Reddit Posts
All bip39 words on 2048 limited edition handmade mugs
A Fork of CLN Implemented Eltoo Useful for Channel Factories Available for Testing
Need Help Deriving Extended Private Key from Bitcoin Root Extended Public Key and Non-Hardened Extended Private Key
Is it normal for the majority of your seed words to start with the same letter?
Need Advice with Crypto Wallets - Hardware vs Mobile Wallets
Entropy: only 121 bits (vs 128) on Blockstream Jade using dice rolls?
Backing up and recovering wallet - seed phrases, private keys, extended private keys, eh???
Best method of long-term cold storage for life-changing amounts?
BIP39 misalignment? Mnemonic vs. Decimal vs. Binary seeds
Mining ALL remaining bitcoins in less than two weeks (difficult adjustment)?
How to make a new wallet address with my own selected BIP39 words
Import private keys from BIP39 paper wallet with passphrase
12 word BIP 39 >> Hardware Wallet - What are the options?
Malware and scams I should be on the lookout for
What happens if Bitcoin price gets high enough, such that it becomes necessary to go ahead and take it to the 9th decimal place? Can that be done w/ backward compatible SF, or is a HF req'd? Can someone with knowledge detail the process? Can't seem to find answers on this researching around...
how to manually encrypt your BIP39 seedphrase with an additional cipher?
Can the BitBox02 show a wrong seedphrase (BIP 39 wordlist)?
What if they planted a bug into BIP 382, which makes it possible to increase block rewards?
Enhancing Bitcoin Security: A BIP39-Compatible Vernam Encryption Approach for Safeguarding Recovery Phrases
Stacking has crept up on me and now I need to upgrade my storage
Any open source, encryption based, 3/5 multi factor wallet already available? If not, can this be developed?
Is it a security risk if your wallet’s extended fingerprint (xfp) has been exposed?
FINCEN MegaThread | Do Not Give Them Your Silent Consent | Remember Remember The 5th of November | Support Bitcoin Privacy
Thoughts on BIP 324 and the increased anonymity of using bitcoin.
ELI5 - What if Ledger or Trezor stops working?
Tutorial: How to use normal (non Casino-grade) dice to generate a seedphrase
Bitcoin Is About To Become More Secure With BIP324
This page offers a comprehensive overview of BIP-329, proposed by Craig Raw, creator of Sparrow Wallet. You'll find information about the current status and adoption progress, highlighting the significance of this proposal.
Coinplate has a BIP39 seed phrase recovery tool.
Walk down the memory lane: Blocksize wars and the Bitcoin XT controversy
How Much a Spot Bitcoin ETF Can Affect The Price - The Bad Version
Can one secret phrase (eventually) access any wallet?
Do you know that you don't need hardware wallets for cold storage?
I made a descriptive post of every item that you can purchase using candies from Coingecko so you do not have to look
How CTV (BIP 119) Could Create Channel Factories for Casual Users
BIP-300 biff: Debate reignites over years-old Bitcoin Drivechain proposal
BIP-300 biff: Debate reignites over years-old Bitcoin Drivechain proposal
The WW2 German Enigma cipher machine has 158,962,555,217,826,360,000 different possibilities (nearly 159 quintillion). The BIP39 seed phrase word list contains 2,048 words, so a 12-word crypto seed phrase has about 2 to the power of 132 possible combinations. That’s 2 with 132 zeroes after it.
"NO" | Rejecting BIP300 Drivechains | Featuring Saifedean Ammous | Bitcoin Standard Author
"NO" | By Saifedean Ammous | Two Open Letters Rejecting BIP300 Drivechains | Voiced by FEEeACH
Why Blockonomics endorses DriveChains (BIP300-301)
🔴LIVE | BIP 300 Debate | Drivechain Softfork Dynamics | @BITC0IN
🔴LIVE | BIP 300 Debate | Drivechain Softfork Dynamics | @BITC0IN
Stumbled on BIP-300: a potential game-changer or just buzz?
There are 2048 possible words that comprise your seed phrase and each of these corresponds to a number in the BIP39 list. Reminder that it’s possible to convert the phrase to numbers for seed storage.
Bitcoin Drivechain Proposal (BIP300) Debate
Holding crypto is not likely to get any more convenient, and it is an inherent problem of self-costody.
COLD STORAGE: Comparing the Best Cold Storage Wallets for 2023
Yesterday was my first time encountering the word 'Satoshi' in a seed phrase. Did you know it was in the BIP39 word list?
What's your self-custody strategy? Do you keep a backup hardware wallet on hand?
BIP300/301 and Drivechain talk with Paul Sztorc and Austin E. Alexander
PSA: Severe Libbitcoin Vulnerability. If you used the "bx seed" command to create seeds/private keys, Immediately move related funds to a different secure address.
In theory, instead of creating a new wallet and memorising the seed, can I just choose words that are easy to remember and generate a wallet from that?
Importing BIP-84 key in Electrum giving wrong address
What is a BIP-39 seed phrase -- a few tips for handling your seed words safely
What is a BIP-39 seed phrase -- a few tips for handling your seed words safely
Keeping KYC & Non-KYC utxos in the same Multi-Sig wallet: will there be a way of these utxos being linked?
Mentions
Pool shares using Stratum v1 have complete control over mining, and nearly all Bitcoin miners in mining pools use Stratum v1. 2013 was a temporary hard fork + a soft fork. BIP-123 defines a hard fork as "In a hard fork, structures that were invalid under the old rules become valid under the new rules." v0.8 created transactions that were invalid under 0.7.2; thus it's a hard fork. Bitcoin devs asked 2 of the largest mining pools over the bitcoin-dev IRC channel to 51% attack and reorg the chain back in 2013. The mining pools gave very little warning, and there was even a $10k double-spend on OKPay as a result of the sudden reorg.
I would never give my wife my keys to my BTC, my "ex" wife was more concerned about MY money than anything else, and now im using "ex" for a reason... First thing first, you never leave your main pile of BTC on exchange. Have a cold wallet, i for example have a trezor wallet that support BIP39. Here a step by step on a trezor 5 - Open the trezor suite - create a wallet - select 24 words Write down exactly!!! Correct order, correct spelling, number them 1 to 24 Trezor suite will ask you to renter the words. If ever you fail here: redo. Transfer the same 24 words on metal, yes on metal: engraved! Double check spelling, store paper 📃 temporarily then once the metal version is ok 👍 destroy! Never ever take pictures or screenshot of your seeds!!! NEVER Once you got that, enable the passphrase on trezor. Settings->Device->toggle passphrase ON. Choose a strong passphrase, a sentence that you'll never forget anyway unless Alzheimer. Create a standard wallet. This is your real wallet where you will store your BTC, put only 1000 satoshi on the first one. Now: put your engraved seed words ona safety box. You have the keys, your wife a copy. Passphrase: you got a copy and a backup, you give a copy to your lawyer or whatever person of trust your wife dont know/have access to. If ever someone recover your seed they will see only those 1000 satoshi (it will act as a decoy), its a "fake" wallet you dont really use it. The lawyer should receive a sealed envelope wiht clear instructions on how to recove: not digitized, not emailed, not photographed. 2 sealed copies on 2 different locations. Never give him seed, hardware wallet, pin. You clearly states in your letter thst if only 1000 satoshj appears the passphrase is missing or incorrect. So wife has no passphrase until you die, and the lawyer has no idea of the seed location. Its paramount that you test the recovery once!
