Who can explain me this? #asknostr
Jameson Lopp (npub17u5…t4tp) evaluates passphrase backups as "mediocre" and considers SeedXOR the superior alternative. He argues that passphrases are flawed due to their 2-2 setup, posing a risk of losing funds if one part is lost. Nevertheless, the same vulnerability exists for SeedXOR (2-2, 3-3, …). I don’t see any downside as long as the passphrase has a 256 bit entropy. Multiple backups are essential for both solutions.
Lopp on Passphrase backup:
„This gives you a security model that's the same as a 2 of 2 multisig setup. Do you know why 2 of 2 multisig isn't popular? Because it has 2 single points of failure - if you lose either part, you're screwed. I've seen quite a few people over the years get locked out of their funds because they forgot or lost the passphrase that accompanied their seed phrase.“
Lopp on SeedXOR backup:
„Seed XOR is, in my opinion, a superior way to achieve the properties that folks try to get with a "25th word passphrase" or via naive seed splitting, while decreasing the complexity and improving plausible deniability. Note that this is essentially an N of N (2-of-2 / 3-of-3 / etc) split backup, so you're going to want multiple sets of XOR'd backups to ensure that losing a single plate doesn't cause catastrophic loss.“
Source: https://blog.lopp.net/how-to-back-up-a-seed-phrase/
StackSats / StackSats ⚡️
npub1hy…qv4y3
2023-12-24 10:27:44
Author Public Key
npub1hycynfhz23ardfmf9kgwfw4gpyqj2fsh24r2zuehg4x7lx4kn5cqsqv4y3Published at
2023-12-24 10:27:44Event JSON
{
"id": "10d4bb4c0344684b74c14022921e30826bc44483fccf1a10de3a85e56cfb9d93",
"pubkey": "b93049a6e2547a36a7692d90e4baa809012526175546a17337454def9ab69d30",
"created_at": 1703413664,
"kind": 1,
"tags": [
[
"t",
"asknostr"
],
[
"p",
"f728d9e6e7048358e70930f5ca64b097770d989ccd86854fe618eda9c8a38106"
],
[
"r",
"https://blog.lopp.net/how-to-back-up-a-seed-phrase/"
]
],
"content": "Who can explain me this? #asknostr\n\nnostr:npub17u5dneh8qjp43ecfxr6u5e9sjamsmxyuekrg2nlxrrk6nj9rsyrqywt4tp evaluates passphrase backups as \"mediocre\" and considers SeedXOR the superior alternative. He argues that passphrases are flawed due to their 2-2 setup, posing a risk of losing funds if one part is lost. Nevertheless, the same vulnerability exists for SeedXOR (2-2, 3-3, …). I don’t see any downside as long as the passphrase has a 256 bit entropy. Multiple backups are essential for both solutions. \n\nLopp on Passphrase backup:\n„This gives you a security model that's the same as a 2 of 2 multisig setup. Do you know why 2 of 2 multisig isn't popular? Because it has 2 single points of failure - if you lose either part, you're screwed. I've seen quite a few people over the years get locked out of their funds because they forgot or lost the passphrase that accompanied their seed phrase.“\n\nLopp on SeedXOR backup:\n„Seed XOR is, in my opinion, a superior way to achieve the properties that folks try to get with a \"25th word passphrase\" or via naive seed splitting, while decreasing the complexity and improving plausible deniability. Note that this is essentially an N of N (2-of-2 / 3-of-3 / etc) split backup, so you're going to want multiple sets of XOR'd backups to ensure that losing a single plate doesn't cause catastrophic loss.“\n\nSource: https://blog.lopp.net/how-to-back-up-a-seed-phrase/",
"sig": "91b9e90666c5b024098bc5635301f9f4af561a3f373469f14c939f2d81d8367fa36204522f6ca8043add6d4d27470e7c12958ec959eafa0eb428aeb189d1a231"
}