Your Key Scheme
It is really important to thoroughly distribute all the components of your wallet scheme in such ways it is almost impossible to compromise the bitcoins protected by it.
To do so, here is how you should distribute your seeds, passphrase and other components to have a security setup that is really hard to break while remaining relatively simple and easy to manage.
This is a really advanced cold storage solution and should only be employed for funds that are meant for long term holdings.
Factors to Considers:
- Two separate locations for your two seed backups
- One location for your PASSPHRASE.
- Two locations for your Seed XOR backup.
Key Scheme Logic
- Never talk about your Key Scheme Logic, how many signatures are required to access the funds, where they are located, etc .
- The less information shared, the harder it is to figure out the scheme and break it. This is also necessary to ensure the security of your seed guardians, if you have any.
- If you have any seed guardians, depending on your level of trust, you don’t need to share all the details of the information they will be holding. You must however insist on the importance of it.
- The owner of the bitcoins is the sole person or entity that knows all the locations of the different backup seeds.
- This is necessary in order to prevent collusion between different seed guardians.
- Two backup seeds should never be at the same place.
- This is important in order to prevent the ease of stealing bitcoins.
- It must be extremely difficult to blackmail the owner of the bitcoins.
- Explanation: if the owner of the bitcoins gets blackmail at gunpoint, he is not able to share the information that he doesn’t have in his possession. The thieves would have to kidnap or sequester the bitcoin owner in order to seek the missing information (one backup and the passphrase).
- All the locations of the different components should be monitored and secured with regular surveillance and security tools.
- If one of the locations is compromised, the owner of the bitcoin should be notified as soon as possible in order to be able to reinitialize another key scheme.
- Verify yearly that all the seeds have not been compromised in any way. Restore immediately the key scheme if one of the locations is compromised.
- In the case of a catastrophe, we recommend having an extra passphrase backup intended for only extreme uses. This backup should be even further in terms of distance than the original passphrase.
Estate Recuperation/ Inheritance Logic
- When the time comes to move the bitcoins locked up in the scheme, the bitcoin owner or the HEIRS must be able to retrieve the bitcoins funds securely in a relatively short-time manner.
- If the setup is compromised, the bitcoin owner must be able to retrieve rapidly the remaining backups and the passphrase in order to reinitialize the key scheme. Depending on how far the passphrase would be situated, the whole retrieval and signature process should take a maximum of 48 hours.
- The Heirs must be provided with sufficient information from the PLAN, integrated in the will of the bitcoin owner in order to recuperate the integrity of the funds. However, the PLAN must not contain sufficient information for the guardian of the will to be able to steal the funds by himself.
- Change immediately the PLAN included in the will in the case of any changes done in the key-scheme or any type of crucial information.