This is an opinion editorial by Wartime Microchad, a contributor for Bitcoin Magazine.
Since the introduction of Bitcoin Improvement Proposal (BIP) 39, Bitcoiners have had the option to memorize the information necessary to recover bitcoin funds stored on-chain by using plain text words. But memorizing — and then reliably recalling at a later date — 12 or 24 unrelated, noncontiguous words isn’t easy, which means that most people create and store physical backups of those words instead of committing them to memory.
While this well-established approach is fine for those who are confident in their physical security setup, it can be a big challenge for others, e.g., people with no fixed abode; those who need to travel or who live in areas of conflict/war zones; or those living in other settings where storage of physical seed phrases may be subject to security, loss, damage or confiscation risks.
Running The Numbers
To put the scale of this problem into some context:
- According to the United Nations’ refugee agency UNHCR, by the end of 2021, 89.3 million people had been forcibly displaced worldwide. For a large number of these people fleeing their homes, they would have been able to take little more than the clothes on their back and whatever personal belongings they could carry. The transportation of any wealth along with personal belongings may have been an impossible challenge, and fraught with risks.
- According to the Nomad Embassy, nearly 5 million Americans identify as digital nomads and another 17 million aspire for this lifestyle. That’s 6.5% of the U.S. population who either currently or want to live a roving lifestyle. Frequent border crossings and life in rented accommodation can make it difficult to protect private keys.
- An estimated 35% of Americans rent their accommodation, and house-sharing is on the rise as home ownership collapses, especially amongst younger generations. It is not uncommon for personal belongings to disappear in shared accommodation.
So we wanted to create a way for Bitcoiners who face these difficulties to more easily and reliably transport their bitcoin across borders. We named the solution Border Wallets.
Patterns Versus Words
Imagine having five seconds to memorize either (A) or (B) from the choices below.
The Science (™)
Some formerly conducted studies have shown that we are far more capable of recalling patterns versus words after prolonged amounts of time.
Being able to recognize shapes more easily than words bears out anecdotally too — we tend to remember faces more easily than names (which makes sense, given that our eyesight and facial recognition abilities predate our use of language).
This phenomenon is known as the “picture superiority effect.”
The Litmus Test
Let’s see if this works.
In the spaces provided, have a go at recalling the missing words and the missing pattern from the example we showed above. No cheating!
Memorization Using Border Wallets And Entropy Grids
Border Wallets provide a method for memorizing seed phrases using three components:
- Entropy Grid: A randomized grid of all 2048 seed words.
- Pattern: User-generated pattern(s) or cell coordinates.
- Final Word “Number”: The final (checksum) seed word.
Combined, these three components comprise your Border Wallet.
The Entropy Grid Generator
Using our offline, browser-based entropy grid generator (EGG), users can generate their own entropically-secured, randomized grid of all 2048 BIP39-compliant seed words, and then apply a memorable pattern or set of cell coordinates to it — which only they know — in order to create a wallet.
While the EGG is browser-based, it is designed to work offline on an air-gapped PC, Mac or Linux machine (or even using Tails) and runs locally in the browser. To use it, users download it, transfer it to the machine of their choice and start generating entropy grids.
As each unique entropy grid contains a complete list of all BIP39 seed words in randomized format, and the users’ patterns exist only in their heads, users will store their entropy grid (or its recovery phrase) physically or digitally. Since entropy grids comprise all 2048 Bitcoin seed words in a random format, any evil maid attacks are faced with an upward difficulty adjustment that is significantly higher than if plain text seed phrase backups were discovered. You can think of it as a firewall between your seed words and any potential attackers.
Final Word Calculator And Final Word “Number”
The EGG allows users to import the relevant 11 or 23 words from their entropy grid in order to calculate the final checksum word. In addition to the user’s pattern, the checksum is the only thing that must be memorized.
However, in order to make this even easier, the EGG includes a unique “final word number” feature. With this, instead of needing to remember the word “pair,” users can just remember the number “5” — they could even write down this number on their entropy grid since, on its own, it is meaningless and provides no clues about the final word without the other words being known.
Users may also change the final word number to something more meaningful to them, although this also changes the final word itself. Therefore, if users do change the number, the new checksum shown must be used to set up your Border Wallet. We don’t advise users to change the number (since it is generated with entropy by the tool), but the option is there if desired.
Deterministic Grid Regeneration
When creating an entropy grid, the EGG provides the option to choose deterministic entropy. By using 128 bits of entropy in the creation of these grids, we have the ability to simultaneously generate 12-word recovery phrases that give a plain text backup. Recovery phrases are automatically added to the bottom of deterministic entropy grids during generation.
The provision of a 12-word recovery phrase may at first glance seem counterintuitive to the concept of Border Wallets — after all, we are giving users the ability to memorize seed words, not find new ways of writing new ones down! However, some users may find value in having the option to make handwritten or digital copies of regeneration words in some circumstances: for example, if they want to store a copy of an entropy grid with a third party (sibling, parent, child, etc.) for safekeeping.
Since all 12-word recovery phrases are valid BIP39 mnemonic phrases, this gives additional options for deploying decoy funds on the resulting wallet or just to have nothing at all on them. In the latter case, an attacker may spend money and resources trying to brute force a passphrase on a seed phrase that looks like it should have funds, but which only unlocks an entropy grid.
Gridception And The Art Of Obfuscation
As there is essentially zero cost for generating entropy grids, users may choose to generate dozens (or even hundreds) of individually numbered grids, storing their preferred grid among considerable “noise.” Imagine having 100 unique and individually numbered entropy grids, the user being the only person who knows which grid(s) might have been used to generate the Border Wallet.
In fact, there is no reason why a user cannot generate multiple patterns — or even multiple entropy grids — to create a multisig wallet that they can carry in their head. Deterministic grids also unlock the ability to introduce multigrid solutions whereby a primary entropy grid is encoded within other entropy grids. We call this gridception.
To do this, users would generate a grid and then construct a 12-word pattern to apply it onto that grid. They then take those 12 words and input them to the “grid regeneration” tab within the EGG, producing a second grid. This can then be repeated to create new grids ad infinitum.
For entropy grids stored digitally, i.e., on one’s personal computer, USB thumb drive or secure online cloud storage, the EGG features an option for users to natively encrypt and decrypt their entropy grids all within the tool’s interface. Once users have created a secure password, they drag and drop their entropy grid into the tool for encryption, producing an encrypted .json file that they can then store more safely in digital format. To decrypt, the .json file is imported back into the tool and unlocked with the same secure password.
Handling Seed Word Randomization
For “maximum” entropy grids — which use a truly cosmic 19,580-bits of entropy — the EGG employs the Fisher-Yates shuffle algorithm and the browser’s cryptographically strong pseudo-random number generator seeded with truly random values for generating a random permutation of all BIP39 seed words.
The option to reproduce deterministic entropy grids using 12 words — created using 128-bits of entropy — uses Gibson Research Corporation’s ultra-high entropy pseudo-random number generator.
Applications For Bitcoin And Beyond
For Bitcoin, Border Wallets and entropy grids offer new applications and solutions for bitcoin cold storage and transportation, legacy planning, gifting, third-party custody assistance as well as, most obviously, border crossings.
Looking beyond Bitcoin, however, we envisage the idea being applicable to other decentralized protocols where seed words are used for user account backup, i.e., Nostr, Web5 and other decentralized identifier-type systems.
This is a guest post by Wartime Microchad. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc. or Bitcoin Magazine.
Credit: Source link