Backup Private Keys and Seed Phrases on SD Cards

Hey Guys,

I have a question and hope someone might be able to help out.

What I want to achieve?
Store all my seed phrases, and private keys etc. safely on multiple SD Cards. I like the concept of the Cold Card Wallet https://coldcardwallet.com/ where you can create a backup of your wallet via creating a backup on a SD card, which will be strongly encrypted. Thus you can create for example 10 copies and store them in different places like houses from friends and family etc. so you can be safe that in case of an fire or thief you access to your wallets never gets lost. Moreover you can choose a really strong password for this SD Card backup and store this password without huge risk in a password manager etc. because you need the password together with the pysical SD card. And the cards are small and not suspicous people gonna think there are just photos on it etc. I really like this concept and think, it is the best way to store everything safely. The problem is this will only work for the coldcard wallet.

What I would like to achieve is to do this for all my wallets. Thus I think it would be the best to buy a small cheap Laptop with and SD Card Slot and remove all the parts, which enable a contact to the internet like wifi or lan modul. Then install a encryption software and starting afterwards to type in my keys etc. and create these backups.

What do you think guys is this considered to be safe? I want to be sure that there is now way to steal these sensitive data and be more safe like a simple paper backup as well. Maybe someone has already done this kind of backup?

Would this be possible and as safe as I Imagine? And if yes which device and software would you recommend to use? Or do you have better ideas?

I hope someone can give some tips, thanks a lot for your help.

I’ve gone down various routes over the years and you’re probably overthinking it, same as I was. If you’re a HODLER you’re not using your security setup often and I promise you that you’ll forget what you did to set it up. That’s true even if you’re paying attention to crypto everyday. It sounds crazy, but you will. You’ll then need to take and also store very detailed notes along with your private keys which removes any operational security you built into your design.

Then if you make it so complicated, in the case of your untimely death, almost certainly no one will be able to figure out what you did.

Better to stick with tried and true recommendations. Buying a hardware wallet will solve 99% of your needs.

Thanks for your input. I understand your concerns. I also do have a Hardware Wallet, but the problem with the backup is still there. If I do a paper backup and store it in only one place it might get lost, stolen etc. and if i try to reduce the risk of loosing it I have to make several paper backups which are stored in several locatoins. But as more backups are in different locations the higher the chance, that someone might gets access to it somehow. Not so easy to be your own bank at least it can create a lot of headache But I still sleep better this way than I would by trusting third parties

Alternative might be to just buy a lof of hardware wallets and using them as backups and placing these in several locations, which feels more safe than a paper backup because if someone get there hands on they still need the pin to access the wallet. In this case I would tend to the SafePal wallet, because it is quite affordable. But on the other hand it is not open source, which makes me worry a bit. What do you think about the SafePal Wallet or can you recommend anoher affordable wallet which is open source?

Or maybe somone has a better idea? I just want to make everyting right in the first place now as I’m pretty sure that the value of the funds will increase a lot during the next 5 years. Once these funds have a real high value, I want to have the best feeling possible about my storage solution

Using additional hardware wallets as your backup media is a very poor idea.

An example:

• In 2015 you bought some BTC and used a Ledger Nano S to manage your private keys.
• You bought two Nanos and set both up with the Ledger software. Each Nano gives you access to the BTC you purchased. Everything works perfectly.
• You physically stored the Nanos in separate locations, wrote down the PIN and forgot about it.
• 2020 rolls around. There’s a bull-run at the end of the year and you want to sell for some sweet gains.
• You go to pull out your primary Ledger Nano and it’s gone. Oh yeah, it was in that box you sold two years ago. No matter, you still have the PIN so whomever got it can’t do anything. Checking the address on a BTC explorer, you can see your BTC are still safe and sound.
• You find your backup Ledger, plug it in, enter the PIN you safely stored all these years and you find out that
  The Ledger Chrome extension previously used to manage Nanos is no longer available or supported
  You need to update the firmware on the Nano so you can (re-)access those funds
  Updating the firmware will wipe the private keys associated with that BTC from the Nano
• You are stuck. If you want to temporarily move your funds to a new address with new private keys you still need the Nano to sign the transaction. But without updating the firmware (and wiping the current ones), you can’t.
• If you had, instead, saved the seed phrase, this would all be moot. You could wipe the Nano, update the firmware and restore your private keys using the saved seed phrase. Or you could use the seed phrase to access your funds in a completely different wallet, such as Electrum, bypassing the Nano altogether.

Having a second physical hardware wallet, is still a good idea, but it is not meant to be a backup medium. It’s a physical device for securely interacting with your private keys.

The seed phrase is an open standard – BIP 39. Along with BIP 32 and BIP 44, this provides access to private keys in a way that is not dependent on specific hardware or specific software. Any BIP39/BIP44 wallet can use that seed phrase to provide access.

Storing the seed phrase is what you need to work on. Use the IT 3-2-1 backup strategy. 3 copies on 2 different types of media and 1 off-site. 1 copy could be your “production” copy on a Ledger Nano. A second copy is written down and a third copy is an encrypted text file. The written copy is stored offsite, say in a safety deposit box. For extra measure, the encrypted text file is stored on a cloud service such as Google Drive or Apple iCloud or even your own private file server.

This would provide reasonably good Disaster Recovery, in the event your home floods, burns, falls into a sinkhole, etc. You can still gain access using the seed phrase written down and stored offsite. Or you could download and decrypt the encrypted version. Your funds are not locked behind proprietary software or hardware. A mere firmware update is not preventing access.

Makes sense, thx. How would you create the digital copy. Is there a safe way to realize this somehow? Maybe using TAILS for this?

TAILS is a good solution. Spin up TAILS, create your encrypted text, save only the encrypted text to a USB flash drive. Quit TAILS and copy the encrypted text file to a secure location/service.

I use multiple things the traditional paper and pen, metal backups, encrypted backups, the paper and pen is locked up behind anywhere from 2-4 different locks using codes and keys, I even picked up a STONEBOOK and ghost pen from ShieldFolio. I highly recommend the STONEBOOK and ghost pen as another backup solution one of the best purchases I’ve ever made. The website if you’d like to take a look at the STONEBOOK is https://shieldfolio.com/

Thanks for your suggestion, if incognito has seed phrase, it would be useful

I know OpenDime has a BTC “SeedPlate”.
Basically you store your seed on a metal sheet. Put that baby in a fireproof safe and I think your good.

Great to know some website can backup keys better, now I’m using note on ip only

the prototype looks better than real one

Hi @Kawhi, let’s wait for the HD wallet release this month (Prepare for the new HD wallet feature - Back up your private keys!)

Can we track the private key we lost by validator key?

I don’t think so, if you can track the private key, it’s not incognito anymore

The only way to get other keys is with your private key. With your private key you are able to pull all your other keys but only with the private key. You cannot do this with other keys.

As peter mentioned above. Soon we will have mnemonic phrases in place, so stay tuned!!