WARNING: There are a number of scammers who are using my image and channel name to try to connect with my viewers on WhatsApp and other platforms to scam them. Just so you know, I will never refer you to "my personal trader" or try to connect with you personally to sell you something. I am trying to ban these scammers as quickly as they pop up. You can always recognize a scammer by clicking on the image and seeing how many videos he has. All of these guys have zero videos, while I have hundreds. I also now have a checkmark next to my name, so that you can distinguish the real Bitcoin University from the imposters. Follow me on Twitter @mattkratter
I have watched all of your BTC and economics videos (except the trading ones) Detailed videos are good - occasional short ones are good also but the real value is packed in the longer ones (10-20ish mins)
Hi Matt! While I think multi-sig is probably the most safest, the only thing I see as a problem is that yes true bitcoiners will do all they can to protect their wealth and will go to the extreme of learning how to do this but if that person passes away, you would want to leave your loved ones with the easiest way to access the bitcoins .While you may be the most technical savvy person in the family others may not be or may not share the same technological knowledge, experiences and interest as you. So this will undoubtedly make it difficult and frustrated for your love ones! I do say make it simple but secure. Thanks!!
I have the same problem I am the only one able to manage a multi sig in my family. i think some solutions will come in the future. A good solution would be to be able to send your bitcoin to a specific adress at a given time in the future if you dont cancel the order, meaning if you are dead. So you would just have to give one hardware wallet to someone of your family (with zero btc) and in ten years the bitcoins would be automatically transferred if the order is not canceled. I know that blocktream is developing something called mini script. I hope someone will make it possible and user friendly at some point.
@@ludoludo4334 Nunchuck IO has an inheritance plan that fits your need. Only one issue is that their subscript is expensive. Maybe I'll teach my wife and kid how to do it.
Perhaps put several 'stepping stones' in place, each of which alert your phone/email etc that they've been 'stepped on' and would give you plenty of time to sweep your funds / prevent access to the next 'stepping stone'.
While it’s better to just set it up, just the fact multi sig exists is a good deterrent to “hammer attacks”, or any threat against your personal safety. “Sorry, I can’t give you my pass phrase there’s a second factor stored in Switzerland” - might be enough to fool a robber
@matthew - could governments / sophisticated entities verify on chain if your address requires multi sig? I’d guess detainment by a corrupt government would be a form of hammer attack this white lie wouldn’t cover
Thank you as always Matthew. If I may add, as per a cyber security friend of mine who advised me, as another layer of protection for the hardware wallet..order a "faraday cage" bag to protect it from EMP and then place it in a Ziploc with desiccant to prevent moisture...then inside of a portable fire proof bag..then place in a safe, if possible...
Yes, this is all good advice, but you'll still be fine if you have your recovery seed and your hardware wallet has been destroyed by the EMP. You'll just need a new hardware wallet to load your recovery seed onto.
Keeping your hardware wallet in a typical steel safe with a dehumidifier will accomplish all that too. If you have a safe with power and ethernet inside, you can also store your entire full node in there as well.
A 6 mm thick Aluminium sheet with the PRIVATE KEY stamped into it using numbers and letter uppercase and lowercase then dropped into a 6 metre deep 75mm diameter hole and buried that deep a metal detector can detect it then dig it up when the PARTY starts.
A passphrase protected wallet (with 0 on your default wallet) seems to be best for me. That way you would not worry about someone getting your seed as much. A strong passphrase kept only in your head is secure. But I understand why you as a public figure would use multisig. You can also apply an algorithm to the seed words and store them that way.
Keep a little on the base seed as well. It makes a great "canary in the coal mine". If those funds move, you know the wallet is compromised, and it's time to move to a new seed. Also, I would not only keep the passphrase in your head. Accidents happen and if you forget or die, those funds are gone. You can store the passphrase anywhere you choose, just never with the seed. Even digital storage of the passphrase is fine.
I like the passphrase approach for many. However, I suggest you plan for your own death. A passphrase stored exclusively in your head makes the bitcoin death tied to your own. There’s many options, but here’s a couple to consider: Option 1 (preferred option): save your passphrase on your coldcard SD card but keep this SD card at a different location (with a friend or sibling). The friend/sibling cannot access the bitcoin (no seed) nor can they even view the passphrase (it’s encrypted and is not readable without YOUR cold card). Manually save XFP and any other important non-confidential data on the sd card in a text file. Option 2: create your own cypher. Write the secret (a = t, b = u, or a = 16, b = 08, etc.) and store it securely in your possession. Encrypt the passphrase with your cypher and write it on a piece of paper. Put that paper in a fireproof envelope. Also include XFP and any necessary directions for recovering your wallet. Give that firesafe envelope to a trusted person (friend/family member). You can put security stickers on as well to check for tampering/opening. Other considerations: it may be wise to have your wallet recoverable my multiple people to protect against cooccurring deaths. Every strategy has trade offs. Each person must consider their own situation and think about how to best protect themselves from many potential attack vectors, especially accidental loss.
@@Silarous yeah, I'm an old boomer so I have bequeathed them already. To bequeath them, you have to trust someone, so I have trusted a relative. Even if someone got my seed somehow, they could search until the end of time and never get to my passphrase protected wallet. There are 10**197 possibilities, an unimaginably large number.
@@krob1957 sounds like you got your bases covered. Nothing wrong with being an old boomer! Glad to see you on board. I'd also add, having some BTC on the base seed can help protect you from the $5 wrench attack. If someone physically forces you to give up your seed, they _may_ be satisfied with what you have there and not press any further. This is all hypothetical of course and most likely not something you'll have to encounter. Just things to consider.
FYI you can restore a multisig wallet if you have all 3 seeds or whatever your scheme is; You dont need to have the wallet restore file. Another neat way of doing this is using something like bip 85 child seeds to derive the seeds for the multi sig, that way you only have to secure the main parent seed.
This is a lurker golden comment. Thanks, James! I think you're right. I thought all you needed to reconstitute the wallet and re-gain access to your funds was the required minimum number of seeds (like two of three). If not, and you also need other wallet information or a separate file, this is very risky because many people will JUST record the seeds thinking that's all we need. That's how many lost access to their Bisq wallets. They had ONLY seeds, not wallet file...
Awesome video Matt! I was literally raising these concerns to the Casa guy (just researching, I know they support ETH 🤦🏽♂️) but he didn’t seem to understand these nuances in detail. I’ll either go with Unchained or try myself with a very small test amount. Perfectly timed video 👍🏽
can you do a video on comparing the upcoming Tangem Hardware wallet to coldcard, and thoughts on the ledger scandal if people should be worried about that. Thanks for videos!!
