Bought some D8 dice.
On November 7th, 2023 I wrote this post detailing how to generate a 12-word seed phrase using physical dice. It is arguably one of the most important posts I have ever written. Ironically it was downvoted for more than half the original payout. Good thing downvotes aren't censorship. A little bird told me that Google's Search-Engine-Optimization algorithms down care how much I got paid. It's on the blockchain forever. Good stuff.
In any case
We have officially entered the 5th epoch (cycle) of Bitcoin.
- 50 BTC
- 25 BTC
- 12.5 BTC
- 6.25 BTC
- 3.125 BTC
It's a big milestone
We are heading towards the bull market year of 2025, and I have every reason to believe that this could be the biggest explosion of adoption crypto has and will ever see in history. All we have to do is not fuckup. Surprisingly this will likely much easier be said than done. The FOMO monster has a way of getting inside one's head.
Biggest Vulnerability?
Every once and a while I'll see someone's biggest fear materialize. They basically lose everything from a single hack, rugpull, or bankruptcy filing. It really sucks to watch helpless as this fate is bestowed seemingly randomly onto members of the crypto community. Of course there are ways to mitigate losses like these and beef up security, but there will always be some who go full YOLO and subsequently FAFO.
So what can we do?
There comes a certain point in this journey where we are going to need to jack up our security by exponential margins. What are you going to do when you've got access to 7 figures worth of wealth? What about 8 figures? 9? 10? Some of us are going to be billionaires. Can you imagine just walking around in broad daylight with everyone around you publicly knowing you're a billionaire with all the funds be accessible off the grid? Sounds like a wrench-attack nightmare to me honestly. No thanks. And yet still I don't have a great solution to that problem... yet.
What I am prepared for is generating my most important passwords offline while making sure they stay offline using various air-gap strategies. At this point I've decided that anyone being serious about security would never allow their keys to be generated by software that was mailed to them by the post office or downloaded online. In fact creating keys digitally in any way is a significant security risk no matter how knowledgeable the user happens to be. There can always be some unknown unknown that pops up to ruin someone's day.
The analog solution is best.
And at a certain point there's really no excuse to not do it this way. If we are the bank then we can't outsource our security to some random piece of code that we didn't even vet. Verify; don't trust... as they say. This is especially relevant sentiment considering we might only have to deal with this process of creating an ultra-secure password one time. If that password does the job it was meant to do and never gets exposed to the Internet then it never needs to be replaced.
Bruv why is this post titled "checksum"?
Because the checksum is by far the most complicated and confusing part of generating our own 12/24-word seed phrase. This checksum exists on public keys as well. Have you ever been afraid of what would happen if you accidentally sent money to a public key in which one of the digits was incorrect because of human error? The chance of this happening is exceedingly small because the checksum prevents it.
A checksum is a value that represents the number of bits in a transmission message and is used by IT professionals to detect high-level errors within data transmissions. Prior to transmission, every piece of data or file can be assigned a checksum value after running a cryptographic hash function.
The checksum can also be used to verify entire files.
Imagine you downloaded a file from someone and wanted to make absolutely sure it didn't have any viruses on it. Once you receive the file you can hash it with an algorithm to ensure that every byte in that file is in the correct order. As long as you trust the source of the checksum itself (which Hive would be good at doing) you can be reasonably sure the file hasn't been tampered with.
A Bitcoin Improvement Proposal (BIP) is a formal proposal to change Bitcoin. The BIP process organizes the Bitcoin community in the absence of a centralized leader. BIPs can propose changes to Bitcoin's consensus layer, community standards, or the development process.
What is BIP-39?
Bitcoin Improvement Protocol 39 is the foundation of all seed phrases across every cryptocurrency. That's how powerful this piece of open-source code turned out to be; it's a building-block for almost every other crypto. The way it works is pretty simple[ish]. Crypto uses 128-bit encryption and each word in BIP-39 corresponds to 11 of those bits. 11 bits means 2048 (2^11) possibilities so there are 2048 different words that map to every possible combination.