I have thought about this. The crucial starting point is to generate seed phrases securely. Best to use entropy that is not linked to any kind of random number generator but uses an analog method, such as rolling dice, or my preferred method, which is picking words from a hat. You literally print all 2048 words from the BIP 39 list and cut them into small individual words and pick them randomly to generate your seed phrase. https://github.com/hatgit/BIP39-wordlist-printable-en After you have a highly secure and analog seed generator, you are now ready to create wallets. My preferred software wallet is the FOSS sparrowwallet.com. My preferred hardware signing device is the do it yourself and FOSS SeedSigner project. With SeedSigner, you can enter 11 words that you picked from the "hat" and it will calculate the 12th as a checsum and then it will guide you through writing by hand a QR code. This QR code is your seed so protect it. With the QR code, you can then scan it with your SeedSigner and then using what’s called a partially signed bitcoin transaction PSBT you can create your wallet with Sparrow and sign transactions. This way, your seed, or private keys, have never entered an Internet connected device. Absolutely air gapped. You backup your 12 words by hammering them onto stainless steel washers using the Blockmit jig for clean strikes. Put them on a bolt and secure it. You can wrap them in paper and coat them with clear fingernail polish for a tamper evident layer. With this set up, you are ready to create extremely secure bitcoin wallets. It’s also very useful for more complex multi-sig wallet set ups that require multiple seeds to sign transactions. Being your own bank requires a deep level of responsibility.
Next level is importing that same seed into a dedicated non-custodial wallet and leaving RH as just an on-ramp. I pulled mine into Gem Wallet after doing a couple of tiny test sends. Same BIP-39 phrase, but now it lives in an app that isn’t tied to a stock broker’s business decisions
Whether you want to create wallet gifts for babies or a secure wallet for yourself, the key is to generate seed phrases securely. My preference is to use entropy that is not linked to any kind of random number generator but uses an analog method, such as rolling dice, or my preferred method, which is picking words from the hat. you literally print all 2048 words from the BIP 39 list and cut them into small individual words and pick them randomly. https://github.com/hatgit/BIP39-wordlist-printable-en After you have a highly secure and analog seed generator, you are now ready to create wallets. My preferred software wallet is Sparrow. My preferred hardware signing device is the do it yourself SeedSigner project. With SeedSigner, you can enter 11 words that you picked from the "hat" and it will calculate the 12th as a checsum and then it will guide you through writing by hand a QR code. This QR code is your seed so protect it. with the QR code, you can then scan it with your SeedSigner and then using what’s called a partially signed bitcoin transaction PSBT you can enter the seed into sparrow and sign transactions. This way, your seed, or private keys, never enterwd an Internet connected device. Absolutely air gapped. With this set up, you are ready to create extremely secure bitcoin wallets for yourself and for important people in your life. It’s also very useful for more complex multi-sig wallet set ups that require multiple seeds to sign transactions. Being your own bank requires a deep level of responsibility. Passing this knowledge to babies, to future generations is an incredibly virtuous thing to do. Best of luck, and let me know how it goes.
Bitcoin adopts BIP-341 (Taproot) style upgrades to include Lamport signatures or other PQC methods. By the time IonQ has 8,000 qubits, the "active" Bitcoin network will likely already be using "Quantum-Safe" addresses.
Your seed phrase is your wallet. Your BIP32 root key is your wallet. You have handed over your wallet to some stranger in multiple ways.
Funny how there are over 30 comments but not a single answer to your question. I'll echo every other post and say you shouldn't be putting your seed anywhere. Now that that's out of the way.. No, the BIP32 root key does not give access to your wallet. Regardless, you should move the coins anyway, assume your seed phrase is compromised. https://rya-sge.github.io/access-denied/2025/03/27/bitcoin-keys-102/ https://bip32.tools/?lang=en
So yeah my seed phrase of 12 words is safe in that site. I'm sure. But what about the BIP32 key? If you or someone tells me that they cannot access my wallet using the BIP32 key, I'm probably safe and can be easy.
>Yes but anyone can create another version of a hard cap supply. Yes. Many have tried. The difference is that Bitcoin is decentralized. Decentralization isn't something you can program in. It's a physical process in the real world. Bitcoin had the advantage of being the first mover and had natural, grassroots decentralization as a result. This process is very difficult to replicate without a centralized entity behind it, thus making the project inherently centralized. Bitcoin's decentralization is a critical component of its value proposition. >BTC will be broken by quantum computing. And a new form of digital currency will need to exist. Bitcoin will be updated to fix the vulnerability. One proposition for how to do so is [BIP360](https://bip360.org/). >So many BTC people said gold is dead. And so many gold people are saying BTC is dead. Neither were right.
I didn't give him my seed phrase, I just have him BIP32 Root key. The only thing I did was put my 12 word seed phrase into bip39mnemonic.com to generate the BIP32 Root key. Is that site safe the bip39mnemonic.com? Because the site has my 12 word seed phrase. The guy only has the BIP32 Root key. My assets are still in my wallet about 50$
I pasted the seed phrase into bip39mnemonic.com & just generated a bip32root key. If bip39mnemonic isn't a safe site, then I can say my wallet is compromised. I just sent the bip32rootkey to the persons software. So the person has my BIP32 Root key. My question is that can he use the bip32rootkey to get to my wallet? No one has access to my 12 word seed phrase, just the root key. The 12 word phrase is just put into the site called bip39mnemonic. Unless that site is not official or has been flagged or something or made by a scammer, then I can say I'm safe. But my concern is that can he access my wallet using BIP32 Root key?? That I'm sure he has.
>Can this BIP32 Root Key be used to get into my wallet? Who cares? The seed phrase you gave him will do that just fine.
Good points. Quantum is a long-horizon risk, but there are active proposals like BIP-360 to enable a post‑quantum migration path. BTC is mostly saved today, yet Lightning usage is growing—public capacity recently hit ~5,606 BTC. MSTR index pressure affects MSTR, not Bitcoin’s core rules.
