Bitcoin Q&A: Are Hardware Wallets Secure Enough?
Ғылым және технология
Are hardware wallets really secure enough? Is the complexity of the setup and execution part of the risk model? What are the most likely ways that you will lose your bitcoin? What is the best way to store your mnemonic seed and passphrase?
If you want to see more about key management practices, check out this playlist: • Key Management: How to...
More on Trace Mayer's monetary sovereignty initiative: www.proofofkeys.com/
CORRECTION: At 9:13, I referred to paper as "Stone Age technology." While I was trying to convey the simplicity of the tool with such a phrase, this is not historically accurate as paper-making is not generally thought to have begun until thousands of years after the Stone Age.
Chapters
0:00 What is the gold standard for storing crypto, for non-technical people? Is a hardware wallet good enough? If my crypto has been on my hardware wallet for a year, is it more or less likely to be hacked over time?
1:50 There is no gold standard that applies for everyone
5:00 What can you do that is practical?
9:35 Pushing people to overextend their technical skill
10:42 We have an intermediate level that people can use
This question is from the January monthly subscriber session, which took place on January 26th 2019. If you want early-access to talks and a chance to participate in the monthly live Q&As with Andreas, become a patron: / aantonop
RELATED:
How do I choose a wallet? - • Bitcoin Q&A: How Do I ...
Secure, tiered storage system - • Bitcoin Q&A: Secure, T...
Hardware wallets and attack surface - • Bitcoin Q&A: Hardware ...
Setting up secure storage devices - • Bitcoin Q&A: Setting U...
What is a private key? - • Bitcoin Q&A: What is a...
How do mneomonic seeds work? - • Bitcoin Q&A: How Do Mn...
Using paper wallets - • Bitcoin Q&A: Using Pap...
Wallet design and mass adoption - • Bitcoin Q&A: Wallet De...
Cryptographic primitives - • Bitcoin Q&A: Cryptogra...
Public keys vs. addresses - • Bitcoin Q&A: Public Ke...
Re-using addresses - • Bitcoin Q&A: Re-using ...
Passphrases and seed storage - • Bitcoin Q&A: Optional ...
Coin selection and privacy - • Bitcoin Q&A: Coin Sele...
Multi-signature and distributed storage - • Bitcoin Q&A: Multi-sig...
Nonces, mining, and quantum computing - • Bitcoin Q&A: Nonces, M...
Is quantum computing a threat? - • Bitcoin Q&A: Is Quantu...
Spam transactions and Child Pays For Parent - • Bitcoin Q&A: Spam Tran...
Orphan blocks and stuck transactions - • Bitcoin Q&A: Orphaned ...
Miners, pools, and consensus - • Bitcoin Q&A: Miners, P...
Software distribution security - • Bitcoin Q&A: Software ...
Protocol development security - • Bitcoin Q&A: Protocol ...
Geopolitics and state-sponsored attacks - • Bitcoin Q&A: Geopoliti...
Sanctions and censorship resistance - • Bitcoin Q&A: Sanctions...
How to get people to care about security - • Bitcoin Q&A: How to Ge...
Honest nodes and consensus - • Bitcoin Q&A: Honest No...
Why running a node is important - • Bitcoin Q&A: Why Runni...
Wallets, nodes, and monetary sovereignty - • Bitcoin Q&A: Wallets, ...
Andreas M. Antonopoulos is a technologist and serial entrepreneur who has become one of the most well-known and respected figures in bitcoin.
Follow on Twitter: @aantonop / aantonop
Website: antonopoulos.com/
He is the author of two books: “Mastering Bitcoin,” published by O’Reilly Media and considered the best technical guide to bitcoin; “The Internet of Money,” a book about why bitcoin matters.
Subscribe to the channel to learn more about Bitcoin & open blockchains; click on the red bell to enable notifications about new videos!
Would you like to help me translate these videos into other languages? Follow this link for instructions on subtitling: antonopoulos.com/video-transl...
MASTERING BITCOIN, 2nd Edition: amzn.to/2xcdsY9
Translations of MASTERING BITCOIN: bitcoinbook.info/translations...
