Benjamin Franklin once said, “If you fail to plan, you are planning to fail.”
This is very relevant to today's post!! If you have not considered you backup and recovery strategy i hope the quote above will motivate you to action; life can change at any moment and it is the way you have prepared yourself for these events that will determine your ability to recover.
Disclaimer: This guide is not a battled tested plan and before using it as your solution your should consider your requirements and risk tolerance
Today i would like to post about a proposed backup strategy to secure bitcoin private keys, mnemonic seeds, passwords databases and wallet.dat files.
I am writing this as i need to upgrade my backup systems to a more reliable and secure method and i thought it would be good to lay it out in a post to take comments from the community and potentially help others in the same situation.
Risk Assessment / Tolerance
What am i trying to protect
- Password Database
- Nemonic Seeds
- Wallet.dat files and associated local wallet files.
What am i trying to protect it from
- Fire / Flood and natural disasters
- Hardware failures
- Physical Theft / or loss
- Data Theft
- Accidental deletion
What media would i like to use to store backups
- Password Database and wallets on multiple electronic media
- Seeds stored on paper encrypted and sharded with a 2 of 3 recovery objective
What sort of redundancy would i like
- Stored in multiple geographically diverse locations
- Multiple copies as so to create and archive of changed state
- Different media to protect against faulty hardware
What would i like to avoid
- Cloud storage
Good practices when it comes to backups - The 3-2-1 Rule
A common rule in the world of backups and recoveries is the 3-2-1 Rule which expands to the following concepts:
- Have at least three copies of your data.
- Store the copies on two different media.
- Keep one backup copy offsite.
3-2-1 : Digital files:
3 Copies: With 1 copy on my laptop (the live data) i will need 2 more backups of my data
2 Medias: i will use USB flash drives and a portable HDD that will backup my whole PC
1 Offsite: i will keep my Portable HDD at work where i can backup my whole PC, including Password Database and wallet files.
So i have the live data, a copy on a HDD at work and a copy on a USB flash drive stored in a safe place home. All backups, wallet files and password database will be encrpyted with a master pass phase that i will need to retain in memory.
Modified 3-2-1 : Mnemonic seeds (Paper backup)
I do not want to transfer my seeds or derivatives of them to electronic media as this may pose a security risk for my funds, and so far these seeds have been generated offline and used within hardware devices such as Trezor hardware wallet. This concern of mine means i will need to store the seed in multiple locations. Given this seed its human readable i will need to encrypt the data and i would also feel more comfortable if it is not stored in its complete form (even as encrypted data) in 1 location, this will mean i will need to shard the seed into at least 3 shards and have a method that 2 of the 3 shards is required to recover the seed. This will mean i am going to need another off site location :(
Given my concerns above, I have modified the 3-2-1 rule and have come up with what i will call the 2-2-2 Rule:
2 copies of the data (live and backup), 2 media (hardware and paper), 2 location (i say 2 because that is what is required for restore)
Summary of Seed Storage:
- Seed stored as 3 symmetrically encrypted shards on paper (protected with lamination)
- Shard's stored in 3 geographically diverse locations
- 2 of 3 shards + pass phrase is required to decrypt to mnemonic seed
i will use a live CD, the process will occur completely offline and the output will be printer via a USB printer and protected by 3 sealed envelope which are laminated.
Putting it all together
- I will have my live data stored on my hardware wallets and laptops with access control in the form of a pass pharse and pin stored in human memory.
- I will backup my electronic data to USB drive and portable HDD stored in 2 locations protected by physical security and also encrypted and requiring pass phrase to gain access.
- I will have my seed stored on a hardware wallet on my person and on paper, encrypted and broken into 3 shards requiring at least 2 of them and a pass phase to recover the seed.
These are pretty easy to visualise the process as mentioned above so we will not go into much details, but it is important to update these backups regularly, i am thinking a fixed 1 week schedule should be easy to maintain with Adhoc backups for important changes.
Note: If the shared seed backup method mentioned below is used the exact offline copies of the Pass guardian website used below should be backed up within your digital backup's in all locations to ensure future recovery of the generated shared
Sharded Seed Backup - The fun part
This one requires no updating but is harder to visualise the process so i will expand on my thoughts for this topic. I will be using 256bit AES symmetric encryption to create a Base64 encoded encrypted string of my 12-24 word seed and then i will use Shamir's Secret Sharing Scheme (SSSS) to shard the data into 3 pieces with a threshold value of 2 (this means it requires 2 of the 3 shared to recreate the original Base64 encoded, AES256 encrypted string)
I broke this into a step by step guide with pictures and is linked below:
Extensions on this plan
What if you get hit by a bus:
It may be useful to think about using a larger number of shared for your Shared seed backup and potentially leave 1 shared with your lawyer / in your 'will' and potentially another bank Safety deposit box which will be released in case of death, with your close family etc. this maybe an important consideration although be very sure to think long and hard about what threshold to set and the likely hood of these pieces being brought together before your intended time.
This is the result of me considering my risk tolerance and backup requirements, i would really appreciate criticism, comments and suggestions in relation to this plan as i would like to have the best of breed solution and value any input that would help me adapt this plan.