Ledger is not a true cold wallet if they can siphon off the keys… they admitted this was possible just a few months ago. I personally am in the process of moving my funds off them and just keep them just for smaller amounts.
I love your videos. I am on a binge of watching all of them . Could you maybe talk about hyperbitcoinization and what a hyperbitcoinized world looks like ? How long do you think would it take till we get there? Keep up the great work
I very much agree with this André. Multisig is great for businesses, but there is no chance in hell I can explain Multisig to my wife, parents or children (within the next 15 years) in order for them to excess my coins in case anything happens.
@@aussieman8738a hardware wallet can fail like any other electronic device, especially over a long time… I would explain to them at the minimum how secure a single sig (with pass phrase). It’s mathematically possible to do a 2/3 Shimire Secret Sharing (SSS) for a 24 word set up. Each “share” can be split between 1 family member, yourself and a safety deposit box or a lawyer or someone you trust.
As my BTC grows, I’m feeling increasingly uneasy about single sig. What if the cleaning lady or contractor stumbles upon my 24 words? That’s it! Or what if Coldcard somehow does have a backdoor to my words? Or what if a virus is somehow able to jump into my CC are steal my seed? I no longer feel ok about having that single point of failure. Multi sig makes your wallet bullet proof to these risks.
You're he best in the business, Matt. I guess we should just start saying "Ditto". And that would be ANOTHER great honor (which some age demographics will not get) since not all broadcasters deserve "Ditto".
Why aren't we talking a bit more about passphrase? It seems to me like the benefits of single sig with some benefits of multisig where there is no single point of failure? What do you think?
Thanks for the forecast! I have a quick question: I have a SafePal wallet with USDT, and I have the seed phrase. (alarm fetch churn bridge exercise tape speak race clerk couch crater letter). How should I go about transferring them to Binance?
Would you recommend keeping a copy of that scrip with each of the 3 seed phrases? (in a 2 of 3) I assume all 3 public keys you need are in this script Unchained gives you? Also what do you think about the idea of just dividing the total amount onto separate hardware storage devices from different companies? That way you could loose some, but not a single point of failure for all your coins. My main concern with only 1 hardware wallet is the wallet company themselves being corrupted.
To get a around the problem of losing your multi-sig configuration file you can keep multiple copies of it. So, keeping a copy of the configuration file with each private key makes sense. The only downside I think is that it might give the attacker a hint to where the other private keys are stored.
Hey Matthew, i love watching your videos and thank you for this information. One thing worries me, if i have ever typed my private keys in my computer even once or in a hot wallet once, should i get an entirely new address with different keys? If anyone else could answer that would be very appreciated.
@@brandonjade2146 correct, only enter your seed into a reputable hardware wallet. Ideally, a air gapped hardware wallet that isn't physically attached to a computer and transmits the signature via Micro SD or QR code.
Something I only just realized is that if someone steals my jade they only need to break the 6 digit password and they can spend my bitcoin (as the jade keeps the seed phrase on the device) That was not clear to me.
This is what all hardware wallets do-- they store the seed securely, but all hardware wallets can be hacked given enough time. ColdCard more secure than Jade with 2 secure elements, but still theoretically hackable. You can also just wipe your jade and store the recovery seed by itself.
@@Bitcoin_University thank you so much for your reply. I have spent all the spare time I have had over the last 3 years studying and learning about bitcoin and I still find some aspects complex and confusing. Bitcoin has a long way to go in making self storage easy for the everyday person.
If you HODL and are focused on accumulating (rarely spending your bitcoin), then this particular problem can be avoided by memorizing your seed phrase (and/or saving it onto metal plates and securing them). Once you are confident in the recovery process (be sure to test with a small amount of bitcoin to be certain), move your stack onto the wallet and then factory reset your device. Afterwards, only restore your seed phrase onto the device when you need to spend some of your stack, and immediately factory reset again afterwards.
Also for the file needed, hard drives don’t last forever. I’ve had them go corrupt before. You’re risking your coins by relying on storing a digital file.
very nice content as always. I have a question on recovery. The multi-sig wallet is made for example by 3 keys and a configuration file. In order to rebuild the wallet you should nee all the 3 keys plus the configuration file. Are 2 out 3 keys and the configuration file sufficient to recover your multisig wallet?
To rebuild the file you need all 3 xpubs. You can get these by either having all 3 keys, or a configuration file, you dont need both. So, either all 3 keys (or however many keys you have), OR configuration file / wallet descriptor (which is pretty much just a list of these 3 xpubs) + 2 keys
Hey Matt, if I setup my Jade with a seedphrase AND a passphrase would i be able to restore it on another hardware wallet? I know when you use a passphrase you cannot restore it with just the recovery seed because the added passphrase creates a separate wallet.
Yes, but also save the derivation path and the extended fingerprint (XFP). This data should be kept private, but it (alone) does not make your bitcoin spendable.
I think most people agree that multisig is more secure than single sig, but I don't think most people realize how much more secure it is. I would argue that it's many, many orders of magnitude more secure. If you've studied any probability, you may remember the multiplication rule, which states that the probability of A and B and C equals the probability of A times the probability of B times the probability of C. This means that the probability of a multisig configuration getting hacked is the probability of one hardware wallet getting hacked times the probability of another hardware wallet being hacked times the probability of someone associating both of those hardware wallets with you, finding your configuration file, and combining all of this information. Could a quantum computer even do this? On the other hand, the probability of a single sig configuration getting hacked is equal to the probability of one hardware wallet getting hacked.
@@Bitcoin_University By having a multisig, isn't the Casa user safe anyway? Because in case they get hacked, they don't have all the keys anyway do they?
Do you still not recomend ledger after delaying the recover feature? Seems like it’s an opt-in feature. They say they will open source most of their os, starting with recover.
How important is it to use hardware wallets from different manufacturers in a multisig setup? Are there any issues using say all Coldcards or all Blockstream Jades?
Do not have a hardware wallet shipped to a home address it is a security risk, use a private mailing adress, that is also one more reason for not buying ledger.
@@IamaNewCreature ledger is worse than that a while back they were refusing to ship a ledger to a private address because the shipping had bounced due to an issue with customs, they were getting very invasive, after a month of holding my ledger they finally did reship for free since repaying for shipping was not an option on their part. I had a similar event once with a coldcard in which the shipping bounced due to customs, but with coldcard the handling was much better I had to pay the shipping again with coldcard but it was reshipped very quickly with no questions asked. In both cases I never found out why the bouncing at customs took place, but it was not due to taxes since it was a single wallet.
