Great video, Rhett! I have worked with random generators in my own code and know that the identical seed will generate the same number from experience. I could not figure out how 2 Trezors with identical software could generate different random numbers. No one else has explained this to me as clearly as you. Thanks.
Glad to help :) Yeah random functions are pretty interesting. Really the danger comes when you try to roll your own seed, most of these devices out of the box work fine.
Yeah it’s pretty interesting. I wasn’t really clued into the topic until I stumbled on that Twitter thread. Good to know I think, but most people will hopefully never need to know haha. Will be good if this saves one or two people from a low entropy seed
This video is really phenomenal. In just a few minutes of watching it, I've decided that I will not be making my own seed phrase from dice. Ever. At some point we have to believe that the people behind Trevor and Coldcard and others are better at this than I am. I come from the financial world. This reminds me of those who think they can outperform the stock market, when all the facts and data say the best way is to buy a low cost index fund. At some point you have to make the most logical decision and not think we are the smartest people in the room.
Happy to help. Yeah this is a pretty crazy concept. Dice can be really dangerous. Exactly - we're rarely the smartest people in the room especially on every topic.
Not all random numbers that come out of a computer are generated by an algorithm. What you spoke about is PRNG (Pseudo Random Number Generator). There is also TRNG (True Random Number Generator) that uses some miniaturized natural phenomenon to generate non-deterministic random numbers and feed them into the computer. For example, a very low-power light beam can be shot into a crystal and the quantum randomness of a low-power light source can cause photons to exit the crystal in unpredictable directions. This can create true random numbers. Ledger claims to have an onboard TRNG, but of course, take Ledger's claims with a cup of salt. I generated my own 256-bit random number. I am an astrophotographer and I took a deep-space image of a galaxy and sampled a row of 256 pixels across the galaxy's core. I passed the data through a simple function on an air-gapped computer to generate a 256-bit binary number that then generated my seed phrases. There's enough quantum randomness in camera pixel readings to create true random numbers. Creating your own random 256-bit binary is the undisputed safest way to generate seed phrases.
@@RhettReisman Similar to your 1-1000 example, there's a finite (although huge) number of btc addresses. Is anything more than 100 dice roles unnecessary, given you've already provided sufficient entropy to cover all 2^256 addresses?
I read the Ledger article, and isn't 2^256 random enough? Dopey me, but there's more possible private keys than than there are atoms on earth. Anyway, an interesting look at options. Nice work with the lighting /production improvements, btw. Looking better than ev.
Thanks 🙏 got a new camera, might switch to it permanently (still might use the old camera and lightning for back to monitor videos - needs an upgrade for sure) I think ledger’s process is probably fine (and I’m still using ledger) unless we start to see mass ledger hacks - maybe I wasn’t clear enough about that a bunch of people have asked.
Ledger’s process for generating seeds is in the description. You can’t add entropy to a ledger, so unless ledgers start getting mass hacked I think everyone will be fine - I use a ledger in my multisig. Entropy becomes a problem when you try to roll your own seed and don’t make the number random enough.
Trezor entropy is open source - it should be fine as long as you’re not rolling your own seed with low entropy Trezor code: github.com/trezor/trezor-mcu/blob/master/firmware/reset.c#L46
This is deep, but like so many of your videos looks super informative. I basically get it but will have to watch this one again to fully understand it.
I've just watched it again and it did make more sense this time round. I was at 50% understanding, now I'm 90% there. You explain things very well, especially for a tricky concept. I just need to relate it fully to how the coldcard performs each method - seed input and no seed input. I'm sure I'll get it fully when I have time for a 3rd watch. Please do make the video as you suggest showing how a poorly generated code could be swiped.
