U r smart king 👑

Glad to help :)

Thanks man 🙏 I appreciate all the support, keeps me going haha

Glad to help :) Yeah random functions are pretty interesting. Really the danger comes when you try to roll your own seed, most of these devices out of the box work fine.

​@@RhettReisman And what dangers are they, just the one you listed in this video regarding not rolling the dice enough time, right?

Yeah really just not rolling enough and ending up with a low entropy seed

Glad to help :)

Glad to help :)

Happy to help :)

Exactly, Andreas is the goat Glad to help!

​@@RhettReisman Similar to your 1-1000 example, there's a finite (although huge) number of btc addresses. Is anything more than 100 dice roles unnecessary, given you've already provided sufficient entropy to cover all 2^256 addresses?

Yeah 100 dice (n) is the crossover point where 6^n > 2^256. If you had a 16 sided die or something you could get away with 64 dice (etc)

Lfg 🧠🧠🧠

Happy to help :)

Yeah it’s pretty interesting. I wasn’t really clued into the topic until I stumbled on that Twitter thread. Good to know I think, but most people will hopefully never need to know haha. Will be good if this saves one or two people from a low entropy seed

Thanks 🙏 got a new camera, might switch to it permanently (still might use the old camera and lightning for back to monitor videos - needs an upgrade for sure) I think ledger’s process is probably fine (and I’m still using ledger) unless we start to see mass ledger hacks - maybe I wasn’t clear enough about that a bunch of people have asked.

That’s right. And if you only roll 5 dice, for example, your seed phrase will be very easy to recreate.

12 words and 24 words actually have the same amount of entropy. If you're using a hardware wallet and you use their random generation function, you should be fine. If you're using a hardware wallet and elect to roll you own seed, you NEED to roll 100 dice. Any less loses security. I plan to live stream in the future to show how fast a low entropy seed will get hacked (sub 10 dice I imagine will get hacked very fast)

PD: Finding the holy grail of security may not be so important now. Still, it will surely be vital in 10 years with quantum computers, the exponential generation and use of seeds, and the - hopefully - rising price of bitcoin. Best!

Happy to help! Yeah this is an interesting topic. Anything over 100 is wasted entropy (ie. Rolling 2000 dice is the same as rolling 100) You could optionally add a passphrase on top of your seed for more security (but it’s a trade off as you’re adding more complexity).

@@RhettReisman Understood! Thank you so much! 🙏🏻

Let me know if it still doesn't make sense - this one is definitely a doozy

​ I've just watched it again and it did make more sense this time round. I was at 50% understanding, now I'm 90% there. You explain things very well, especially for a tricky concept. I just need to relate it fully to how the coldcard performs each method - seed input and no seed input. I'm sure I'll get it fully when I have time for a 3rd watch. Please do make the video as you suggest showing how a poorly generated code could be swiped.

Exactly 💯

That’s an interesting method. I haven’t heard of any that do, but it sounds like it would probably work. I guess it still comes down to is the algorithm that takes that noise and turns it into a number truly random or just pseudo random

1. Yes, when you transfer your cryptocurrencies (such as Bitcoin) to your Trezor Model T hardware wallet, they are stored securely on the device. However, remember that the actual coins are always on the blockchain, the wallet simply holds the private keys to access them. 2. No, that's not correct. You can transfer your cryptocurrencies back to Coinbase or any other exchange whenever you want. The Trezor wallet simply stores your digital assets - it doesn't lock them in. You are free to send your crypto back to Coinbase (or any other exchange) for trading, buying, or selling. 3. The security of a hardware wallet largely depends on its design and the practices of the user. Both Trezor and Ledger are popular choices and have proven to be secure. However, they can only be as secure as the user allows them to be. This means that you should never share your recovery seed, always verify transaction details before confirming, and keep the device physically secure. Regarding durability and lifespan, it's difficult to say as these devices haven't been around for more than a decade yet, but they are designed to be durable. Remember, always keep your recovery seed in a safe place, as it's the only way to recover your funds if the device is lost, stolen, or damaged.

