Before starting, you must remember 2 Certitudes !
- In this world security is just an illusion!
- Never tell anyone what you own!
The basic principle of a Brain Wallet is that the Passphrase (recovery phrase) has never been written down anywhere, so you must know it by heart.
When we know that Passphrases can be from 4 to 24 words, it may seem difficult to memorize a random sequence of so many words. But that's where the security lies.
A survey conducted by BitMEX and published on October 13, 2020 showed that people can be lax in terms of security for their Brain Wallet. It is certainly easier to remember music lyrics, a specific sentence from a book, a quote, a saying, etc..
For this survey they created 8 Brain Wallets, each supplied with 0.005 BTC, using Passphrases from Books (Moby-Dick by Herman Melville, Pride and Prejudice by Jane Austen ..), Music (Blowin' in the Wind by Bob Dylan), an excerpt from the Bitcoin White Paper, etc ...
In less than a day the 0.04 BTC were stolen, and for one address of the 8 Brain Wallets, the funds were moved in 0.67 seconds! Less than a second! For the longest, it took 80 Blocks, but the 8 Wallets were emptied in less than a day!
To make a Brain Wallet relatively secure it needs some work, I will give you a simple example, but it is up to you to define the solution that will suit you best. We know that it is very complicated to find a random list of words (without generating it online).
Opening a dictionary and choosing words at random can be one solution, among others. But to make this word list easier to learn, you need to add a personal factor.
Here is my example:
I take a book (you have to be sure you remember the book you choose - I took one written in French, 'Replay' by Ken Grimwood, the pocket version from the publisher 'POINT'). Then make a list of dates that are important to you. Date of birth, date of marriage, date of graduation, date of creation of a company, dates that you are sure to never forget.
Here are the dates (chosen randomly):
- 24.06.1978
- 26.07.1965
- 18.09.1985
- 05.12.2013
- 17.03.1998
Then let's take the book, and start looking for the words (words in French):
- 24th page, 6th word → 'inverse'
- 87th page, 10th (9+1) word → 'sur'
- 26th page, 7th word → 'quitté'
- 56th page, 10th (9+1) word → 'mémoire'
- 18th page, 9th word → 'lentement'
- 58th page, 10th word (9+1) → 'pas'
- 50th page, 12th word → 'de'
- 12th page, 20th word → 'main'
- 17th page, 3rd word → 'longtemps'
- 89th page, 10th word (9+1) → 'prescience'
So there we have our list of 10 random words: "inverse, sur, quitté, mémoire, lentement, pas, de, main, longtemps, prescience", so in english it's → "reverse, on, left, memory, slowly, steps, of, hand, long, foreknowledge".
Well, obviously I didn't have any luck, I have way too many short words. But in case you have a good set of words, you can easily learn them by heart by creating a little story, and including all the words.
I went back to my list, and changed a few words, taking the next, or the previous one in the book, which gives me this new list: (inverse, bras, quitté, mémoire, lentement, pas, toile, main, longtemps, tragique in French) reverse, arm, left, memory, slowly, steps, web, hand, long, tragic:
"In my dream, everything is the Reverse of reality, my Arm is tattooed, I have Left reality my Memory wavers Slowly, with small Steps I approach a spider's Web, that I remove with my Hand, it had been a Long time since I had seen spiders, and suddenly, it is the Tragic awakening". This story is absurd, but the rest of the word is easier to remember. Another solution would be to do a Mind Palace, but that requires a lot of practice.
("Dans mon rêve, tout est à l'Inverse de la réalité, mon Bras est tatoué, j'ai Quitté la réalité ma Mémoire vacille Lentement, à petits Pas je m'approche d'une Toile d'araignée, que j'enlève avec ma Main, cela faisait Longtemps que je n'avais pas vu d'araignées, et soudain, c'est le réveil Tragique" → in French)
Now we have our 10 words, I recommend you go to BrainWallet (if you want a Bitcoin (BTC) or Litecoin (LTC) address), then write down your list of words: reverse arm left memory slowly steps web hand long tragic (be very careful not to make a mistake), select 'Generic', and rewrite the last word of your list in 'SALT'. This will generate a Bitcoin Address (public) and a Private Key.
The nice thing about Brain Wallet is that you don't need to remember the Private Key, just your Passphrase. And the great thing about BrainWallet is that it uses SALT technology, which means that any registration you make is not stored on any server.
All you have to do is remember your list of Words, remember the website where you generated the Bitcoin Address. Nothing more
The Bitcoin Address can be written anywhere you want (it's impossible to link a public address to a private one), it's public, you can write it down anywhere without any problem, it will also allow you to check your balance, as for the Private Key, don't copy it, don't print it, don't share it with anyone, it's this address that will allow you to import your Wallet, to make transactions.
If you want to find this Private Key again, you will only have to go back to the BrainWallet website, and repeat the same steps. Be very careful with the spelling, and punctuation, one mistake and the addresses are totally different.
That's it, you have your Brain Wallet. So is it complicated?
It's up to you to choose the method you want to use, it can be :
- The 24th day of a year (a reference year), 6th day of the same year, 19th day, 78th day, etc...
- The word spoken at the 24th minute and 6 seconds in a movie, the word at the 19th minute and 15 (7+8) seconds, etc...
- Or you can generate a random list of words on BrainWallet, and you find a way to learn them by heart (on the prince of creating a little story)
- You can also make a list of words, and change letters into specific characters, like for example, S into $, E into €, L into £, Y into ¥ etc...
- The list of possibilities is endless
As I mentioned at the very beginning of the article, never tell anyone what you have/own, because who knows what jealous people are capable of doing to steal your funds.
There is currently no 100% reliable way to secure your funds, so the more complicated you make it, the less likely your wallet will be hacked
See you soon
Christophe WILHELM
© Bitcoin Meister
Source pics: Google
Resources