Good clarification thanks for asking The entropy is used to generate the bitcoin seed phrase. If I have a function that generates a random number given a seed (not the bitcoin seed but a fixed value to give the random function direction) it will always generate the same number given the same seed Random(5) = 12345 5 is the entropy (also called a “seed” in random functions which might be where the confusion is) that generates the bitcoin seed 12345 The problem is that 5 is a really easy number to guess, so if you have an easy to guess entropy you can recreate the bitcoin seed phrase. You would want something like this instead Random(3648362864387394749338399….[until you reach enough entropy]) = ??? Some very random bitcoin seed phrase Hope that made sense
Hi Rhett. I have seen this video a couple of times. It is a fantastic issue and key to safety for the seeds and wallets. Is there any number where it begins to be absurd about the dice rolls? I get that 100 is essential, but how about the maximum? When does it not make any sense anymore because the math in the hardware wallet software can process so many digits? For example, 250 dice. And finally, how will it look like a dice roll-generated seed (at least 100 to 250 dice) with a passphrase added? Does this make sense to you? Thank you so much! Amazing content! 💪
PD: Finding the holy grail of security may not be so important now. Still, it will surely be vital in 10 years with quantum computers, the exponential generation and use of seeds, and the - hopefully - rising price of bitcoin. Best!
Happy to help! Yeah this is an interesting topic. Anything over 100 is wasted entropy (ie. Rolling 2000 dice is the same as rolling 100) You could optionally add a passphrase on top of your seed for more security (but it’s a trade off as you’re adding more complexity).
That’s an interesting method. I haven’t heard of any that do, but it sounds like it would probably work. I guess it still comes down to is the algorithm that takes that noise and turns it into a number truly random or just pseudo random
Multiple Sigs are more complex to properly set up vs just rolling dice into a cold card and having a good pass phrase. Multi Sog sound more suited for a company or business.
For 100 dice rolls you have 6**100 which is 6.5x10**77 which is very secure, however maximun entrophy is achive with a few more dice rolls since if using a 24 word seed you have 2048**24 which is 2.9x10**79 posible seeds. Idealy you want the entrofy higher than the number of possible seeds, that means the number of dice rolls should be 103 or higher for optimal security using 24 word seeds, however 100 dice rolls is so close to max security it is fine.
There’s only 2**256 bits of entropy in a Bitcoin private key which is less than 6**100. 24 word seed phrases don’t have any more entropy than a 12 word seed phrase. Good reminder that the BIP 39 mnemonic words are not private keys, they a representation of a private key.
@@RhettReisman are you sure? Since if using a 24 word seed my understanding is that if 2 seeds are different so are the private keys, since for each word there are 2048 possibilities that would make a total of posible combinations of 2048**24 to exceed this number 6**x. x has to be greater than 103. 2048 is 2**11 11*24 is 264, I get 2**264, not sure how you got 2**256
@sergiosergio12345678 Private keys use sha256 (256 bits of entropy) en.bitcoin.it/wiki/Elliptic_Curve_Digital_Signature_Algorithm Andreas Antonopolous has a good video explanation that I’m having a hard time finding rn but I’ve linked it in a previous comment somewhere 🧐 The mnemonic phrases are not the private key, they are an abstraction of the private key. There are more 24 word mnemonics than there are private keys (some of the entropy is lost in conversion). 12 is enough to generate the full entropy which is why a lot of wallets suggest 12 words.
@@RhettReisman You are correct something new I learned today thanks for the link, but that means there are less private keys than possible 24 word seeds, however when using 12 word seeds the number of possible seeds is lower than the total number of private keys, which makes 24 word seeds more secure, however 12 word seeds for all practical purposes are extremely secure. That is interesting because it means 2 different seeds could have same private key even though the probability of that happening is extremely small.
@sergiosergio12345678 That makes sense - I found the video with Andreas. czcams.com/users/liveU0T49duRt74?feature=share @ 14:00 He’s saying that even though what we just said makes sense it’s actually only 128 bits of entropy that get used (not 256 that I originally suggested) which means that 12 words is sufficient and 24 is same security as 12. 2048^12 > 2^128
12 words and 24 words actually have the same amount of entropy. If you're using a hardware wallet and you use their random generation function, you should be fine. If you're using a hardware wallet and elect to roll you own seed, you NEED to roll 100 dice. Any less loses security. I plan to live stream in the future to show how fast a low entropy seed will get hacked (sub 10 dice I imagine will get hacked very fast)
Hello. Do you happen to know which hardware wallet let us view private keys of each coin? I know, it is seen as "vulnerability" but I want to have full control over my keys. Do you know which brand can do it?
so are you saying, if I setup a cold card using their default "generate me a seed phrase" I'm basically trusting them to "roll the dice 100 times" whereas, if I didn't want to trust them, I could roll the dice 100 times and generate my own seed phrase that I know is TRULY (or as close as humanly possible) random?