Of course if one does the math on this they can see that 11 bits x 12 words = 132 bits. If we only need 128 of those bits... then what are the last 4 bits used for? The answer is the checksum. This means that if the last word of the seed is chosen randomly it only has a 1 in 16 chance of working (because 2^4 = 16). In the other 15 scenarios the checksum would fail and the 12-word seed would be invalid.
24-word seeds give even more accuracy because they can theoretically be used for 256-bit encryption (although Bitcoin doesn't have this feature). This gives us 8-bits of checksum which means if the last word in this seed is chosen randomly it only has a 1 in 256 chance of being correct.
https://docs.google.com/spreadsheets/d/1zEDR4O6jrRF_xCbmdMomHnNIBVpTeqtgThhFOjB-1ws/edit#gid=0
Hopefully the above link doesn't break, but this excel sheet allows us to map dice rolls to random words within the BIP-39 word-pool. Ideally one would have three D8 dice and one D4 die, but it's also not very hard to just buy a bunch of D8 dice for $10 and use one of them as a D4.
For example, if we rolled 3, 8, 1, 4 (order matters and dice would ideally not be identical) this would map to the world fragile. However I've already done this tutorial so I'll just stick to the checksum. The dice aren't even necessary and we can pick whatever words we want. We could even repeat the same word multiple times in a row. The problem with this is that the password becomes much easier to hack when it lacks entropy (randomness). But again, that is beyond the scope of this post.
Calculating the checksum.
If I'm being honest I've forgotten how to even make sure the checksum is valid. I'll have to get confirmation from the original post. From memory I know I have to do an SHA-256 hash on the bits and some part of the hash (the first hex digit?) should match the checksum.
- fossil
- foster
- found
- fox
- fragile
- frame
- frequent
- fresh
- friend
- fringe
- frog
- frost
Is this a valid seed phrase?
Well obviously it's a TERRIBLE one in terms of security, but the real question is: will it actually work? Will the checksum fail? There's a 15/16 chance that it does. Let's find out.
fossil foster found fox fragile frame
frequent fresh friend fringe frog frost
Unsurprisingly it does not work.
The word "frost" is incorrect and fails the checksum.
Let's see if I remembered how to figure out the real word.
Copy/paste the bits for each word
- Delete the last 4 checksum bits.
01011011111
01011100000
01011100001
01011100010
01011100011
01011100100
01011100101
01011100110
01011100111
01011101000
01011101001
0101110
String them all together
01011011111010111000000101110000101011100010010111000110101110010001011100101010111001100101110011101011101000010111010010101110
Convert to hexadecimal
5BEB8170AE25C6B9172AE65CEBA174AE
Do an SHA-265 hash on our password
- Make sure it's a hex hash
Looks like the checksum we are looking for is a "C".
- "C" (12) in hex is 1100 in binary (8+4+0+0)
So the final 4 digits need to be 1100 but "FROST" is 1011.
So close... it happened to be 11 instead of 12.
So the real word we need to use is one below "FROST" which is "FROWN"
fossil foster found fox fragile frame
frequent fresh friend fringe frog frown
"frown" at the end of the seed no longer throws an error so we know we did all the math perfectly by hand without the need for an algorithm. Unfortunately doing SHA-256 by hand is not really an option so some of this stuff needs to be done on a computer that will never have internet access. But I suppose I'll have to save that for another post on another date.
Conclusion
Creating our own 12-word seed by hand is greatly complicated by the checksum, but in the end it's worth it. If done correctly it will create a password that has not only never been exposed to any machine connected to the Internet, but also never needs to trust the RNG code that comes native on air-gap hardware wallets (which may or may not have been tampered with). The only way to truly airgap a crypto seed phrase is to do this calculation oneself and then verify the pubkeys on a completely separate offline device such as Raspberry Pi Zero. After that a good airgap hardware wallet will take care of all the heavy lifting while protecting the seed we've generated.
