This is for a non-collaborative wallet, for long term holding. I don't need fast access to spending from this wallet, but I do want to make my setup as bulletproof as possible without making it more complex than it needs to be. I've been using a Ledger hardware wallet for years with a strong passphrase, but since I no longer trust Ledger (eff their seed extraction firmware!), this seems like a good time to re-evaluate my security.
I'm debating between one of the following:
Singlesig: a hardware wallet using a 24 word seed with a strong passphrase (7 words or more, with spaces).
Multisig: two hardware wallets, each using a 12 word seed (no passphrase), to create a 2-of-2 multisig wallet. Why 2-of-2? Since this wallet won't be shared with anyone, there's no need for a 3rd key. Also, with only 2 keys, the wallet can easily be recreated (if the wallet file is lost or corrupted) in 3 easy steps. 1: restore wallet A as native segwit using the first seed phrase. 2: restore wallet B as native segwit using the second seed phrase. 3: recreate the 2-of-2 multisig wallet using the keys from wallet A and B.
Regardless of which method I choose, the seed or seeds will be written down on paper, backed up on metal, and locked in two secure locations only I have access to (and if I stick with singlesig, the passphrase will be written down and kept in multiple secure locations, just as I have been doing for years).
If I stick with singlesig, I'm switching to a Blockstream Jade with a new 24 word seed and a new passphrase.
If I go multisig, I'll use a Blockstream Jade and some other hardware wallet (probably a ColdCard, or maybe a SeedSigner).
I know someone will read 2-of-2 multisig and think "What if you lose one of your keys?" I've been securing my seeds for years. I'm very confident in my ability to back up and secure my seeds. I take my security seriously. I feel like the ability to recreate the multisig wallet without a wallet file (if the file gets corrupted, for example) minimizes risk over the next 10 to 20+ years (though I would of course back up the wallet file and secure it in multiple locations if I go multisig).
One more benefit of a 2-of-2 multisig is that it would be easy to use hardware wallets, stateless, which means there's zero risk from the devices themselves since the hardware wallets wouldn't save any data. Not even the seed words.
Thoughts?
P.S. I realize this is a long post, but owning crypto means being your own bank. I take this stuff seriously. I assume you do too, so let's discuss!
[link] [comments]
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments