Great video. I recently found a webpage that lists a number of attacks on hard wallets and I was surprised at some of the names in the list such as Trezor, Ledger, and Coldcard. I did notice that stateless devices like seedsigner and krux were not on the list.
Thanks for the video! I was following directions to verify the firmware on Seedsigner’s website and I could get passed the second verification step. But following you video I was finally able to verify the firmware’s checksum. Looks like there is still more than one way to skin a cat!
please help Lately I only find the raspberry pi zero 2w model, but on the seedsigner page they recommend removing the wifi and bluetooh chip could you make a video on how to do that? I have no experience doing those things and I'm afraid of damaging the equipment
Firstly, the wifi components are disabled in the software, so depending on your situation, messing with the hardware may not be a concern. Secondly, you can find some instructions on what to remove here: github.com/DesobedienteTecnologico/rpi_disable_wifi_and_bt_by_hardware
Great video. Thanks for making it clear. Two questions. Getting a Pi Zero v1.1 has been so hard in Australia of late; will everything work the same with the WH model (which has wifi and Bluetooth)? I recognise this opens a potential attack vector. Secondly, can you use a SeedSigner to use as a single sig AND a multi sig device? Does it use the same seed for both types of wallet?
Yes and yes. There are some guides around to disable wifi on the RPi. Basically the same seed phrase can be used for multiple independent single Sig account s, multiple independent multisig accounts all at the same time.
trying to setup a watch only wallter on my computer but i don't have a webcam, there is any way to export the xpub full string instead of a QRcode, so i can type manually?
256 ECDSA private keys used in Bitcoin offer 128 bit key strength, but this assumes that the attacker has the public key. (which is shared when signing a transaction spending funds from a given address) So basically 256 bit is better, though to be clear, 128 bits is enough. That said, the main benefit of a 24 word seed is that the checksum of the seed itself is far stronger. The checksum on a 12 word seed is so weak as to be almost pointless. (eg: swapping two words has a 1/16 chance of still having a valid checksum, whereas swapping two words for a 24 word seed only has a 1/256 chance of a valid checksum)
If I create a seed phrase on the seedsigner device using dice, do I need to boot from Tails and verify in Tails the seed phrase using Ian Coleman’ BIP 39 tool?
Is it possible to check up the veracity of the raspberry pi zero v1.3 that i got from aliexpress? I mean can they put some malicious chip or something like that😂? Thank you.
I generated a seedphrase, and the device displayed a fingerprint, which I wrote down. Then, I added a passphrase, and I noticed the fingerprint changed to a different one, which I also wrote down. Then, I made the seed QR, finalized the creation of the seedphrase with a passphrase, and powered down the device. After turning it back on and scanning the seed QR to restore the wallet, the wallet loaded fine, but I noticed the fingerprint displayed on the device was the first fingerprint and not the fingerprint the device gave me after adding the passphrase. Should the device have displayed the fingerprint corresponding to the wallet with the passphrase?
@@CryptoGuide the seed QR and fingerprint are both based on the seedphrase and passphrase right? And the same seedphrase and same passphrase will always give you the same seed QR and fingerprint, right?
Is it possible to save the (encrypted)seedQR to an (encrypted) USB stick would prefer that. Of course would want to watch the QR via the offline pi only before sweeping it into a softwallet. Possibilities?
Hello, tell me if the seed signer will work without a connected camera? I only need it to generate a seed for my wallets. I'm also interested in the possibility of creating a seed using a coin toss, is there such a function?
It will run but it also gets the entropy from the camera by default. You could just use dice or something to get the words and then have it calculate the last word.
Thank you for the answer, I was wondering if the camera was being polled during the download and if the seedsigner could hang due to its absence during the download.
Great video! How secure is the wallet created on a seedsigner using a picture or by choosing the mnemonic words yourself? I have a Ledger hardware wallet and am very interested in buying a seedsigner device. But I do not have a background in computers and know next to nothing about cryptography. I watched your other video in which you talk about wallets that were hacked because people created the seed phrases for those wallets by rolling dice and they didn’t know what they were doing. That video makes me very nervous about creating a seed phrase on a seedsigner because of my lack of knowledge, so much so that now I am hesitant about buying the seedsigner.