Good for you. Having your assets in a personal wallet is not bad, and a respected phone app is a lot better than a desktop app. Next step when the amount is uncomfortably large is to move on to use a hard signing device such as Trezor. This completely protects your wallet seed from any electronic hacking, making sure the seed is secure even if your computer or phone is completely hacked. Keep in mind that the wallet seed IS your wallet. You must not ever share this with anyone/anything. Your BIP-39 mnemonic is only used for recovering access to the wallet using another wallet app or signing device If you ever get asked to.provide your seed for whatever reason then RUN AWAY. You are dealing.with scammers trying to steal your crypto. Common attack vectors include - "account validation" - "connecting your wallet to some lucrative service" - "recovering locked funds" Andany other. But they all have in common that they are trying to lure you into giving away the keys to your treasure chest. The seed phrase is NOT used in any such context and the only reason they ask for the seed phrase is to steal your assets.
Ah yes, BRD wallet and their custom HD path. To recover, input your 12 words into BlueWallet, then select custom path, and input “m/0’” into the free text field. Finally, select BIP44 P2PKH, and bosh. Wallet recovered.
Current impact…fairly small, but nonzero. Future impact…I would say will be very large. Even if the community moves forward with the BIP(s) to address it, it will be a slow and probably extremely contentious process.
Hourglass - This BIP describes a new set of spending rules for Bitcoin called "Hourglass." The intent is to impose a throughput restriction on the number of P2PK spends to one per block-- to slow the inflationary impacts of potential quantum attacks on these addresses
Working on it!!! Hourglass is on the table check it out - https://github.com/cryptoquick/bips/blob/hourglass/bip-hourglass.mediawiki This BIP describes a new set of spending rules for Bitcoin called "Hourglass." The intent is to impose a throughput restriction on the number of P2PK spends to one per block-- to slow the inflationary impacts of potential quantum attacks on these addresses
Look up hourglass - best one so far This BIP describes a new set of spending rules for Bitcoin called "Hourglass." The intent is to impose a throughput restriction on the number of P2PK spends to one per block-- to slow the inflationary impacts of potential quantum attacks on these addresses
Yeah, and they can pay fees to move them slowly... Hourglass proposal helps this be orderly - This BIP describes a new set of spending rules for Bitcoin called "Hourglass." The intent is to impose a throughput restriction on the number of P2PK spends to one per block-- to slow the inflationary impacts of potential quantum attacks on these addresses
Hourglass is a good option gaining steam. This BIP describes a new set of spending rules for Bitcoin called "Hourglass." The intent is to impose a throughput restriction on the number of P2PK spends to one per block-- to slow the inflationary impacts of potential quantum attacks on these addresses
Lame - won't happen. Already working on better options like the Hourglass protocol. https://github.com/cryptoquick/bips/blob/hourglass/bip-hourglass.mediawiki "This BIP describes a new set of spending rules for Bitcoin called "Hourglass." The intent is to impose a throughput restriction on the number of P2PK spends to one per block-- to slow the inflationary impacts of potential quantum attacks on these addresses" Simple and good for everyone
Quantum threat is much more a market problem than a practical problem right now. But if AI advances as fast as some suggest, it may be that a quantum computer with sufficient capacity to find private keys will be with us sooner than expected. Supporting an appropriate BIP now is a good idea. Any Bitcoin not moved to a secure address after a certain date should be burned.
There have been BIP’s for ages on fixing quantum issues. It can be done. We just need a way to queue transactions on a layer 2 during the fix. (BIP = Bitcoin Improvement Proposal paper)
Not sure yet. He posted this on X. There is a BIP or two out there. But no where near consensus yet.
That's not true. There are plenty of fundamentals. Network activity, network hashrate, coins in circulation, how many BIP have been implemented and what they changed, node health and software, software concentration of nodes, etc. Plenty of fundamentals they just have nothing to do with watching the price chart (which is what 99% of people do).
quantum computers are real threat to crypto. they are threat to any system that uses public key cryptography. that is a fact and not some FUD gimmick. the good thing is that we have the tools to upgrade blockchains to be quantum-proof. there are already many quantum-resistant algorithms. and there are already proposals to do this, e.g., BIP360 for bitcoin. but it takes time to achieve consensus, make the technical upgrade, and move all coins to quantum-proof addresses. there is a reason why all the other industries (tech, banking, military, telcom, etc) are working on post-quantum cryptography, for example: * **Cloudflare** uses hybrid post-quantum key exchange by default across its network, which handles \~20% of all websites. In October 2025 they announced a huge milestone: the majority of human-initiated traffic with Cloudflare is using post-quantum encryption. (Source: [Cloudflare](https://blog.cloudflare.com/pq-2025/)) * **Apple** added post-quantum encryption to iMessage in 2024. (Source: [Apple](https://security.apple.com/blog/imessage-pq3/)) * **Google** has added PQC to Chrome and Android. (Source: [Google](https://security.googleblog.com/2024/08/post-quantum-cryptography-standards.html)) * **Microsoft** has integrated PQC into Windows, Azure, and Microsoft 365. (Source: [Microsoft](https://www.microsoft.com/en-us/security/blog/2025/08/20/quantum-safe-security-progress-towards-next-generation-cryptography/)) * **IBM** is testing quantum-safe tools for mobile networks. (Source: [IBM](https://www.ibm.com/quantum/quantum-safe)) * **Amazon Web Services (AWS)** offers PQC options for cloud data protection. (Source: [Amazon](https://aws.amazon.com/security/post-quantum-cryptography/)) * **Intel** added PQC support to its software tools in 2025, enabling quantum-safe encryption for cloud applications. (Source: [Intel](https://builders.intel.com/solutionslibrary/accelerate-post-quantum-cryptography-with-intel-crypto-technologies)) It's a technical problem that we can solve if we want to. but if we do not solve it, it's going to be bad times when Q-day comes. When it comes, no one knows. it can be 5, 10, or 25 years from now, but it is pretty certain that it will come.
OP, I don't understand this missing file you're talking about, but most comments, although tainted with negativity, are right. If you did not properly store your private key back in 2018, these bitcoins are gone. That being said, it is unclear to me under what form the private key was in electrum in 2018. Was it a seed phrase like in BIP 39 ? Was is encoded into a file like like wallet.dat in bitcoin core ? Hard to tell. Therefore, what I suggest is for you to download a 2018 old version of electrum on your daily laptop and to try to create a new wallet with it. This way you will probably redo the steps you did back in 2018 with your windows 7 laptop, which will help you understand under what form the private key was encoded. Then only two possibilities : - You indeed saved the private key back then and can therefore access your bitcoins - You didn't save the private key and the bitcoins are forever inaccessible. In that case, just move on and don't dwell on that loss
its just like the internet where it sounds complicated unless you use it. you can just buy it on an exchange and theres these digital wallets you can make from apps or order a cold wallet from a trusted company. They are called BIP-39 wallets and once you make them they give you a 12 word passcode which is important to remember when sending bitcoin to those addresses. any trusted exchange will give you 500 dollars worth of bitcoin which right now is like 450,000 satoshis and theres 100 million satoshis in one bitcoin.
BIP39 wasn't active back then. Good luck finding that 64-digit hexadecimal string!
1) If I remember correctly, the banana split sheets let you break down 24 words into a list such that always 2/3 sheets recover the full seed. 2) What is SeedXOR? 3) Mh, multisig is less convenient because it would require me to travel to 2/3 locations and I'd probably need to buy 2 additional devices to create the signatures? 4) Haven't thought about it. I just followed the recommendation in the video I linked. You're suggesting to roll for words in BIP39 list?
A couple things in no particular order - what is a banana split sheet? - are you aware of SeedXOR? I think it's a better option for what you're doing - if you are this advanced/paranoid, why not do multisig? - why not use BIP39 words for your passphrase?
Been wondering this too honestly. Maybe they're just sticking with what works and don't want to deal with the added complexity of supporting multiple standards? Could also be a security thing where they'd rather focus on perfecting BIP39 implementation instead of spreading resources thin
I‘m long in some of the quantum projects because I think this sector will rocket when the major projects start the Migration process. Spend some time on the BIP360 approach for BTC and it will not be that easy to come to an consensus as several philosophical questions have to be answered (what to do with Satoshis coins?). Nevertheless a lot of bullshit projects out there in the quantum secure area
BIP47 public payment code / PayNym
Yeah, problem is that news like that will keep gaining attention. That's why it would be far better to say there is a BIP that has enough consensus and is being developed. But the topic has been around a long time and people are programmed to fight it rather than address it.
Of course computers can generate keys themselves, but RNG logic is the hardest part to test and verify on a device. That's why generating from dice is so compelling. As long as your dice are reasonably fair, you're a few throws away from making sure nobody's handing you mnemonics from a preselected pool. Takes 15 minutes at most. Plus, you really only need to do this a few times in your life. Using BIP85, you can generate a single master seed, from which you can derive a near-infinity of mnemonics (from which you can derive a near-infinity of wallets)
> so when that company shuts down, then your coin still gone right? So pretty much every modern wallet supports what's called "BIP39". This is a wallet standard which means the wallet generates 12 or 24 random words (the "seed phrase") from a standard list which are in turn used to create your keys & addresses. These words can be used to recover your wallet completely to any compatible device or app. The words need to be carefully written down (some even stamp them into metal plates) and stored securely *offline*. These words are far more important than the device or app itself. When you hear about scammers stealing someone's bitcoin, it's usually by *tricking* them into typing their seed words into a website, or finding a photo of them on a hacked device or account. You need to protect those words at all costs and never reveal them to the multitude of scammers who are trying to fool you with DMs or spam emails.
You can use your recovery phrase with any wallet compatible with BIP39. The 24 word recovery phrase isn't ledger specific, its universal and will backup your wallet if something like that happened, and would be able to transfer your wallet onto another cold wallet. All of this is possible because you hold your own coins, so even if ledger goes bust, you still have the physical copy of your recovery phrase, along with your private keys (the most important part) Now compare that to if an exchange went bust with your coins on it...
This is not entirely true. Adding a password (BIP-38) just adds more entropy to the seed phrases entropy. Even it its leaked, you don't know the HMAC of the first n words anyway. BIP38 phrase can be full random, not like BIP-39, meaning you better back it up or remember it. Can be possible to brute force if you have the seed phrase in a disaster recovery. Also, you can create a "muggers wallet" on the ledger without the BIP-39 passphrase. Put a small amount of coins there, then use the password for the real holding. The attacker still needs the seed phrase (and the device), which wouldn't show anyway.
I disagree with the OP. Adding a password (BIP-38) just adds more entropy to the seed phrases entropy. Even it its leaked, you don't know the HMAC of the first n words anyway. BIP38 phrase can be full random, not like BIP-39, meaning you better back it up or remember it. Can be possible to brute force if you have the seed phrase in a disaster recovery. Also, you can create a "muggers wallet" on the ledger without the BIP-39 passphrase. Put a small amount of coins there, then use the password for the real holdings.
Great project! Bitcoin implementations from scratch are excellent learning tools. For your collective blockchain storage idea, you're essentially describing a form of "pruned nodes" but with distributed responsibility. Check out BIP 157/158 (compact block filters) and "Neutrino" light clients which handle similar challenges of partial blockchain validation. The challenge with your random block storage idea is reliability - how do you ensure enough redundancy for less-accessed blocks? What happens during network partitions? You might want to look into erasure coding techniques from distributed systems. For educational value, absolutely! Your project reminds me of Jimmy Song's approach in "Programming Bitcoin" but with Zig's memory safety benefits. Consider adding explan
Probably chuckle to myself laughing at whoever wrote that on a floppy considering BTC wallet addresses didn't start using seeds until 2012. And to my knowledge the majority (if not all) of the potential Satoshi wallets all used the original bitcoin core wallet format. Seeds didn't come into play until they started using BIP32 & BIP39.
> What would you do if you found this? Probably roll my eyes remembering that the concept of a "seed" in bitcoin did not exist before ~2013 (before the implementation of the [BIP39](https://trezor.io/learn/advanced/standards-proposals/what-is-bip39)), then further remembering that floppy disks became obsolete way before bitcoin was created, and chuck it into the bin, feeling nice and smug about my absolutely useless knowledge of bitcoin trivia.
Maybe I couldn't clarify, but multisig doesn't mean giving your power to others; you can still take care of multiple keys yourself, or share the minority with others to help in case of emergency. Multisig will handle the single point of failure natively with Bitcoin and as it uses the BIP 174, there will be no vendor lock-in! which I think is a MUST.
To be fair, the write-up looks more insane than it actually is. Once you understand UTXOs + coin control and have Sparrow set up, the whole thing is basically: * find the original input address * refill it * spend that one UTXO for the test It’s annoying, but it’s not rocket science. The real shitshow isn’t “Bitcoin in Europe” as such, it’s the combination of: * EU ToFR rules that were written with a **single account = one address** mental model, and * exchanges that bolt on the cheapest possible implementation instead of doing the work to support **HD wallets + self-custody properly**. There are technically clean solutions that don’t require this circus at all: * message signing (signmessage / BIP-322) from **any** address in your HD wallet * or a standard like AOPP / similar, where the exchange gives you a challenge and your wallet signs it once, off-chain If EU-regulated exchanges in 2025 just implemented a proper “Sign message to prove ownership” flow and stopped insisting on “same address Satoshi tests” glued onto HD wallets, this would be a one-click action instead of a tutorial. So yes, this workaround is stupid – but it’s stupid **because** exchanges refuse to implement the technically obvious solution for self-custody users, not because Bitcoin itself can’t handle it.
Not at all. A complete opposite of holding bitcoin on an exchange. Bluewallet is completely open source so anyone can fork their own version. So even if every developer left the project, anyone can pick it up and keep going or create a PurpleWallet as a fork. https://github.com/BlueWallet/BlueWallet The people developing it don't see your keys, they don't have an access to your coin. You're the one having the access. If bluewallet disappeared tomorrow, you can load the keys (your seed words) into Sparrow, electrum, Blockstream Green, or any wallet that supports BIP39 and access your money.