@@RhettReisman this is very helpful information. Much appreciated for your response.

You can get a private key from a ledger, trezor coldcard or many other options

@@RhettReisman I am afraid it is not possible. They don't show real private keys for each crypto. They show only 12/24 word seed.

Ledger’s process for generating seeds is in the description. You can’t add entropy to a ledger, so unless ledgers start getting mass hacked I think everyone will be fine - I use a ledger in my multisig. Entropy becomes a problem when you try to roll your own seed and don’t make the number random enough.

​@@RhettReisman what about Trezor?

Trezor entropy is open source - it should be fine as long as you’re not rolling your own seed with low entropy Trezor code: github.com/trezor/trezor-mcu/blob/master/firmware/reset.c#L46

If you choose the option to roll dice you need to roll 100 dice - if you roll a small number, your seed will be compromised. You can trust most out of the box options (the default coldcard option should provide enough entropy) and ledger should provide enough entropy (their methodology is in the description)

@@RhettReisman love the idea of multisig . Will listen to your video .

Exactly. And if you roll the dice yourself only 10 times you’re going to lose your Bitcoin.

Grab 100 dice and a COLDCARD hardware wallet from Coinkite, link in the description

If I’m getting the timestamp/context right I think it was the idea that you can seed the random function in coldcard using a jpeg picture file (screenshot of your desktop etc) and that has embedded entropy / randomness because your desktop looks different than any other desktop

@@RhettReisman I see, thanks. I thought the Coldcard can only generate seed based on their on-board TRNG and manual dice rolls.

This is great info, thanks for sharing! That sounds like a very solid way to generate truly random numbers.

Happy to help. Yeah this is a pretty crazy concept. Dice can be really dangerous. Exactly - we're rarely the smartest people in the room especially on every topic.

Good clarification thanks for asking The entropy is used to generate the bitcoin seed phrase. If I have a function that generates a random number given a seed (not the bitcoin seed but a fixed value to give the random function direction) it will always generate the same number given the same seed Random(5) = 12345 5 is the entropy (also called a “seed” in random functions which might be where the confusion is) that generates the bitcoin seed 12345 The problem is that 5 is a really easy number to guess, so if you have an easy to guess entropy you can recreate the bitcoin seed phrase. You would want something like this instead Random(3648362864387394749338399….[until you reach enough entropy]) = ??? Some very random bitcoin seed phrase Hope that made sense

@@RhettReisman So in the context of a random function, "seed"="entropy". Got it. Thank you so much. I appreciate it

In the process of moving out of Casa platinum to Casa gold + managed myself. I like the idea of collaborative custody, but I’m a little hesitant about 2 of 3 setups My setup is very likely to change in the next year or so. With Casa coming out with new offerings, I’m sure Unchained will as well.

Definitely a little more complicated. I think they’re also good for individuals with large net worth % exposure to btc also

@@RhettReisman how we can make multisig? can you make a video about it?

WOOOT 🧠🧠🧠

Passphrase is definitely a good option 🔥

There’s only 2**256 bits of entropy in a Bitcoin private key which is less than 6**100. 24 word seed phrases don’t have any more entropy than a 12 word seed phrase. Good reminder that the BIP 39 mnemonic words are not private keys, they a representation of a private key.

@@RhettReisman are you sure? Since if using a 24 word seed my understanding is that if 2 seeds are different so are the private keys, since for each word there are 2048 possibilities that would make a total of posible combinations of 2048**24 to exceed this number 6**x. x has to be greater than 103. 2048 is 2**11 11*24 is 264, I get 2**264, not sure how you got 2**256

@sergiosergio12345678 Private keys use sha256 (256 bits of entropy) en.bitcoin.it/wiki/Elliptic_Curve_Digital_Signature_Algorithm Andreas Antonopolous has a good video explanation that I’m having a hard time finding rn but I’ve linked it in a previous comment somewhere 🧐 The mnemonic phrases are not the private key, they are an abstraction of the private key. There are more 24 word mnemonics than there are private keys (some of the entropy is lost in conversion). 12 is enough to generate the full entropy which is why a lot of wallets suggest 12 words.

