Can You Solve This Impossible Problem Of Crypto Security?
Whenever crypto security advances, especially when it comes to protecting our private keys, someone always come up with a "yeah but...". This creates very murky view as to exactly what the best security solution is. In this video I share with you a model I created that maps out the way I see this problem and how it seems unsolvable without trusting someone.
●▬ Take My Online Crypto Courses For Crypto Investors ▬▬▬▬▬●
https://cryptoversity.krtra.com/t/Fukofth15DZa
●▬ Earn Crypto Rewards By Supporting The Show As A Patron ▬▬▬▬▬●
https://cryptoversity.krtra.com/t/7WSsmETiXV9c
●▬ Donate Crypto Anonymously ▬▬▬▬▬▬▬▬▬●
https://btcpay648087.lndyn.com/apps/4LDHdzzzz8XS97g31aX1TTcMGR7Y/pos
●▬ Social Networks ▬▬▬▬▬▬▬▬▬▬▬▬▬▬●
Steemit: https://steemit.com/@marketingmonk
Twitter: https://twitter.com/ChrisConeyInt
Telegram: https://t.me/TheCryptoverse
Reddit: https://www.reddit.com/r/TheCryptoverse/
Minds: https://www.minds.com/thecryptoverse
Gab: https://gab.ai/chrisconey
●▬ Sources ▬▬▬▬▬▬▬▬▬▬▬▬▬▬●
Please become a supporter on Patreon to access the list of sources and save yourself the time searching for them https://www.patreon.com/TheCryptoverse
You nailed it. I've thought this for some time - there's actually no solution right now that is actually "secure" and permanent.
Crypto is precisely about this trade off though, isn't it? Freedom. And Responsibility. The current financial system has all sorts of safe-guards that rely on a network of other systems to establish trust - government ID, account numbers, PINs, tax ID, security questions. They're all just creating multi-factor authentication schemes. Crypto has no real analog to this unless you, the user, choose to bring it on board. The choice and its trade offs are yours to make based on your comfort level.
The brain wallet is the closest thing you're going to get and requires discipline to rehearse the phrase regularly from now until you're tired of HODLing.
Possible solutions may exist in the future though - the whole underpinning of modern cryptography is that algorithms can be public and using a tiny seed of secret information, you can secure the whole thing. It's feasible that someone could create a paper-recovery-phrase algorithm that takes a secret-question style input to generate a key/recovery phrase and the algorithm can be run by hand. If we had that, a person could use secret-question style inputs that they are unlikely to forget (not random, tied to other significant things in their life that perhaps only they know), run the algorithm by hand to regenerate the recovery phrase, which they input into a computer to regenerate the key.
The only analogy in my mind is storing of physical gold. The same questions arise when analyzing the trust and storage question. At some point either you assume all the risk or you must trust someone.
Physical gold or bearer bonds are similar but slightly different (more secureable) - a person only needs to have temporary access to your phrase then they can recreate it outside the storage environment. In many ways, the seed information is far more sensitive than something you must physically transport/exchange/transact.
My first thought is that you should add these graphics to one of your courses. It's a nice visual way to demonstrate what's going on.
Next, I simply could not get past trust. I kept thinking that the private company that holds your cryptotag provides insurance, which, of course, brings us back to some form of traditional banking.
I once tried a "brain" wallet that involved steganography. The code was an unforgettable number linked to a book that required a procedure to determine how to connect the aforementioned two to decipher the private key. It worked great, but after a few uses, it routinely took me an hour to figure out my own code. And even then, you still have to share it with someone else so it lives beyond a personal injury.
In summary, "I got nothin!"
As someone already mentioned multisig wallets will be a must for future institutions being able to have crypto, shared signatures managed by a corporation of several directors or governance heads, and I only add that smart-contracts and timelocks could be usefull as well , I would expect example to see in future "legal testament", the private keys (or the recovery phrases) of crypto wallets, such documents are already 'secret' legal documents holded in secret untill one dies (by legal nature official assured) like patent holding agency cannot disclose the whole secret of coke or a cancer drugs, or a wealthy person testament, or the closed-sw-hashgraph (so there are valued secrets that can be registered by in some official legal systems) , these will end up being re-used depending on the big/huge amount of wealth that crypto will be recognized ... and that only depends on adoption and recognition by other civilized human organizations. For small amounts no trust in anyone is enough and your head should sufice, or make some puzzles like "The Da Vinci Code" just for the fun of it... do a pirate treasure map as to where you dig and hide your "cryptotag" then split it in half leave hints in your skin tatoos... LoL
Great analysis! REally the crux of the problem in a nustshell.
Deep thinking, like everything in life, there is always a risk hence the element of trust is needed, as something can happen to you.
In the future when crypto adoption takes place and mainstream, I am going to use the word 'Insurance'. To have protection over crypto, or to certain limit, 'Crypto Insurance' can be solution as we have Insurance for our procession like home insurance.
'.
You really thought this through and presented valuable measurements for protection. This really makes more sensitive about protection in general. We need trust in storage, we need trust in the systems. We are vulnerable on multiple levels and there is no 100% security, besides the fact that all is temporary. Still it is good to care for optimal protection measurements. Thanx.
What if you don't place all trust in one place... example.. 2/3rd of recovery phrase at each of 3 locations...
super!
Don't let anyone know you have crypto in the first place. Because with all the security measures in the world, someone can put a gun to your head and say "give me all your crypto".
I think maybe not if multi-sig becomes the standard...
Posted using Partiko iOS
I think multi-sig wallets will be the preferred way in the future, particularly for institutions as they venture more into the space. Trust will always be a part of managing assets as it mitigates the risks of losses due to accidents.
Posted using Partiko iOS