Secure, tiered storage system

Anonymous asks: “What’s the easiest way to generate a paper wallet securely?” There is no easy way to generate a paper wallet securely. At this day and age you should probably be using a hardware wallets, not a paper wallet. If you can’t afford a hardware wallet then you don’t have enough money to secure. Because you can get a hardware wallet for like 30 30 bucks. If you have less than 30 bucks and you want to secure it, a paper wallet is not a good solution.
A properly secured smartphone software wallets that’s backed up with a mnemonic that uses your phone and secure element on a properly secured smartphone with a PIN number and an encrypted file system is far more secure than whatever scheme you would have to come up with to generate a paper wallet securely.
Matt asks: “Could you elaborate or possible or feasible tier levels in storing bitcoins and how to technically manage and save them?” So hardware wallets encrypted backups bib 38. So I would suggest that, if you are trying to store bitcoins you do not try to build your own scheme that’s rule number one: do not roll your own crypto you will fail. Part of the reason is that people tend to miss estimates the risk of theft versus the risk of loss due to technology failure, process failure or backup failure. And most people are much more likely to lose Bitcoin because they lose their keys or lose access to their keys or because they encrypted them or concealed them in such a way that they couldn’t reconstruct, years later when they tried to access them again. Much more likely to lose it that way, than to loosebecause they had it stolen.
So, that being said: you should have your crypto currencies, in general, stored in tiers, so you don’t have all of your money in an easily accessible hot wallet, that’s just as stupid as walking with wallets stuffed with cash with all of your savings in your back pocket. So I usually suggest that people have two, maybe, three tiers. 1 tier is a hot wallet and that most likely is going to be a smartphone wallet that you run. Your smartphone should be properly secured: you should turn on encryption, you should turn on a large complex pin, you shouldn’t allow your phone to be unlocked only by fingerprints, you should, must require a factor like a pin that you have to memorize, you shouldn’t use a simple pin that you’ve used elsewhere, you should use two-factor authentication, you should use a smartphone wallets that stores the keys locally and make a backup of that with a seed. If you backup seeds you should store those in the location that you can physically secure. For many people that means opening a safe deposit box at a private vault, or a bank, or it means installing a safe in your house, if you could do that, if you can’t do that and you’re just gonna have a seed sitting around, you need to at least get a small fireproof safe so you can protect it from fire, flood and environmental damage, and you should probably also consider using a passphrase, a fairly simple passphrase, in addition to your “bib thirty-nine” seed.
You should follow the standards as much as possible. Standards like bib 39, which are the standards used from Nimonic seeds between 12 and 24 words is a good standard in that it has a good balance between security and reliability, and you should use it as is. You should create a seed on a hardware device, or on your smartphone, depending on whether you’re doing a full storage tier, or more warm wallet tier. You should then record that seed on paper with pencil or pen, use some kind of cold laminate technology where you basically seal it between two sheets of plastic with glue, better than hot laminates that degrades the paper in the ink, but that’s good to laminate it, so that it can’t get water in, or put it in a sealed bag I like to use tamper-evident bags, that you can buy from Amazon, they’re opaque andonce you seal them, they can’t be openedwithout being very obvious the baghas been opened. Put it in that, that protects it from water damage too, then store that in a fire-proof safe. Multiple copies, not just one, in two different locations that in distance from each other.
Use a passphrase in addition to that, if you can’t find the secure location for your seed and the passphrase should be simple and you should give that passphrase to one other person who doesn’t have the seeds so that if something happens to you they can recover together with following some other state planning.
If you use a hardware wallet again you need to backupthe seeds, but then you could keep the hardware wallets with a good pin located in your home for example: you could even take it with you when you travel. I don’t, but you could. And you could use that as your cold storage for the ultimate in cold storage what you do is you generate the seeds on a hardware wallets preferably with a multi-sig, you test them with a single transaction and then you write all of the hardware wallets that only exist as a set of seeds backed up in multiple very secure locations.

Secure, tiered storage system обновлено: September 9, 2018 автором: SchBit