I have two questions?? If my crypto from Bitcoin is transfer to Trezor T model hardware wallet. All my crypto ( digital assets) will only stay safely in Trezor T. Is that correct? Let says, All my crypto from Coinbase that I have transferred to Trezor T model wallet can not be transfer back to Coinbase whenever I wanted to buy, trade or sell. Is that correct? Which hardware wallet is the safest, secure and does not ware out easily which can last for 10 years or more ? Which hardware wallet is safer, compatible and have the ability to trade, buy and sell even after all crypto from Coinbase has been transferred to hardware wallet? Please advice ❤ Thank you very much
1. Yes, when you transfer your cryptocurrencies (such as Bitcoin) to your Trezor Model T hardware wallet, they are stored securely on the device. However, remember that the actual coins are always on the blockchain, the wallet simply holds the private keys to access them. 2. No, that's not correct. You can transfer your cryptocurrencies back to Coinbase or any other exchange whenever you want. The Trezor wallet simply stores your digital assets - it doesn't lock them in. You are free to send your crypto back to Coinbase (or any other exchange) for trading, buying, or selling. 3. The security of a hardware wallet largely depends on its design and the practices of the user. Both Trezor and Ledger are popular choices and have proven to be secure. However, they can only be as secure as the user allows them to be. This means that you should never share your recovery seed, always verify transaction details before confirming, and keep the device physically secure. Regarding durability and lifespan, it's difficult to say as these devices haven't been around for more than a decade yet, but they are designed to be durable. Remember, always keep your recovery seed in a safe place, as it's the only way to recover your funds if the device is lost, stolen, or damaged.
Multisig is the way of the future. But also, adding a passphrase to the seed will add another order of magnitude security onto the 1 in 1E77 possible seed phrases.
What equipment should I use to generate my own mnemonic phrase What is the equipment in the 5:39 video Can it solve my need to generate mnemonic phrases by myself?
Am I correct here? No problem with the entropy in the coldcard’s selection of 12 or 24 word seed phrase but IF you add predictable low entropy like ‘1234’ as a dice roll, you open the door to someone guessing the private key?
my friend's CC got hacked because of this. He did not roll enough dices. I think later on, CC has updated firmware and automatically roll dices for you.
As to why I have multiple hardware wallets instead of 1. I knew such a risk exists thus I spread out my crypto investments on multiple storages both hardware and crypto platforms .
So if you generate entropy by entering dice the cold card does not also incorporate the "external entropy function" used in the standard seed generation?
If I’m getting the timestamp/context right I think it was the idea that you can seed the random function in coldcard using a jpeg picture file (screenshot of your desktop etc) and that has embedded entropy / randomness because your desktop looks different than any other desktop
How man. QQ - who/what do you prefer as your multi - sig vendor? I saw ur old videos but curious if you’re doing case / un or if you’re just managing yourself at this point…
In the process of moving out of Casa platinum to Casa gold + managed myself. I like the idea of collaborative custody, but I’m a little hesitant about 2 of 3 setups My setup is very likely to change in the next year or so. With Casa coming out with new offerings, I’m sure Unchained will as well.
Brillant. So … in resume : I can not count on the actual système of cold card (same kind of system like Ledger) for my seed phrase hence I need those dice??
If you choose the option to roll dice you need to roll 100 dice - if you roll a small number, your seed will be compromised. You can trust most out of the box options (the default coldcard option should provide enough entropy) and ledger should provide enough entropy (their methodology is in the description)
Help me understand something. So the seed words provide for all the private keys you will use but can 2 different seed word combinations overlap and potentially generate the same private key?
Sorry CZcams didn’t give me notification of your last comment. His might help you understand how seed phrases work: privacypros.io/wallets/mnemonic-phrase
Another topic : can you tell us again what kind of bode you have ? Looking at Raspberry or Start9(but too $ for me now ). Cheers mate Question : why not an old lap top ?
How does this dice role example work if you use ledger? Does ledger go this route? Edit - I see you answered this around 11:03 and posted links. Duh! Thanks!