THE INTERNET OF MONEY, v1: amzn.to/2ykmXFs
THE INTERNET OF MONEY, v2: amzn.to/2IIG5BJ
Translations of THE INTERNET OF MONEY:
Spanish, 'Internet del Dinero' (v1) - amzn.to/2yoaTTq
French, 'L'internet de l'argent' (v1) - www.amazon.fr/Linternet-large...
Russian, 'Интернет денег' (v1) - www.olbuss.ru/catalog/ekonomi...
Vietnamese, 'Internet Của Tiền Tệ' (v1) - alphabooks.vn/khi-tien-len-mang
MASTERING ETHEREUM (Q4): amzn.to/2xdxmlK
Music: "Unbounded" by Orfan ( / orfan )
Outro Graphics: Phneep (www.phneep.com/)
Outro Art: Rock Barcellos (www.rockincomics.com.br/)
Join the aantonop Channel: aantonop.io/joinaantonopyt
Пікірлер: 210
You, dear Sir, are the Buddha of Cryptocurrencies.
@guggnermalhii
5 жыл бұрын
Amitofo and Amen to that
@pj6299
17 күн бұрын
Buddha? 🤣
Perfectly answered, what a legend
i repeat that 24 words silently in my mind every night before i go to sleep
@cryptocap3383
5 жыл бұрын
Great if u don't to have heirs!
@vakeone
5 жыл бұрын
It's actually a bad idea to memorize all 24 words. If someone kidnaps you, they can torture you for those words. You can't give it up if you don't know them. That's also why I don't keep my hardware wallet where I live.
@coromboshan1212hh5
4 жыл бұрын
Sleep talking the seed is also a potential risk
@StakedWealth369
4 жыл бұрын
Just get yourself Bitfi
@cacoolkid1
3 жыл бұрын
@Я не знаю как говорить по-русски Not if you announce it publicly in KZread comments lol
More important to have more than one wallet (more than one seed), each one backed up in different locations. So even if the worst happens, u never lose all your coins.
Always great to have the basics reinforced, thank you Andreas for all that you do for crypto!
Short answer: Yes! (11:35) It's worth watching the whole video though.
The biggest threat to having crypto are big mouths. as in rich people who own expensive artworks and like to show it off so can bragging about how many bitcoins you own can get you a visit from not so savory characters.
@cramsa
Жыл бұрын
yup... it's like telling them you have expensive jewlry etc at home... just stay humble and stack sats and keep quite.
For me, it's a trezor model T with the passphrase feature enabled. The passphrase just protects me in case someone managed to stumble upon my 12 word mnemonic. 12 words instead of 24 because I can effortlessly memorize them, and even though the 12 word mnemonic is only 128 bits of entropy... according to several entropy calculators, my passphrase bumps up my total entropy to 298 bits. Add two backup Trezor One's to the mix for redundancy and that's about as secure as I ever care to have
@velezmusic4350
25 күн бұрын
When you say backup - you mean each subsequent Trezor also was set up with the same wallet ? Your system seems comprehensive but simple I like it. Thank you
Gratitude for everything you have contributed to Bitcoin awareness and educationa over the years.
Seen this topic covered in many of your longer videos/lectures, but this video is really great as a standalone.
thanks Andreas ! You have been my greatest Bitcoin guru since 2014. bless !
Perfectly perfect....experience, knowledge, Skills all together at one place...thanks
430 stainless steel sheet and metal punch set for stamping the phrase is perfect against corrosion or fire.
@EntropyBeater
5 жыл бұрын
And make sure the embossed side is covered by another stainless steel sheet and store it in tempered-evident sealed envelope, to prevent people 'feel' the emboss without opening the envelope.
@TheHonestFoodTeller
4 жыл бұрын
Плюс гумена боя отгоре и сигурна парола (passphrase)
This is great. Thanks Andreas for your great work in the space!
Thank you Andreas! I was just wanting this question answered! You’re answer makes perfect sense and is exactly what I am going to do!!
Thanks again for all you! You’re helping thousands of us.
I suggest you pick a day of the year to check on your backups...make sure theyre still there, undamaged, you still remember everything. This is something practical you can do, once per year to ensure its safety. Also, make sure you have a method of passing on in the event of your death, if thats important to you.
The teacher has spoken!
thank you Andreas! And thanks to Adam Meister for bringing me here!
