/biz/ - Business & Finance

hardware wallets aren’t secure

>>13816509
> Using a hardware wallet
Congrats you made it, the rest is academic.

>>13816509
>>13816520
>>13816530
Is BTC multisig riskier than the BTC protocol itself? Ethereum Parity multisg wallet had a vulnerability and lost everything. Is Electrum BTC multisig safe or it is risky like Parity multisig was?

too much of a brainlet for this shit

>>13816539
It’s dumb. Don’t bother. Your funds are fundamentally safe on an exchange. If they weren’t and something happened on a large scale then all the prices would PLUMMET to zero and crypto would be dead anyway. Yeah there are sob stories of people getting hacked but there are sob stories for wallets to so anyway just chill and be glad that you are going to make it someday. And you’ll be able to cash out faster.

>>13816681
wat

>>13816681
> He doesn't know about Mt. Gox
> He doesn't know about exchange fractional reserves
> He thinks it's regulated like a bank.
Not gonna make it desu
Not your keys not your coins

>>13816681

>>13816741
>>13816760
TELL ME. WHYYY does it matter that my stack is on Binance. If binance actually gets hacked to the point where everyone loses even me, why would anyone value crypto anymore after that? It would be meaningless. We are at equal risk you just bought a fancy USB drive. ooooOOOOoooOOooo who cares.

>>13816981
fundamentally what did you mean by this

>>13816981

>muh sessoned cripto investor accessories
paper wallet only.

I bought one and transferred my linkies today. At first I didnt realize you cant see the tokens on ledger live so I almost had a heart attack. Thought my linkies were gone ;_;

>>13817018
Why is paper wallet better?

>>13816509
make it 2 of 3 you mong and store the 3 keys at 3 separate locations!

also you can use a mnemonic wallet 24 words with 3 groups of 16 at 3 separate locations...

or better commit 6 words to memory and make 3 groups of 12 words (omitting the last 2 lines from write down)

but as this anon said >>13816520 hardware wallets are not actually secure cold storeage they are a failure waiting to happen and a potential physical attack vector. hardware wallets are best as hot wallets to protect against hacks / malware.

>>13816981
>TELL ME. WHYYY does it matter that my stack is on MtGox. If MtGox actually gets hacked to the point where everyone loses even me, why would anyone value crypto anymore after that? It would be meaningless. We are at equal risk you just bought a fancy USB drive. ooooOOOOoooOOooo who cares.

>>13817190
Could you elaborate on why hardware wallets are not secure? I was told they were the most secure way for an average user to hold their BTC.

>>13817185
1 it's free.
2 it's more predictably secure (bip38) based on math not gadgets.
3 you can have greater redundancy against theft disasters and accidental loss.
4 you can post/store them online without worry which makes it impossible to confiscate if you have to run.
5 coins distributed over multiple paper wallets gives you more control over exposure and mitigates the astronomically unlikely key collision.

>>13816509
binance has insurance, your thumb drive doesnt. Binance gave back 40 million dollars to the people who got there btc stolen

>>13817245
they are most definitely not. hardware wallets rely on "secure chips" for security which are side channel attack protected and tamper proof. according to the manufacturer but in reality it's fairly easy to dismantle them and read out the eprom where the private keys are either stored unencrypted or at best case (and note this is unproven) protected by the pin. once the eprom is read it's just a matter of time max a day.

jamal won't be able to do this, but he knows your wallet will fetch him a $100 at the fence and the fence will know the guy to call. your coins may be gone before you notice your wallet is stolen.

>>13817261
Thank you for the info. I am not an expert like you but I thought Electrum 2-of-2 multisig with 1 Ledger and 1 Trezor was supposed to mitigate a lot of these risks? Is paper wallet better even for an average user like me who doesn't know how to securely generate entropy for the seed? I thought hardware wallets were supposed to take care of that for you and using 2 different brands with multisig would reduce the brand risk, right?

>>13817314
Ok, so if I am understanding this you are saying the risks with hardware wallets are the physical access risks. That makes sense. But what about remote vulnerabilities, would Electrum 2-of-2 multisig with 2 separate hardware wallet brands be secure against remote attacks?

>>13817314
>>13817336
And the hardware wallets could be held in 2 totally separate physical locations. Then wouldn't this be a safe storage method?

>>13817336
>you are saying the risks with hardware wallets are the physical access risks
correct! think of them as an airgapped pc anyone having access you are fucked if no one has they are great protection from cyber attacks.

>>13817353
oh you mean you want to do multisig with the two hardware wallets? that's a bit overkill, but sure that is secure enough. in this solution your weak point would be the recovery phrases if you don't follow at least >>13817190

Im convinced that this thread is full of Trezor and ledger salespersons

>>13817425
Thank you. Do you think there is a risk that Electrum BTC multisig could have a security vulnerability? For example Ethereum Parity multisig had a vulnerability and lost everything.

>>13816509
>>13816535
I'd assume BTC multisig would be safer than what happened with parity multisig, but I'd be too scared to do it now.
IMO follow some advice from Andreas Antonoctopus, divide up your stack onto multiple paper wallets
Use a laptop that has never touched and will never touch the internet to generate a private key and write it out on some paper. Don't print, because printers can store what they print, and who knows what kind of malware the new "smart" ones have. - this isn't foolproof because a wallet generator could give you "known" private keys, so be careful where you get it.

Once you have your private key on some paper, try to access the wallet from the piece of paper you wrote on the airgapped laptop, to verify you didn't make any typos.
Create 2 copies (verify both), keep one in a small fireproof lock box, preferably bolted down. Or a hidden compartment that won't be found by someone ripping the place apart. And one in a safety deposit box at a bank.

Or instead of just the plain private key, put together some obscure shit on top so someone can't just copy paste it, this gives you time to recover your seed before someone else if they do steal your locked box. Could underline a single letter/number in every page in a random book, then mark page locations on your piece of paper to spell out your private key. Shit like that, be creative, don't use a caesar cipher lol and just understand that random book with underlines is a security risk too. Different kind of risk because a robber will go for a safe and not sift through random books, but you or someone you know might toss away the book or it might get damaged.

Repeat for as many wallets you want to divide your crypto up. Nothing is risk free, but you can mitigate a lot of the risks.

>>13817273
>trusting a chink
hahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahaha

>>13817425
>an airgapped pc
an airgapped pc with software you can't really do anything about. better to just set up a linux computer with no access to the internet.

no one owns more than 5k LINK anyway without larping its not worth the price for "piece of mind"

>>13817476
Damn, and here I was thinking hardware wallets were safe and now people are telling me they aren't.