@@lukebal You definitely want to steer clear from Trezor after they recently partnered up with a surveillance chain firm. LEDGER is also no good, they just recently announced they can decrypt your private keys from your device. They say you have to opt-in but the fact is they are now capable of doing this and since their code is NOT open-source there's really no way to trust what they're doing. This was basically their Bud Light moment. ColdCard is definitely the way to go.. P.S follow Mathew from Bitcoin University
Trezor entropy is open source - it should be fine as long as you’re not rolling your own seed with low entropy Trezor code: github.com/trezor/trezor-mcu/blob/master/firmware/reset.c#L46
Isn't rolling the dice 100 times the same as the number going into the parenthesis on the code though? For instance, let's say I rolled 10,5,3,5,6,72,1,6,89,2,5,1,4,5,6 etc. etc. Wouldn't that just be: random.seed(105356721689251456) and the number generated would still be the same every time?
Yes, but because you’ve rolled 100 dice there are 6^100 combinations of what that number in the parenthesis can be (which is not brute forceable by any computer) it’s ~ 6x10^77 So you get safety by generating a seed to the random function that is impossible to recreate.
Ok. So I just discovered that I’m not as smart as I thought I was.
U r smart king 👑
This video was really straightforward and helpful. Thank you so much!
Glad to help :)
Great video, Rhett!
I have worked with random generators in my own code and know that the identical seed will generate the same number from experience. I could not figure out how 2 Trezors with identical software could generate different random numbers.
No one else has explained this to me as clearly as you.
Thanks.
Glad to help :)
Yeah random functions are pretty interesting. Really the danger comes when you try to roll your own seed, most of these devices out of the box work fine.
@@RhettReisman And what dangers are they, just the one you listed in this video regarding not rolling the dice enough time, right?
Yeah really just not rolling enough and ending up with a low entropy seed
As always thanks, I don't do any of this stuff, but I still enjoy your content, you deserve to have a bigger platform.
Thanks man 🙏 I appreciate all the support, keeps me going haha
interesting stuff, I never even though about how wallets generated your seed, thanks for the vid
Yeah it’s pretty interesting. I wasn’t really clued into the topic until I stumbled on that Twitter thread. Good to know I think, but most people will hopefully never need to know haha. Will be good if this saves one or two people from a low entropy seed
Thanks, Rhett, this video really helps me to find/do a safe setup for my wallet(s).
Happy to help :)
This video is really phenomenal. In just a few minutes of watching it, I've decided that I will not be making my own seed phrase from dice. Ever. At some point we have to believe that the people behind Trevor and Coldcard and others are better at this than I am. I come from the financial world. This reminds me of those who think they can outperform the stock market, when all the facts and data say the best way is to buy a low cost index fund. At some point you have to make the most logical decision and not think we are the smartest people in the room.
Happy to help. Yeah this is a pretty crazy concept. Dice can be really dangerous. Exactly - we're rarely the smartest people in the room especially on every topic.
Not all random numbers that come out of a computer are generated by an algorithm. What you spoke about is PRNG (Pseudo Random Number Generator). There is also TRNG (True Random Number Generator) that uses some miniaturized natural phenomenon to generate non-deterministic random numbers and feed them into the computer. For example, a very low-power light beam can be shot into a crystal and the quantum randomness of a low-power light source can cause photons to exit the crystal in unpredictable directions. This can create true random numbers. Ledger claims to have an onboard TRNG, but of course, take Ledger's claims with a cup of salt. I generated my own 256-bit random number. I am an astrophotographer and I took a deep-space image of a galaxy and sampled a row of 256 pixels across the galaxy's core. I passed the data through a simple function on an air-gapped computer to generate a 256-bit binary number that then generated my seed phrases. There's enough quantum randomness in camera pixel readings to create true random numbers. Creating your own random 256-bit binary is the undisputed safest way to generate seed phrases.
This is great info, thanks for sharing! That sounds like a very solid way to generate truly random numbers.
Just thinking about Andreas' video about all the sand in all the galaxies haha. Thanks for the video, I've picked up a lot from you recently :)
Exactly, Andreas is the goat
Glad to help!
@@RhettReisman Similar to your 1-1000 example, there's a finite (although huge) number of btc addresses. Is anything more than 100 dice roles unnecessary, given you've already provided sufficient entropy to cover all 2^256 addresses?