Why not just record your recovery seed across three separate pieces of paper / metal, each copy having only a different two-thirds of the whole seed? That’s 2/3 multisig. And your hardware wallet already has 2/2 multisig (in a sense) if you have it protected by an unlock code. A thief would need both the physical hardware wallet and the unlock code to use it.
Just use Shamir Secret Sharing. You can have a 2/3 SSS set up for a single sig. If you make your own thing, it’s NOT MATHEMATICALLY SECURE… with a SSS set up, even if you lose 1 of 3 shares, it would still take like 1/3 million years or something on that order to break… vs if you just do your own thing, it could be much easier to break. SSS is actually mathematically proven as is a standard in some industries.
Because only having to figure out third of a seed is way, way less secure than having to figure out the a whole one. Also, for seed phrases, a lot of people don't realise that the last of the 12 words is a checksum that is calculated from the first 11
@@minesadab you’re claiming the entire second half of a 24-word seed phrase is just a checksum? That doesn’t make sense. Educate me. And yes while it’s easier to figure out 8 out of 24 words, rather than all 24, it’s still enough that a thief is not likely to crack it before you have plenty of chance to move it to a new wallet.
@@vejoshiraptor I wrote "the last of the 12 words" - so I'm talking about the last word of a 12-word seed phrase. Bear in mind that with your method, a single signing device sees everything it needs to spend your bitcoin, so you'd better trust it. Ultimately my response to your initial question would be "why not use 2 of 3 multisig with 12-word seed phrases"? :-)
@@minesadab the last one of the 12 words, got it. The reason to not use 2/3 multisig is because it’s significantly more complicated for the average user and introduces significantly more room for user-error resulting in loss of funds. Splitting up your written-copy of a 24 word seed phrase seems to me to achieve 90% of the added security benefit while being 100% easier to manage. It works exactly the same as what common users are already doing, just with a couple extra pieces of paper stored securely and separately. An attacker that has 16 out of 24 words still has quite a task before them to crack the remaining 8 words, which could take years.
No, I do not. Believing in that model and promoting it was a giant mistake on my part. btconometrics-84377.medium.com/bitcoin-and-stock-to-flow-7909784da261
The test of any model is the experimental test...does it actually agree with reality. The PlanB model did not pass this test, and was therefore shown to be wrong. It is therefore not a question of belief. BTW, there is this meme that "all models are wrong, but some are useful". It is false that all models are wrong. If somebody produces a suspect model, don't let them con you with the above meme.
Do you think multi-sig could actually start to play a part in large escrow transactions or loaning against BTC? Seems like a good option if I take a 2M USD loan against my BTC and each party holds a sig until the loan is fulfilled.
In 2/3 multisig setups where three keys are held by three parties, couldn't any two of the three parties collude to rob the third? Seems all three individuals are trusting the other two in this scenario.
@@ryanm7263 Yes, that's true, so you need to pick those three parties really carefully. Multisig can still be a big improvement over trusting SBF, CZ, or Brian Armstrong with your Bitcoin. Different solutions (single sig, multisig) for different people and situations.
Using a Trezor is still better than leaving your BTC on an exchange. It's just that the company lost my trust after partnering with Wasabi and chain surveillance
@@Bitcoin_University thank you for doing the research and explaining this to the “little guy” like me. I have been following your channel for over a year & taking to heart all of your advice. I was very nervous to some how screw up transferring from coinbase to trezor. And I’m nervous to move it to a different hard wallet. I have been DCA buying and consolidating into bitcoin only !
Is the multisig private key still a 256-bit long number (that takes multiple other private keys to access)? Theoretically if someone had that 256-bit number could they bypass the multisig configuration?
It really depends on your threat model. If something is memorized, it can be extracted through torture (sorry to get so dark on you). I don't know any of my recovery seeds, so cannot be extracted from me, for better or worse.
Hey Mr Kratter, I would sign up for your course, I want to. However I cannot pay in BTC on your website so for now it is no deal. At the current time you only accept credit cards 👎 Thank you for the video have a great day
Hi Matt. I have a question for your. Can your bip69 key be leaked when doing a standard recovery test. For eg.- I you need to sign a transaction and you then enter it through the standard recovery procedure in trezor. Though you need to enter the phrase in a random order as per trezor device. Can it be leaked? Any safety concerns here?
It's quite safe, as long as someone hasn't installed bad firmware on the Trezor or subbed out your Trezor with a fake Trezor that has a backdoor (evil maid attack). As long as you are entering your seed words onto the Trezor itself, you should be fine. Try it with just a small amount of BTC on the device to be sure.
@@Bitcoin_University Thanks matt 🙏There are two recovery process 1. Easy one takes less time you have to type it on the computer in a random order. 2 Manual method- which is more time consuming, you have to select the words from trezor device. Trezor says both methods are safe. Should that be also trusted. A little clarification on that would be helpful.
Hey Matt, I have been digging in UTXOs more. Wouldn’t need to consolidate UTXOs make small purchases difficult or pointless for companies? For example, if Walmart sells me bubble gum for SATs. What would Walmart do when fees are too expensive move small transactions?
Vendors wouldn't accept on-chain payments, it's really not made for that. They would accept Lightning payments and only move large amounts on-chain once a day/week/month.
@@slightlyfaulty I was thinking about this. So no matter what, stores must have a third party intermediary who would settle on chain, and maybe lighting payments daily. I could see over time, the intermediary increasing their fees as we move to the BTC standard. Maybe in the future (far flung future), they may be charging 3% fees again. Rent seeking would be alive and well. 🤔
@@ashley8774 I just find it difficult that a merchant would not want to accept payment for smaller purchases. I'm thinking that is where Strike (or companies like it) come into place. I will look into splicing. I have only been in the space for two and half years. Although I research daily, I have MUCH to learn!
But how practical is it for people to hide their seeds in geographically disparate areas without having to trust somebody else? And what if YOU for whatever reason can no longer access that disparate location?
Remember on Narcos when Pablo Escobar buried cash all over the place and then stuff really hit the fan, dug it up to fund a war and the paper had gone rotten?
Only give partial backups to people that can't or won't collude against you. 3 of 3 multi-sig, give one backup to someone you trust, put one in a safe deposit box at a bank, and keep one yourself. You could also give 2 of the 3 backups to people you know but don't know each other. One to a parent, one to a friend, coworker, etc. Don't tell the people you give the backup to whom else holds a backup. Leave that information in a will.