>>13816509
you do know the crypto isnt stored on that device, right you obtuse and stupid fucking kike?

>>13817534
Yes I do know that. But I still want to make sure it is secure.

All this paranoia is so fucking unnecessary. Literally just get an old notebook, put Debian on it and use the official Bitcoin wallet. Problem solved. Unless you install some other shit on it, nothing is ever going to happen.

>>13817474
if you are worried about that i would suggest use paper wallets after all. they have been more thoroughly vetted. but no i don't think that is a danger here.

>>13817476
>>13816535
>>13817190

lol fucking assholes

>>13817488
i would argue these hardware wallets are more compact. which is a pro. but also you actually know what your machine you set up does you can pick and even audit the software yourself. no gimmicky shit.

>>13816535
>>13817476
ETH's "multisig" was a solidity code error written by someone and published to a public library that was shared by everyone. The multisig feature itself was a contract.

BTC's multisig is entirely different an is built into the chain.

>>13817596
Thank you smart anon. So do you think Electrum BTC 2-of-2 multisig with 2 different hardware wallet brands is a good and secure cold storage approach?

>>13817526
Nothing is really safe if someone has physical access to it, I use a ledger nano s because it does prevent the more common threat of malware on computers, and it's way more convenient than typing out a private key on an airgapped computer and signing transactions from there. It's a whole lot better than nothing, but it's not risk free.

>>13817592
Also:
>hardware/firmware updates
nope

>>13817633
Thanks, but I am still not sure whether to use multisig or not. I see some saying it's a good idea because it reduces risk of being tied to one hardware wallet brand, but then I see people like you saying you wouldn't use BTC multisig. My concern with not using multisig is, what if Ledger company is somehow storing some of the seeds and could eventually steal the coins? That's why I want to use multisig with 2 separate brands. But then I have the worry about if multisig is not safe. Fuck.

>>13817596
>BTC's multisig is entirely different an is built into the chain.
nope it's also smart contract based bip16 p2sh which means if a client had a bug and created a bad p2sh script you would be fucked.

>>13817681
why not do both? divide up your stack with some on multisig, and some on paper wallets?

>>13817727
What about how the hardware wallet displays the details on its screen, even with multisig. You can verify the address on the hardware wallet screen. Does that eliminate this multisig risk?

>>13817750
Only because I am not sure if I trust myself enough to securely generate the seed for a paper wallet. I am not a security expert. Whereas with a hardware wallet, that is taken care of for me.

>>13817762
no, the balance belongs to the address which is a hash of the public key or in this case the script. even if a script is bad you you can never get your btc out you can see the balance and send coins to this sinkhole.

>>13817840
Ok, what about this then. If I first test using a very small amount of BTC and verify that I can send it. Then can I know that any future receive addresses generated are secure and I will be able to send from them as long as I confirm them directly on the hardware wallet screen? Or is that still not safe?

>>13817875
that's good precaution in theory but generally not recommended to reuse public keys, maybe if you didn't publish the tx just validated it with an other software...

now the other part if the script is not actually secure meaning an attacker can somehow steal your funds without knowing your private keys... there is only one protection to that you have to validate the script as standard multisig with your own eyes.

>>13817918
but this is highly theoretical i'm fairly certain we would know by now if electrum multisig was fucked.

>>13817918
>now the other part if the script is not actually secure meaning an attacker can somehow steal your funds without knowing your private keys
Wow so this can really happen? But I am not smart enough to validate the multsig script myself. Would you recommend I don't use it then? I thought the whole point of the hardware wallet was so I don't have to validate things myself.

>>13817314
Thats why you have a decent safe hidden somewhere in your home.

>>13817950
the point of crypto is to be trustless or as trustless as possible. if you can't code at least you have to trust in the community to be vigilant. that if there is an error or malicious tampering someone will spot it. the more attention a piece of open source software has the more safe it is to use for laymen. you place your trust in that too many people would have to collude or turn a blind eye.

what the fuck. excluding physical "steal", how the fuck is there any risk at all using a hardware wallet to generate the seed, copy paste the public key, and just sending your btc on it when you want to ? and use the phone with an electrum wallet with a small % of your wealth to pay and buy everyday's shit.

what the fuck, why some of you are saying it's not risk free.

>>13818030
read the thread you lazy piece of shit

>>13818030
yes hardware wallets are fine for hot wallets with small amount of crypto.

but for some reason a lot of people are hell bent on misusing them as cold storage. of which they are the least suitable perhaps.

>>13818012
You might be one of the smartest security experts I have ever read when it comes to BTC. In your opinion. do you think my idea of Electrum BTC 2-of-2 multisig with 1 Trezor and 1 Ledger is secure enough for an average user like me?

Nano S or Nano X?

>>13818109

>>13818100
I just want the most secure cold storage I can have as an average user. That is what I am thinking of using multsig for. I know you mention paper wallets for cold storage but I am not confident that I can securely generate the seed for it.

>>13818100
the hot wallet is the electrum wallet in my example, and the cold mega secure wallet is the hardware wallet literrally turned on once ever (2 different wallets)

>>13816509
Is this the new fidget spinner trend? Yikes

>>13818107
i think it's overkill.
for a hot wallet a good password protected wallet like electrum with a hardware multisig is perfectly fine.

for cold storeage it's too costly and elaborate for my taste. you also place too much trust in vendors proprietary hardware and often closed source software.

what i like for cold storage is bip38 paper wallet. while you can (if outstanding vigilance and good practice is not followed) steal funds from a hardware wallet solution from 1 hour to a day tops, a 20+ char password protected bip38 wallet would take 900 quintillion years for the entire hashpower of nicehash pool. and all it costs you is a few hours of your time (in which you learn a great deal) and some paper.

but i get the feeling some people are just attracted to these gadgets because they find them cool as fuck.

>>13818133
i truly can't see any reason to use a hardware wallet as cold storage. sorry. they are excellent protection against cyber attacks but present a single point of failure and physical attack vector.

>>13818210
>single point of failure
That's why I bring up 2-of-2 multisig with 2 different hardware wallet brands.
>physical attack vector
Doesn't this exist with paper wallets just the same way if you keep your seed info on paper? Someone could get the physical paper just like they could get the physical hardware wallets.

>>13816981
you are right and based, these fags are retarded

Tattoo the key on your dick. If any threats arise, you can beat them by calling them faggots for looking at your dick.

Super mode: Tattoo it on your dog's knot.