Yeah 100 dice (n) is the crossover point where 6^n > 2^256. If you had a 16 sided die or something you could get away with 64 dice (etc)
I read the Ledger article, and isn't 2^256 random enough? Dopey me, but there's more possible private keys than than there are atoms on earth. Anyway, an interesting look at options. Nice work with the lighting /production improvements, btw. Looking better than ev.
Thanks 🙏 got a new camera, might switch to it permanently (still might use the old camera and lightning for back to monitor videos - needs an upgrade for sure)
I think ledger’s process is probably fine (and I’m still using ledger) unless we start to see mass ledger hacks - maybe I wasn’t clear enough about that a bunch of people have asked.
That was a level up for sure. Thanks bro.
Lfg 🧠🧠🧠
Great video! Thanks!
Happy to help :)
This is super informative, thanks for sharing!
Glad to help :)
So for us lesser mortals, ledgers basic set up where it generates a random seed is not secure and someone could guess the seed?
Ledger’s process for generating seeds is in the description.
You can’t add entropy to a ledger, so unless ledgers start getting mass hacked I think everyone will be fine - I use a ledger in my multisig.
Entropy becomes a problem when you try to roll your own seed and don’t make the number random enough.
@@RhettReisman what about Trezor?
Trezor entropy is open source - it should be fine as long as you’re not rolling your own seed with low entropy
Trezor code: github.com/trezor/trezor-mcu/blob/master/firmware/reset.c#L46
Informative vid, thanks
Glad to help :)
Just using a passphrase wouldn’t break an entropy attack?
That’s a good way to protect but isn’t foolproof.
Depends on strength of password and how much entropy is used
This is deep, but like so many of your videos looks super informative. I basically get it but will have to watch this one again to fully understand it.
Let me know if it still doesn't make sense - this one is definitely a doozy
I've just watched it again and it did make more sense this time round. I was at 50% understanding, now I'm 90% there. You explain things very well, especially for a tricky concept. I just need to relate it fully to how the coldcard performs each method - seed input and no seed input. I'm sure I'll get it fully when I have time for a 3rd watch.
Please do make the video as you suggest showing how a poorly generated code could be swiped.
You seem to use "seed" and "entropy" interchangeably. What is exactly their relationship? Thank you for your video.
Good clarification thanks for asking
The entropy is used to generate the bitcoin seed phrase. If I have a function that generates a random number given a seed (not the bitcoin seed but a fixed value to give the random function direction) it will always generate the same number given the same seed
Random(5) = 12345
5 is the entropy (also called a “seed” in random functions which might be where the confusion is) that generates the bitcoin seed 12345
The problem is that 5 is a really easy number to guess, so if you have an easy to guess entropy you can recreate the bitcoin seed phrase.
You would want something like this instead
Random(3648362864387394749338399….[until you reach enough entropy]) = ??? Some very random bitcoin seed phrase
Hope that made sense
@@RhettReisman So in the context of a random function, "seed"="entropy". Got it. Thank you so much. I appreciate it
Hi Rhett. I have seen this video a couple of times. It is a fantastic issue and key to safety for the seeds and wallets. Is there any number where it begins to be absurd about the dice rolls? I get that 100 is essential, but how about the maximum? When does it not make any sense anymore because the math in the hardware wallet software can process so many digits? For example, 250 dice. And finally, how will it look like a dice roll-generated seed (at least 100 to 250 dice) with a passphrase added? Does this make sense to you? Thank you so much! Amazing content! 💪
PD: Finding the holy grail of security may not be so important now. Still, it will surely be vital in 10 years with quantum computers, the exponential generation and use of seeds, and the - hopefully - rising price of bitcoin. Best!
Happy to help! Yeah this is an interesting topic.
Anything over 100 is wasted entropy (ie. Rolling 2000 dice is the same as rolling 100)
You could optionally add a passphrase on top of your seed for more security (but it’s a trade off as you’re adding more complexity).
@@RhettReisman Understood! Thank you so much! 🙏🏻
Damn!! Finally understood multisig!!!!
WOOOT 🧠🧠🧠
The Ian Coleman BIP39 utility is a very useful tool, but like all tools, it needs to be used appropriately.
