. It makes inheritance more tricky, but every man has to have a plan.
There are a lot of different ways to secure this for sure!
These are fun conversations. I'm tired of explaining inflation to everyone around me so it's nice to have conversation a little bit down the rabbit hole.
I still think multisig is the best if you can manage the complexity of storing the backups in different locations. Seed XOR is also another good way to do that as well.
SeedxOR makes me nervous, but yes multisig is A+ #1, but you really have to plan that out carefully in advance or get rekt.
Yeah you need a solid plan and to really think about how you can still recover funds if multiple backups are compromised.
I love rabbit hole discussions.
What do y’all recommend when it comes to multi-sig backup with long-term cold storage? Especially when it comes to different locations for each seed backups?
Personally I never thought about using a loaded signing device as a backup.
Would having one loaded signing device (locked with a sophisticated pin) for each part of the multi-sig at a different location (such as a safety deposit box) be considered a good backup option?
That way, instead of having one set of the multiple metal plates stored in a safety deposit box, you’d have a secured hardware device locked with an alphanumeric passcode.
Obviously you’d still have set of metal plates secured some other place to create more redundancies in case of potential compromises.
What do y’all think?
I think nostr:nprofile1qy08wumn8ghj7mn0wd68yttsw43zuam9d3kx7unyv4ezumn9wshszfnhwden5te0dehhxarj94ex2mrp0yh8q6rfd35hqcmjd9ehg6tpdehjucm0d5hsqg866e2qere062sk5fwsmqkajhfm44ufp4p4695ssj9q5a7j3qaygunq2hud article here talking about multisig distribution
Interesting. Thanks for the recommendation!
This is great, thanks for sharing 💜🫂
It’s all tradeoffs. You can have 3 devices and 3 seed backups. That’s good redundancy but it’s more complex because now you need 6 different locations to keep track of. If you can secure those spots, then yeah I think it’s worth it. But you have to keep in mind certain risks. For example, let’s say you lose a backup seed and the same signing device that held that seed. Now you have two backups and two signing devices left. But since you need all 3 seeds to recover your funds, you essentially lost everything. You can backup the multisig wallet so that you can still recover the funds with only two of the three keys. But you’d need to keep that file secure somewhere separately as well. So you can see that it can get quite complex. It’s all tradeoffs.
What is seed XOR?
It’s made by coinkite. You basically split your 24 word seed in three (8 words each). I never used it so there could be more it but my guess is you have two backups for each set of 8 words. You store them in 6 different locations kind of like a multisig. I think the benefit is you don’t need so many signing devices and you don’t have to pay the higher fees of a multisig transaction.
Sorry it looks like it is split in two which makes it a little easier to manage. The tradeoff is that only two need to be compromised instead of three. It’s all tradeoffs
I love seed XOR as a backup.
You can do 2, 3, or 4 splits, but 2 is recommended. For example, you have a 24 word seed. It gets split up into two 24 seeds. You need part A and part B to build the actual seed.
So if you could somehow get 3 seeds on steel, you would only need 2-of-3 steel plates. You would not need the descriptor as long as you have 2-of-3 plates.
I'm legitimately paying out "5" grands to the first "6" to message me with "FAITH" cus I feel some people going through difficulties this year, y'all stay blessed.
Multi sig is a good reason
Also single sig with passphrase and the passphrase isn’t stored on the device
You're right.
Do your own thing for your needs & risk tolerance.
I wouldn't discuss the specific solution you've chosen. All solutions have tradeoffs, it's best people don't know your specific chosen tradeoffs.
For boomers who can follow instructions, a Coldcard Q is a great way, as long as the seed are backed up on metal. Here's why:
1. It has all the contingency security features anyone could ever want from a device like that. Trick pins, self-wipe, etc...
2. It supports BIP85, specifically, with xpub support. This is a fantastic way to start dividing an estate up between heirs. And a great way to expose them to Bitcoin since they can watch their inheritance grow without the ability to spend any of it. 🙂 All they will need is the child seed when the time is right.
3. If some Bitcoin needs to be used for retirement income, it's easy enough and highly secure to move sats around as needed, especially using the air-gapped sd card method.
4. Younger Bitcoiners, can use the Q and BIP85 to Uncle Jim their friends and family who are not technical at all, or who would be irresponsible with their seed, to get them exposed to Bitcoin without the risk.
No matter what you do, backing up seed words on metal is an absolute MUST if they represent life savings.
These reasons might not apply to most Bitcoiners, since most Bitcoiners are a lot younger than me, but these are reasons why signing devices are perfect for me. 🙂