>>13818210
1) your paper wallet is generated from someone who wrote a piece of code, maybe some javascript; what tells you that the algorithm is not carefully crafted to give you a particular seed/private key that the creator of the algorithm could steal, because he made a very elaborate algorithm that seems cryptographically secure. isn't that code on github ? the code looks complex enough to put some very elaborate malicious element that can never be spot by any expert programmer in the history of mankind.

2) your paper waller is generated and printed from an offline pc. what tells you that there isn't some kind of malicious software lying somewhere in a firmware/SMM that is ready to send some particular bits of data to an unknown entity as soon as you finish reformating your pc and then plug it back online ?
also for it to be secure, you would need to destroy your printer if it fails (and it will given enough years). how practical is that?

that's assuming no one will ever connect your pc, if you have a family which is a very acceptable way of living, someone could very well plug your pc online once, given enough time. much less secure than an hardware wallet turned on once, no ?

>>13818234
>That's why I bring up 2-of-2 multisig with 2 different hardware wallet brands.
that's how you get 2 single points of failures
don't see it as a great improvement.
>Doesn't this exist with paper wallets just the same way if you keep your seed info on paper? Someone could get the physical paper just like they could get the physical hardware wallets.
if unencrypted sure. that would be awful bad practice.

>>13818409
>your paper wallet is generated from someone who wrote a piece of code
You can generate private keys using generic bash commands like openssl. I trust openssl

>>13818409
>printed from an offline pc
copied by hand and pen, try again

>>13818286
based

>>13818427
>that's how you get 2 single points of failures
I don't see why these should be considered single points of failure. Let's say you have a 2-of-2 multisig with 1 Ledger and 1 Trezor. If it turns out Ledger company has been storing some of the seeds, they still can't steal your coins because they wouldn't have the Trezor seed. If it turns out there is a vulnerability in the Trezor random seed generation, they still can't steal your coins because they wouldn't have the Ledger seed.

>>13818409
yes all valid points but come on the likelihood...
the source for these wallets is in github you can see the version history, thousand of people audited the code you can look into it yourself. it evidently uses good random pool for generating the keys involving heavy user input which is absolutely non deterministic.

i don't see the same transparency with hardware wallets. i think the last code change was in 2016 for bitcoinpaperwallet something like that. you can validate the download with sha256 hash or pgp signature.

but in the end nothing is 100% if you can't code and don't have shittons of patience.

as for the pc being online you boot a live os offline for generating the wallets after reboot all information is lost. there is no risk, in fact i don't even have a separate computer for that just but a mint linux from usb.

once the wallets are generated and the computer is rebooted the only way to access the bitcoins is knowing/breaking the passphrase.

>>13818503
yes in that regard they are better than 1 i meant literally the two hardware are two single points of failure. if the devices fail you no longer available from trusted source or they get stolen you can't access your coin. you try to circumvent this weakness by the seed backups but those are just vulnerabilities again.

i have been thinking a lot how i would use hardware wallets and it always come back to why would i?

>>13818429
>openssl ecparam -name secp256k1 -genkey -noout | openssl ec -text -noout 2> /dev/null | grep priv -A 3 | tail -n -3 | tr -d '\n[:space:]:' | sed 's/^00//'
Eth private key owner is you, congrats

>>13818539
>i have been thinking a lot how i would use hardware wallets and it always come back to why would i?
Maybe you wouldn't but you are clearly a security expert. Isn't hardware wallet a good and secure solution for an average user who cannot safely create and use a paper wallet?

Another idea: Wear a fake pacemaker with the key in a chip inside. Lulls your adversary into a false sense of superiority and really...who is going to check your pacemaker?

>>13818429
this is getting very complicated, it's fine to trust openssl, but apparently you're using an elliptic curve digital signature algorithm, and if you don't implement the algorithm properly, then someone could one day solve the whole thing and find your private keys. surely you have to type some code or commands to get your private key. how do you know the right ones? you need to be an expert in your field, because if you repeat what someone else tells you on the internet, you could again lose everything. even if that thing was coming from someone trustworthy. also that person could NOT be an expert and make his advise unsafe.
and to say that your script is secure, you have to be an expert to begin with. you surely knows how complex it can be, it's not just math, it's deep knowledge of tools created by other person, which can very well be unsecured.

a hardware wallet has a financial incentive to NOT steal the private key and to actually make sure the risk is as close to 0 as possible. better than what 99.999% of the population can do.

>>13818449
you only addressed one small element of point 2, a detail

>>13818427
Can you make a bip38 paper wallet for ethereum? If you could maybe tell me how to safely generate an eth/btc paper wallet that would be really nice desu. I know there's something related to a vm machine or downloading mew offline but am brainlet

>>13818640
You seem to know your stuff when it comes to security. Do you think Electrum BTC 2-of-2 multisig with 1 Ledger and 1 Trezor is a secure long-term storage solution?

>>13818640
>if you don't implement the algorithm properly
>not trusting openssl implementation of the algorithm which output is then cleaned using generic text processing tools
This is many orders of magnitude more trustworthy than any hardware wallet.

>>13818640
>>13818505
I still don't see how a cold storage hardware wallet turned on once has a higher risk than what I've described; remember that the HW is a company with a financial incentive to be secure. not the case for an open source code. I trust open source code, except for this very, very precise case where I consider open source not way better for mankind.

you boot a live os offline, still your pc component are used and those can host some malware. no way really to know you're infected. that's getting very technical. if you plug your pc back online after generating the key there's a risk. can't see why a HW is less secured again...you can easily screw up with the generation step. it's a code that comes from someone else.

>https://github.com/bitcoin/bips/blob/master/bip-0038.mediawiki
This bip38 thing is first class. Thank you to the anon that mentioned it.

>>13818690
debatable again, to begin with openssl had countless vulnerabilities, and still what you're typing might be the direct cause of your future loss if you're not an expert.
a HW from a company must provide a secure tool or it loses a lot of money, millions or more. use a HW, turn it once, write the seed, copy paste the public key, done. why is it not the most balance and secure solution we have? it is

>>13818664
sorry I'm not an expert, can't answer

>>13818697
>not trusting raw generic linux and open ssl with legions of the most brainy individuals looking for flaws in because fo literally billions, if not trillions of $ at stake
>trusting something a single company does solely for crypto, therefore limiting exposure to security professionals.

>>13818697
>still your pc component are used and those can host some malware. no way really to know you're infected.
the live os does not attach any drive in a writable way. there are no persistent hardware stores big enough to record your actions and memory or just specifically the keys anywhere else on an unpowered computer. physics of computing don't let you hide something like that unnoticed. i would argue you need a specifically prepared honey pot hardware for this to be a problem no commercial device gonna be a problem.

don't overthink security if you get into what if games and start to give your opponent unreasonable powers you will always "lose". just follow good standard practice that has stood the test of time.