Yeah totally - gotta be careful out there doing your own cryptography
0:46 There is, just use the heat noise in the electronics. But I don't know which hardware wallets use this method (if any).
That’s an interesting method. I haven’t heard of any that do, but it sounds like it would probably work.
I guess it still comes down to is the algorithm that takes that noise and turns it into a number truly random or just pseudo random
Multiple Sigs are more complex to properly set up vs just rolling dice into a cold card and having a good pass phrase. Multi Sog sound more suited for a company or business.
Definitely a little more complicated. I think they’re also good for individuals with large net worth % exposure to btc also
@@RhettReisman how we can make multisig? can you make a video about it?
Thanks to Sam Bankman-Fried for making a guest appearance at 0:45.
lmfao Sam the stock footage god
For 100 dice rolls you have 6**100 which is 6.5x10**77 which is very secure, however maximun entrophy is achive with a few more dice rolls since if using a 24 word seed you have 2048**24 which is 2.9x10**79 posible seeds. Idealy you want the entrofy higher than the number of possible seeds, that means the number of dice rolls should be 103 or higher for optimal security using 24 word seeds, however 100 dice rolls is so close to max security it is fine.
There’s only 2**256 bits of entropy in a Bitcoin private key which is less than 6**100.
24 word seed phrases don’t have any more entropy than a 12 word seed phrase.
Good reminder that the BIP 39 mnemonic words are not private keys, they a representation of a private key.
@@RhettReisman are you sure? Since if using a 24 word seed my understanding is that if 2 seeds are different so are the private keys, since for each word there are 2048 possibilities that would make a total of posible combinations of 2048**24 to exceed this number 6**x. x has to be greater than 103. 2048 is 2**11 11*24 is 264, I get 2**264, not sure how you got 2**256
@sergiosergio12345678 Private keys use sha256 (256 bits of entropy) en.bitcoin.it/wiki/Elliptic_Curve_Digital_Signature_Algorithm
Andreas Antonopolous has a good video explanation that I’m having a hard time finding rn but I’ve linked it in a previous comment somewhere 🧐
The mnemonic phrases are not the private key, they are an abstraction of the private key. There are more 24 word mnemonics than there are private keys (some of the entropy is lost in conversion). 12 is enough to generate the full entropy which is why a lot of wallets suggest 12 words.
@@RhettReisman You are correct something new I learned today thanks for the link, but that means there are less private keys than possible 24 word seeds, however when using 12 word seeds the number of possible seeds is lower than the total number of private keys, which makes 24 word seeds more secure, however 12 word seeds for all practical purposes are extremely secure. That is interesting because it means 2 different seeds could have same private key even though the probability of that happening is extremely small.
@sergiosergio12345678 That makes sense - I found the video with Andreas. czcams.com/users/liveU0T49duRt74?feature=share @ 14:00
He’s saying that even though what we just said makes sense it’s actually only 128 bits of entropy that get used (not 256 that I originally suggested) which means that 12 words is sufficient and 24 is same security as 12.
2048^12 > 2^128
so do you advise against doing the regular 12 word entropy no dice? is it really going to be that much of a risk?
12 words and 24 words actually have the same amount of entropy.
If you're using a hardware wallet and you use their random generation function, you should be fine.
If you're using a hardware wallet and elect to roll you own seed, you NEED to roll 100 dice. Any less loses security.
I plan to live stream in the future to show how fast a low entropy seed will get hacked (sub 10 dice I imagine will get hacked very fast)
Hello. Do you happen to know which hardware wallet let us view private keys of each coin? I know, it is seen as "vulnerability" but I want to have full control over my keys. Do you know which brand can do it?
You can get a private key from a ledger, trezor coldcard or many other options
@@RhettReisman
I am afraid it is not possible. They don't show real private keys for each crypto. They show only 12/24 word seed.
so are you saying, if I setup a cold card using their default "generate me a seed phrase" I'm basically trusting them to "roll the dice 100 times" whereas, if I didn't want to trust them, I could roll the dice 100 times and generate my own seed phrase that I know is TRULY (or as close as humanly possible) random?
Exactly. And if you roll the dice yourself only 10 times you’re going to lose your Bitcoin.
I have two questions??
If my crypto from Bitcoin is transfer to Trezor T model hardware wallet. All my crypto ( digital assets) will only stay safely in Trezor T.