Perfection - doing all of this already and did this right from day 1 (even with my tiny amount of crypto) - if I didn't want to lose this amount in a wallet or bank account then I felt I needed to protect it here in this space, and I have one of the copies in a fireproof, waterproof lockbox that only my trusted people know about in case something happens to me! No regrets in the worst case scenario of any type.
simplicity is the hallmark of genius
Ty for increasing the volume on your videos.
Every single crypto investor needs to see this
Great questions and answered, liked the one about whether security lessens over time. I have a tendency to think i need to keep doing something to preserve security.
Your Wealth of Knowledge Is Amazing! Thank You.
Perfect statement @1:00 - @1:45
The last part was cool. Nice one. Thanks
Thank you for the explanation, I have the hardest time explaining to others levels of security one would use
Thank you Andreas !
Great answer
Excellent advice. Thanks Andreas!
Great content. Thanks for breaking it all down for us.
Great answer Andreas !!
Concise nonbiased information
As always, AA has the answer. Thank you.
Wise words from a wise man. Andreas always makes me feel better about owning crypto
You are the man Andreas
Very well said, Andreas.
Beautiful response
Thanks Andreas!
Great stuff as always. Legend!
I do appreciate a lot your content Andreas. Thank you a lot ! BUT PLEASE FIX YOUR MIC / audio is oversaturated and not crystal clear...
Brilliant answer
Really well stated, well done 👍
THANKS YOU for addressing this issue. I had the exact same question/complaint about Trace's assessment. I thought Trace's opinion was WAY TOO COMPLEX for the AVERAGE person and that he was being quite pompous to not address how THE AVERAGE PERSON should handle security. While it is OBVIOUS that it will differ depending on the level of expertise - Trace makes it should as though - his suggestion was the only suggestion and if you don't use that COMPLEXITY - you are at risk. I agree with you 100%. You are AT RISK if you don't understand how YOU can best secure YOUR keys. Simply put - If you try to do something you don't understand - You are at GREATER RISK.
Even a bitcoin core dev messed himself up putting his seed phrases in an internet connected device but he thought he was safe because he encrypted it in a file BUT he put his password manager on the cloud or something like that and the attackers got to it…. Your keys in an hardware wallet with updated firmware IS SUBSTANTIALLY BETTER than some crazy setup some of these “experts” suggest.
Thanks
Hi Andreas, great answer. Thank you ! Did you manually edit the google subtitles? Some words have been added in square brackets like "Ledger" becomes "Ledger [Hardware Wallet]". Some things have been removed like "Umm so here's the thing." --> "Here's the thing:" and phrases changed. "The different audiences, different groups of people are going to have different risk models and they're also going to have difference ahh tolerances for technical complexity" --> "Different groups of people will have different risk models and tolerance for technical complexity". Just curious as to whether you uploaded the subtitle script, or whether google AI made the modified script from the audio.
@aantonop
5 жыл бұрын
I have subtitles manually edited, yes. The subtitles that KZread auto-generates are usually awful.
Perfect advice! Thanks!
love this guy
Morning Andreas. I have an absolute noob question. I have EOS accounts, and over the last few months started looking at Bitcoin. I seem to be confused whereby Bitcoin keys seem to be different to EOS accounts. In short, I bought a ledger to hold cold storage, but am unsure how it works. I have set it up with recovery seed etc, and then installed the Bitcoin APP, but am hesitant because I have not associated any private keys to it. Am I merely being a numpty? Are the keys already in it? Can I just send my exchange based BTC to it now? I feel this is probably far simpler than I imagine it. Chuck me a bone please LOL
Thx
Isn't there also the risk that Trezor or Ledger releases a malicious firmware update?
@cxMLG
5 жыл бұрын
Yep, the only insurance is us knowing the owners of trezor/ledger.
@Tapepusher
4 жыл бұрын
This is such a shame that you'd be dependant on that. We'll get to trustless eventually as it should be, but it's lots of hard work and time.
@Sadrx
3 жыл бұрын
No. Updates are open source. You can review the update yourself or lean on the technical expertise of the entire bitcoin community to review the firmware updates.
Love your channel!
And telling the truth gets you a sub.
I smiled like an idiot with your explanation, you explain it BRILLIANTLY! THANK YOU!!!!
No. Ledger taught us (by accident) that they easily have access to our private keys. They originally swore that it was impossible.