>>13818643
dunno man, i would assume it has an equivalent i only researched btc really. and no i'm not a security expert more like a programmer that is interested in cryptography as a hobby.

>>13818763
Isn't it really hard for a brainlet to safely send from a paper wallet?

>>13818731
yes what i like about it is we have pretty good idea to how long it take to try a scrypt password and what hardware requirement it has. this allows you to plan your security in terms of eons.

>>13816509
I have a question about the ledger, I'm not really sure how the recovery phase works in getting your wallet back. Say I put some coin in my wallet that isn't on the vanilla list of coins, do I have to get a new phrase every time I put a different coin on or are all new wallets generated by the initial phrase? Sorry about the brainlet question hard to know without actually having one in my hands yet.

>>13818782
yeah it's not exactly user friendly as of yet. first you have to decrypt the private key, and import it into a wallet. this operation requires a trusted computer. but i bet you in 2 years you will be able to swipe bip38 wallets straight to any exchange and decrypt them there.

>>13818750
>HW from a company must provide a secure tool or it loses a lot of money,
Enjoy your "firmware updates". Given that a company provides them, rest assured that a ill intentioned individual will have a lot of time to destroy shit. With flaws in openssl, those are fixed instantly and because you used a generic tool, nobody will assume you created an eth private key with it making any problems of that nature much more less severe

>>13818782
Unfortunately, didn't found a brainlet friendly way

>>13818824
All coins are stored under you generated 24 word seed.

If if every ledger in the world spontaneously combusted, if you have your 24 seed words you're good to go.

https://support.ledger.com/hc/en-us/articles/115005297709-Export-your-accounts

It’s rare that I’m serious on here but if you are talking about plus $10k of crypto. Get more than two devices and try not to monoculture it. Also don’t keep them all in spot along with the paper keys etc. Buy a fire safe. Put one in safety deposits box. Leave one at work. Have one in your bug out bag. Leave one at parents (unless you live with them then some other relative that you sort of trust) etc etc

>>13818763
it's not about that mainly, it's about not screwing up yourself. you will never naturally figure out what to type in bash. a mistake and you lose everything given enough time. it's not acceptable to assume being an expert. maybe you're one and you have an edge. others could use a HW that will, like every other things never have 0 risks. divide your wealth into 2-3 different tools like a ledger+a trezor+an electrum wallet and your risk of losing your wealth is realistically 0. fine you can make that paper wallet from https://bitcoinpaperwallet.com if you want but my point is no method is much secured than another. there's 2 best method : paper wallet and hardware wallet, equally secured, one of them is much more practical is suitable for us.

>>13818772
you can still have your seed stolen if the provider of the generating tool has a problem somewhere, either a malicious person or a very technical security flaw. comparable to a HW failure. so almost 0 chance of happening anyway. but it's not practical unlike the HW.

>>13818898

Also if you get the same of the same device make sure to get different colors so you don’t lock yourself out for a few hours because they all look the same.

Oh yeah... Fucking make a passphrase key. Even if they have access to hardware hack the device the non written word makes it harder.

>>13818856
okay but why would you ever want to update your HW? you just need to generate the keys once in your life, you can destroy it after if you want. but it would not be very practical if you want to move your funds. also why would you want to move your fund from cold storage. isn't that a problem with your money management to begin with?

>>13818878
do not ever write down all 24 words to the same piece of paper metal whatever! see >>13817190

6 words is pretty good security. you can think of a word as 10^5 security, 6 words is 10^30. 8 words is 10^40.

so if an attacker gets a single group, you are still pretty comfy. altho i would recommend moving your funds to a new seed just in case as soon as you safely can after a break in.

>>13816981
PLEASE TELL ME
WHYYYYYYYAAHYYYAHHYYYY

>>13817261
But you have to spend all of it if you get a paper wallet. Also, hardware wallets are just as redubdant, they are interactive paper wallets (and also paper wallets)

>>13818934
>you can still have your seed stolen if the provider of the generating tool has a problem somewhere
only if it doesn't really use the user input in the random pool just pretends to. trivial to check.
https://github.com/cantonbecker/bitcoinpaperwallet/blob/master/generate-wallet.html
not how many times and events the SecureRandom.seedTime is called!
there is no fucking way to predict this seed.
note SecureRandom.seedInt16
which seeds your random pool with mouse movement
SecureRandom.seedInt8 keypress

you can even debug this code in any modern browser yourself make sure it does what it says.

as for hardware wallets... the opposite is true.

>>13819096
technically you would do best if you swiped it to a hot wallet you control. but in theory you can spend it piece by piece if you imported the private key it's just like any other address.

>>13819158
Brainlet here, how do you import an offline paper wallet? Is electrum still the go-to? The software scared me and wasnt normie friendly

>>13819138
Wrong.
The Ledger uses AIS-31 certified TRNG for entropy at PTG2 level.
Which is better than your mouse movements.
https://cosec.bit.uni-bonn.de/fileadmin/user_upload/teaching/15ss/15ss-taoc/01_AIS31_Functionality_classes_for_random_number_generators.pdf

>>13819177
Generate a wallet on electrum.
Then utilize the sweep keys function. Google this if you want more info.
The paper wallet will be transferred into a new address in your electrum wallet. Which is good because you don't have to worry about dealing with change, the wallet will handle it for you.

>>13819234
Oh, so you have to make a wallet on it first. Thanks mang. Shit is still too nerve-wracking, but I'll copy this note down, cheers

>>13819138
I don't know, do you? because for anyone to know it would require very decent javascript knowledge, if not extremely advanced cryptographical knowledge, because what tells you that the arrangement of the code and perhaps the space does not constitute some kind of cryptographic function that allows the creator to get the content of everything generated from that particular code. in the end every bit of code is just machine code, 0s and 1s, if someone provides you a code that inputs something within a framework carefully crafted by the creator, you could figure out a part or all of your generated keys. who knows, no one can know, unless expert in that field. I'm surely not an expert so I can't know if nothing is hidden in the code. you need to trust the creator.

for the HW, it's not that the opposite is true, it's that you also need to trust the creator, but now the creator has a financial incentive to be secured.

>>13819309
frankly maybe it's just me but i like good community vetted opensource code that i can debug at will as opposed to "financially incentivized" proprietary solutions.

the hardware wallets are probably fine but really their best use is to secure a hot wallet from hacks. cold storage especially of significant wealth for long term is more of a misuse.

>>13819897
like we saw earlier it doesn't appear that the HW is less secured than a paper wallet which is equally subject to a creation error or malicious generator. all in all the 2 are not risk free and secured. I can't see why a HW turned on once to generate the key is not the best way of doing cold storage. even if updated with a firmware, you will never be sure that you generated your paper wallet properly, and if there's a security flaw that got discovered. it might happen, given enough time. if a seed from a HW did not created a massive catastrophe in the social medias 2-3 years after you generated the seeds, you're safe forever (you and your children)

I prefer opensource as opposed to proprietary like I said, except in that specific case. money is too important. trusting expert is better than trusting yourself. to generate a paper wallet you need to be an expert. I'm not.

>>13819180
>AIS-31 certified TRNG for entropy at PTG2 level
so it passed stochastic tests that's all what you quoted means. any number of non cryptographic rng passes it pretty well btw.

generating random numbers with noisy diodes is an ancient method. they just put some rudimentary standards around it. putting it through a good cryptographically secure cypher would make even it better. i'm not saying this is a too big issue, but i would prefer PTG3 for a cryptographic application.

bitcoin paper wallet generators use a random pool derived from user action that is non deterministic xor-ed with a stochastic rng output. it's pretty damn good.

for all intents and purposes if you can't listen in on the generation you won't be able to find the seeds by knowing the algorithms and the time of generation with either.

the difference really is what you can actually test what you are willing to test who do you trust. you will never qualify the hardware for yourself that's for sure.

FUNDS ARE SAFU on coinbasepro FDIC insured we cannot lose
Imagine hodling your link stack or any stack over $1,000 on binance. When binance gets “hacked” again or exit scams and everyone loses all they’re money, who the fuck is going to pay you back? Funds are not safe on binance.

>>13820022
>like we saw earlier it doesn't appear that the HW is less secured than a paper wallet
yes it is in the standard practice recommended by the vendors it's definitely less secure.
>I can't see why a HW turned on once to generate the key is not the best way of doing cold storage.
it's one way of doing it not the best not the worst. i wouldn't but a trinket for it that's all.

you still don't seem to understand what i'm talking about when i say hardware wallets are not good security. for cold storage. it's not that i try to imply the quality off the seed is lacking. i just say they can promise whatever they want i can't really check it out. but it's entirely possible the private keys and seeds are of good quality. that's not a necessary weak point of hardware wallets.

1) hardware wallets are a physical attack vector unless you wipe them after seed generation (in which case why bother with them?)
2) the seed itself is a serious vulnerability unless you commit it to memory. if you write it down that's literally the same as having unencrypted paper wallets. it's insanity. and it's standard recommended practice with these. actually recommended by the manufacturer. the fuck?

>trusting expert is better than trusting yourself.
naah
>to generate a paper wallet you need to be an expert.
negative on that. and a lot more experts validated the sources you would be using (entire change history is public, releases signed and with hash you can check) than any hardware wallet ever seen.

>>13816981
walk away from crypto while you still have a chance you absolute brainlet

>>13820373
the 1) is a non issue; you need a safe in every situation. a paper wallet can also be stolen

2) how so? you're bringing up another element to the equation, encrypting a paper waller; do you mean putting your paper wallet in a computer? that would be asking for losing your wealth

if you are not an expert, and very few are (even the professionals, "experts" have at least a phd level on their subject)

already explained why generated a paper wallet can easily go wrong, what you're saying is trusting an open source community vs trusting a business (with experts working in it). absolutely the same level of risks. paper wallet still not proven better

>>13820022
>to generate a paper wallet you need to be an expert. I'm not.
openssl it is then. People who dev on this are much more expert at what they do than HW in-house experts

>>13820562
>a paper wallet can also be stolen
which is not an issue if you have multiple copies and is password protected. but it sure is an issue with a hardware wallet. a fucking big one.

>you're bringing up another element to the equation, encrypting a paper waller
if you read anything i wrote i said multiple times never use unencrypted paper wallets it's insanity. so is writing down your seed for a deterministic/mnemonic wallet.

>>13818994
You're flailing around dude. I prefer to not work with an obscure black box between me and my private key. Especially, if I definitely know it is not safer than what open source software can provide me. Just provides me a wee-bit of utility that I don't need.

>>13820562
>absolutely the same level of risks.
totally different risks.

community vetted code that is around since 2013 with full version history and stood the test of time and countless audits. and you can personally look into the code with pretty basic programming knowledge check the algorythms against standard implementations with even longer history of publishing trust vetting and use... as opposed to a piece of plastic that can really house anything you will never be able to tell if it has fraudulent firmware by a dev or just plain not up to the standards they claim.

>>13820577
good luck making sure yourself that the script you write in bash is 100% secured forever. you need to be a real expert for that. trusting a business nullifies your risk to screw up. again you might be an expert, but that means you have an edge, others don't. not a huge one. the security difference is negligible at the very best

>>13820597
it is not an issue at all if it's locked in a good safe. again mentionning digitally managed paper wallet, you think a physicall safe is less secured than a password protecting software? that's foolish. progress never stops. progress will nullify your digital encryption way before it can nullify the security of a physical safe.

writing down your seeds and putting it in a safe, is secured.

Anyone can recommend a proven brainlet-proof way of encrypting your ethereum paper wallet? shit like character encoding problems scares me to bits.

>>13820699
just use the openssl command ... and it's done. There is no algorithmic skill required.

>>13820653
trusting a member of an online community on how to generate and manage your bitcoin private keys goes way beyong the scope of what a normal computer scientist can understand, you need to be an expert to securely make a paper wallet in a more secured way than what a HW can do.

>>13820649
if you think you call pull that sure. a lot of unknown way you can screw up, if you're not an expert. you know what I'm talking about if you're an expert. still, negligible. I understand why you wouldn't trust a company. but realistically, the odds of securing are better than a non expert generating a private key.

>>13820699
>it is not an issue at all if it's locked in a good safe.
please tell me you don't actually think a safe can't be broken into by burglars!
>again mentionning digitally managed paper wallet, you think a physicall safe is less secured than a password protecting software?
definitely. think in terms of time! safe opens within hours with basic power tools maybe a lot less if the guy knows his job and the type of safe. my paper wallet is 900 quintillion years secure. here let me show you (yes i sent the btc back to the exchange, but it sued to be up here for months)
>progress will nullify your digital encryption way before it can nullify the security of a physical safe.
absolutely horrendously wrong. your only chance is if they miss the safe or don't have enough time because they are disturbed. you are placing your trust in things you don't control.

>writing down your seeds and putting it in a safe, is secured.
bad security very fucking bad! i mean sure put it in a safe as opposed to your drawer, but make sure it's 3 safes at 3 locations and you need 2 group to get the whole seed at the very least!