Great post.
I have also been thinking about these issues we may face if Bitcoing really does moon.
I'm going to read it properly when I have time.
I've gotta be honest, if I ended up in the seven figure range after this bull run, there is a good chance a fair portion of those gains are going to be moved into traditional finances. Still not the most secure, but as much as I love crypto and believe in it, I have a house to pay off and some other stuff to take care of. Once I have things where I want on the traditional side of things, I'm fine locking everything else into crypto.
I guess I really failed to mention here that Hive doesn't need this level of security because of timelocks, tiered keys, and account recovery.
I stake and lock everything for max duration. It's one of the main reasons I chose this chain.
Land, cards, SPS, HP, HBD.
If I can't lock it I don't want it.
No, you have mentioned that before. I remember some of your posts about why Hive can't suffer a ln attack like that.
Yeah I def talked about it in the linked post about dice rolling seed codes.
Honestly it's kind of embarrassing Bitcoin doesn't have account recovery yet.
I need to do more research but I think their timelocks would allow it.
And it could be even better than what we have.
You can kind of get it with ledger now can't you? If you have your BTC in a wallet there. Not that I would trust them... I think the bigger issue here is what did you ever do to piss off curangel?
Nah the Ledger recovery is if you lose your seed.
If someone gets your seed you're still totally fucked.
Which is actually the problem with Ledger recovery is that it exposes the seed to the outside.
I'm talking about recovery where you timelock the Bitcoin and if someone steals your keys and tries to move it you can recover it before they can steal it. Same as Hive recovery.
That doesn't exist yet on Bitcoin (or anywhere else as far as I know).
I actually couldn't 100% tell you.
I used to roll in some pretty hardcore conspiracy theory cliques that had many run-ins with him.
I don't think I have the link saved but I started getting big-time downvotes after a post talking shit about downvotes.
I have lots of experience with downvotes actually going all the way back to berniesanders.
Cost of doing business with all my rough edges.
Ah, I gotcha on both topics!
That's all well and good but that could snowball the problem even worse during the next cycle.
If you end up selling anywhere near the top you'll be even better off in the next cycle.
I'm going "retro." Just going to write a half finished whitepaper and blast the ICO for good old times.
shut up and take my money
I just need to be sure I am set on the traditional side of things. That isn't going away anytime soon and given my age, I need some stability there. Six or seven figures would definitely provide that.
Yes well you may get a very good opportunity to borrow against your crypto and extract tax-free loans from it.
Don't just go creating tax events for no reason.
I also prefer analog ways to keep my seed phrase although only have ver few that are important to me, on multiple usbs (copy) and one offline laptop but didn't know one can generate our own seed phrase that really geek thinks up 😅 one thing I really like about Hive is how it has multiple access levels to an account so you can only interact say when in mobile and not access transactions, would be cool to have some sort of 2fa but nothing like generating your own password
How about an analog means of transacting? Something that couldn't be censored. Any thoughts?
Thanks!
Yeah it's called having a cult and trading silver and gold coins within some kind of weird Amish-type community.
I personally don't have access to my cult yet.
I got a few silver coins though.
I've got a bit of gold, we could start a cult today! Just need some Kool aid...
This is a good buffer, as well as a small investment that could return well if the rampant PM manipulation suddenly ends and silver price stops being suppressed.
I love weird Amish-type communities. Where else to get beautiful craftsman styled chairs and end tables? It's the weird Mormon-type communities you have to watch out for. Amish-types are never prone to sex scandals involving child brides. They're too busy planing planks and raising barns.
I like to think that I think like edicted, but posts like this one blasts me out of the water lmao. Maybe it’s because I’m too poor to care about that much security for now. But I’ve bookmarked it for the future. 🤝
Yeah for now a hardware wallet is fine but you never know when some government agent is going to start installing backdoors. The more money we have the better our security needs to be. Luckily Hive has better security than BTC with timelocks and account recovery.