@pomp4401
Ай бұрын
Delusional
@billyjean9484
Ай бұрын
@pomp4401 only multi sig using different hardware wallets will survive.
Excellent advices.
how secure is a bluetooth hardware wallet like this nano x for example?
What the hell is that 4-6 pass phrase that goes t protect the seed? How do you create that?
Good explanation. Even high technical and professionals fucked up. Look at what happened to quadrigacx. The ceo died and he was the only one who knew how to retrieve fund from their cold storage, 190millions usd lost... Keep it simple and make sure your siblings knows how to retrieve the funds when you are gone.
@MatCendana
5 жыл бұрын
Thanks for mentioning this here. I did a search and found out this is very new. cointelegraph.com/news/crypto-exchange-quadrigacx-missing-145-mln-after-death-of-founder
@whyask8044
5 жыл бұрын
stop saying he died. he stole the money and ran away.
@MatCendana
5 жыл бұрын
@@whyask8044 Based on the latest reports, that reported 'death' is very suspicious. At that very young age (like this is the Middle Ages), and dying in India where certificates aren't too difficult to obtain. Then him being the only one who has access to the private keys, which isn't the norm when it concerns exchanges' cryptos. On the other hand he had been very thorough making plans for his family. I suspect the wife is likely also a conspirator. Maybe others at the exchange too. Looks like an exit scam with scumbags running off with customers' fund.
@b.griffin317
5 жыл бұрын
if it's a scam, wouldn't it be obvious if those addresses start getting drained at some point?
Hands up!
Great video
Excellent project
Perfect
Otimista
Wow... Great vid
where can i download the Unobatinuim Linux distro ?
I have ledger and don’t recall being given an additional “pass phrase” with my 24 word seed.
@cryptoinsider9305
3 жыл бұрын
This is a Valid Question. How do we get the Pass Phrase?
@susmitasinha019
3 жыл бұрын
You are not GIVEN a passphrase but you have to choose one on top of the seed phrase that's generated by the hardware wallet. Seed phrase alone = access to a set of addresses & corresponding private keys of a hierarchical deterministic wallet. Seed phrase + passphrase = access to a completely different set of addresses & corresponding private keys of another hierarchical deterministic wallet.
@cryptoinsider9305
3 жыл бұрын
@@susmitasinha019 Thank you for the explaination, I have more understanding now.
@RL-hh2tb
3 жыл бұрын
@@susmitasinha019 so where are you prompted for the passphrase? Will the ledger device for instance, prompt you? Thank you
Smashed the like
Andreas for Secretary of the Treasury!!!
Kraken directs users directly to this video for an explanation of why they're not a wallet service and why we should consider a 'hardware wallet.' I haven't watched the video yet. I've been learning about crypto for less than a week, and here to learn. Just thought someone might appreciate knowing.
Is there a list or diagram on these processes please? After all this is setup, I'm just a noob who would like easy day to day fruit juice purchases, with my savings safe.
Polymer paper + lamination + tamper proofing.
How to verify a file signature of the trezor bridge?
AA, is there a technical analysis tool that is used to find that "sweet spot" for individuals or enterprises? Would they use something like a SWOT analysis to assess an optimal solution?
@michael4383
5 жыл бұрын
why people always overcomplicate things? you have a hardware wallet? thats fine.
@islandbee
5 жыл бұрын
@@michael4383 - Falco, because humans are complicated. And I don't have a HW wallet. Rock me Amedeus!
@napoleon2564
5 жыл бұрын
If you have less than 100 btc a trezor is fine.
@islandbee
5 жыл бұрын
@@napoleon2564 - In my hometown, there was a flyer posted up for a $500 reward from someone who lost their Trezor out in the streets. This tells me that that there needs to be more training and guidance when it comes to storing and managing cryptos. Feel bad for the guy. Yikes! 😱
@napoleon2564
5 жыл бұрын
@@islandbee thats kinda dumb. If you have the paper backup you can just sweep the funds into a hot wallet and send them to a new trezor. They're like $80.
How would one add a passphrase to ledger nano? There is only option for a pin on the device? Would be great to do this since the 24 words might be guessed by some random person wanting to win the crypto lottery?
