Finance and economics mentoring
New Horizons Paraguay
Ticker tape by TradingView

How to keep your cryptocurrency safe

Status
Not open for further replies.
So pretty much sharding right, what Ledger does with their⁢ Ledger everywhere service, just for you offline. Well thats a very good solution, but nothing︀ for the ordinary crypto users. And I still see a lot of points of failures︁ for noobdy users.

Everyone. Paper money =︂ worthless, if not backed by anything.
 
Lets Look into deep how Crypto legend store their private key......
Legendary couple of Bitfinex‌ Lichtenstein and his wife, Heather R. Morgan

https://www.justice.gov/d9/press-releases/attachments/2022/02/08/statement_of_facts_pacer.pdf
LICHTENSTEIN’s cloud storage account

If you trust the Media .....
SBF also used cloud⁣ storage....even without encryption ...

FTX CEO Slams Exchange for Keeping Private Keys on Amazon Web⁢ Services
https://www.theblock.co/post/194706...thout-encryption-the-exchanges-new-chief-saidhttps://decrypt.co/125866/ftx-private-keys-amazon-web-services-aws

Seems so many people trust Cloud for storage of secret key....

IMHO...I also believe Cloud storage option is not that bad as some people claiming....But Keep in︀ mind that Nothing is 100% riskless in this world....
 
This case blew my mind! It shows the power of propaganda & indoctrination.‍ I mean, one of them was Russian for God's Sake. They had ~120,000 bitcoins. They⁠ could have moved BACK to Russia, SWAPPED 1.2 bitcoin to XMR, and cashed 200 XMR⁤ (€30K - fees included) each (so €60K) every day for cash or in kind and⁣ NOBODY would have been the wiser! That would be equal to +130 years before they⁢ ran out of money!

Seriously, they can't be the ones that masterminded this. It's just︀ SHOCKING to me!

Same as with Ross Ulbricht! Imagine having 144,000 bitcoins! Why would you︁ stay in a place that will throw you in a cage? Feds were already at︂ his house delivering fake IDs and questioning him. I would have BOUNCED!

Ross Ulbricht could︃ have gone to an island. If you see anyone other than a "native" or a︄ regular, you bounce! Some smart people just blow my mind!

I'm glad I traveled the︅ world from a young age and know that there are so many great places around︆ the world that I don't have to be on someone else's plantation.

Gentlemen, if in︇ doubt, then there is NO doubt! Bounce! 😎
 
At the end of‍ the year, Ledger plans to release an update that can extract the seed phrase from⁠ the secure part of the device. If they can do this after the update, it⁤ means that they could have done it all along. In other words, if someone gains⁣ physical access to your hardware wallet (government agency), they might be able to access your⁢ cryptocurrency.
Trezor can also be hacked - here's a short video.

Regarding the backup︀ of the seed phrase - instead of keeping one small piece of paper with the︁ seed phrase, you can cut it into two parts and store them in two different︂ locations in case someone discovers it. Alternatively, you can use Shamir backup. And, of course,︃ it's essential to use a complex, non-dictionary 25th-word passphrase.
 
  1. Which hardware wallet do you use?
  2. Which is the best USDT non-custodial︃ wallet to use for everyday payments?
 
I keep using Trezor and Ledger, understanding‍ their risks.
Ledger is very convenient for daily use (incl. USDT).
However, I haven't found⁠ a good solution for HODLing yet; perhaps SafePal could be an option
 
I just want to add something important regarding this:

This is true for ALL hardware wallets created today and for ALL of the hardware wallets that will be created in the future, that's how software works︅ and the only way you won't be able to do this is with disposable hardware︆ wallets which means that with each update in the blockchain space you will need to︇ buy a brand new hardware wallet and completely send your current device to the trash.︈ Any device that can be updated to sign new types of transactions, can extract the︉ seed with an update
 
I won't argue, if it's possible to create such a cold wallet. The main thing︁ that Ledger lost is trust, as they claimed from the very beginning that it was︂ technically impossible to extract the seed phrase after wallet initialization. But I haven't heard of︃ anyone being able to programmatically retrieve the seed phrase from a Trezor either.
 
I'm not trying to defend Ledger, I'm just saying that that's the⁣ same for ALL of the wallets and will be always like that no matter what⁢ the manufacture tells you so basically the idea of my comment is that no one︀ should fully trust a device that can be updated so it signs new types of︁ transactions, because that by definition means they can update it so the seed could be︂ extracted in the future
 
splitting it into parts (2‌ or 3) increases the chance of loosing the seed (by loosing any part)
it also‍ makes the recovery process more complicated and you have to choose between geographical distribution and⁠ convenience

at the same time you're increasing the number of seed fragments that exist and⁤ each part found by someone unauthorized is a convenient way to brute force attack the⁣ seed - be aware that knowing 6 words out of 12 doesn't make it half⁢ easier to crack it but exponentially easier

if you're uncomfortable with storing your 12/24 word︀ seed in one copy (and I understand this can easily be the case depending on︁ your situation) then use shamir fragments and/or password

I will repeat myself but NEVER try︂ to come up with your own security protocol or tweak the well known ones -︃ many more probably way smarter guys thought about all the cons/pros before and distilled this︄ into couple of generally available implementations and documented it for you to be able to︅ give it an hour or two, educated yourself and choose appropriately what fits your situation︆
 
Yeah the process is exactly the same as what Ledger does, the⁤ only difference is that I'm not using their servers... And I agree about points of⁣ failures for non-skilled users, UI/UX needs to improve a lot before everybody can finally ditch⁢ the papers.

The good news is that even Apple knows this is the correct way︀ of doing it and they are now playing with social encryption restoration, probably they will︁ came up with a proper UI/UX others will follow and at the same time will︂ teach their users how to use encryption to backup their data (there are wallets finally︃ doing this too but to be honest I think Apple will be the one who︄ finds the easier UI/UX option)... But I don't think this switch will be easy, I︅ feel it's something that will take time because people is not used to this type︆ of restoration scheme
 
Is it possible to brute‍ force a seed, knowing the first 12 words out of 24?
 
probably not at the moment but the point is‍ that this practice (amongst other disadvantages) weakens your security protocol... and for no good reason⁠ with better alternatives available
 
If im not wrong one BIP39 has 2048 words.‍ The words can appear multiple times. So each missing word is 2048 guesses * by⁠ the missing words * by possibilites.

There are seeds that only have 12 words. The⁤ new standard is 24 words.
 
I believe that the SEEDS are secure as they are right now. Some must be‌ paranoid to believe anything else.
 
Status
Not open for further replies.

JohnnyDoe.is is an uncensored discussion forum
focused on free speech,
independent thinking, and controversial ideas.
Everyone is responsible for their own words.

Quick Navigation

Forums

User Menu

Login
Community platform by JohnnyDoe © 2025 JohnnyDoe
Top Bottom