[Discussion/Feature Request] Add PIN to open seed #630
Comments
Rob0xFF
changed the title
|
Hi. It would be like passphrase functionality? |
|
No, it would be a means to encrypt the seed QR to render it useless, if somebody finds and scans it. Might be useful for existing wallets with 12/24 seed words without passphrase to be used with Seedsigner. |
|
Ok, I understood. You are maybe talking about to a encrypted QR function has krux project, for instance? Very good idea. |
PINs can be short on other hardware devices because they have built-in rate limiters (delay for how soon you can guess again) and eventually lock out options after too many wrong guesses. A short PIN in this use case could just be trivially brute forced more or less instantly. NACK The only way to really secure it would be to use a strong passphrase (20+ upper, lower, digits, symbols). At which point you're better off using a bip39 passphrase. It would also complicate the recovery process for legit users (e.g. your heirs). If you are currently on a "naked" single sig (i.e. no bip39 passphrase), there is NO good long-term way to secure the seed/backups/etc regardless of which hardware wallet or approach you use (I'm not a fan of Shamir nor SeedXOR for this use case). Naked single sig just isn't viable for long-term storage. |
|
Agreed about your thoughts on bip39 passphrase. It would not replace its use and usefulness. But: Imagine some evil burglar who has no clue you have a seed signer, store your seed as a QR code or that you even own bitcoin. He might find the QR, even scan it with his phone and nevertheless find nothing but nonsense in it. No hint it encodes your net worth. He might lose interest. In short, it would not add a layer of encryption but a layer of obfuscation. These are just my thoughts, of course, I see your points about the passphrase. |
This is not how either SeedQR format ("Compact" nor "Standard") work. Scan these with your phone: Compact Standard |
Do you think it might be possible to store the seed entropy in a compact QR code but additionally scrambled with a PIN, let‘s say 4-8 letters/numerics. I know there is something like a 25th word already in the mnemotic phrase design, but it would add some kind of additional security for those with 12/24 word seeds who want to store them as QR in case someone could steal it. It would still be worthless without the right PIN.
On seed backup via QR, the user would define the PIN once, and he would be prompted to put in the PIN on each time the QR is read again.
Thanks for thoughts/consideration.
The text was updated successfully, but these errors were encountered: