jdlcdl
commented
8 months ago Just some thoughts:
There is a likely non-zero probability that words in a mnemonic are duplicated, so perhaps some thought should be given to duplicates in the grid of "random words" which are NOT part of the mnemonic... for hiding the instances where the scheme suggests that duplicates exist in the same pin-code button box.
This entire scheme, as well as all of the variations are what I like to call "meta secrets". Combined, they're all part of your "secret" and I mean that in the context of "Can you keep a secret?" which is a question we all must ask ourselves... and we must live with the consequences of the reality far into the future as opposed to how sincerely we answer that in the present. Complexity, for the most part, works against us... so does our own ability to remember secrets and meta secrets, and also how we plan to transfer those secrets to our heirs.
This scheme feels much like "border wallets", except that my gut-feeling is that it's slightly less secure (by some factor of four but I'm not sure how that plays out exactly) and maybe even more if the expanded grid does NOT cover all 2048 seed words while also being slightly easier to remember/execute... but the scheme itself is also a secret, especially if few are using it.
A strong bip39 passphrase can be as 'hard' (or even harder) than a mnemonic and is a single additional "secret" that can easily be transferred to an heir, and/or recorded in case we forget. Also, it provides for "decoy" wallets. It has been vetted by many, and even if your heirs only had the following: "My funds are hidden in mnemonic X with passphrase Y and I used standard wallets when I stacked during the 3rd-4th epochs." then they'd have a very good chance of learning that they must keep their secrets, that you're referring to bip39, and that native-segwit derivation was likely used. Assuming they knew nothing more than "don't trust, verify", they'd easily find the help they need to recover your treasure. Personally, during my last breath, I want to be able to relax in peace and enjoy that moment, instead of thinking "oh no! what have I done?".
Besides all that... I really don't have any major issues with this... we all have to weigh our own threat-model and keep our secrets secret.
Thank you for writing this up, for your deep thoughts, for your creativity, and for being here to share your ideas with others.
p.s. A shameless plug to my recent-ish "Can you keep a secret?" thoughts is here... a crowd which you, apparently, are a part of too! ;)
Runixcube
here’s an idea that I need peer reviewed please. It appears sound to me but I could just be engineering backwards or something. I wouldn’t know without others reviewing it. Thanks.
Original pdf if you’d prefer to read it that way.
Keypad Seed Word security idea.pdf
Keypad Seed Word security idea
It is common for people to save their seed words written in a list of 12, or 24 words all numbered with the order. Either on paper or stamped into steel plates -
people seed say diary like this one enough hidden that more metal twelve spot shadow moon day year where sleep only drive online copy
Or as
1 people ———- 13 twelve 2 seed ————- 14 spot 3 say —————-15 shadow 4 diary ——-—— 16 moon 5 like —————- 17 day 6 this —————-18 year 7 one —————-19 where 8 enough ——— 20 sleep 9 hidden ———- 21 only 10 that ————- 22 drive 11 more ———— 23 online 12 metal ———- 24 copy
This has known and documented security issues namely being anyone finding the list can restore the wallet. A passphrase system has been added for security so it plays less of a risk.
The proposal below shows a way of further hiding and securing seed words using a common use method we are all familiar with, namely universal keypads as seen at cash machines, modern phone dialer’s, calculators etc
What I propose shows that any person finding your keepad word layout would not know what order your seed words are in the number. So you will another layer of security. First they need the keypad pin code to find the words. Then they need to put the words in order.
You will put 4 of your seed words in six boxes for a total of 24 words. You can also use 12 words but more on that later.
This fills the keypad numbers up to form a PIN code.
Choose your own.
For this example we will use 204579
You see it now with the list in place. First four seed words are in box 2, next set of four words in the list are in keypad number 0, and so on until all our seed words are in place.
Our pin 204579 puts the seed words back in order.
However we need to hide our words and so we fill the blank boxes with 4 random bip words so ours are hidden.
We will fill the blanks to the left and right at the bottom later.
In its simplest form we have now hidden a list of 24 seed words. If only using this basic form it could or may help to fill the two blank spaces to give the illusion of a grid but leaving it as an obvious keypad may encourage an attacker to go with that method of decryption and be harder for them?
Your seed phrase is now in plain sight but unlike the list they are out of order, BUT in a way that should be easily remembered by users, or easier to hide a pin code?
I’m aware some will say if you don’t use a pincode enough you won’t remember it.