I use Electrum, and it has been a good experience thus far. I am also dumb, so you are in good company. Here is my protocol: 1. I boot to TailsOS (offline/air-gapped) and I start Electrum in volatile memory - that is - when the session is closed all work is lost (zero permanence). 2. Generate a new wallet. I add custom words at this step. I triple-check that the 12 original words, and any custom words that I add, are part of BIP39. Important: Do not say the words aloud, do not attempt to save the words digitally, do not take a photo of the words. Quietly and with care, write your words down in order on a piece of paper and set it aside. 3. Insert a second, empty flash drive. In a notepad, copy and paste the master public key and your first 3 BTC addresses. Save the notepad file to your flash drive. 4. Close the session and shutdown TailsOS. 5. Start your regular, online computer in Win, macOS, or Linux. 6. Download Electrum and make a watch-only wallet using your master public key. 7. Scrutinize the BTC addresses in your watching wallet against the 3 you saved to your notepad. They should match exactly. 8. From your brokerage or a different wallet, send an EXTREMELY small amount of BTC to one of your new addresses and wait for on-chain confirmation. 9. Next, you will send this BTC back to its original source (less transaction fee). Important: Since this is a watch-only wallet, you cannot sign transactions, and thus you cannot send BTC, but you can generate a transaction file. 10. Save this file to your flash drive. 11. Boot to TailsOS (offline/air-gapped), start Electrum in volatile memory (zero permanence), and recover your wallet using your words. NOTE: Because you are not on the internet, you will not see the BTC in your wallet. 12. Import and sign the transaction and export the confirmation file and save it to your flash drive. 13. Close TailsOS. 14. Start your regular, online computer in Win, macOS, or Linux. 15. Start your Electrum watch-only wallet and import the confirmation file. The BTC should now move to its destination. 16. If all goes well, you have just created a cold storage wallet to which you can send BTC at your convenience, but it requires this layer of security to sign any transactions. 17. Go to a hardware store and purchase stainless steel washers and a through-bolt. Also, purchase a metal stamp kit. 18. Because your words are BIP39, you only need to stamp the first 4 letters regardless of word length. 19. Stamp the word and word # to your washers and place them in a safe place. 20. Make a duplicate washer stack. 21. Make an instruction washer which tells your heirs that you used Electrum and a normal BIP wallet will not work.
BIP-39 came in Sept 2013.most probably whoever try to bruteforce anything will try doormant old legacy addresses prior to this date.
It’s possible. If the bitcoin community doesn’t get its act together via BIP360 or something similar before Q-Day, it could very well happen.
Don't "link you in with youtube liars"? When did I say you were a lying youtuber? Weird statement. Anyways. I'm just saying, core hasn't been making any good arguments on why BIP444 is broken by design. To me it was working fine. So not even sure what the point of an upgrade was.
Really? You could've just Googled them because they're well-known incidents. Add the "https" in front of the links: **2010 reorg**: * Google "Bitcoin Value overflow incident" * Google "The Day Someone Created 184 Billion Bitcoin" **2013 reorg** - Also resulted in a known double-spend: * Google "Analyzing the 2013 Bitcoin fork: centralized decision-making saved the day" * Google "Alert: chain fork caused by pre-0.8 clients dealing badly with large blocks" * Google "Bitcoin BIP 0050"
**2010 reorg**: https://en.bitcoin.it/wiki/Value_overflow_incident https://decrypt.co/39750/184-billion-bitcoin-anonymous-creator **2013 reorg** - Also resulted in a known double-spend: https://blog.citp.princeton.edu/2015/07/28/analyzing-the-2013-bitcoin-fork-centralized-decision-making-saved-the-day/ https://bitcointalk.org/index.php?topic=152030 https://en.bitcoin.it/wiki/BIP_0050
Don't link me with youtube liars I see you're ignoring the facts about the proposal, continuing with the hysteria for its own sake. BIP444 is broken by design
It is even easier than others say. With a BIP-39 12-word pass phrase, that 12th word contains 7 bits of entropy plus 4 bits of checksum. Very few of the final word choices will result in a valid checksum, so only those few words will need to be tested. However, as many have pointed out, checking all 2048 possible words would be trivial, anyway. You may as well simplify it and just try them all.
Picking random words from BIP-39 can lead to invalid checksums = no valid wallet/pk. Beside that its not possible to use a word outside of the 2048 wordlist. If you had a valid public key back then, you had a valid mnemonic phrase. You should read into BIP-39 and try the words by bruteforce if only 1 word is missing.
Maybe in that time I selected 11 random words from BIP39 and added my own passphrase, but using any different of BIP39?
No, BIP-39 wordlist is a standard. There are 2048 words. If you know the position of the missing word you just have 2048 different combinations. Try them all using a brute force algorithm (easy, let chatgpt write that python script) and you got your keys within a seconds.
Is it a standard BIP39 seed phrase (2048 word list) or an early Electrum V1 which used a 1626 word list?
There was a BIP for that already (soft fork to fix the price at 50k): https://github.com/luke-jr/bips/blob/softfork_50k/bip-softfork-50k-price.mediawiki
Did someone upload the Nelson Mandela JPEG to the blockchain due to the size increase? No, it was added in 2013 Did someone upload the Mr Burns JPEG to the blockchain due to the size increase? No, it was added in 2017 Did someone upload the tankman JPEG to the blockchain due to the size increase? No, it was added in 2017 Does BIP444 prevent the addition of arbitrary data to the Bitcoin blockchain? No it does not It doesn't even block the three methods used for the three examples listed above Also, the V30 modification doesn't increase the size of anything. Bitcoin consensus has never limited OP_RETURN sizes > everything I've been reading You obviously avoided reading the debate in the Bitcoin developer mailing list, and completely bought into the manipulative hysteria
From what I know about the topic quantum computing is well known to be coming, so there are already people working on a solution. Someone told me about BIP360
First, ignore DMs. The moment you wrote "I am a noob" you made yourself a target for the dozens of scammers who'll be trying to direct you to their fake platform/wallet/exchange. In terms of wallets, anything in the wiki/faq here or over on /r/BitcoinBeginners is likely a safe bet. I use a hardware wallet (Trezor) so I'm afraid I have no recommendations. Good call to look for BIP39 support, which is still the most widely supported standard. In terms of exchanges, I've always used Kraken. Reasonable fees. Great customer support, but the best choice may depend on your country. Again though, stick to those listed in the wiki/faqs. Any legit exchange will let you withdraw (send) to any legit wallet, so all you need to supply is a receive address, generated by your wallet. No need to "link" your wallet. Some countries may impose extra conditions due to money laundering / KYC rules though.