@@RhettReisman You are correct something new I learned today thanks for the link, but that means there are less private keys than possible 24 word seeds, however when using 12 word seeds the number of possible seeds is lower than the total number of private keys, which makes 24 word seeds more secure, however 12 word seeds for all practical purposes are extremely secure. That is interesting because it means 2 different seeds could have same private key even though the probability of that happening is extremely small.

@sergiosergio12345678 That makes sense - I found the video with Andreas. kzfaq.infoU0T49duRt74?feature=share @ 14:00 He’s saying that even though what we just said makes sense it’s actually only 128 bits of entropy that get used (not 256 that I originally suggested) which means that 12 words is sufficient and 24 is same security as 12. 2048^12 > 2^128

lmfao Sam the stock footage god

I don’t recommend mining for most people. More info on mining here: kzfaq.info/sun/PL-p_L_HbK7jUhxmgAETTMnowG2Bi0GkI1

That’s a good way to protect but isn’t foolproof. Depends on strength of password and how much entropy is used

Yeah totally - gotta be careful out there doing your own cryptography

If you let them generate the seed it should have enough entropy. Good reason to use a multisig though.

That would be a good solution if it forced you to include enough bits of entropy.

@@RhettReisman definitely a wake up call. I created an online wallet but now it looks like I'm getting one of these guys first

Hardware wallet is definitely the move 🔥

Help me understand something. So the seed words provide for all the private keys you will use but can 2 different seed word combinations overlap and potentially generate the same private key?

Sorry KZfaq didn’t give me notification of your last comment. His might help you understand how seed phrases work: privacypros.io/wallets/mnemonic-phrase

Yeah those start9 ones are really expensive :/ i just use a raspberry pi with umbrel video here: kzfaq.info/get/bejne/aL5llrZ73tuyYH0.html

@@RhettReisman excellent and thank you !

Exactly 🔥🔥

Not on a ledger, see the description for how ledger seed phrases are generated

@@RhettReisman understood thanks for the response!

No problem :) anytime!

Interesting, 100 should be enough. 111 is creating entropy that won’t be used

😂🤣😂

What do you mean?

Only if you’ve rolled your own seed (and used less than 100 dice)

I think that will be cool I’ll do it when I have some time :)

I don't really use discord :( I'll make a poll and see if people think that would be helpful

@@RhettReisman session

I am become memelord destroyer of seriousness

Talk about it king

As Abraham Lincoln would say: "Hunnid"

Lmao

How does this dice role example work if you use ledger? Does ledger go this route? Edit - I see you answered this around 11:03 and posted links. Duh! Thanks!

Trezor

Coldcard alll the way

@@lukebal careful trezor if you watch bitcoin university beware of their coinjoin company they partnered with

​@@lukebal You definitely want to steer clear from Trezor after they recently partnered up with a surveillance chain firm. LEDGER is also no good, they just recently announced they can decrypt your private keys from your device. They say you have to opt-in but the fact is they are now capable of doing this and since their code is NOT open-source there's really no way to trust what they're doing. This was basically their Bud Light moment. ColdCard is definitely the way to go.. P.S follow Mathew from Bitcoin University

Fr

Lmao

😂🤣😂

Trezor entropy is open source - it should be fine as long as you’re not rolling your own seed with low entropy Trezor code: github.com/trezor/trezor-mcu/blob/master/firmware/reset.c#L46

@@RhettReisman So I'll be fine with the seed phrase generated by Trezor One ?

I would be very confident in a seed phrase generated by a trezor

@@RhettReisman 🥰🥰🥰 Thank you Sir

Glad to help :)

Yes, but because you’ve rolled 100 dice there are 6^100 combinations of what that number in the parenthesis can be (which is not brute forceable by any computer) it’s ~ 6x10^77 So you get safety by generating a seed to the random function that is impossible to recreate.

Goated meme lord back at it again