Transactions with cryptocurrencies have several advantages as compared to that of normal currencies which paved the way for its wide global acceptance. Despite all these benefits, the crypto currency transactions face several issues with regard to its safe storage and maintenance. Its security can be made possible by taking the backup of these cryptocurrency transactions and storing the same through hot storage or cold storage devices.
In this article, we are discussing the methods to add a second layer of security to your seed words.
- Seedwords
- Need for storing the seedwords
- Types of Storage
- Why Metal Wallets?
- Need for adding a second layer of security
- Methods for adding a second layer of security
What is a Seed Word?
A seed phrase is a list of words generated by the cryptocurrency wallet and it works as a backup of your private keys and gives access to your bitcoin funds. It is automatically generated when you create a crypto wallet and you can note it down and use it as backup of your funds. With this backup, you can download the same wallet software again to get your bitcoins back.
In the following situations, seedwords comes to help you to recover your funds:
- You lose your wallet’s password
- You lose the device where your wallet is installed
- Your wallet is not functional
Need for Storing the Seed word:
You have to keep your seed phrases safe from loss and unauthorized access. If you lose your seedwords, you will lose the access to your crypto funds. If someone got access to your seed phrase, they can easily access your crypto funds.
Types of Storage:
You can keep these seed words safe by using any one the off line storage methods – Hot Wallet & Cold Wallet
Hot Wallet – (a) Mobile Wallets (b) Exchange Wallet (c ) Desktop Wallets
Cold Wallet – (a) Paper Wallet (b) Hardware Wallet (c) Metal Wallet
Why Metal Wallets?
Metal Wallets can overcome many disadvantages of Hot Wallets and other Cold Wallets as they are safe from issues like hardware failures, online hackers etc. and have many benefits such as durability, resistance to fire, water, rust and corrosion. Moreover, you can safely share them with your friends or family as a secondary storage device.
Need for Adding a Second Layer of Security:
But the fact is that even though the offline storage of seed words provides security from online attacks, it may sometimes fail to face physical attacks. In such a case, you have to provide additional security to your seed words by adopting any one of the following methods of your choice.
Methods for Adding a Second Layer of Security:
a) Punch numbers instead of BIP39 seedwords:
Suppose, you are keeping the seed words in a metal wallet. Here you only need to punch/ scribe/ engrave your BIP39 seed words corresponding to numbers (ledger/trezor standard) onto the metal plate so that nobody will ever know what the number mean on the plate.
b) Add Passphrases to your seed words:
Passphrase is an extra word which is added to your seed. For 24-words recovery phrases the passphrase is referred to as the 25th word. Then you will have a new set of accounts which are completely separated from those generated by the original seed.
How can we add the 25th Word?
The 25th word refers to adding an optional “passphrase” or extra word(s) to our 24 word seed. A passphrase can be any word, phrase, any set of letters, or even a sentence up to 50 characters long. Passphrases are case-sensitive. It provides extra security to your password.
There are 2 ways for storing the 25th word. You can either keep it in your memory or can store it in a separate location. But in the first case, there is a risk of forgetting the password.
Even though the 24 word method in BIP39 is strong and secure, storing the 25th word provides an additional security. That means. if a person gets your 24 words keywords, he can do nothing without obtaining the 25th word.
c) Encrypt your recovery seed words:
Encryption is the conversion of data from a readable format into an encoded format. You can read encrypted data only after it is decrypted.
“Cryptoseed encrypts your recovery seed with AES256 and encodes the encrypted data into a QR Code which you can print out and keep anywhere”.
(Arlen Anderson, Cryptoseed developer)
You can save your encrypted seed word in either offline or online mode. In this case, you can take a print out of the QR Code and keep it safe anywhere.
The matter is that even though it provides security against theft, it will not protect your seed phrase from physical damages like fire, flood etc. In this regard, Anderson recommended to use the Cryptoseed on an offline computer so that no hackers can attack it and no third party can steal it.
d) Shamir’s Secret Sharing:
Shamir’s secret sharing (SSS) is a cryptographic technique formulated in 1979 by the Israeli cryptographer Adi Shamir. The essence of Shamir’s scheme lies in the ability to back up, share and recover a secret through breaking up the secret into multiple shares that are individually useless and leak no information about the secret or the scheme setup.
For example, a “3 out of 5 Shamir backup” means that the user created five shares when setting up the scheme and the threshold requirement to access the original secret is three shares. It doesn’t matter which three shares are used to recover the secret.
Earlier we have mentioned that there are 2 types of risks – Theft and Loss.
- If you are more concerned about loss of recovery words, then you can make several copies and keep them in different places. For eg., One at home, one with a friend and the balance in a safe deposit box. The more copies you make, the greater is the risk of theft.
- If you are more concerned about theft of recovery words, then you can split the 12-word recovery word into two equal parts and store them separately. The risk is that if any one of them is destroyed, you will not be able to reassemble the recovery seed. Moreover, if someone steals the first 6 words of your recovery seed, they may sometimes be able to reveal the remaining words of your recovery seed by brute-force search.
You can select any of these methods of your choice and it is always advised to use decentralized seed stored as a backup and to have your own seed phrase saved on a metal plate.
