Protecting Bitcoin and cryptocurrency Keys

PROTECTING
CRYPTOCURRENCY KEYS
DIMITRIS TSAPAKIDIS
@DIMITRIS
LINKEDIN.COM/IN/DIMITRIS
DECEMBER 2022

“THE ONLY MEANINGFUL
ADOPTION METRIC IS PEOPLE
WHO SELF CUSTODY BITCOIN”
@HODLONAUT

AGENDA
• Exchange & custodial threats
• Self-custody threats
• What to protect?
• How to protect?

NOT YOUR KEYS, NOT YOUR COINS
• Custodial wallets can be hacked
• Exchanges might not be solvent
• Bankruptcy takes years and you get cents on your Euro
• Exchanges selling you paper Bitcoin also suppress the price
• Exchanges might ask your for strict KYC and Source of Wealth
documentation
• Having exchanges hold a large % of all Bitcoin is a systemic risk
• Bitcoin is not valuable if it can be confiscated and you need to ask
permission to send it

NOT YOUR KEYS, NOT YOUR COINS
• Use 2 Factor Authentication, without SMS
• Journey from exchange to personal custody
• Learn about sending coins to your personal (non-custodial) wallet
• Learn about sending coins between wallets
• Practice and become confident
• Buy a hardware wallet
• Don’t wait for a bank (exchange) run to start!

BITCOIN KEYS
abandon ability able about
above absent absorb
abstract absurd abuse
access accident account
accuse achieve acid
acoustic acquire across act
action actor actress actual
Mnemonic Seed
Phrase
Public
Private
Bitcoin private keys
Bitcoin receive addresses
0.3BTC 0.5BTC

THREATS
• Theft
• Destruction
• Take them with you to your grave
• Multiparty/Institutional ownership
• Receiving coins on your behalf: web server, teller/waiter
• Privacy
• Low-entropy keys
above absent absorb
accuse achieve acid
Mnemonic Seed
Phrase
Public
Private
0.3BTC 0.5BTC

THREATS
• Dust
• Kidnap/robbery: https://github.com/jlopp/physical-bitcoin-attacks

TOOLS
• Use these tools to protect your coins
• They are building blocks to mix and match like LEGOs

MEMORIZE THE SEED PHRASE
• Useful if you have to walk from Syria to Germany and you have to
swim across the Mediterranean
above absent absorb
accuse achieve acid
Mnemonic Seed
Phrase

CRYPTOSTEEL
• Store your seed phrase
• Protects against fire
• Protects against water
• Split in two: password and
encrypted seed
above absent absorb
accuse achieve acid
Mnemonic Seed
Phrase

GENERATE YOUR OWN SEED PHRASE
https://iancoleman.io/bip39/
above absent absorb
accuse achieve acid
Mnemonic Seed
Phrase

KEYS NEVER EXPOSED
HARDWARE WALLETS
Key generation
Transaction signing
Ledger
Trezor
KeepKey

RISKS OF SOFTWARE WALLETS
• Insecure, general-purpose computing devices
• Seed copied off screen
• Private keys stolen after you unlock your wallet
• Keyboard sniffers or learning/prediction algorithms

VERIFY DESTINATION ADDRESSES
• Are you sending money to
the correct address?
• Computer clipboard can be
altered

ONE ADDRESS PER TRANSACTION
• Wallets automatically
generate new addresses
• Preserve your privacy
• Preserve everyone’s privacy

MOVE KEYS IN PARALLEL
• How to destroy your privacy:
• Bought a shiny new Trezor or Ledger and merged all your keys
into one
• Split your keys for a coin fork and merged all your keys into one
• You could clone keys one by one :) Some software to automate
the process would be great!

DEAD MAN’S SWITCH
• “If something happens to
me” movie line
• Does nothing as long as we
are alive
• Acts when we stop
demonstrating signs of life
• Google’s Inactive Account
Manager
• Test it!

LAST WILL AND TESTAMENT
• Gifting €5,000 vs gifting
€500,000
• So your loved ones can
spend your coins
• Read articles by Pamela
Morgan https://medium.com/
@pamelawjd

SHAMIR’S SECRET SHARING
• Break any secret into X pieces
• At least Y pieces required to reconstruct the secret
• Y<=X
• e.g. 3 out of 5
• https://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing

MULTISIG ADDRESSES
MULTISIGNATURES
2 of 4 keys

MULTISIG USE CASES
• Authorizing payments as a group of people: 2 of 3: CEO, CFO,
Accountant
• Gift your coins to your descendants after you get hit by a bus: 2 of 4:
your phone, your hardware wallet, bank vault, a relative
• Use your coins with untrusted wallets: your phone, your computers,
bank vault. Optionally: go Seedless.
• Use your coins with an offsite wallet: your phone, authenticated
payment provider, bank vault. See https://greenaddress.it
• Payment escrow: 2 of 3: Buyer, Seller, Trusted Escrow Agent. See
https://www.openbazaar.org

MULTISIG WALLETS
• CoPay/Bitpay
• Electrum
• Casa (Seedless)
• Bluewallet
• Sparrow Wallet
• Multisig has extra backup requirements
• You need to backup a copy of everyone’s public key (xpub)

COLD WALLETS
• Private keys only used on an offline computer
• Private keys can be permanently or temporarily stored
• Can sign transactions
• http://docs.electrum.org/en/latest/coldstorage.html
above absent absorb
accuse achieve acid
Mnemonic Seed
Phrase
Public
Private

WATCH-ONLY WALLETS
• Wallets with public addresses only
• Can view balance
• Can generate receive addresses
• Can generate transactions but cannot sign them (cold wallet will
do the signing)
• Can broadcast signed transactions
Public
Private
0.3BTC 0.5BTC

TIERED WALLETS
• Cellphone: spending cash
• Hardware wallet: savings
• Multisig with cold wallets: long term investments

SEED BACKUP & RESTORE
• Restoring a seed might show no or less funds!!!
• Keep in mind derivation paths!
• You can try them all, there are only a few options
• Keep in mind the 20 address gap!
• Your family should also be aware of this

DISTRESS WALLET
• A distress wallet has some coins and looks plausible. You can give
up this wallet
• Offered by Ledger and Trezor

NLOCKTIME TRANSACTIONS
• Sign a transaction with nLockTime into the future e.g. next year
• Give the transaction to recipient
• Move the funds off your address if you are still alive and repeat
• Bitcoin Core wallet is introducing support for such non-standard
transactions

Protecting Bitcoin and cryptocurrency Keys

Recomendados

Recomendados

Más contenido relacionado

Similar a Protecting Bitcoin and cryptocurrency Keys

Similar a Protecting Bitcoin and cryptocurrency Keys (20)

Último

Último (20)

Protecting Bitcoin and cryptocurrency Keys