Hi guys. Just for a bit of casual fun I decided I would make a seed storage system for storing Monero seeds. The sentence will be 25 words long but each word can be unambiguously identified by the first three letters, is that about right...?

jollyrogers.ca/public/SEEDSTASH-III-FRONT.png This is what my current version looks like, I'm thinking of changing it a little bit, since this version has only 24 slots.

But each slot has 4 letters each.

I've been messing around with engraving and thought this would be a fun application for it.

TheJollyRoger, looking good :)

Thanks!

also i think you're right about the three letter uniqueness, but never looked through the whole list to confirm

Oh excellent! I set up the parameters so I can quickly tweak them... but I have to change the numbers and that I have to do by hand in this CADD application.

presumably they are unique because you'd be able to have a list with 26^3 prefixes, so 10x bigger than the list

Ten times the list!

Oh yeah uh... just a quick thing I should mention! I'm only planning to have the computer engrave the text box. I don't intend to actually fill out the numbers. I figured it would be far safer if I just published the PDFs with the dimensions, then let the users simply take it to any local engraving shop. I would expect that the user would just fill in the blanks using an electropencil engraver and

a stencil guide.

yeah, could just have people optionally buy a dremel or something and do it themselves

Yeah! Yeah just like that.

I believe the seeds are in 10 languages and don't know if the 3 letter uniqueness applies to all of them

i like the stacked plates method, weather proof and the key isn't visible to man or machine

Oh wow. Ten languages?!

start to create a new wallet and it will give you the language options for the seed

Thanks! Yeah, I was thinking that it would be nice if I could put a padlock on the device, and then keep it safely shut. What I was thinking for that nut was I'd probably drive a stake through the nut post-assembly, so that way the plates once assembled (it's easiest to engrave them if they aren't stuck together), the nut can't be undone without breaking the stake or the bolt.

12+ languages it looks like :o

Twelve?!

there are existing 24 word storage methods and being that the 25th is a checksum and therefore a repeat of one of the others there are ways to make it work with 24 such as putting that one upside down. Having 25 would be nice but not necessary

yeah there's definitely a lot of 3 letter patterns reused in lojban, haha

Here we go. Let me just export and upload a picture of what it looks like with 25 spaces of 3 letters each...

I had to kinda cram it all into place so it's a little more claustrophobic...

TheJollyRoger, bolt + gasket sealer would work incase you wanted to seal it, harder to reopen than padlock though i guess

plus if the front was blank nobody would know what it was lol

Oh hey that's a good idea. I could just leave the front blank!

stealth option!

also hard to distuinguish from scrap metal...

Yeah T_T. Hahahaha which is sorta the problem I have XD

jollyrogers.ca/public/SEEDSTASH-XMR-ASSEMBLY.png This is what it looks like with 25 spots of 3.

looks like it needs a bit of space for some of those esperanto words :D

I don't use cryptocurrency since I have a terminal case of what I call FOBSCO (Fear Of Being Screwed Over), but I have a somewhat surprising use case for these, and that's to use these to generate and back up my GPG, Signify, and Keytool Private Keys. In the future I would like to do Android development, and I'v heard all these horror stories about how people have lost their app signing keys, and

epriskribebla

if you lose your keys, that's it, you're done, you need to essentially start all over again.

Oh yipes.

Hmm. Maybe I should put the other 13-12 words on the other half...?

yeah maybe engrave the back or something too if you can

of the middle one

Sure, can do! The middle one's actually got enough room for ten character lines between the front and the back, it's double sided ^_^

you could also have different sized bolts to stack any amount of plates

Ooh. Oh yeah... they're in increments of .25", so I could add two more plates even.

nice

Hey wait this is a great idea. I could put 12 words on one side, 13 on the other, and use the empty spot of the first one to add the Monero "M" logo.

Good thinking, let me get to work on that...

also having a "plate title" would be nice to describe the coin/wallet name

that way if you stack 10 plates you have the title on each plate

Got it. I think I could add a line at the free end of the plate then!

you could also offer different fancier metals for upgraded cost :D steel->aluminum->brass or something

Ehehe, I'm one step ahead of you there actually :D. Materials I've decided on:

i mean not that you'd need to bury it for 1000 years but hey you never know :p

The prototypes I'd want to make from T304 stainless because that's cheaper but still will offer good performance and approximate the real thing. The production versions I want to produce from T316 stainless because it's much more rust resistant. I'm picking stainless steel because I figured aluminium would simply melt into slag during a house fire. On the higher end, I was thinking commercially

pure Titanium alloy (grade 2 titanium) because it's more resistant to strong acid at high temperature and I can order 6Al-4V (grade 5) titanium bolts. On the highest end, I chose 718 Nickel Alloy, or Inconel, with 400 Nickel Alloy bolts.

ahh yeah good point about aluminum

titatium even :p

even better* rather

Hehehe, yeah. I figured that the biggest danger someone might have would be if say, their house burned down.