@thingsthatmake
2 жыл бұрын
Ok, now I see that the 24 words are chosen from a large list of 2048 words, so odds are astronomical. However, if someone figured out how the wallets create the seeds in the first place (if not totally random) then they could work backwards to re-create them from there... Hmm.. I guess the passphrase is a good idea.. maybe later I can get to it.
Simple you use the Blue Protocol wallet way way better than a trezor or ledger and has additional security features no other wallet has , basically the most secure wallet presently available
The most of the hard wallet the brands say even if the hard wallet is damaged or lost for some how you can restore your wallet with the passphrase in any other hard wallet. So if that's the true, my question still in place how hard wallet still secure enough? How still secure against brutal force trail and error to find out my private key?
Crypto Legend
lolol me all day... def an intermediary in storage techniques and many times have I put my hands up and left it on Coinbase lol
Hey Andreas thanks for this. Is it safe to use online password managers like LastPass and Keeper security?
Lol the ending!
i think the guy that ask the question probably wants to add complex security layer on top of what he has. this is dangerous as too much security without proper management is dangerous.
Answer the question!!!!
Hi, you are absolutely Genius, happen exactly to me I lost my crypto I don’t know even how I send but I didn’t receive on my wallet and no customer service from ledger nano x.
I love you
seeds in metal cards
What if the hardware wallet company goes bankrupt and you loose the hardware wallet but you have your seeds all save how can you get access to your cpbitcoin?
Know what you do not know
@banzobeans
5 жыл бұрын
kzread.info/dash/bejne/qaqKssayicjHgbg.html
He talking about that sweet spot. Sounds like some good......... Nevermind.
sure this should be secure enough
100% Security should be proportionate to amount at risk combined with your technical abilities. Use your brain. Think through possibilities.. Know features of hardware wallets available.
Memorize the seed?
Can the person who has the seeds gain access to your cryptos without the hard wallet if needed?
@aantonop
3 жыл бұрын
Yes.
@amyhoang9140
3 жыл бұрын
@@aantonop Great! Thanks. So this means I still can get my cryptos without my wallet (I actually lost my usb cable to trezor one and have not been able to find a compatable usb cable to use). Can you please explain how or do a video on this? It's my understanding that if you lost your wallet, you can only use the seeds to transfer cryptos into another same type of wallet. Is it true?
What is he talking about by pass phrase? Like encrypting the 24 word seed???
this has the best likes to dislike ratio i have ever seen
I don't like paper. I wrote my backup on a thin metal sheet with a permanent marker. I made 3 of them and cut them in half so I got 6 pieces. I have 2 pieces. 1 at home and the other in a bank. The other 4 I gave to different family members.
@aantonop
5 жыл бұрын
We do not recommend seed splitting schemes. If you really feel the need to do so, you should consider using a multi-signature setup instead. kzread.info/dash/bejne/nIRr0qegctPHf5M.html kzread.info/dash/bejne/lXWElNdvp8KXXc4.html en.bitcoin.it/wiki/Seed_phrase
The key reality is that most people simply will not take all of these extremely onerous steps of writing seeds and phrases on separate pieces of paper, in triplicate, to then store them in multiple locations, in order to protect their cryptocurrency. This whole process needs to be made much simpler or crypto will never achieve mass adoption. There must be a way to combine cryptographic protection with 2 factor authentication to so that there can be one electronic storage space to back up what the user also writes down and stores in their home, or another secure location.
@daireconnolly522
Жыл бұрын
There will be centralised bitcoin banks. I think it's a utopia to think everyone using bitcoin will do the above as stated. I think people will just use centralised bitcoin banks
@32brookse
Жыл бұрын
I got my parents, who are in their 80s, to buy and store Bitcoin on an exchange, and even that was (and remains) a *huge* challenge. Trying to show them how to use a wallet and securely store seed phrases is unimaginable.
@daireconnolly522
Жыл бұрын
@@32brookse lol man the fact you got them to buy it is insane 😂 80 is next level. My parents in their 60s are at the same stage In 50 years time though basically everyone on earth will be technologically literal so there's that I guess I'm just currently researching if multisig is worthwhile like right now I just have Trezor on its own and I do have it well secured. Just in limbo about taking it to the next level and that includes getting a coldcard and what not too. When whatever economic apocalypse is coming I hope my Trezor is enough 😂
You didn’t mention invisible ink ;-)