Andreas has an update, would be interesting to hear your views and if any have changed. My concerns are a 3rd party is involved and the risk analysis around this including lock-in, if the config file is lost, and how to transfer 3rd parties. I guess you have to weigh up the pros and cons of self custody vs 3rd party. Self multi is out the question for even most techs let alone the average. I have often been taught and experience has shown me the old adage of KISS, Keep It Simple Stupied.
Why is it called a 2-of-3 multsig, then? Because, if I understand correctly, you lose only one of the 3 seeds: you can't spend the bitcoins any more. I would have thought that 2-of-3 mean that one of the 3 seeds is facultative. Thanks
I'm currently using M1 for all of my investments, including Bitcoin. What are your thoughts on this? I know this most likely isn't ideal but the ease is nice.
DO NOT “roll your own cryptography.” Just use known and mathematically proven things like Shamir Secret Sharing on a single sig with a proper pass phrase.
@Bitcoin_University The other 300 huge funds will see how the first fund instantly moved the market & guaranteed its return. It will never stop. Next round will be small central banks...
i suggest you memorize your recovery seeds. its not easy but practicing 3x a day a few minutes u will be surprised how fast u will remember. just say them to yourself thruout the day. best way in your head. until u get a concussion lol
You better have a metal backup somewhere because your memory can become unreliable with time or with health (examples are hitting your head in an accident etc). You can have 3 metal backups for a 24 words, where each is 1 of 3 shimir secret shares. 12 words are MUCH easier to remember too… but as I said you could forget due to age or trauma… and splitting 12 words is SUBSTANTIALLY MORE SUBSETABLE to brute force attack, mathematically speaking.
I was thinking of using a book which is easy to get in any country. Select my pass phrases from random pages highlighted in a specific color. Highlight fake words/phrases. This way I don’t need to remember the phrases and if I leave the country or another state, just get a book on line or hard copy on those countries. I can give a copy of those books to immediate fam members. In case of emergency. And an instruction sheet of how to use the book to a totally different fam member of to a lawyer. Not worry about the lawyer because he has no clue of books or other info. Thanks Matt for all you do!
DO NOT USE QUOTES FROM ANYTHING LIKE SONGS OR BOOKS!!! There are people who regularly scrape for brain wallets etc for common phrases and quotes etc. I would highly recommend you take the advice of Andrias Antonopolis… he has been a legitimate OG and also knows tech stuff.
![MultiSig is NOT the best option for most people to store their bitcoin [June 2023]](http://i.ytimg.com/vi/sjS5qF65Yos/mqdefault.jpg)
WARNING: There are a number of scammers who are using my image and
channel name to try to connect with my viewers on WhatsApp and other
platforms to scam them. Just so you know, I will never refer you to
"my personal trader" or try to connect with you personally to sell you
something. I am trying to ban these scammers as quickly as they pop up. You can
always recognize a scammer by clicking on the image and seeing how
many videos he has. All of these guys have zero videos, while I have
hundreds. I also now have a checkmark next to my name, so that you can distinguish the real Bitcoin University from the imposters. Follow me on Twitter @mattkratter
I have watched all of your BTC and economics videos (except the trading ones)
Detailed videos are good - occasional short ones are good also but the real value is packed in the longer ones (10-20ish mins)
Thanks for the feedback!
Thanks Matt! A longer video filled with MASSIVE value!!
Keep to your roots.
Hi Matt! While I think multi-sig is probably the most safest, the only thing I see as a problem is that yes true bitcoiners will do all they can to protect their wealth and will go to the extreme of learning how to do this but if that person passes away, you would want to leave your loved ones with the easiest way to access the bitcoins .While you may be the most technical savvy person in the family others may not be or may not share the same technological knowledge, experiences and interest as you. So this will undoubtedly make it difficult and frustrated for your love ones! I do say make it simple but secure. Thanks!!
I have the same problem I am the only one able to manage a multi sig in my family. i think some solutions will come in the future. A good solution would be to be able to send your bitcoin to a specific adress at a given time in the future if you dont cancel the order, meaning if you are dead. So you would just have to give one hardware wallet to someone of your family (with zero btc) and in ten years the bitcoins would be automatically transferred if the order is not canceled. I know that blocktream is developing something called mini script. I hope someone will make it possible and user friendly at some point.
@@ludoludo4334 That's a fantastic idea!
@@ludoludo4334 Nunchuck IO has an inheritance plan that fits your need. Only one issue is that their subscript is expensive. Maybe I'll teach my wife and kid how to do it.
Perhaps put several 'stepping stones' in place, each of which alert your phone/email etc that they've been 'stepped on' and would give you plenty of time to sweep your funds / prevent access to the next 'stepping stone'.
While it’s better to just set it up, just the fact multi sig exists is a good deterrent to “hammer attacks”, or any threat against your personal safety. “Sorry, I can’t give you my pass phrase there’s a second factor stored in Switzerland” - might be enough to fool a robber
@matthew - could governments / sophisticated entities verify on chain if your address requires multi sig? I’d guess detainment by a corrupt government would be a form of hammer attack this white lie wouldn’t cover
@@_outofphase5480
Compliance does not guarantee that you don't get beat up or murdered.
In a multi-sig setup, you can also add a small amount of BTC to each of your seed phrases as a decoy/canary
A decoy wallet is also advisable
3:45 testing recovery seed of wallet. Useful
Stacked a bit today. Using the muun wallet for small amounts. Thanks to you for mentioning it in previous videos❤
Thank you as always Matthew. If I may add, as per a cyber security friend of mine who advised me, as another layer of protection for the hardware wallet..order a "faraday cage" bag to protect it from EMP and then place it in a Ziploc with desiccant to prevent moisture...then inside of a portable fire proof bag..then place in a safe, if possible...
Yes, this is all good advice, but you'll still be fine if you have your recovery seed and your hardware wallet has been destroyed by the EMP. You'll just need a new hardware wallet to load your recovery seed onto.
Keeping your hardware wallet in a typical steel safe with a dehumidifier will accomplish all that too. If you have a safe with power and ethernet inside, you can also store your entire full node in there as well.
A 6 mm thick Aluminium sheet with the PRIVATE KEY stamped into it using numbers and letter uppercase and lowercase then dropped into a 6 metre deep 75mm diameter hole and buried that deep a metal detector can detect it then dig it up when the PARTY starts.
A passphrase protected wallet (with 0 on your default wallet) seems to be best for me. That way you would not worry about someone getting your seed as much. A strong passphrase kept only in your head is secure. But I understand why you as a public figure would use multisig. You can also apply an algorithm to the seed words and store them that way.
Keep a little on the base seed as well. It makes a great "canary in the coal mine". If those funds move, you know the wallet is compromised, and it's time to move to a new seed.
Also, I would not only keep the passphrase in your head. Accidents happen and if you forget or die, those funds are gone. You can store the passphrase anywhere you choose, just never with the seed. Even digital storage of the passphrase is fine.
I like the passphrase approach for many. However, I suggest you plan for your own death. A passphrase stored exclusively in your head makes the bitcoin death tied to your own.
There’s many options, but here’s a couple to consider:
Option 1 (preferred option): save your passphrase on your coldcard SD card but keep this SD card at a different location (with a friend or sibling). The friend/sibling cannot access the bitcoin (no seed) nor can they even view the passphrase (it’s encrypted and is not readable without YOUR cold card). Manually save XFP and any other important non-confidential data on the sd card in a text file.
Option 2: create your own cypher. Write the secret (a = t, b = u, or a = 16, b = 08, etc.) and store it securely in your possession. Encrypt the passphrase with your cypher and write it on a piece of paper. Put that paper in a fireproof envelope. Also include XFP and any necessary directions for recovering your wallet. Give that firesafe envelope to a trusted person (friend/family member). You can put security stickers on as well to check for tampering/opening.
Other considerations: it may be wise to have your wallet recoverable my multiple people to protect against cooccurring deaths. Every strategy has trade offs. Each person must consider their own situation and think about how to best protect themselves from many potential attack vectors, especially accidental loss.
@@Silarous yeah, I'm an old boomer so I have bequeathed them already. To bequeath them, you have to trust someone, so I have trusted a relative. Even if someone got my seed somehow, they could search until the end of time and never get to my passphrase protected wallet. There are 10**197 possibilities, an unimaginably large number.
@@krob1957 sounds like you got your bases covered. Nothing wrong with being an old boomer! Glad to see you on board. I'd also add, having some BTC on the base seed can help protect you from the $5 wrench attack. If someone physically forces you to give up your seed, they _may_ be satisfied with what you have there and not press any further.
This is all hypothetical of course and most likely not something you'll have to encounter. Just things to consider.
You can keep just a decoy amount on a wallet without the passphrase.
I love you 15 min+ Videos. You and BritishHODL are lovely Channels!
How do we protect our seed plates now from DEWs ?
Paint them blue. 🤣
Matt, a note on single sig 12 word. A single sig 12 word is easy to memorize, which may be good for an individual fleeing an oppressive regime.
Thanks Matt!
yeah great topic, also had similar question after that Antonopoulos speech
The other two holders in my 2/3 multisig vault...are Mr. Smith and Mr. Wesson. We can all get together for a meeting any time.
I won't be breaking into your house anytime soon, thanks
The section on regulatory challenges was eye-opening.
Thanks Matthew
Can you setup a multisig using like 3 different Jades or ledger nano’s?
FYI you can restore a multisig wallet if you have all 3 seeds or whatever your scheme is; You dont need to have the wallet restore file. Another neat way of doing this is using something like bip 85 child seeds to derive the seeds for the multi sig, that way you only have to secure the main parent seed.
This is a lurker golden comment. Thanks, James! I think you're right. I thought all you needed to reconstitute the wallet and re-gain access to your funds was the required minimum number of seeds (like two of three). If not, and you also need other wallet information or a separate file, this is very risky because many people will JUST record the seeds thinking that's all we need. That's how many lost access to their Bisq wallets. They had ONLY seeds, not wallet file...
Thanks Matthew 😊
I like the idea of hammering 11 seed words into metal and keeping the 12th in my head.
That’s an easy brute force.
Might we get an update on the state of institutions, more specifically in regards to BTC loans? Thank you!
Thank you so much for all this information.
Awesome video Matt! I was literally raising these concerns to the Casa guy (just researching, I know they support ETH 🤦🏽♂️) but he didn’t seem to understand these nuances in detail. I’ll either go with Unchained or try myself with a very small test amount. Perfectly timed video 👍🏽
can you do a video on comparing the upcoming Tangem Hardware wallet to coldcard, and thoughts on the ledger scandal if people should be worried about that. Thanks for videos!!
Ledger is not a true cold wallet if they can siphon off the keys… they admitted this was possible just a few months ago. I personally am in the process of moving my funds off them and just keep them just for smaller amounts.
excellent thoughts
Multisig is great but there will be people losing funds not keeping it simple. Nothing wrong with single sig and good pass phrase backed up securely.
As long as you trust that your signing device(s) aren't compromised
Great video!
Would you recommend using unchained capital for a multisig?
How do i implement. Going to watch now
Thanks. What is the third hardware wallet you use in your multisig setup? Cold Card, Jade, and...?
11:42 Trezor - Oops. 😂
You have sharp eyes-- impressive
Hi Matthew! Love your work. Can you please go over different multi-sig solutions like Sparrow?
I love your videos. I am on a binge of watching all of them . Could you maybe talk about hyperbitcoinization and what a hyperbitcoinized world looks like ? How long do you think would it take till we get there? Keep up the great work
I really like Jade 2fa multi-sig 2 of 3
I very much agree with this André. Multisig is great for businesses, but there is no chance in hell I can explain Multisig to my wife, parents or children (within the next 15 years) in order for them to excess my coins in case anything happens.
If your wife, parents, or children can use the internet, they can learn to use multisig. Especially if they know that there's money inside
I agree .keep it simple .just the hardware wallet
@@aussieman8738a hardware wallet can fail like any other electronic device, especially over a long time… I would explain to them at the minimum how secure a single sig (with pass phrase).
It’s mathematically possible to do a 2/3 Shimire Secret Sharing (SSS) for a 24 word set up. Each “share” can be split between 1 family member, yourself and a safety deposit box or a lawyer or someone you trust.
As my BTC grows, I’m feeling increasingly uneasy about single sig. What if the cleaning lady or contractor stumbles upon my 24 words? That’s it! Or what if Coldcard somehow does have a backdoor to my words? Or what if a virus is somehow able to jump into my CC are steal my seed? I no longer feel ok about having that single point of failure. Multi sig makes your wallet bullet proof to these risks.
If there is a backdoor, would that also leak your passphrase if you set that up?
You're he best in the business, Matt.
I guess we should just start saying "Ditto".
And that would be ANOTHER great honor (which some age demographics will not get) since not all broadcasters deserve "Ditto".
Why aren't we talking a bit more about passphrase? It seems to me like the benefits of single sig with some benefits of multisig where there is no single point of failure? What do you think?