>>13820699
>password protecting software
not using a HW would be also better in that case Something like an encrypted flash drive with a private key on it is alright.
At least I have a clue as to what's happening within this stack.

>>13820765
>3 safes at 3 locations and you need 2 group to get the whole seed at the very least
Does this make sense? If you get a private key with 1/3 of the bits removed, doesn't it mean it can be now bruteforced?

>>13820748
even if there's no algo skills required, you don't know if there's a security flaw inherent to the git you or your system got that from. a flaw that could allow anyone to loop through the blockchain for public key and then run an algorithm to solve your private key and steal your funds you got from openssl. in reality, it's much more complex that what I try to explain. not an expert = a HW is safer.

>>13820823
openssl experts > ... power gap ... > hw security experts

>>13820763
not one member. you never trust one person with this shit! hundreds of experts looked at the source of these generators and they are continually up for review. they use time tested tried pieces that can be validated to standard implementations from libraries. it's not just trusting one guy. far from it.

>you need to be an expert to securely make a paper wallet in a more secured way than what a HW can do.
hm... this is a tougher cookie, i would argue it's not true, the procedure is simple enough. but i'm not sure you can technically generate a safer wallet on a pc than on a hardware wallet. it's how it is stored. on a pc it's customary to protect your wallet with a strong password using symmetric encryption. preferably scrypt or argon2 keygen. these hardware wallets are not protected with the same level of mathematical security at all and the seeds are a serious vulnerability as i described i think like 8 times now just in this thread.

so while hardware wallet can generate you a good wallet (assuming it's all good) it's not good at securing it from someone having physical access. which is what i said all along. probably over 10 times.

>>13820809
not really see >>13819040

>>13820765
your paper wallet is not secured if you put it into the digital world after generating it. you're foolish. a good safe is NOT breakable by anyone that doesn't have industrial tools weighting TONS.

how do you know that progress won't nullify your encryption in a decade or so? are you reading the future?

just get a good safe. attach it from the inside to concrete, burried in the floor somewhere, surrounded by concrete, in your house foundation. probably a lot more to do to secure your safe, ask the experts about it.

a good safe CAN NOT be opened by random burglars, unless they bring a giant Bagger 288 or something and destroy your house. in that case you could program an alert if you're away, to send your btc elsewhere, in the case your house is being destroyed into pieces so that they can try to crack open your safe. also that's your fault for telling people that you had a safe.

splitting the seed is a BAD idea. having the same is 2 secured safe is fine. it's more secured, if you're afraid that a location is getting a nuclear bomb.

>>13820773
you know things that a lot of people including me don't, if not then you should think again about what is secured

>>13820855
if your main point is the physical steal, then you need to check how hard are actual safe. I'm not talking about your random amazon 100 euro safe. use MONEY to secure your wealth in a safe. worth it...

any Faggot who says a hardwallet is unsafe are either retarded or trolling. Hardwallets are one of the most safest way to store your coins especially if you are not tech savvy. Don’t let these cunts fool you.

>>13820978
>how do you know that progress won't nullify your encryption in a decade or so? are you reading the future?
breaking of hw security is exponentially more likely than something like openssl security.. Speed of patchign any breaches will be much much faster in the latter case as well. imagine trusting a hasty "firmware update" from a private company.

>>13820978
>your paper wallet is not secured if you put it into the digital world after generating it.
okay, then try to swipe it! it's there.
>how do you know that progress won't nullify your encryption in a decade or so?
because symmetric encryption especially using a good computationally expensive key derivation is not something theoretically attackable in any efficient way. even quantum computing couldn't put a serious dent on it. in fact building a q machine able to do crypt would be probably more expensive than all the wealth that ever was on earth.
>a good safe CAN NOT be opened by random burglars
wrong sorry safes only buy you time none of them are really burglar proof. i have a safe too the guy that sold them explained this shit at length. he said they really just rate the safes to how many minutes they give you. a 1 hour safe is a good one for a home.
>splitting the seed is a BAD idea. having the same is 2 secured safe is fine.
you must be trolling at this point! you are saying the most outrageously wrong things imaginable.

i have 50,000 link on a printed myetherwallet wallet

>>13821086
I have 1m link on a paper wallet scribbled with pen on paper. Would never, ever ever put it on a hardware wallet. EVER.

>>13821059
http://www.break-ic.com/topics/crack-ic.asp
sorry to burst your bubble this is snake oil security.

the only way to actually mathematically provably protect your data is with a strong password/phrase (not a fucking pin) of more than 20 characters a good key derivation algo and a good symmetric encryption algo.

these bullshit ships like secure element can be broken within hours with someone knowledgeable and equipped to deal with them. costs about $30 maybe per chip.

>>13821161
>bullshit ships
*chips lol

just remember: you goal is not to secure your crpyto from your grandmother or your neighbors kids.

Good discussion thanks anons especially paper wallet anon. Crucial stuff.

>>13821118
also using encrypted flash drives

>>13821161
Are you fucking stupid, a hardwallet is not protect by a fucking pin. It’s protected by a private key which NEVER leaves the device and a 24 phaseword phase. The pin on the device is too only access the wallet yourself, and lets the hardwallet is stolen, the pin is to protect it from someone accessing your wallet Physically. Also you only have 3 attempts at the pin before it resets the hardwallet and seed is wiped

One interesting thing a hardware wallet offers you that paper wallets cannot is plausible deniability.

At least with the ledger you can set it up with two access pins, each accessing a different wallet.
If someone beats on me with the proverbial $5 wrench I can give them my other pin, which accesses an alternate set of wallets where a few coins are kept.
Additionally you can add a 25th secret seed word to your 24 seed words on the fly at any given time to generate a completely different set of wallets.
My overall feeling on this thread is that those who fud hardware wallets don't really fully understand them, or haven't used them enough to appreciate what they bring to the table. Nothing is unhackable, but for 99% of users that don't have time to deal with the intricacies of cyber security, Trezor and Ledger have come up with some extremely good solutions around the $40-$50 price point. Either way, any solution is magnitudes better than keeping your coins on an exchange.

>>13821019
>if your main point is the physical steal
that's one point you should secure against:
>physical theft (assume all countermeasures are overcome what then? will you lose access? will the robber get your funds?)
>disaster (think a meteor hitting your home straight on and nothing is left but a crater! will you lose your funds?)
>damage to a copy (need to have multiple copies you can't lose access to your funds on a single point of failure)
>losing access to a location (this can actually happen)
>can you access your funds from an other country? (if you have to run or evacuated? is it confiscateable?)
and this is the tricky one:
will your coins be lost if you die? or your legal inheritors can get them?

you need to consider all of these for anything that can be called good security. hard mode: no singly point of failure, no trust, no overly expensive solutions. what's left? paper wallets or multisig wallets.