Basically if you are choosing your own words, you want to do something like draw the words from a container that contains all of the possible seeds words, or use a BIP39 diceware sheet (like the ones blockstream recommend here help.blockstream.com/hc/en-us/articles/20177648363545-Create-a-recovery-phrase-using-dice
I was thinking of getting a RPI zero w/out wifi dedicated to all my Bitcoin cold storage stuff (managing multisig quorum, broadcasting transactions, running a node, etc) but they’re out of stock now and the RPI zero w/out wifi has been discontinued. Are there any reputable alternatives *that don’t have wireless connectivity* ? Everything has wifi these days. Purism’s Librem Mini seems like overkill just for managing a multisig quorum where I might only make a couple transactions per year.
I have a problem with my display hat. When I turn it on it emits a white light, 30 seconds later everything starts distorted and the lighting remains white. Is it faulty? Would you help me?
@@CryptoGuide The head is already soldered. But really, I didn't realize at the time of purchase that the resolution came in 128x128, in this case do I have to buy the 240x240 version or is there any way to solve this?
Hi Crypto Guide, I added a comment on an old video -> (BIP39 Passphrase Recovery (Or Hidden Wallet Password, 25th word) For Ledger, Trezor, Keepkey, etc).... Hi Crypto Guide. I have a Trezor1 btc hardware wallet that I have forgotten passphrase for. I was able to get your example working. In order to test my setup I created another hidden wallet on my Trezor and used the passphrase from your example 'youtub' and I created a password file with one password 'RUclips' . It didn't find the password however. Am I missing something? Do I need to download BTC blockchain with a core wallet for your tool to work offline.
You don't need to download anything as long as you have the address and even if you don't have the address, an addressdb is all you need. You can find some other usage examples here btcrecover.readthedocs.io/en/latest/Usage_Examples/basic_password_recoveries/
@@CryptoGuide Hi, I replied to the comment in the other video because that was the relevant video but my reply keeps disappearing. Not sure why. I'll ask again here.... In your documentation for running btcrecover, you mention making a copy of the wallet file into the btcrecover directory. How do I make a copy of my physical Trezor hardware wallet? I have the address and xpub of the wallet.
Thanks very much for the video, how can I link up with you on email or Whatsapp or telegram because I want you to help me figure something out. I will be grateful for your reply
If you are totally stuck you can request a paid private session. They are $100 USD for an hour over zoom/Skype. (Full details, terms and request form are here: cryptoguide.tips/recovery-services-consultations/) If you want to use our paid services (either private session or trusted recovery), you can fill out the form here and we can find a time forms.office.com/r/KEypP0FRvN
As someone who is passionate about rPi and Crypto - this video is AWESOME.. thank u
I suspect there is a decent overlap between Raspberry Pi folk and Crypto folks :)
Great video. I recently found a webpage that lists a number of attacks on hard wallets and I was surprised at some of the names in the list such as Trezor, Ledger, and Coldcard. I did notice that stateless devices like seedsigner and krux were not on the list.
That's mostly due to them both being very new ;)
Thanks for the video! I was following directions to verify the firmware on Seedsigner’s website and I could get passed the second verification step. But following you video I was finally able to verify the firmware’s checksum. Looks like there is still more than one way to skin a cat!
Great, glad it helped
Your videos are really good. Thank you 🙏
Glad it helped
Really exceptional video . Thank you !!
Thanks :)
please help
Lately I only find the raspberry pi zero 2w model, but on the seedsigner page they recommend removing the wifi and bluetooh chip
could you make a video on how to do that?
I have no experience doing those things and I'm afraid of damaging the equipment
Firstly, the wifi components are disabled in the software, so depending on your situation, messing with the hardware may not be a concern. Secondly, you can find some instructions on what to remove here: github.com/DesobedienteTecnologico/rpi_disable_wifi_and_bt_by_hardware
Hi, please help. If I lost the last 2 words out of 12 words in the phantom wallet, can I recover it?
If you have an address from the wallet then two missing words is no problem, just run BTCRecover with all the defaults.
@@CryptoGuide Thank you, do you have a link to this program?
docco is all here btcrecover.readthedocs.io/en/latest/ and I have a bunch of videos relating to it on my channel. (I maintain the tool)
Great video. Thanks for making it clear.