Here’s how we placed our seed words. Seed words 1,2,3 and 4 are in box 2, aka PIN number 2 on the keypad.
So our pin code for this seed is clearly 204579
It is highly unlikely someone could guess our seed/pin anymore than they guess our bank pin (of course no one gets shut out of a paper/steel wallet like a bank cash point but I’m sure you can agree this is more secure than a list.
Many will nodoubt use memorable dates or a phone number they remember, maybe one from childhood that’s no longer used.
So with that in mind, someone discovering your passcode.
Earlier remember when we added in the random bip words to fill the keyboard to further hide our seed?
There is another step we can take to make it even harder to discover our seed. That is rotation and/or reordering of our 4 seed words in any 1 or combination of boxes.
In this example anyone guessing our pin, maybe you used your birthday or similar. So they guess your pin. Now they believe they have your seed phrase and enter it to open your wallet.
However they find that doesn’t happen. No wallet is unlocked.
In a good situation they believe they have the pin wrong and move onto other variations.
However what they don’t realise is your first and last seed was in reverse.
This is an example, any number of boxes could be changed in a way you easily remember.
1st and last seed words in reverse order, boxes 2 and 9 of your PIN code
What if you used an X pattern to alter the order?
See here the 1st seed word is in the top left, 2nd seed word bottom right, 3rd seed top right and 4th seed word bottom left because you chose your x pattern that way.
You could have left it that way but you didn’t, you did the same with the last digit in your PIN code, so your last 4 seed words are also out of order in an X
This is more than enough for most people and multitudes safer than a seed word list but there is still more we can do if we want.
By surrounding the keypad like bellow we make the pin pad invisible and the added benefit is achieved if we rotated and/or reordered certain PIN code entries like above, seed numbers in boxes 2 and 9 were altered.
You could if all this is peer reviewed and found valid now take a photo or screen shot of the above (without the outline of the keypad of course, that’s only here for clarification) and store it digitally. You’d only need to remember the first seed word and PIN code.
The word gives you the location of the first number of your pin code which we used 2, aka it’s the number on the keypad. You now should be able to see the keypad.
The rest of your pin is 204579. So should be easy from here to recover your seed.
This is a way to further secure seed words on paper and or steel plates. Even from the above image it’s tough to know the order of the seed.
Now earlier I spoke about 12 word seeds and how this also works. It works due to you can use a 3 digit pin. Say 097 which gives you 12 words or you could use a 6 digit pin as before but ignore two words in each box,
The words are still there for all to see but it is you who knows which ones to ignore.
Again you can ignore in any pattern.
And you can even mix it up like before. Here the first two and last two seed words are read differently. You read the first two in the first and last boxes of your PIN code but last two in all other boxes.
And of course you can hide it further as before.
QR code based systems
This idea would also work with QR code based systems. It only requires the qr code to be broken up into separate seeded words and stored as previous. The QR seed signer would scan each QR code to enter the seed.
This is useful because at the moment QR codes aren’t secured. Anyone finding them has access to all seed words. And it’s only a matter of time before computers are powerful enough that that’s all that’s needed.
A Seedsigner generates a seed phrase, splits the seed up into sets of 4 words ie 6 sets of 4 QR codes (seed words) instead of at the moment 1 QR code.
Then a Seedsigner/user can place them in the keypad pattern as per my method outlined above.
And then finally Seedsigner creates dummy QR codes containing random bip words for the other pin pad placement.
Hey presto a secure QR PIN code.
Same rules apply to use it.
Your PIN code is the order the QR codes are scanned and seed signer adds them all together as you go; SS enters your seed words together. If the order is wrong you ain’t seeing a wallet.
Think of it like this.
If I give you 6 qr codes all lined up. And say scan them in one at a time in order. You do it. A wallet is loaded.
I now mix them up and throw in 4 others (6 if I’m disguising the pin pad; filling in the two blank spots either side of the bottom pin 0)
I say find them now and scan them. You most likely wouldn’t find them.
So to ensure I know which ones are which in future I lay them out/draw them in a pattern. The pattern looks like this
I remember where I left them.
Example in places 234678
That’s an easy number to remember.
I come back later and know where they are and what order to scan them.
Hence a PIN code.
I hope this has been of interest and welcome feedback if there are flaws and not worth anything, that’s why this is being put out to the community.
Thanks JM
ps…. Clearing out a friends belongings you find a scrap of paper. There are no other clues.