Originally published on Unrestricted.com.
Unbound It is the official US collaborative incubation partner of Bitcoin Magazine and the primary sponsor of related content published through Bitcoin Magazine. For more information about the services offered, custody products, and the relationship between Unchained and Bitcoin Magazine, please visit our website.
Properly controlling your keys requires some additional responsibilities, but it is an essential part of Bitcoin security. But what happens when you need to travel? If you have large amounts of Bitcoin in cold storage, should you carry your Bitcoin wallet keys with you? And if you travel with one or more keys, what steps should you take to stay safe?
Consider these seven tips for traveling with your Bitcoin in a way that puts you in control while minimizing risk.
1. Only carry the wallets you need
Bitcoin allows you to segregate funds into multiple wallets, so you only need to carry the keys you need in small amounts of Bitcoin. You can secure your Bitcoin savings in a multi-signature cold vault, while still holding some coins in a hot wallet on your phone such as BlueWallet or last.
By holding only the wallet keys you need, you can spend and receive bitcoin while leaving the majority of your savings in a secure cold storage setup, such as multisig, that eliminates single points of failure.
2. Think about your destination
Consider your destination and travel plans when assessing the risks of traveling with your Bitcoin keys. What is the relative crime risk in your destination? Is your destination a high-crime country or city? What will your surroundings be like?
If your destination has higher crime rates or petty theft is common, assume your phone will be stolen. Maintain good smartphone security, and avoid keeping the keys to large amounts of Bitcoin on this device. Minimizing potential Bitcoin losses by keeping only small amounts in mobile wallets is one consideration, but even storing multisig wallet keys on your smartphone while traveling can increase the chances of settlement, necessitating Replacing a switch is tedious.
If you're traveling to an event where Bitcoin ownership is assumed, model your security around the assumption that everyone knows you own Bitcoin. This could mean making sure any individual wallets have a passphrase, or securing small amounts of Bitcoin using multisig and distributing keys in your belongings while travelling.
3. Avoid traveling with primary ferry backups
He should Always secure your key phrases, but remember that it represents the unencrypted secret of a particular key, which makes it much easier to hack than a hardware wallet. While your hardware wallet's private key data is generally secured within a file Safe itembehind a PIN, and requires a computer to access, it is easier to physically steal, copy, or photocopy backups of raw statements.
For most regular travel, you should leave your initial statement backups in a safe storage location and travel with one or more hardware wallets.
If you must travel with a backup for the primary ferry
You may need to travel with a Backup seed statement In some situations. Relocation of permanent physical residences (us Published a guide Which you should read if this is your situation) and traveling to prepare a safely stored key item in a multisig setup, are both reasonable reasons to travel with a 12 or 24 word seed phrase.
If you have to travel with a ferry, there are things you can do to reduce the chance of exposure and maintain peace of mind:
- Remain inconspicuous at airport security: Back up a paper seed phrase inside a book, or break down the seed phrase by writing it in a physical notebook using some conventions you'll remember. Avoid using suspicious locks or metal cases. If your bag is pulled over under suspicion, there is a much greater chance that your seed phrase will be seen.
- Use a passphrase for individual wallets: PINs can protect a hardware wallet, but a passphrase will protect your seed phrase! While passphrases Overall risky compared to other incubation setups like multisigit may make sense to use one with a single wallet while traveling with a seed phrase as long as it is properly backed up (don't rely on your memory!).
- Take advantage of your travel companions: Consider using a multi-signature wallet (see below), give a travel companion one seed phrase, keep one seed phrase for yourself, and store one seed phrase on the hardware wallet in a designated bag, for example. If you have to make sure one seedphrase is already in place at your destination, you can waive one by caching it in your password manager before leaving (see below).
4. Pay attention to what you say and show
Before an attacker can attack, he needs to know who he is targeting. This is where operational security comes in. Many of these tips apply to saving wealth with Bitcoin in general, but are especially applicable while traveling.
When you're on the move, you're often at the whims of people and environments that you can't control. These are riskier situations to publicly declare that you may own large amounts of Bitcoin.
- Don't talk about Bitcoin with people you don't trust: One of the easiest things you can do is talk less about Bitcoin! Be careful when “spreading the word.”
- Do not put Bitcoin stickers on your laptop or devices: These are like big neon signs that say: “This device stores private key data!”
- Do not wear Bitcoin-related merchandise: Especially in places where people know what to look for, wearing merchandise or clothing with Bitcoin logos unnecessarily puts a target on your back.
- Don't talk about how much Bitcoin you have: It's generally a good idea to only share the amount of Bitcoin you hold on a need-to-know basis. Knowing that you are a higher value target may make an attacker consider taking more extreme or risky actions.
It is worth noting that these behaviors can pose a physical risk when traveling even if you do not have any basic data about your person. If someone tries to attack you with a $5 wrench and you don't have any Bitcoin to give them, your Bitcoin may survive, but your knee may not!