>>13821227
jesus fuck, no the hardware wallet protects the private key it's not protected by the private key. where the fuck did you get that?
>Also you only have 3 attempts at the pin
so it is protected by a pin, a soft protection like that is irrelevant to the attack i described. you didn't bother to read did you?

>>13821068
I couldn't steal your funds, but someone might in the decade or so, if a very weird succession of very particular events happened, that we couldn't figure out until a flaw is discovered. you can't predict the future. a physical safe on the other hand, will always be secured.

again it seems you're reading the future, or underestimating how smart we are. we will find a way to solve those primitive encryptions we use. you really, really don't think long term. a cold storage should be a set and forget thing, not a check every 2 years for potential flaw into my previous actions.

I would really like to say what kind of safe can be open within a few hours. if it can be open then you didn't pay enough for a decent safe.

I repeat, having your written seed in 2 separate secured safe is probably the most secure way to preserve your wealth in the very long term (50+ years)

a secured safe would at the very least cost 20k €

>>13821342
that's why i said you are placing trust in completely wrong things. you like trinkets you like physical things you think you understand them. but here is the thing all your hardware devices will lose security as times goes by in a na exponential rate while good cryptography stands the trial of time a lot better but say... say there is a breakthrough that makes it hundred billion times easier to break my private key. not likely at all but say... it would still take longer than how long the universe of ours existed.

>
I repeat, having your written seed in 2 separate secured safe is probably the most secure way to preserve your wealth in the very long term (50+ years)
no it's idiotic sorry dont's dish out such bad advice. what you did here is you made your secret less secure not more. sure you secured it against loss or disaster but you have 2 locations instead of 1 that it can be obtained from now.

>a secured safe would at the very least cost 20k
i will just put that in btc thank you. won't lose value like that hunk of metal will.

>>13821430
oh and one more thing, nothing is stopping you from actually putting your bip38 quantum secure paper wallets into the fancy safe you have. so long the encrypted private keys are not exposed nobody has a chance to even try to break them.

if you insist on this paranoia that is and willing to dish out $40k for 2 boxes.

>>13821277
all of your point are solve with 2 physically separate secured safe. if I suddenly die before giving the seeds to my family, then I'm pretty sure some company have the industrial tool to open it. tools, that can never be brought in the house without destroying it. but how do you move the safe if burglars couldn't you say? well, the thing is that burglars don't know where is the safe. that would require them to destroy the house. a business trying to get a safe out will know, would not have to destroy the house.

we already saw how paper wallets can easily go wrong. and how the future can't be predicted. we can't know if your paper wallet is safe forever.

>>13821498
much much less of a chance of it going wrong than a hardware wallet going wrong

>>13821498
>we can't know if your paper wallet is safe forever.
not forever that's so obscure just 900 quintillion years.

you can add exactly 1 day to that with your $20k safe. you gonna recommend to everyone out there trying a cold storage solution to build a $20k safe into their home? to trust the contractors to maintain their secret? seriously?

paper wallets can fail only if you are not careful. follow good tried protocol! always make sure you can decrypt the wallets on the airgapped machine after reboot before sending a dime on them. do a complete generation decrypt and import drill with a small amount. when you got it all down to routine (should take no longer than 2-3 hours) you can create your paper wallets for real. print them to pdf, validate each and every one of them, print them out in multiple copies, place them at their intended locations and then only then send funds to them.

this costs practically nothing. and offers astronomically better security than gadgets.

>>13821430
the hardware devices can lose their security it doesn't matter, it has just been used the generate the bitcoin private key. if bitcoin upgrades for a reason to something like quantum proof algo and you need to regenerate everything to be sure, well, it's fine, I can do that once in my life and then forgetting it again.

I know that crypto algo we have now are secured. they are secured as of TODAY. we don't know what the future holds. I trust bitcoin, that's the only thing I need to trust. and to generate a bitcoin seed I also trust a HW, which is the same as bitcoin for me, as it generates a bitcoin private key. I can't generate a paper wallet, that puts my wealth to risk, as for anyone that is not an expert.

if your safe is secured, then having 2 seeds is secured. unless you think breaking a safe is possible. it seems you do. reconsider spending 20k+ into a safe. a real safe is safe as the name suggest. you won't do better.

maybe you think spending 40k is not worth it to secure your wealth, fine.
we certainly disagree. life taught me that it's a bad idea to try to go for the cheapest option. cheapest options are very often a terrible choice thinking long term.

>>13821610
bitcoin will always support legacy keys symmetric algorithms are pretty quantum proof by themselves but memory expensive key derivation algos make them pretty much quantum proof. that has nothing to do with bitcoin tho. please don't confuse matters here!
>they are secured as of TODAY.
if you think that you shouldn't even buy crypto. just forget it! buy gold put it in your safe be happy!
>if your safe is secured
not if. until when? best safe gives you a few hours. post link to your safe i'm gonna tell you how long it would take me for opening it with my home power tools from the specs! and i'm a fucking amateur.
>maybe you think spending 40k is not worth it to secure your wealth, fine.
it could be worth it if it added any real security. depending on what you put in there...

>>13821603
paper wallets can fail even if you thought you did right, you wouldn't know until it goes wrong unless you're an expert. doing what you described can be accomplished securely for at least a lifetime by almost no one on earth. we don't have a better compromise than HW as of today.

>>13821676
A good safe or gun safe will weigh at least 1000 pounds and be basically impossible to lift. A safe with a TL-15 rating means 15 minutes with power tools touching the safe and that means power tools against a safe by professionals. That doesn't include the time it takes to break into a home, the time it takes to find the safe, the time it takes to set up your cutting tools and the thief's ability to use the tool. Reality is a decent safe would take on average an hour to get to and crack, and forget about lifting the damn thing especially when it's bolted to the floor from the inside.

>>13821741
And of course that doesn't even include whether or not whomever owns said safe doesn't have a security system. To be honest most people with high end safes probably also have security systems, cameras, alarms, doorbell cameras and by the time you're in the front door police are already coming.

>>13821741
that is why i said hours. as opposed to not eons. but timespans almost impossible to even imagine by the human brain. the fucking old ones of lovercraft will die before you break a good solid encryption of today with a decent passphrase of say 6-8 words.