Is that correct?
Let says, All my crypto from Coinbase that I have transferred to Trezor T model wallet can not be transfer back to Coinbase whenever I wanted to buy, trade or sell. Is that correct?
Which hardware wallet is the safest, secure and does not ware out easily which can last for 10 years or more ?
Which hardware wallet is safer, compatible and have the ability to trade, buy and sell even after all crypto from Coinbase has been transferred to hardware wallet?
Please advice ❤
Thank you very much
1. Yes, when you transfer your cryptocurrencies (such as Bitcoin) to your Trezor Model T hardware wallet, they are stored securely on the device. However, remember that the actual coins are always on the blockchain, the wallet simply holds the private keys to access them.
2. No, that's not correct. You can transfer your cryptocurrencies back to Coinbase or any other exchange whenever you want. The Trezor wallet simply stores your digital assets - it doesn't lock them in. You are free to send your crypto back to Coinbase (or any other exchange) for trading, buying, or selling.
3. The security of a hardware wallet largely depends on its design and the practices of the user. Both Trezor and Ledger are popular choices and have proven to be secure. However, they can only be as secure as the user allows them to be. This means that you should never share your recovery seed, always verify transaction details before confirming, and keep the device physically secure. Regarding durability and lifespan, it's difficult to say as these devices haven't been around for more than a decade yet, but they are designed to be durable.
Remember, always keep your recovery seed in a safe place, as it's the only way to recover your funds if the device is lost, stolen, or damaged.
@@RhettReisman this is very helpful information. Much appreciated for your response.
Multisig is the way of the future. But also, adding a passphrase to the seed will add another order of magnitude security onto the 1 in 1E77 possible seed phrases.
Passphrase is definitely a good option 🔥
What equipment should I use to generate my own mnemonic phrase What is the equipment in the 5:39 video Can it solve my need to generate mnemonic phrases by myself?
Grab 100 dice and a COLDCARD hardware wallet from Coinkite, link in the description
A cold-card will actually allow you to go beyond 100 dice rolls. I took mine to 111 rolls and then stopped.
Interesting, 100 should be enough. 111 is creating entropy that won’t be used
Am I correct here? No problem with the entropy in the coldcard’s selection of 12 or 24 word seed phrase but IF you add predictable low entropy like ‘1234’ as a dice roll, you open the door to someone guessing the private key?
Exactly 💯
my friend's CC got hacked because of this. He did not roll enough dices. I think later on, CC has updated firmware and automatically roll dices for you.
If you let them generate the seed it should have enough entropy. Good reason to use a multisig though.
As to why I have multiple hardware wallets instead of 1. I knew such a risk exists thus I spread out my crypto investments on multiple storages both hardware and crypto platforms .
Exactly 🔥🔥
So if you generate entropy by entering dice the cold card does not also incorporate the "external entropy function" used in the standard seed generation?
That’s right. And if you only roll 5 dice, for example, your seed phrase will be very easy to recreate.
Hi, what do you mean by “the entropy on the SD card?” Can you elaborate? Thanks.
If I’m getting the timestamp/context right I think it was the idea that you can seed the random function in coldcard using a jpeg picture file (screenshot of your desktop etc) and that has embedded entropy / randomness because your desktop looks different than any other desktop
@@RhettReisman I see, thanks. I thought the Coldcard can only generate seed based on their on-board TRNG and manual dice rolls.
Please do a livestream where you fund such an address easy to hack.
I think that will be cool I’ll do it when I have some time :)
Are there any Bitcoin miner and SHIB inu miner on apps?
Please recommend the popular miner and how to mine crypto?
Thank you very much
I don’t recommend mining for most people. More info on mining here: czcams.com/play/PL-p_L_HbK7jUhxmgAETTMnowG2Bi0GkI1.html
How man. QQ - who/what do you prefer as your multi - sig vendor? I saw ur old videos but curious if you’re doing case / un or if you’re just managing yourself at this point…
In the process of moving out of Casa platinum to Casa gold + managed myself. I like the idea of collaborative custody, but I’m a little hesitant about 2 of 3 setups
My setup is very likely to change in the next year or so. With Casa coming out with new offerings, I’m sure Unchained will as well.