5. Create a fake portfolio
Whether you're traveling with a hardware wallet or a software wallet, many wallets allow you to create a virtual wallet. Decoy wallets allow you to create a second wallet, completely separate from your primary wallet, which you can activate in duress scenarios. With these funds, you can usually add money that you are willing to lose but large enough to make the attacker think they got what they wanted.
There are a few different ways to create a fake Bitcoin wallet:
- Single password + passphrase
- Use a single key in a multi-signature quorum
- Duress PIN
Single password + passphrase
Using the passphrase, you can set up a secondary wallet that gives the attacker access to a small subset of your funds. You can also make the primary wallet a decoy while using a passphrase for your main wallet. always Consider the trade-offs of using a passphraseHowever, always make sure you back up your passphrase correctly (it is case sensitive).
Multi-signature
If you use multisig, as long as you can keep it secret that any particular hardware wallet or seed phrase is part of your multisig setup, you can protect yourself by using one of the keys in the quorum as a decoy. To do this, simply use one hardware or software wallet that is usually part of your multisig setup as a standalone wallet. An attacker could access funds sent to the individual wallet associated with that seed without accessing — or even knowing — the wallet created with multisig.
Duress PIN
Some wallet makers allow you to set up a forced PIN. Using this function, you can set up a second PIN that gives the attacker access to a second fake wallet. If you are attacked, give the attacker the wrong PIN and let him have a smaller subset of the funds in that wallet.
For example, the Coldcard hardware wallet offers three types of coercion PINs: one that unlocks the decoy wallet, one that destroys the seed upon entry, and one that creates a countdown to customizable “brick modes.” These tools provide you with confidence that attackers will not be able to access your underlying Bitcoin keys, if they exist at all.
6. Consider multi-signature to eliminate single points of failure
Bitcoin's native multi-signature feature can help create virtual wallets, but it's also a powerful tool for mitigating travel risks in general. Maybe you need to travel with private keys, but want to avoid the single point of failure for individual wallets. Traveling with three hardware wallets, each key kept as a single key in a multi-signature quorum, can help reduce risk.
There are many unique possibilities that multisig opens up for you if you are traveling. Each of the following has security implications and trade-offs to consider that are beyond the scope of this article, but you can:
- Distribute saved keys while traveling: You can travel on an airplane with 2 of 3 multisig where one key is with you, another key is located in a secret compartment in your carry-on luggage, with a third key and backups of the primary key geographically distributed in another secure location. This keeps three keys separate, requiring two of the three keys to come together to spend money.
- Store the seed phrase digitallyTemporarily compromising a seed phrase by storing it in a password manager ensures that at least one backup copy of the seed phrase to the multi-signature quorum at your destination already exists. When you arrive at the destination, you can Key replacement procedure For any seed phrase cached on an Internet-connected device.
- Send yourself a hardware wallet or seed phrase: If you're traveling with a lot of Bitcoin and don't want to expose yourself to theft from physical attacks in 2 of 3 multisig while traveling, for example, you can send one hardware wallet or seed phrase to your destination, carry one key with you, and you'll still be able to spend the money when you arrive. .
- Partners' signatures: A custodial partner, whether a financial institution like Unchained or a trusted third party, can coordinate with you to sign transactions while traveling if you want to travel with a minority of keys in multisig.
You can use a tool like bird, Electrumor Our caravan To create multisig portfolios on your own, and if you need help setting up multisig or understanding travel best practices in a co-op custody context, We have a team It can help you with that.
7. Have an inheritance plan
It's a good idea for anyone with a significant fortune in Bitcoin to have an inheritance plan, but this is especially the case when traveling. If something happens to you while traveling, you want peace of mind knowing that your Bitcoin will be properly transferred to your next of kin without a hitch.
This can be quite difficult if you're traveling with self-custodial Bitcoin in a single wallet, but multi-sig – and even better for inheritance purposes, including a cooperative custodian partner in a multi-sig setup – can give you the best of all: easy access to Your own self-preserved Bitcoin and peace of mind knowing it will be taken care of in your absence.
We previously wrote an article explaining the intricacies How to set up an inheritance plan for your Bitcoin If this is something you want to consider before traveling.
More security considerations for Bitcoin
Travel procedures are important, but there is a lot more to Bitcoin key security. Be sure to check out our guides for Best practices for storing seed phrasesand the trade-offs involved Paper backups vs metal seeds, And if you are using multisig, the appropriate security for your device Wallet configuration information And the principles of Store seed statements in safe deposit boxes.
Originally published on Unrestricted.com.
Unbound It is the official US collaborative incubation partner of Bitcoin Magazine and the primary sponsor of related content published through Bitcoin Magazine. For more information about the services offered, custody products, and the relationship between Unchained and Bitcoin Magazine, please visit our website.