BIP39 mnemonic seed phrases cannot be arbitrary "items." The seed phrase is explicitly words from a 2048 word list. 12, 24 or potentially another number of words. There is also a checksum as part of the last word, so randomly choosing 12 words from the list has only like a 1-in-1-million chance of being a valid seed word set.
BIP-39 was created in 2013 - years after these emails.
*From Trezor Team-* Hello r/cryptocurrency Trezor has been building key innovations since Bitcoin’s early days - you might know our team for inventing the first hardware wallet and creating the BIP39 seed-phrase standard. For this AMA, our CTO, Tomáš Sušánka, will be here to talk about Trezor Safe 7 - our recently launched new model - share insights from development, and answer your questions. If you’re curious about the future of self-custody, this AMA is for you. **What this AMA will cover** **🔐 Trezor Safe 7: our next-generation hardware wallet** TS7 marks the biggest leap forward in the Trezor lineup since our very first device. It brings security, premium materials, and a modern user experience together in one device. **🛡️ Security, explained openly** We’ll break down the security principles behind TS7 - and Trezor wallets in general - including: * How the dual secure-element architecture works, combining the open and auditable TROPIC01 chip with the certified OPTIGA Trust M * What “quantum-ready” means in practice and what users should expect from it * How wireless features & Bluetooth are secured * How Trezor devices handle seed generation, backup & recovery * How open-source firmware supports verifiable security **📌 Other topics we’re excited to discuss** * TS7 shipping timelines & what updates are coming next * Where we see self-custody hardware heading in 2026+ * What our team is working on right now and what new features our customers can expect in the near future **Our CTO, Tomáš Sušánka:** u/tsusanka
Ah, sounds like what you type in to access the 'inner' wallets ***are*** BIP39 passphrases (25th seed words), meaning that if you forget those, the main wallet seed isn't going to recover anything for you 🤔 It's a dangerous game! 😜
This "system" can't destroy your money "at a whim". To destroy somebody coins you must create BIP which proposes to destroy somebody coins and have 50+% miners to accept this BIP. It's extremely hard since miners really don't like to acxept BIPs. Remember that miners money depends on atability of vitcoin and public trust in bitcoin.
many in this sub dont even know about Lightning Network or Liquid Network and many don't even know that Bitcoin is infinitely divisible (lightning network already works with millisatoshi) People think they understand Bitcoin, but they dont even get 17% of the tech, or what a BIP is.
Not sure where you heard that private key cracking algorithm can be reduced to 128 bits. Not saying it's not true as some weird math shortcuts may exist that I'm not aware of, but traditionally old types of addresses use 160 bits (due to RIPEMD160 used to hash public key), while taproot addresses use up to 255 bits (due to two private keys being valid for each xonly public key). For BIP39, you can choose 12, 15, 18, 21 or 24 words, but no idea if your wallet supports all these lengths.
Good example, that 24 word sequence is invalid despite using words from the BIP 39 list. A wallet will reject it as invalid if you tried to import it. For a 24 word phrase to be truly valid, the first 23 words determine the precise mathematical value of the 24th word. You must rely on something like a wallet to generate a truly random and valid seed phrase, as human selection is neither secure nor truly random.
You need to use words from BIP-39 list, not just any word, even if you picked from the list (which isn't recommended) it wouldnt pass the last work checksum. For a distributed key, without a single point of failure, the best is shamir's secret sharing or multi sig
Everyone here is confusing pass phrase and seed phrase. Great question! Here's a clear breakdown of the difference between a seed phrase and a passphrase in the context of cryptocurrency wallets and digital security: --- 🌱 Seed Phrase (Recovery Phrase) - Definition: A sequence of 12, 18, or 24 words generated by your wallet that represents your private key. - Purpose: Used to recover your wallet and access your funds if your device is lost or damaged. - Example: gravity trophy banana sunset mirror canyon ... - Security Role: Anyone with your seed phrase can fully control your wallet. - Standard: Follows the BIP39 standard (used by most wallets). - Storage Advice: Must be stored offline and securely (e.g., written on paper, stored in a fireproof safe). --- 🔐 Passphrase (Wallet Extension or 25th Word) - Definition: An optional extra word or string added to your seed phrase to create a different wallet. - Purpose: Adds an extra layer of security—like a password for your seed phrase. - Example: correcthorsebatterystaple - Security Role: Without the correct passphrase, the seed phrase alone won’t unlock the wallet. - Standard: Also supported by BIP39-compatible wallets. - Storage Advice: Must be remembered or stored securely—losing it means losing access to the wallet. --- 🧠 Analogy Think of the seed phrase as the key to a vault, and the passphrase as the combination to open a hidden compartment inside that vault. Both are critical if you're using the passphrase feature.
It is possible to pick 24 random words from the BIP39 list in a wallet and access someone’s $10B bitcoin wallet. But you are billions of times more likely to find a winning powerball ticket on the ground and get struck by lightning while picking it up and wake up to Sydney Sweeney giving you mouth to mouth resuscitation.
Old news. Already discussed here in several threads three weeks ago BIP-444 isn't going to happen
tldr; The release of Bitcoin Core v30, which removed the spam filter limiting non-monetary data size per block, has reignited a debate among developers about Bitcoin's purpose. Proponents argue the change resists censorship, while opponents claim it risks legal issues and undermines Bitcoin's monetary focus. A soft fork proposal, BIP-444, suggests banning non-monetary data for a year to address these concerns. The debate has divided the community, with accusations of censorship and threats to Bitcoin's neutrality and financial freedom. *This summary is auto generated by a bot and not meant to replace reading the original article. As always, DYOR.
Really? \`\`\` 6. replaceable (boolean, optional, default=wallet default) Signal that this transaction can be replaced by a transaction (BIP 125) \`\`\` Do not signal RBF125, the damn thing is a double-spend at heart. The feature is rubbish and should have never made it into upstream. Use a decent static fee and off you go.
People aren't going to be surprised because hardly anyone was naive enough to fall for BIP 444. It might be a surprise for whatever sheep got conned into falling for it. BIP 444 is an attack on Bitcoin and it will fail. If you honestly believe it will happen on Bitcoin and be successful, then you can literally bet your BTC on it right now and you'll multiply your BTC by 625 times if you're right: https://beta.predyx.com/market/will-the-reduce-data-temporary-soft-fork-be-consensus-enforced-on-the-most-work-bitcoin-chain-tip-by-march-1st-2026-1762275376 BIP 444 has already been proven to be ineffective as someone has already put the proposal’s entire text into a transaction on the blockchain while complying with the proposed specification of BIP 444. But let's just pretend that it wasn't already proven to be ineffective. How would BIP 444 work without turning on auto-updates so that your node knows when to invalidate specific blocks? And what centralized entity would get to push those updates yet? The same guy that created the BIP and this propaganda campaign? I guess he could personally monitor the chain and decide which transactions are ok and which aren't. If BIP 444 is activated, then the speedy activation would happen as soon as the first block containing content the centralized auditor doesn't like is found and they will rollback the chain to that starting point. That will cause a chain split and the new altcoin will now be created and have its own blockchain separate from Bitcoin. What is unknown is whether they will keep rolling back the chain again every time someone gets around the new rules and embeds content they don't like in a seemingly compliant transaction. Are chain rollbacks and block reorgs really something that you're interested in? The person that created BIP 444 and started this whole propaganda campaign is basically the Roger Ver and Craig Wright of this cycle. They have been using both Roger Ver's and Craig Wright's playbook. They are doing this to promote their failed company and to try to build support for their future altcoin (if they have the balls to actually go through with it), but they might not ever go through with it because they have hardly any support. By the way, illegal content already exists on the blockchain and it has for years.
LOL thanks for the comics. I do not have ANY problem finding my addresses now that I know in detail what does it means P2WPKH, P2SH, P2PKH, Purpose Coin type Account Receiving or change Index BIIP32/44/49/84/86/141, Entropy, BIP39, Checksum, Seed, Bech32, PBKDF2-HMAC-SHA512 (Password; Salt; Iterations; dkLen), HMAC(Password;m) =SHA-512((K′⊕opad) ∣∣ SHA-512((K′⊕ipad) ∣∣ m)), IL, IR, xprv, xpub, zpub, RIPEMD160, base58, digest, Witness program, etc etc. It is just that I find very strange that I had to build my own tool for calculating and printing all this, i want just to keep a simple paper wallet, no hardware wallets BS. I made the following tentatives : 1) Excel -> no way (it does not have built-in crypto hash functions, too complicated with VBA/Python outer call) But it was useful as a learning experiment. 2) Python -> do you really want me to learn another programming language? Even with chatGPT help it is too complicated to get there. 3) Html by Ian Coleman : even for the version offline I do not trust code with fetch() - network requests , document.cookie, Long Base64-like strings, XMLHttpRequest - classic XHR snippet, sorry. 4) [learnmeabitcoin.com](http://learnmeabitcoin.com) same as above, call me paranoic At the end i just resigned myself to copy and paste by hand all the values to a txt file and print it offline for each wallet - password, mnemonic, script, path, seed, xpriv, address, key of the address, etc. For the wallet apps there is less and less options : Exchange -> not your keys not you coins Exodus -> closed source so no (BTW it creates one BIP44, one BIP84 and one BIP86 address and then decides by itself which one use as receiving/change). So pratically only Electrum, but if you want all your address (BIP44, BIP84, BIP49) you need different wallets (only one script type per wallet? WTF). Even if there is no official organisation, still complicated standards have been negociated and approved, so why not a simple wallet derivation tool? I mean how "normal" people who does not want to engage with all this complicated mess can trust this system?
Your confusion is understandable, but your concern is overstated. There are plenty of tools right now to recover fund visibility (derivation path issues do not cause your funds to be lost, but in the vast majority of cases, merely temporarily unseen). Standards exist. The ecosystem is moving towards descriptors documented in BIP 380/388. Some wallets scan multiple derivation paths, and there are tools like btcrecover that help. Bottom line is that even if you lose your XPUBs, as long as you have your private key (your seed phrase), your funds are secure.
Great video, mate. If I had to nitpick, it would the the 21 million mentioned at around 7:45. It's slightly less than 21 million - 20,999,999.9769. This represents the theoretical upper limit, assuming flawless operations where **miners collect all rewards without errors** or anything else. Here are some examples from the past. The coins created in the genesis block cannot be spent. That's ₿50 down right there. This leaves us with 20999949.9769 BTC. Due to an early problem in Bitcoin, fixed by BIP30, it was possible to create a coinbase transaction identical to a previous coinbase. This caused the coins created by that older coinbase to be irreversibly "overwritten". This happened in block 91842 (overwriting the coinbase of block 91812) and 91880 (overwriting the coinbase of block 91722). **Each time, 50 BTC was lost**. This leaves us with 20999849.9769 BTC. The protocol rules allow creating up to the amounts listed above. Due to various bugs and miners experimenting with code, some blocks claim less than allowed. Those coins can never be recovered. Block 124724 tried to intentionally claim 0.00000001 BTC less than allowed, but accidentally also failed to claim the fees, losing 0.01000001 BTC. Between block 162705 and block 169899, 193 blocks claimed less than allowed due to a bug, resulting in a total loss of 9.66184623 BTC. Between block 180324 and block 249185, another 836 blocks claimed less than allowed, resulting in a total loss of 0.52584193 BTC. Block 501726 had no transaction outputs (except a 0-value commitment), losing the entire 12.5 BTC subsidy. Block 526591 didn't claim half of the block reward, losing 6.25 BTC. This leaves us with 20999821.02921183 BTC. Since a few years ago, there is a concept of provably unspendable coins. Coins can be sent to an "address" which provably burns them (using OP_RETURN). Bitcoin Core tracks these and removes them from its database, so they are easily accounted for. At least 3.71612692 BTC were burned this way. ... on top of that, various wallets have been lost, people forgot they owned bitcoin or just thrown away backups with small (at that time) amount of sats. Some of my sats are there too, I'm sure there are thousands of people like me. Perhaps this could be a good idea for your next video...
I think most of us are dyeing the BIP.
In addition to that, gold is truly trustless. Creating gold requires unrealistic energy, and it cannot be forked. You can bring more gold from underground or even from space, thus creating gold inflation, but what's mine is still mine. On the other hand, bitcoin relies on consensus, i.e. trusting the majority of the community do good. E.g. I saw someone posted yesterday that suggested to confisticate bitcoins not moving for 25 years. And if I remember correctly, there's also a BIP that wants to confisticate bitcoins in non-quantum-safe wallets. And who knows how many fancy reasons people will bring up in the future? If any of them pass, my bitcoin may be gone.
There is even a standard how to generate infinite amount if new bip-39 seed phrases from a single seed. See BIP 85.
I'm against BIP-444. No one gives a shit for compressed 1990's looking thumbnail illegal image. Going down the road of restricting OP_Return is against BTC purpose.
Not at all. A) it does not affect the bitcoin protocol at all B) it is a strong method of storing your HD wallet seed offline C) It is completely open with multiple independent implementations available D) Just like BIP-39 it layers ontop of BIP-32. It is only a different method of building the BIP-32 wallet master seed. The cryptographic hashing in SLIP-39 deriving the wallet seed from the entropy + passphrase is as sound as that of BIP-39, just slightly different. The mnemonic encoding in SLIP-39 is stronger than what is used in BIP-39, with less risk of mistaken words. And leaves no room for interpretation with a single word list and a bidirectional mapping of entropy<=>mnemonic. Malformed SLIP-39 mnemonics are by definition invalid, unlike BIP-39 where the seed mnemonic of the wallet may technically be any free text string not constrained to the word list or format. The drawbacks compared to BIP-39 A) Somewhat longer seed mnemonic phrase B) Some wallets do not let the user easily select the use of more than 128 bits entropy. (20 words mnemonic). This said 128 bits of.entropy is plenty, and SLIP-39 does support up to 256 bits.