"Talk to me like a normal person"
*Whips out vscode*
😂🤣😂
Brillant. So … in resume : I can not count on the actual système of cold card (same kind of system like Ledger) for my seed phrase hence I need those dice??
If you choose the option to roll dice you need to roll 100 dice - if you roll a small number, your seed will be compromised.
You can trust most out of the box options (the default coldcard option should provide enough entropy) and ledger should provide enough entropy (their methodology is in the description)
@@RhettReisman love the idea of multisig .
Will listen to your video .
As Spock would say, "fascinating."
As Abraham Lincoln would say: "Hunnid"
Lmao
Why do we not allow the randomness to be inputted by the user like the file sharing apps once did. You move the mouse and that's your randomness
That would be a good solution if it forced you to include enough bits of entropy.
@@RhettReisman definitely a wake up call. I created an online wallet but now it looks like I'm getting one of these guys first
Hardware wallet is definitely the move 🔥
Help me understand something. So the seed words provide for all the private keys you will use but can 2 different seed word combinations overlap and potentially generate the same private key?
Sorry CZcams didn’t give me notification of your last comment. His might help you understand how seed phrases work: privacypros.io/wallets/mnemonic-phrase
Should we be concerned with Trezor Wallets?
Only if you’ve rolled your own seed (and used less than 100 dice)
Another topic : can you tell us again what kind of bode you have ? Looking at Raspberry or Start9(but too $ for me now ). Cheers mate
Question : why not an old lap top ?
Yeah those start9 ones are really expensive :/
i just use a raspberry pi with umbrel video here: czcams.com/video/2X5cSJyuN0I/video.html
@@RhettReisman excellent and thank you !
Man never went to the moon.
Talk about it king
wait...i can create my own seed phrase?...for my Ledger?
Not on a ledger, see the description for how ledger seed phrases are generated
@@RhettReisman understood thanks for the response!
No problem :) anytime!
My account was rekeyed, and now?
What do you mean?
COLDCARD or Ledger?
How does this dice role example work if you use ledger? Does ledger go this route? Edit - I see you answered this around 11:03 and posted links. Duh! Thanks!
Trezor
Coldcard alll the way
@@lukebal careful trezor if you watch bitcoin university beware of their coinjoin company they partnered with
@@lukebal You definitely want to steer clear from Trezor after they recently partnered up with a surveillance chain firm. LEDGER is also no good, they just recently announced they can decrypt your private keys from your device. They say you have to opt-in but the fact is they are now capable of doing this and since their code is NOT open-source there's really no way to trust what they're doing. This was basically their Bud Light moment. ColdCard is definitely the way to go.. P.S follow Mathew from Bitcoin University
Lmao 42069 😂
I am become memelord destroyer of seriousness
Do we have a discord …?
I don't really use discord :(
I'll make a poll and see if people think that would be helpful
@@RhettReisman session
I CAN MAKE UP MY OWN WORDS AND SPELL THE WRONG ON PURPOSE. THATS A LITTLE MORE SECURE.
Lmao
rip mass adoption
Fr
That yankee soap opera didnt put men above low Earth orbit
😂🤣😂
What about Trezor One ? 😢
Im i safe
Im too dumb for this new technology stuff
Trezor entropy is open source - it should be fine as long as you’re not rolling your own seed with low entropy
Trezor code: github.com/trezor/trezor-mcu/blob/master/firmware/reset.c#L46
@@RhettReisman So I'll be fine with the seed phrase generated by Trezor One ?
I would be very confident in a seed phrase generated by a trezor
@@RhettReisman 🥰🥰🥰
Thank you Sir
Glad to help :)
Isn't rolling the dice 100 times the same as the number going into the parenthesis on the code though?
For instance, let's say I rolled 10,5,3,5,6,72,1,6,89,2,5,1,4,5,6 etc. etc.
Wouldn't that just be: random.seed(105356721689251456) and the number generated would still be the same every time?
Yes, but because you’ve rolled 100 dice there are 6^100 combinations of what that number in the parenthesis can be (which is not brute forceable by any computer) it’s ~ 6x10^77
So you get safety by generating a seed to the random function that is impossible to recreate.
42069. Best # ever. A+ content
Goated meme lord back at it again