Nickel would be insane... it's not cheap, but it will stand up to abrasion, acid, and heat all at the same time. But it's incredibly expensive. I don't know if it would offer most people any appreciable benefit over stainless steel, except maybe for the assurance that it would probably last for thousands of years.

yeah, ideally most people would just need the stainless to avoid fires and flood

Yeah.

at least to upgrade from paper

Oh yeah.

throw those babies on openbazaar when you go into production!

Hehe, I will ^_^. I was thinking of making only a couple as novelties and to store my GPG private key, but maybe it would be fun to have them in the community :D. My little thumbprint.

Thank you so much :D This is fun ^_^.

i think tons of people would buy it tbh, i was thinking of rigging together something similar

\o/ Yay

people are starting to adopt a bit more it seems so maybe now is the right time

Wow!

i mean you wouldn't even need to run monero-wallet-cli to use it, any bip39 wallet, even crappy webwallets could have metal backups

Well...

it would be a marked improvement over the sticky note in their desk lol

I bought myself a Trezor Model T at a friend's recommendation to use for GPG, U2F, and to hold my SSH Private keys. I tried futzing around with the bitcoin testnet a while back but I've never tried to use it for monero before...?

Ahahahaha yes XD

i would be curious what the longest word is out of the common bip39 wallets, though

just to get an idea of how much space to allocate

I kind of like the Trezor Model T because it has its own colour screen, and you can just enter the recovery sentence using your finger

I think only the first four letters count!

But you can enter the first four and then it'll unambiguously display the whole word from those four.

So for the other one I only gave the user four "slots" to write down four letters, that's it.

I think the engraving letter stencil is around a quarter inch tall, by a little bit more than an eighth of an inch wide.

I gave around 0.4" x 0.28" of space for each box, just in case.

For scale, the entire SeedStash is 6" (150mm) long by 3" (75mm) tall. The sheets are 1/8" thick or just around 3mm thick, and weighs a little under two pounds, it's quite heavy.

I'm not quite sure what other languages I'd need... let me go back to the list and see X(

should work, but i'm curious if the four letter thing is true

i would assume some shitcoin would make a bip39 list that eventually breaks that rule lol

Let me try it out... one sec.

Oh uh... huh. Hey wait up, there are coins with their own wordsystem?

should be true though, 4 characters is a decent amount of prefixes

yeah technically bip39 supports any word list

O_O. Hey wait a minute. I hope I don't have to make one plate for each one now.

I think it's working so far. I'm entering the words one by one, then once I reach four letters, it turns green and displays the whole word.

bip39 is just the generation scheme but the word list can be anything. you just have to remember which wordlist you used if it was custom :D

:O Oh!

Oh wow. I missed that part entirely.

Then I have to hold down the button and it allows me to advance to the next one.

i'm sure most lists are simple though, maybe you could have an option for 4/8 character boxes per word or something

Huh, maybe :O.

Huh. This gadget seems to have its own wordlist, I wonder if it could be made to work with Monero or if it just works with GPG, U2F, and SSH and Bitcoin...?

Let me just do a quick bit of searching....

not sure if anyone would realistically need more than 4 though, but i assume there are some languages that use many repeated prefixes

probably without word lists yet but still :p

Oh hey wait a minute. All the cryptographic keys and curves are the same, right...?

nah

NISTP256, Ed25519, NISTP384, et al?

yeah, mostly

"same" in some general sense i guess

Since maybe this is how the Trezor has its own word list but seems to support this massive bunch of other coins...?

i use different coins with different curves but they all support bip39 the same, it's just used to generate the private key

Oh, wow.

then you clamp the key to the curve

well, you can derive the words into multiple things actually, hd wallets or just one key, etc.

X). I think maybe I'm gonna have to start trying to use cryptocurrency, ahahaha

the word generation is pretty much unrelated to all the crypto stuff, though

you can use any lengthy list of words like you could use some random bits, it's just easier to write down the words instead, and you spread the entropy out with more characters

so maybe if you lose some of the characters, but the words are long, it's easier to restore than hex or something

Makes sense, lots more entries in a dictionary, than there are letters on a keyboard and they're human-meaningful.

yep

i'm not sure more than 4 characters is necessary on engraved metal though, although maybe having more than 4 for extra entropy would be nice for paranoia

then you'd need to destroy a good bit of each word to make it hard to regenerate

Huh. I was sorta always under the impression it was sort of the length of the wordlist, rather than just the number of letters, that gives it its cryptographic strength...?

yep exactly

Got it!

but extra entropy in the words for durability is always nice

since languages are repetitive

i think that's why words were chosen over base32 or something, for example

Hee hee... sure easier for me to check words for spelling errors than gibberish! X(

haha yeah

the word list makes it a bit complicated but words are nice and recognisable vs random text could be any data at all

Yeah. ^_^

My current GPG keys, I had to back up to a CD... I'm definitely not happy about that, so I'm looking forward to being able to roll them over to a set of keys generated deterministically.

that's also the reason why they didn't choose words like "ant" or something. if you choose short words, it's hard to discern from any other words if you lose a few characters

Oh yeah!

you know what would also be a good way to store them? like a feeler gauge set if you've ever seen one.

Oh yes!

that would be pretty small but still easy to see the seed

but not accidentally

Yeah. Could even insert a length of wire through the stack, and then crimp it closed or even put a nylon cabletie around it and zip it closed for tamper evidencing.

true!

i wonder how much it costs to get unmarked feeler gauges, haha

or maybe you could make your own

Ahahaha well... I could try to see if I could find some scraps of thin sheet metal and see if I can engrave stuff on them, then see how they fare if I put them in a kiln and heat that sucker up until they glow red hot...?

sounds good, lol

Ahahaha great X)

I think I'll try to get them up to around 1800 degrees farenheit. Two thousand should be hotter than most house fires would get.

yeah

i guess a volcano would be the worst enemy

Oh yipes.

lol

Now that... that is something where Nickel would come in handy.

But I'm actually unsure even nickel would survive being immersed in lava.

Actually, wait, nickel prooobably would?

Yeah, it would.

titanium too i guess

maybe?

i guess it depends on the location inside the volcano :p

Ahaha, yeah XD

If we assume that the lava is rolling down the sides of the volcano, a quick search on DDG seems to indicate ~2200 degrees F. Nickel will melt past 2600, so it'll survive. Titanium though has a very nasty tendency to burn.

seems good enough to me then lol

Yay X)

Hehe. I suppose if you live in Hawaii, Southern Mexico, the southern Indochina islands, or Sicily or the western United States then this is a pretty legitimate concern... :O

The question then I gotta figure out is how to figure out how to find the seed post engulfment, ahahaha.

lol

it is an interesting problem

Ahaha, yeah...

Maybe we'll have to take a leaf out of Yubikey's book and just sell like "Value Packs" XD

yeah but everyone with yubikey will also need one :)

if you make good stuff you'll always have buyers i think, at least for now

Yay

^_^

TheJollyRoger: blog.lopp.net/metal-bitcoin-seed-storage-stress-test-round-iii

How “bad” is KYC for someone who just wants to buy some BTC and XMR? I know it’s ideal to use a local P2P service but am I going to actually regret something like Kraken if I’m just a fairly casual low-volume buyer experimenting with crypto

You can always start the process, then stop if the list of stuff they ask is too much for you.

moneromooo: I mean I doubt it would be too much, but I’m not super knowledgeable on what the consequences could be. Obviously I’m not doing anything illegal, but I was looking for more knowledgeable opinions on what KYC means for an average user. A lot of people on r/monero argue that it should still be avoided for mass surveillance reasons and potential hacking of exchange KYC records

it won't be too much until they send you a source of funds request and treathen to freeze your funds if you don't send them unreasonable amounts of info

happened to me

If you buy XBT and then exchange that into XMR you shouldn't have a problem

Crypto to crypto doesn't need KYC

depends on the exchange

yeah I could always do BTC to XMR with like bisq or something

what exchange would you guys recommend then? Kraken seems like it has the best rep among the Monero community

it's hard to do research because it seems like VPN's where every search result is some review site that's probably paid by exchanges to review positively

i bought some xmr using waves exchange recently using their waves/visa payment gateway thing. non-custodial too.

seems pretty good, as good as bisq or so

it doesn't have thousands of btc but there'

there's plenty of bots on there to take your order

might be worth a try

tryphe: what exchange?

Inge-, waves.exchange

oh

Kraken seems to be very cryptofriendly. And they have fiat pairings and monero. What's not to like (except KYC)?

I think for now I'll get a Kraken account for BTC, then I could always move to a local wallet and use godex, morphtoken, etc to get XMR. that seems like the most usable option right now

ability to arbitrarily freeze/steal funds is worse than kyc imo

I don't intend to keep a lot of money on exchange wallets

true, i guess kyc exchanges are good enough for a quick exchange

Funds are Safu with Binance

lol

Mochi101: ?