I think single sig with an SSS (Shamir secret sharing) is the best for and individual. Multisig for companies, couples and families.
multisig vs passphrase, what would you recommend?
Thanks for the forecast! I have a quick question: I have a SafePal wallet with USDT, and I have the seed phrase. (alarm fetch churn bridge exercise tape speak race clerk couch crater letter). How should I go about transferring them to Binance?
Tnx
Would you recommend keeping a copy of that scrip with each of the 3 seed phrases? (in a 2 of 3) I assume all 3 public keys you need are in this script Unchained gives you?
Also what do you think about the idea of just dividing the total amount onto separate hardware storage devices from different companies? That way you could loose some, but not a single point of failure for all your coins. My main concern with only 1 hardware wallet is the wallet company themselves being corrupted.
To get a around the problem of losing your multi-sig configuration file you can keep multiple copies of it.
So, keeping a copy of the configuration file with each private key makes sense.
The only downside I think is that it might give the attacker a hint to where the other private keys are stored.
Hi Matthew, came back to this video as a refresher to Multisig Bitcoin setups. Would you rate Unchained or Casa over Nunchuks Multisig setup?
Hey Mat, what is the official site for the cold storage wallet you mentioned here, both of them please. TY
coldcard.com/
blockstream.com/jade/
Hey Matthew, i love watching your videos and thank you for this information. One thing worries me, if i have ever typed my private keys in my computer even once or in a hot wallet once, should i get an entirely new address with different keys? If anyone else could answer that would be very appreciated.
Yes, if your recovery seed/private keys have ever been exposed online, they are not safe. Generate a fresh recovery seed.
Absolutely. Rule #1 is never type your seed into any network connected device.
@@brandonjade2146 correct, only enter your seed into a reputable hardware wallet. Ideally, a air gapped hardware wallet that isn't physically attached to a computer and transmits the signature via Micro SD or QR code.
Get a cold card
With cold card, you have an option to never connect the wallet directly to a computer.
passphrase is the best option
Still you suggest that jade that stores keys on THEIR server??? You want to look a sage of btc.. you are not at all
Something I only just realized is that if someone steals my jade they only need to break the 6 digit password and they can spend my bitcoin (as the jade keeps the seed phrase on the device) That was not clear to me.
Multi sig seems a little too complicated for me current - I am worried to would mess it up.
This is what all hardware wallets do-- they store the seed securely, but all hardware wallets can be hacked given enough time. ColdCard more secure than Jade with 2 secure elements, but still theoretically hackable. You can also just wipe your jade and store the recovery seed by itself.
They only have 3 tries to break the 6 digit password
@@Bitcoin_University thank you so much for your reply. I have spent all the spare time I have had over the last 3 years studying and learning about bitcoin and I still find some aspects complex and confusing. Bitcoin has a long way to go in making self storage easy for the everyday person.
If you HODL and are focused on accumulating (rarely spending your bitcoin), then this particular problem can be avoided by memorizing your seed phrase (and/or saving it onto metal plates and securing them). Once you are confident in the recovery process (be sure to test with a small amount of bitcoin to be certain), move your stack onto the wallet and then factory reset your device. Afterwards, only restore your seed phrase onto the device when you need to spend some of your stack, and immediately factory reset again afterwards.
Matt what are your thoughts on nunchuck vs unchained?
Also for the file needed, hard drives don’t last forever. I’ve had them go corrupt before. You’re risking your coins by relying on storing a digital file.
very nice content as always. I have a question on recovery. The multi-sig wallet is made for example by 3 keys and a configuration file.
In order to rebuild the wallet you should nee all the 3 keys plus the configuration file. Are 2 out 3 keys and the configuration file sufficient to recover your multisig wallet?
To rebuild the file you need all 3 xpubs. You can get these by either having all 3 keys, or a configuration file, you dont need both.
So, either all 3 keys (or however many keys you have),
OR configuration file / wallet descriptor (which is pretty much just a list of these 3 xpubs) + 2 keys
Hey Matt, if I setup my Jade with a seedphrase AND a passphrase would i be able to restore it on another hardware wallet? I know when you use a passphrase you cannot restore it with just the recovery seed because the added passphrase creates a separate wallet.
Yes, all of the major hardware wallet brands will allow recovery of hidden wallet with recovery seed plus passphrase
Thank you for all the great information
@@Bitcoin_University Thanks for clarifying!
Yes, but also save the derivation path and the extended fingerprint (XFP). This data should be kept private, but it (alone) does not make your bitcoin spendable.
I think most people agree that multisig is more secure than single sig, but I don't think most people realize how much more secure it is. I would argue that it's many, many orders of magnitude more secure. If you've studied any probability, you may remember the multiplication rule, which states that the probability of A and B and C equals the probability of A times the probability of B times the probability of C. This means that the probability of a multisig configuration getting hacked is the probability of one hardware wallet getting hacked times the probability of another hardware wallet being hacked times the probability of someone associating both of those hardware wallets with you, finding your configuration file, and combining all of this information. Could a quantum computer even do this? On the other hand, the probability of a single sig configuration getting hacked is equal to the probability of one hardware wallet getting hacked.
Once you've reached a safe level of security, having many orders of magnitude of higher security doesn't do anything.
@@bricklawson9745 You're right, as long as everything stays as it is, but things never stay as they are.
@@Timothy_Trowbridge i think the risk of locking myself out is higher than the risk of getting hacked.. assuming I do the basics.
Yawn
What do you think about Casa?
I prefer Unchained. I don't like Casa because they support Ethereum, which gives them a wider attack surface
@@Bitcoin_University thanks for your replay. What do you mean with “wider attack surface”?
@@Bitcoin_University By having a multisig, isn't the Casa user safe anyway? Because in case they get hacked, they don't have all the keys anyway do they?
Great sovereign info
How to test a seed? Didn't you say that you should never use a seed and once you use it it's better to transfer all your money to a new walled/seed?
Do you still not recomend ledger after delaying the recover feature? Seems like it’s an opt-in feature. They say they will open source most of their os, starting with recover.
These seed phrases is what keeps the mass from not using bitcoin
Not everyone is ready for self-sovereignty. Some people never will be, but will have access to fedimints etc
Let say if I still have these 3 keys but I lost the multisig configuration file. Could I recover my bitcoin?
The setup of your wallet depends entirely on you and your particular situation.
Yes, totally agree. There is no one size fits all. Just tradeoffs
How important is it to use hardware wallets from different manufacturers in a multisig setup?
