1/18 Storing clear text secrets without risking it all.
A thread on @COLDCARDwallet's Seed XOR function, what it is, and how to use it.
A thread on @COLDCARDwallet's Seed XOR function, what it is, and how to use it.
2/18 This thread is the short version of a more detailed article which can be found on the @BitcoinMagazine website here:
bitcoinmagazine.com/guides/how-to-…
bitcoinmagazine.com/guides/how-to-…
3/18 The full article covers @COLDCARDwallet unboxing, initial setup, PIN creation, Firmware update & verification, creating a new wallet, and adding a passphrase. Check the full article if you are setting up your ColdCard for the first time.
4/18 Securing your #Bitcoin seed words in steel mitigates environmental hazards like fire & flood. Without an added passphrase, the steel backup alone could be used to steal your #bitcoin if it fell into the wrong hands. Seed XOR provides plausible deniability & added security.
5/18 The plausible deniability is introduced because Seed XOR splits an existing seed phrase into multiple, fully functional seed phrases. These could be loaded with duress funds and stored in separate geographic locations.
6/18 The added security comes from the requirement for all pieces to be used in reconstructing the original seed phrase. This differs from multisig. Consider the tradeoffs carefully not only for you but also your loved ones who may be restoring your wallet without you some day.
7/18 With Seed XOR, any physical copies of your original seed can be destroyed and then the pieces from the split, stamped in your steel backups can be used to reconstruct it while also acting as fully functional wallets themselves.
8/18 Navigate to Advanced>Danger Zone>Seed Functions>Seed XOR>Split existing. Then you will see a short description of what you are about to do with the option to split your seed into two, three or four parts.
9/18 You'll have the choice between a deterministic split which will result in the exact same sub seed phrases every time or a random split which will always produce different resulting seed phrases. Deterministic could indicate to a savvy attacker that there are missing pieces.
10/18 The resulting seed phrases can be double checked, tested, and then marked and stamped into your steel backups. Then the paper copies can be safely destroyed 🔥
11/18 Then think about your threat model and where you want to securely store your steel backups. Geographic distance, accessibility, and threat modeling are some things to consider.
12/18 Later, when combining two seeds together to reconstruct your original seed, every word from your 24-word seed phrases gets converted into a three-digit hex sequence from this table:
seedxor.com/files/wordlist…
seedxor.com/files/wordlist…
13/18 The hex values get added together using a table that makes it so that it doesn't matter which order they are combined in, e.g. A then B or B then A. Take for example, 7 + 9 = E, and 9 + 7 also results in E.
seedxor.com/files/workshee…
seedxor.com/files/workshee…
14/18 Here are both of my Seed XOR resulting seed phrases converted to hex values and then combined. Taking the values from the A⊕B row and using the seed-word-to-hex conversion table, you can see that the original seed is being reconstructed:
15/18 Adding seed phrases together can be done on paper with the worksheets. To restore from Seed XOR on a new or blank @COLDCARDwallet, navigate to Import Existing>Seed XOR. It is a good idea to keep record of your original seed's 24th word, you will choose it from a list.
16/18 The resulting seed reconstruction can be used as the stored secret on a new or cleared @COLDCARDwallet. But if it already has an existing seed stored on it, then this process will need to be repeated the next time. Don't forget to add your passphrase if you used one.
17/18 Check out @BitcoinQ_A's detailed explanation of Seed XOR along with links to additional resources as well for more information.
github.com/Coldcard/firmw…
github.com/Coldcard/firmw…
18/18 Now you can have your seed phrase secured by storing the required pieces to reconstruct it with their own duress funds and in different geographic locations. Consider the tradeoffs carefully with your security model and hopefully this tool gives you some new ideas.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