Binance.com

my funds were safu with binance until they told me my country is no longer supported on their "platform"

oh you're in the USA ?

unrelated, but Kraken is trying to go after some former employees for posting on glassdoor: eff.org/cases/payward-inc-kraken-v-does-1-10

I don't like Kraken, I used to have an account there.. but then they wanted me to KYC for a first tier account.

IE: only crypto in and only crypto out

I told them they can keep the account and I don't want it anymore.

even if only you do crypto-crypto, your crypto still gets traded with fiat holders, so i think the kyc of fiat pairs bleeds over into crypto-only users

well i'm in US, so binance isn't great. plus I sometimes come across reservations about whatever they're doing with binance coin

mixing of wallet funds probably also has something to do with it as well. don't even need to even makes trades for your deposits to go into the fund pool that fiat users will withdraw from

only way that we win is if we buck the kyc exchainges

only way that we win is if we buck the kyc exchanges

^^ :D

well it looks like my alternative for USD-BTC or USD-XMR is agoradesk. trying to decide if mailing cash to vegas is worth avoiding giving Kraken my ID

yanmaani: Ooh... I like the look of this!

agora is run by localmonero

nioc: right, just for more currencies

hpfr[m]: Send Nudes!

hpfr[m]: Why go through the trouble? Buy XBT using some exchange with KYC out the wazoo, then exchange it for XMR using any of the hundreds of non-custodial exchanges

yanmaani: that's what I was thinking, but I was considering the risk of an exchange having my govt ID and proof of residence, they could get hacked

is it just not that big a deal? I guess PayPal has my info, but I would trust a crypto exchange somewhat less

ask binance

kek

Inge-: ?

you trust paypal more than exchange

such logic

^

hpfr[m]: kyc information DID leak, from one of Binances's subcontractors I think.

exactly, that's my concern

mmxxx: not to support fiat, but paypal has a bit more of a track record than kraken or binance

as demonstrated by Inge's link

I wouldn't put kraken and binance in the same category at all

binance is a piece of shit

Now this is the kind of opinion I was looking for

I'd agree that Kraken and Coinbase probably have their shit pretty well together

and even then it would still be a toss up between who I trust more with regards to paypal...

being US regulated exchanges

I'd be less concerned about Kraken than paypal

That is funny in a sad way. We want our exchnge to be well regulated for protecting our info, because it was regulated to want it in the first place -_-

yeah, unfortunately it seems to be the only reasonable fiat on ramp at the moment

Bitstamp? Bisq? bitcoin.de?

and as much as I hate stellar there are some good on ramp options (depending upon which part of the world that you have bank accounts in)

those don't have KYC? I wasn't referring to kraken I meant KYC exchanges in general

is there an exchange you'd recommend over kraken for USD-BTC

bitstamp does

bitcoin.de does

bisq does not

well I know about bisq

yeah, USD to BTC is a tricky one

thankfully I have better options

maybe Gemini

or Bisq

like what

like I can use my non USD/non-American accounts :p

oh yeah i guess other forms of fiat are probably easier

hpfr[m]: What about OTC dealing then?

Or just buying XBT thru Bisq

yeah I've been meaning to try bisq, unfortunately it's not packaged for NixOS yet

also in terms of liquidity it doesn't seem much better than localmonero et al

and I don't think I'm moving funds at the level of OTC haha

mmxxx: what's better about gemini

I didn't mean Gemini is better, I mean that it's an option for USD to BTC

ok

the better option is to not have to use USD at all

the EUR market is superior

right haha

or other currencies

unfortunately not an option for me atm

thanks for the help everyone, i'll probably try localmonero first then get a kraken account

if you're that concerned, why use your real name at all?

yanmaani: are you suggesting buying credentials off the deep web or something? You need to submit ID for KYC

just photoshop one

takes like ten minutes

yanmaani: idk. Not trying to commit fraud

what happens when they actually check what you sent them

how are they going to check

they send it to the cheapest bidder they can find on mturk, presumably

they can only check that it looks like an ID, they don't have secret backdoors into the government databases

yanmaani: thanks for the link! I'm really liking this, this site contains a lot of great lessons that I can really draw from. I'm really glad to see I was moving in the right direction.

It looks like this business with the "slide in and lock" tile designs on the Billfodl and Cryptosteel are bad news in a really big disaster.

There are companies that do those checks. They do have entries into various databases that are not quite public (ie, it takes money to get in). So your info goes to whatever contractor they chose. And you have no clue which.

Seems like a recurring failure mode with these is that the sheet metal rails heat up, warp, and then either burst their rivets or buckle so much that the tiles simply slide through the cracks.

Then "Poof goes your crypto!"

TheJollyRoger: Some of them do work. But KISS applies generally; taking a piece of metal and engraving it lasts for thousands of years