Two questions. Getting a Pi Zero v1.1 has been so hard in Australia of late; will everything work the same with the WH model (which has wifi and Bluetooth)? I recognise this opens a potential attack vector.
Secondly, can you use a SeedSigner to use as a single sig AND a multi sig device? Does it use the same seed for both types of wallet?
Yes and yes. There are some guides around to disable wifi on the RPi. Basically the same seed phrase can be used for multiple independent single Sig account s, multiple independent multisig accounts all at the same time.
@@CryptoGuide that's so handy that the same seed back-up can be used for both single-sig AND Multi-Sig. This is rarely made clear in other videos.
No worries, happy to help :)
trying to setup a watch only wallter on my computer but i don't have a webcam, there is any way to export the xpub full string instead of a QRcode, so i can type manually?
The simplest approach would just be to use a smartphone to read the xpub QR code and then easily send that to whatever system you want.
Who's here after the Ledger firmware update with the recover subscription
I suspect DIY options will get quite a bit of interest due to this move by Ledger...
But don’t private keys only have 128 bits entropy? What’s the point of having a 256 bit seed for a 128 bit private key or am I missing something
256 ECDSA private keys used in Bitcoin offer 128 bit key strength, but this assumes that the attacker has the public key. (which is shared when signing a transaction spending funds from a given address) So basically 256 bit is better, though to be clear, 128 bits is enough.
That said, the main benefit of a 24 word seed is that the checksum of the seed itself is far stronger. The checksum on a 12 word seed is so weak as to be almost pointless. (eg: swapping two words has a 1/16 chance of still having a valid checksum, whereas swapping two words for a 24 word seed only has a 1/256 chance of a valid checksum)
If I create a seed phrase on the seedsigner device using dice, do I need to boot from Tails and verify in Tails the seed phrase using Ian Coleman’ BIP 39 tool?
You could verify it if you like, but this isn't as necessary for something open source like Seedsigner
@@CryptoGuide when you generate a new seed phrase is it possible to generate a seed phrase that was used previously by someone else?
It's possible but the probability of it happening is so infinitely small it's not worth considering as a concern.
Is it possible to check up the veracity of the raspberry pi zero v1.3 that i got from aliexpress? I mean can they put some malicious chip or something like that😂? Thank you.
If it boots Rasbperry Pi OS then it's probably fine
I generated a seedphrase, and the device displayed a fingerprint, which I wrote down. Then, I added a passphrase, and I noticed the fingerprint changed to a different one, which I also wrote down. Then, I made the seed QR, finalized the creation of the seedphrase with a passphrase, and powered down the device. After turning it back on and scanning the seed QR to restore the wallet, the wallet loaded fine, but I noticed the fingerprint displayed on the device was the first fingerprint and not the fingerprint the device gave me after adding the passphrase. Should the device have displayed the fingerprint corresponding to the wallet with the passphrase?
A given seed+passphrase should always yeild the same fingerprint, so I'm guessing you made a typo when you entered the passphrase one of the times.
@@CryptoGuide the seed QR and fingerprint are both based on the seedphrase and passphrase right? And the same seedphrase and same passphrase will always give you the same seed QR and fingerprint, right?
SeedQR is the seed only, you need to re-enter the passphrase every time
@@CryptoGuide thank you for the clarification.
No worries
Is it possible to save the (encrypted)seedQR to an (encrypted) USB stick would prefer that. Of course would want to watch the QR via the offline pi only before sweeping it into a softwallet. Possibilities?
Digital backup is a bad idea, but nothing is stopping you from taking a photo of it and encrypting it.
Hello, tell me if the seed signer will work without a connected camera? I only need it to generate a seed for my wallets. I'm also interested in the possibility of creating a seed using a coin toss, is there such a function?
It will run but it also gets the entropy from the camera by default. You could just use dice or something to get the words and then have it calculate the last word.
Thank you for the answer, I was wondering if the camera was being polled during the download and if the seedsigner could hang due to its absence during the download.
.