Are there any issues using say all Coldcards or all Blockstream Jades?
The purpose of this is to ensure the security chip is from different manufacturers.
Do not have a hardware wallet shipped to a home address it is a security risk, use a private mailing adress, that is also one more reason for not buying ledger.
Reputable companies destroys the customers details after 90 days. Unlike ledger.
@@IamaNewCreature ledger is worse than that a while back they were refusing to ship a ledger to a private address because the shipping had bounced due to an issue with customs, they were getting very invasive, after a month of holding my ledger they finally did reship for free since repaying for shipping was not an option on their part. I had a similar event once with a coldcard in which the shipping bounced due to customs, but with coldcard the handling was much better I had to pay the shipping again with coldcard but it was reshipped very quickly with no questions asked. In both cases I never found out why the bouncing at customs took place, but it was not due to taxes since it was a single wallet.
Why not just record your recovery seed across three separate pieces of paper / metal, each copy having only a different two-thirds of the whole seed? That’s 2/3 multisig. And your hardware wallet already has 2/2 multisig (in a sense) if you have it protected by an unlock code. A thief would need both the physical hardware wallet and the unlock code to use it.
Just use Shamir Secret Sharing. You can have a 2/3 SSS set up for a single sig.
If you make your own thing, it’s NOT MATHEMATICALLY SECURE… with a SSS set up, even if you lose 1 of 3 shares, it would still take like 1/3 million years or something on that order to break… vs if you just do your own thing, it could be much easier to break.
SSS is actually mathematically proven as is a standard in some industries.
Because only having to figure out third of a seed is way, way less secure than having to figure out the a whole one. Also, for seed phrases, a lot of people don't realise that the last of the 12 words is a checksum that is calculated from the first 11
@@minesadab you’re claiming the entire second half of a 24-word seed phrase is just a checksum? That doesn’t make sense. Educate me.
And yes while it’s easier to figure out 8 out of 24 words, rather than all 24, it’s still enough that a thief is not likely to crack it before you have plenty of chance to move it to a new wallet.
@@vejoshiraptor I wrote "the last of the 12 words" - so I'm talking about the last word of a 12-word seed phrase.
Bear in mind that with your method, a single signing device sees everything it needs to spend your bitcoin, so you'd better trust it.
Ultimately my response to your initial question would be "why not use 2 of 3 multisig with 12-word seed phrases"? :-)
@@minesadab the last one of the 12 words, got it.
The reason to not use 2/3 multisig is because it’s significantly more complicated for the average user and introduces significantly more room for user-error resulting in loss of funds. Splitting up your written-copy of a 24 word seed phrase seems to me to achieve 90% of the added security benefit while being 100% easier to manage. It works exactly the same as what common users are already doing, just with a couple extra pieces of paper stored securely and separately. An attacker that has 16 out of 24 words still has quite a task before them to crack the remaining 8 words, which could take years.
Do you still believe in PlanB’s model? I know we as a group touted it pretty heavily.
No, I do not. Believing in that model and promoting it was a giant mistake on my part.
btconometrics-84377.medium.com/bitcoin-and-stock-to-flow-7909784da261
@@Bitcoin_Universityit’s refreshing to hear someone so clearly state that they have changed their mind about something
@@Bitcoin_University
Matt, I respect your brutally honest, humble answer, and I expected nothing less.
The test of any model is the experimental test...does it actually agree with reality.
The PlanB model did not pass this test, and was therefore shown to be wrong.
It is therefore not a question of belief.
BTW, there is this meme that "all models are wrong, but some are useful".
It is false that all models are wrong. If somebody produces a suspect model,
don't let them con you with the above meme.
If you lose the config file but still have all three seed phrases can you still reconstruct the multisig vault ?
Yes, assuming that the derivation path is standard
Thoughts on Casa?
They sold out and now also offer support for Ethereum. That's a deal killer for me.
Matt, can you provide a theoretical breakdown on the effects of BRICS on Bitcoins future?
So if a 3/3 wallet is set up and you need to recover but lost the configuration but still have 3 of 3 seeds do you still have access to transact?
yea you would reconstruct the multi sig setup the exact way you did the first time. Dont quote me on that lol..
How do you spend bitcoin if you keys are spread across the country ?
Traveling from one location to another doing PSBT (partially signed BTC transactions), or involving a trusted family member online
I'm going to reinstall a wallet and check.
Do you have a class on how to do all this, I’m on cashapp buying bitcoin
Ah I just had to wait till the end
why do you prefer bitcoin only wallets , is this a bitcoin only thing or security ? .
Bitcoin only wallets have a smaller attack surface (hence more secure) since they don't have to cater to lots of altcoins
@@Bitcoin_University thanks
Are you familiar with Secret Shares? Thus looks like an interesting approach to Multi Sig.
Do you think multi-sig could actually start to play a part in large escrow transactions or loaning against BTC? Seems like a good option if I take a 2M USD loan against my BTC and each party holds a sig until the loan is fulfilled.
Yes. Unchained already does exactly this for Bitcoin loans-- where Unchained holds one key, you hold one key, and a 3rd party holds the 3rd key.
In 2/3 multisig setups where three keys are held by three parties, couldn't any two of the three parties collude to rob the third? Seems all three individuals are trusting the other two in this scenario.
@@ryanm7263You’re trusting that no two parties collude. It has its strengths, as it has its trade offs, like everything.
@@ryanm7263 Yes, that's true, so you need to pick those three parties really carefully. Multisig can still be a big improvement over trusting SBF, CZ, or Brian Armstrong with your Bitcoin. Different solutions (single sig, multisig) for different people and situations.
I got a trezor then Matt put out a video right after that Trezor is not a good hard wallet…
So at some point, i’ll need to move it to a different one.
Using a Trezor is still better than leaving your BTC on an exchange. It's just that the company lost my trust after partnering with Wasabi and chain surveillance
@@Bitcoin_University thank you for doing the research and explaining this to the “little guy” like me. I have been following your channel for over a year & taking to heart all of your advice. I was very nervous to some how screw up transferring from coinbase to trezor. And I’m nervous to move it to a different hard wallet.
I have been DCA buying and consolidating into bitcoin only !
Is the multisig private key still a 256-bit long number (that takes multiple other private keys to access)? Theoretically if someone had that 256-bit number could they bypass the multisig configuration?
You should do a video on how to protect BTC in case of death so kids can get it.
do u you think biometric recovery as a second option of seed is possible in the future? I really helps to ease the elder to secure their BTC.
