Legacy wallet.dat or BIP39 Seed Phrases: Which is safer for the long run?

5 replies 334 views
walletioNewbie
Posts: 13 · Reputation: 23
#1Oct 13, 2024, 03:50 AM
Hey folks, With all these recovery stories popping up lately (like folks trying to crack their old 2010 wallet.dat passwords or getting back deleted seed phrases), it got me thinking about how we keep our crypto safe over the long haul. If you had a decent chunk of BTC saved up today and wanted to leave it be for over 10 years, would you feel better about a super encrypted legacy wallet.dat backed up on a few offline drives or just a regular BIP39 seed phrase etched on metal? Both options have some serious risks tied to human errors, so what does everyone think is the most reliable choice these days? And why do we still hear about all these
6 Reply Quote Share
coin49Newbie
Posts: 117 · Reputation: 19
#2Oct 13, 2024, 05:13 AM
You need to keep both encrypted wallet files and the metal seed storage safely. If you lose these backups, your bitcoins will be at risk of loss by a wallet password brute forced or a wallet seed phrase imported successfully and other people can steal your bitcoin. Is it safe or unsafe, it depends on how you make your wallet backups and how you store your wallet backups. How to backup a seed phrase? Crypto Security - Additional Protection For Your Seed/Private Keys. [LIST] Bitcoin Seed Backup Tools. Metal Bitcoin seed storage reviews. Securing Your Seed Phrase with Washers
2 Reply Quote Share
dr_atlasMember
Posts: 419 · Reputation: 65
#3Oct 13, 2024, 08:18 AM
A wallet.dat file commonly refers to a file based wallet of Bitcoin's standard client software Bitcoin Core and its forks. Those usually rely on file based backups, because by default Core doesn't use a mnemonic recovery words backup scheme. You could setup a descriptor wallet.dat from a standard BIP39 mnemonic seed phrase but Core doesn't do this on its own. You could of course export modern HD descriptors in text form from a descriptor wallet.dat in a secure preferably offline environment. You should know what you're doing and how to do it safely! If all your redundant file based backups are in one place, this place becomes and is a single point of failure. (Like a fire could destroy all your redundant backups and then you lost them all.) Any long-term self-custody hodling needs a proper loss risk assessment and suitable strategies to remedy the most relevant loss risks. I would suggest to not try to overdo it. Something too complicated to mitigate too much can become a loss risk by itself. Same applies to self-custody using BIP39 mnemonic recovery words. You should have redundant backups, I use paper and metal stamped backups. Do a proper loss risk assessment here, too! People make errors because they don't think it through and in many cases also lack the knowledge about how Bitcoins and wallets work, about security, about safe environments. They over-estimate their abilities to memorize things over longer time periods. They document poorly in many cases. I don't want to hide that good and extensive documentation can become a risk, too. But the lack of it IS definitely a loss risk or rather a recipe to loose coins. You may want to take a look at different approaches to secure self-custody and related topics (no significance of listing order): e.g. https://glacierprotocol.org/ https://www.smartcustody.com/ --- IIRC, they elaborate quite a bit on risk assessment [Guide] Secure air-gapped crypto wallet storage method --- dug up an old guide, maybe worth a look in addition to my previous poster's links https://blog.lopp.net/a-treatise-on-bitcoin-seed-backup-device-design/ Securing Your Seed Phrase with Washers Post edit: Very briefly, what do I use? I think I made a good enough loss risk assessment and based my backup strategy on it, trying to avoid too complicated setups. I pay attention to sufficient and good documentation. I don't leave docs in plain sight at home (a burglar could find it with enough time, but that's not a likely situation). An encrypted copy of my documentation is at a redundant other location, same for my off-site backups. The digital documentation part is solely on an always offline computer. I don't use Windows for my crypto coin stuff, Linux instead. I don't use my regular daily computer for my crypto wallets with the exception of watch-only wallets. I use decent and trustworthy open-source hardware wallets (I don't ever use Ledger crap). I have redundant paper and stamped metal washers mnemonic seed words backups and currently also use additional mnemonic passphrase extensions that are backed up separately from BIP39 or Electrum seed words to avoid loss by exposure of the mnemonic recovery words alone.
2 Reply Quote Share
titanx539Member
Posts: 804 · Reputation: 117
#4Oct 13, 2024, 10:46 AM
Based from the context, you're actually talking about "non-HD wallet.dat" files rather than all legacy wallet.dat files that includes non-descriptor HD wallet files, correct? What it fixed is the issue of requiring the user to update their backup once they've used up all of the pre-generated private keys in the wallet backup. Since it isn't HD, once it needs to generate more keys in its keypool, it'll create those randomly which can't be reproduced even by the backup. Thus, it required the user to delete the old backup and replace it with an updated copy of the wallet file. The HD update only addressed the issues related to it. But not the human-related issues like mishandling the backup or bad security practices which is always present regardless of the wallet's backup scheme.
4 Reply Quote Share
Posts: 790 · Reputation: 114
#5Oct 13, 2024, 11:43 AM
I wouldn't trust any digital storage system for 10+ years without making new backups on a regular basis. I would feel better if it's encrypted. But as always, there's the trade-off between someone else gaining access, and not losing access by yourself. You could consider a combination: use different backup systems for the same keys. But properly creating them is a lot of work.
2 Reply Quote Share
Posts: 705 · Reputation: 103
#6Oct 13, 2024, 02:06 PM
I don't like the idea of storing your savings in wallet.dat without the possibility of a meatspace backup such as seed phrases on paper. And this goes for other machine formats of storing private keys as well. Just a few hardware failures and your coins are gone. But then you would have to write down the encryption key. And at that point, your backup strategy would be a bunch of Babushka dolls.
3 Reply Quote Share
?Reply
Sign in to reply to this topic

Related topics