Great video! How secure is the wallet created on a seedsigner using a picture or by choosing the mnemonic words yourself? I have a Ledger hardware wallet and am very interested in buying a seedsigner device. But I do not have a background in computers and know next to nothing about cryptography. I watched your other video in which you talk about wallets that were hacked because people created the seed phrases for those wallets by rolling dice and they didn’t know what they were doing. That video makes me very nervous about creating a seed phrase on a seedsigner because of my lack of knowledge, so much so that now I am hesitant about buying the seedsigner.
Basically if you are choosing your own words, you want to do something like draw the words from a container that contains all of the possible seeds words, or use a BIP39 diceware sheet (like the ones blockstream recommend here help.blockstream.com/hc/en-us/articles/20177648363545-Create-a-recovery-phrase-using-dice
@@CryptoGuide what is the most secure way of creating a seed phrase using the seed signer in your opinion?
Probably 99 dice rolls
I was thinking of getting a RPI zero w/out wifi dedicated to all my Bitcoin cold storage stuff (managing multisig quorum, broadcasting transactions, running a node, etc) but they’re out of stock now and the RPI zero w/out wifi has been discontinued. Are there any reputable alternatives *that don’t have wireless connectivity* ? Everything has wifi these days. Purism’s Librem Mini seems like overkill just for managing a multisig quorum where I might only make a couple transactions per year.
Krux
tiny correction raspberry pi zero uses mini hdmi not mini
That's right.
Really interesting! Can I built this project also or other cryptos? Thanks
Seedsigner only supports Bitcoin
I have a problem with my display hat. When I turn it on it emits a white light, 30 seconds later everything starts distorted and the lighting remains white. Is it faulty? Would you help me?
So what kind of raspberry pi are you using?
@@CryptoGuide raspberry pi ZERO W V1.1
Did you solder the header on yourself? Also, are you sure that you have the right hat? (Needs to be the one with 240x240 resolution)
@@CryptoGuide The head is already soldered. But really, I didn't realize at the time of purchase that the resolution came in 128x128, in this case do I have to buy the 240x240 version or is there any way to solve this?
Ah, that is the problem. The solution is to buy the correct hat.
Great video. Do you plan to do one on multisig, too?
As in multisig with a SeedSigner? It certainly lends itself to setting up a multisig HODL wallet. :)
Can I use seed Signer without having to use another wallet?
You will need to use it in conjunction with software like sparrow, but you can use it without other hardware walltes
Fantastic!
Glad it helped
Great review video! Hoping raspberry pi zero and zero2 availability will come back...
At the moment it makes more sense to just get an RPI4, reasonable options show up from time to time here: rpilocator.com/
My rp4 run a node :-)
.
Hi Crypto Guide, I added a comment on an old video -> (BIP39 Passphrase Recovery (Or Hidden Wallet Password, 25th word) For Ledger, Trezor, Keepkey, etc).... Hi Crypto Guide. I have a Trezor1 btc hardware wallet that I have forgotten passphrase for. I was able to get your example working. In order to test my setup I created another hidden wallet on my Trezor and used the passphrase from your example 'youtub' and I created a password file with one password 'RUclips' . It didn't find the password however. Am I missing something? Do I need to download BTC blockchain with a core wallet for your tool to work offline.
You don't need to download anything as long as you have the address and even if you don't have the address, an addressdb is all you need.
You can find some other usage examples here btcrecover.readthedocs.io/en/latest/Usage_Examples/basic_password_recoveries/
@@CryptoGuide Hi, I replied to the comment in the other video because that was the relevant video but my reply keeps disappearing. Not sure why. I'll ask again here.... In your documentation for running btcrecover, you mention making a copy of the wallet file into the btcrecover directory. How do I make a copy of my physical Trezor hardware wallet? I have the address and xpub of the wallet.
Stop using multiple threads, just stick to a single one... There are no wallet files for a seed based wallet recovery.
@@CryptoGuide Really sorry about the multiple threads. I will try the examples that you linked. Thanks so much.
.
Thanks very much for the video, how can I link up with you on email or Whatsapp or telegram because I want you to help me figure something out. I will be grateful for your reply
If you are totally stuck you can request a paid private session. They are $100 USD for an hour over zoom/Skype. (Full details, terms and request form are here: cryptoguide.tips/recovery-services-consultations/)
If you want to use our paid services (either private session or trusted recovery), you can fill out the form here and we can find a time forms.office.com/r/KEypP0FRvN