👏👏
500,000 a btc? Im curious whats your price prediction for this asset?
ruclips.net/video/1ugK2waqCqM/видео.html&ab_channel=BitcoinUniversity
I use a really long passphrase which you can’t brute force. Plus I have it memorized. I don’t see why multisig Is better. Thoughts Matt?
It really depends on your threat model. If something is memorized, it can be extracted through torture (sorry to get so dark on you). I don't know any of my recovery seeds, so cannot be extracted from me, for better or worse.
@@Bitcoin_University well said as always, thank you
Why do exchanges sell Bitcoin even though it’s the hardest asset. Wouldn’t it be better for them to HODL and not sell Bitcoin ?
👍👍
Hey Mr Kratter,
I would sign up for your course, I want to. However I cannot pay in BTC on your website so for now it is no deal. At the current time you only accept credit cards 👎
Thank you for the video have a great day
Hi Matt. I have a question for your. Can your bip69 key be leaked when doing a standard recovery test. For eg.- I you need to sign a transaction and you then enter it through the standard recovery procedure in trezor. Though you need to enter the phrase in a random order as per trezor device. Can it be leaked? Any safety concerns here?
It's quite safe, as long as someone hasn't installed bad firmware on the Trezor or subbed out your Trezor with a fake Trezor that has a backdoor (evil maid attack). As long as you are entering your seed words onto the Trezor itself, you should be fine. Try it with just a small amount of BTC on the device to be sure.
@@Bitcoin_University Thanks matt 🙏There are two recovery process 1. Easy one takes less time you have to type it on the computer in a random order. 2 Manual method- which is more time consuming, you have to select the words from trezor device. Trezor says both methods are safe. Should that be also trusted. A little clarification on that would be helpful.
For context I have trezor one
Hey Matt, I have been digging in UTXOs more. Wouldn’t need to consolidate UTXOs make small purchases difficult or pointless for companies? For example, if Walmart sells me bubble gum for SATs. What would Walmart do when fees are too expensive move small transactions?
Vendors wouldn't accept on-chain payments, it's really not made for that. They would accept Lightning payments and only move large amounts on-chain once a day/week/month.
@@slightlyfaulty I was thinking about this. So no matter what, stores must have a third party intermediary who would settle on chain, and maybe lighting payments daily. I could see over time, the intermediary increasing their fees as we move to the BTC standard. Maybe in the future (far flung future), they may be charging 3% fees again. Rent seeking would be alive and well. 🤔
@@slightlyfaulty by the way, thanks for answering.
@@NappyWayzno third party intermediaries are necessary. The merchant can “cash out” to onchain with splicing.
@@ashley8774 I just find it difficult that a merchant would not want to accept payment for smaller purchases. I'm thinking that is where Strike (or companies like it) come into place.
I will look into splicing. I have only been in the space for two and half years. Although I research daily, I have MUCH to learn!
But how practical is it for people to hide their seeds in geographically disparate areas without having to trust somebody else? And what if YOU for whatever reason can no longer access that disparate location?
Remember on Narcos when Pablo Escobar buried cash all over the place and then stuff really hit the fan, dug it up to fund a war and the paper had gone rotten?
Only give partial backups to people that can't or won't collude against you. 3 of 3 multi-sig, give one backup to someone you trust, put one in a safe deposit box at a bank, and keep one yourself.
You could also give 2 of the 3 backups to people you know but don't know each other. One to a parent, one to a friend, coworker, etc. Don't tell the people you give the backup to whom else holds a backup. Leave that information in a will.
Andreas has an update, would be interesting to hear your views and if any have changed. My concerns are a 3rd party is involved and the risk analysis around this including lock-in, if the config file is lost, and how to transfer 3rd parties. I guess you have to weigh up the pros and cons of self custody vs 3rd party. Self multi is out the question for even most techs let alone the average.
I have often been taught and experience has shown me the old adage of KISS, Keep It Simple Stupied.
Why is it called a 2-of-3 multsig, then? Because, if I understand correctly, you lose only one of the 3 seeds: you can't spend the bitcoins any more. I would have thought that 2-of-3 mean that one of the 3 seeds is facultative. Thanks
As long as you still have 2 keys and the config file, you can sign a transaction to spend your BTC.
@@Bitcoin_University Thanks a lot! Andreas didn’t speak about this config file in his video, so I was confused.
I'm currently using M1 for all of my investments, including Bitcoin. What are your thoughts on this? I know this most likely isn't ideal but the ease is nice.
As a licensed locksmith, I can break into those safety deposit boxes in less than 10mins. Keep your shit at home folks.
why dont you just split your 24 words into batches of 6 and store them in geographically diverse locations?
DO NOT “roll your own cryptography.”
Just use known and mathematically proven things like Shamir Secret Sharing on a single sig with a proper pass phrase.
Funds push btc 1m+ next 12 months.
There is not enough btc for sale to satisfy huge funds.
It's certainly possible, but I hope we don't go that high that quickly. The world is not ready
@Bitcoin_University The other 300 huge funds will see how the first fund instantly moved the market & guaranteed its return. It will never stop. Next round will be small central banks...
gg
I'm too stupid, to own Bitcoin unfortunately. 🤦
If you can figure out how to comment on a RUclips video like you just did, you can figure out how to buy and store BTC
i suggest you memorize your recovery seeds. its not easy but practicing 3x a day a few minutes u will be surprised how fast u will remember. just say them to yourself thruout the day. best way in your head. until u get a concussion lol
You better have a metal backup somewhere because your memory can become unreliable with time or with health (examples are hitting your head in an accident etc).
You can have 3 metal backups for a 24 words, where each is 1 of 3 shimir secret shares.
12 words are MUCH easier to remember too… but as I said you could forget due to age or trauma… and splitting 12 words is SUBSTANTIALLY MORE SUBSETABLE to brute force attack, mathematically speaking.
I was thinking of using a book which is easy to get in any country. Select my pass phrases from random pages highlighted in a specific color. Highlight fake words/phrases. This way I don’t need to remember the phrases and if I leave the country or another state, just get a book on line or hard copy on those countries. I can give a copy of those books to immediate fam members. In case of emergency. And an instruction sheet of how to use the book to a totally different fam member of to a lawyer. Not worry about the lawyer because he has no clue of books or other info.
Thanks Matt for all you do!
DO NOT USE QUOTES FROM ANYTHING LIKE SONGS OR BOOKS!!!
There are people who regularly scrape for brain wallets etc for common phrases and quotes etc.
I would highly recommend you take the advice of Andrias Antonopolis… he has been a legitimate OG and also knows tech stuff.