Around 6 Million Bitcoin are vulnerable (estimation Hunter Beast mentioned in a talk on BIP360)
Think the problem is that a hard fork will take like 3y (estimation by Hunter Beast who is driving the discussion with BIP360 in the BTC community), looking at the current developments on the quantum roadmaps of the Major Players I‘m afraid that we‘ll wake with a big announcement by Ionq, Alphabet, IBM or whatever telling us they will have 2k logical qbits in a year away. In that case BTC will Crash heavily, that’s why I would appreciate of we would take this topic more serious
BIP-360 is good, answers all organizational questions but leaves open field for any technical solution.
Create a truly RANDOM seed with high entropy (research this, like rolling a die 128 times) & open source software. Write the seed down ONLY on paper / steel. NEVER digitally!! Make a small test transaction. Wipe the device (assuming this is a hardware wallet) & put your seed in. If you see your test transaction, then YOU'RE GOOD. Next steps are to use a BIP-38 passphrase (not a PIN) to generate a NEW wallet, based off that seed. Store your funds in that NEW wallet, and then stamp/engrave your seed into 2 or 3 stainless steel plates, stored in various locations. Let your family know where the seed plate(s) are... but come up with a dead man's switch that gives them a treasure map to where the passphrase & other personal passwords might be.
Oh okay thanks again. I went with this setup since I would be running my own node and trying to keep everything under my own control and the tutorial I followed seemed to be perfect for this. I just started to think if something bad happened to my computer and I had to use the backup of my bitcoin core wallet to get my funds back I wanted to make sure it would work. Or if my sparrow wallet would be the only way to recover (which it does sound like now) Thanks for the help again! Makes me feel better knowing that as long as I have the seed phrase for sparrow wallet then I will be able to recover it within any BIP39 wallet system
I only skimmed through the video but I think I understand the scenario. In this case, your wallet is only backed up in Sparrow. Bitcoin Core is **not** your wallet, it only serves as a tool to interact with the Bitcoin blockchain. You don't need to back anything up in Bitcoin Core. You can recover your backup with other wallets than Sparrow (any wallet that supports the BIP39 standard), but not with Bitcoin Core itself (because it uses a different standard).
I also think it’s not a major risk, but assume we should take this a little Bit more serious than most of the folks do today - I‘m watching the discussion on BIP360 and they are Talking about a 3y duration to implement it. Don’t think we are close to a quantum threat in a 3-5y period from now but we have to start now
Thank you for a discussion, this is what we're all here for, all good. House fires happen more often than wrench attacks. On average, 350,000 homes are on fire per year, a house fire is more of a liability than a wrench attach in my opinion. Of course depending on temperature, titanium metal is a better option. Seed memorisation. i don't trust my brain to remember 24 words, this would give me anxiety on a daily basis. This is without any black swan events like a concussion or amnesia or something. With respect, paper and my brain are a liability. How hard is it to hide a little chunk of metal? Check out this smaller solution with 'Microseed' where everything in one titanium washer. (Let's say you have flee and get through an airport) Can be easily magnetised to the underside of your watch, put on a necklace or magnetised to your belt buckle. Here: [https://postimg.cc/jwvKHDhP](https://postimg.cc/jwvKHDhP) If I have to flee a country in a hurry, yes, maybe put in onto paper in that short temporary scenario, soon as I'm safe, i'm putting it onto metal for peace of mind. Thank you for your input, gonna take a look at BIP39
“People like me” There is a difference between refusing to learn and not knowing something that exists. Calm down friend. We’re not in a war. Microseed is a smaller way to put it on one singular washer. Still way better than your paper suggestion. The fact you advise paper only makes me think your advice is not credible And no. I don’t have a safe. I think it’s better to stash it somewhere rather than make the safe a prime target. Can add a decoy stack in there to thwart off the attack I will google what BIP39 in the meantime, thanks. But can still be amicable.
Splitting seed is not a good idea. Do not DIY your security, use standards. Use passphrase, multi-sig, SLIP-39, BIP-85, plenty of options with different trade offs. Just do not split your seed. Also consider a standard scenario requires to protect you from 3 events: \- accidental loss -> fool-proof \- theft -> secure \- inheritance -> accessible Ah, and do not rely on your memory, ever.
Some downsides of seed splitting: 1. Reduced entropy / weakened security Splitting a full‐mnemonic into parts generally means each part contains fewer words. That reduces the brute‐force resistance dramatically. For example, Andreas Antonopoulos states splitting a 24‐word seed into parts can reduce security from ~256-bit to ~80-bit equivalent. Also, if the split part includes the checksum word it further weakens the scheme. 2. Loss of standard interoperability The mnemonic format (e.g., BIP-39) expects the full phrase. Splitting it manually is non-standard and may not be recoverable by standard wallets without reconstruction. Antonopoulos warns against DIY splitting schemes. 3. Increased operational complexity and risk of loss • If you split into N parts and require K parts to recover, you have multiple physical locations or storage units. More items to track means more points of failure. • If you lose enough pieces (below threshold K) you lose access permanently. Some split schemes reduce resilience. • For day-to-day spending or emergency recovery you may need to gather multiple pieces from separate locations—makes quick recovery harder. 4. False sense of increased security Users may believe splitting gives stronger protection, but without a proper cryptographic scheme like SLIP‑39 (Shamir’s Secret Sharing for wallets) the splitting is insecure and fragile. Antonopoulos says: “If you’re doing splitting you should use a standard such as SLIP-39.” 5. Estate planning/inheritance risk For heirs or future recovery: multiple pieces mean multiple responsible locations or persons. More complexity means more chance something goes wrong (lost key-holder, disaster at location, etc.). 6. Single point of failure remains / new points introduced Splitting often results in a scheme where you rely on “both secrets” (or multiple parts) which introduces new single points of failure (if any part is lost) and doesn’t eliminate the attack surface properly.
The discrepancy is obvious. A crypto wallet is self-contained, like a physical wallet full of cash banknotes. You're solely responsible for securing it. There's no crypto help desk to recover or change your seed phrase for you It's also obvious that online banking as described is horrendously insecure. It used to be that bad. Now there's a lot of 2FA, and in the phone apps, there's a hidden layer of asymmetrical cryptography used for authentication Of course, there are also phishing techniques which compromise 2FA, so make sure your banking password isn't the same as your gmail password, or don't use email 2FA. Also, "SIM swapping" can be used to compromise SMS 2FA, so don't use that either Don't split your seed phrase If you want to split your security, append a BIP39 passphrase to your seed phrase For example: https://trezor.io/guides/backups-recovery/advanced-wallets/what-is-a-passphrase