>>13821751
ok i get it you can have ridiculus james bond level security. which if you are planning on running a high liquidity ln node, you should in a the future. hos is this a valid recommendation for cold storage for the general audience? as opposed to paper wallets? which cost fucking nothing. and >>13821764

>>13821764
My point was that getting into a well placed high end safe is also near impossible you moron. I can almost assure you that you will not be able to get into a high end safe in someone's home you're robbing unless you knew about the safes existence beforehand, prepared and have had experience busting into safes, and knew for a fact you had a few hours before any homeowner or police were to arrive to stop you (unlikely because most people with high end safes also likely have security systems)

>>13821785
There's nothing James Bond about a safe and some doorbell cameras you moron. My 60 year old mother has a ring doorbell and she can see you walking on her property while she's at the nail salon 9 miles away and could easily call a neighbor or the cops if she doesn't recognize you

>>13821676
what are the best safe you can think of, that are opened within a few hours? probably would need to pay more.

I trust bitcoin. there's a difference between not being able to generate a private key securely, and not trusting bitcoin, you know it. bitcoin is always evolving. it's a network and a community of users in a way. your paper wallet, it's made by you, and you could have made a mistaken, you would not know.

>>13821785
I'm not arguing anything except your claim that you could break into a safe in a few hours even a safe rated for 15 minutes burglary time

>>13821828
also... a safe can be considered one layer. nowadays there's others system to secure your home and what you want to keep safe. alarms, camera... scripts that do things when something is trigger. you can be alerted if your safe is being broken and you can transfer your keys. a paper wallet is NOT safer and never will

>>13821828
>I trust bitcoin. there's a difference between not being able to generate a private key securely, and not trusting bitcoin
interesting cognitive dissonance. if you think symmetric encryption specifically bip38 can be broken in a few years you sure as hell shouldn't trust any public key cryptography. and bitcoin is primarily secured as system by elliptic curve cryptography. if there is something that can be broken or greatly weakened by a breakthrough in mathematics or just computing power it's that.

>your paper wallet, it's made by you, and you could have made a mistaken, you would not know.
that's why you fucking test it before you put money on it for fucks sake! do you not read anything?

>>13821835
i never tried to be honest but watched enough vids about breaking safes to know you can get into anything given a bit of effort and creativity. i certainly have no delusions about my safe. and absolutely no delusions about the safes 99.9% of the people have or can afford. in general it's a stupid idea. that can even fail you with top shelf safes.

>also... a safe can be considered one layer.
yes the painting on an abrams main battle tank is also a layer. a layer of protection. do you want the shit pain or the expensive paint?

>>13816681
50% of the exchanges I've used in the past few years have gone tits up.

Gox
BTC-E
Quadriga

Those odds aren't great.
Get or fiat in and your crypto out.

>>13820386
do a 360 and walk away

>>13822258
i never thought i'm gonna ever tell anyone to walk away from crpyto before today. fucking hell. but i sure as hell would love to ask some actual top cryptographic experts if they think hardware wallets generate more secure (aka more random) seeds, however i think it's a moot issue.

>RDRAND is an instruction for returning random numbers from an Intel on-chip hardware random number generator which has been seeded by an on-chip entropy source.[2] RDRAND is available in Ivy Bridge processors[a] and is part of the Intel 64 and IA-32 instruction set architectures. AMD added support for the instruction in June 2015.

basically most cpus you have gonna have true random instruction support which will probably used by the random generator of the os and thus the browsers window.crypto.getRandomValues(). adding to this the entropy collected from user input it's clear that paper wallet generators can only be equal or superior not inferior.

>>13822067
testing it and having it working is certainly not the same as generating it securely.

trusting bitcoin is a thing, accepting that you can be a point of failure is another. it's safer to trust bitcoin, and a HW, unless you're an expert and know what you're doing. if you know, good and you have an edge. it's always the same logic. a paper wallet is only secured if you know what you are doing.

debating on how a safe is not secured enough to store your wealth is probably stupid. storing your wealth in a safe in a secured house (or 2) is similar in security than a properly made up paper wallet. one solution is easy to screw up, another is expensive. made my choice

>>13822518
>testing it and having it working is certainly not the same as generating it securely.
no it's even better actually. you can test if you can ever spend a wallet before you send even dirt to it.
>it's safer to trust bitcoin, and a HW, unless you're an expert and know what you're doing.
where do you get this required expert shit i can't fathom.
>it's always the same logic. a paper wallet is only secured if you know what you are doing.
there are clear instructions on the site. there is only one thing you have to remember: bip38 20+ char passphrase

>debating on how a safe is not secured enough to store your wealth is probably stupid.
no it's more like where security should lie in case of crypto if it was any other dumb asset like gold cash or jewelry then your safe being able to take on physical punishment would be more important than the cryptographic security of it's lock. don't you agree?
but with crypto specifically this is turned around. the physical security of the safe is the meaningless factor or at least it should fucking be as you can have unimaginable magnitudes greater security via cryptography for fuck all money.
everything depends.

you made your choice but don't fucking go around recommending it because it's not a good choice. you like it good for you! and yes i strongly support people having safes and storing hardware wallets larger amounts of cash papers and stuff in it. even paper wallets why not? but in case of crypto you got way way better options than relying on the security and durability of a fucking metal box.

>>13816509
paper wallet will never be beaten.

>>13816681
newfag is new

>>13816981
>If binance actually gets hacked to the point where everyone loses even me, why would anyone value crypto anymore after that? It would be meaningless

>move my linkies from Binance to a MEWconnect wallet
>phone screen magnet dealigns two days later

How fucked am I, /biz/

>>13823406
dont use mewconnect desu

>>13820855
how do you know the hardware wallets aren't encrypted?

i keep mine on blockfolio

Assume you have one thousand bitcoins:
How many addresses would you use to store them all for long term? All in one? 3 addresses? 10 address? I can't decide what is better.

>>13817681
>I'd assume BTC multisig would be safer than what happened with parity multisig, but I'd be too scared to do it now.
>IMO follow some advice from Andreas Antonoctopus, divide up your stack onto multiple paper wallets
>Use a laptop that has never touched and will never touch the internet to generate a private key and write it out on some paper. Don't print, because printers can store what they print, and who knows what kind of malware the new "smart" ones have. - this isn't foolproof because a wallet generator could give you "known" private keys, so be careful where you get it.

Generate your own recovery phrases by flipping a coin 256 times.

>>13817681

Generate your own recovery phrases by flipping a coin 256 times.

>>13824394
>>13824385
WHATS IN THE BOX

>>13816681
This is totally based. I bought 10k NANO early on BitGrail and as soon as it moons I can just cash out and buy my lambo

>>13824358
Use many addresses, as long as you can manage them. more targets for attack are harder to hit

>>13816509
>>13816520