Andreas Antonopoulos talks about crypto key protection against a problem that isn’t taken into consideration by many but can have serious consequences – the $5 wrench problem.
When asked about this problem and its possible solutions, this was the answer.
“’$5 wrench problem’ is from Randall Munroe’s XKCD comic: [“538: Security”].
He said that instead of using a multi-million dollar supercomputer to break the encryption, a villain could take a five dollar wrench and hit the person until they reveal what the password is. The basic idea is that security can be broken very cheaply through coercion in many cases, and you will have to take that into consideration.
This is a problem in cryptography and digital currencies. If you are in full control of your money and walk around with access to enormous amounts of funds in the form of a digital bearer instrument with irreversible transactions – that makes you a very appealing target.
Multi-signatures and Cold Storages
One of the ways to protect yourself against coercion is to remove control over the keys from yourself, so you alone don’t have access to your cryptocurrency. Multi-signature is one way, in a 2-of-3 scenario. Another way is to use cold storage where you don’t have immediate access to your stored cryptocurrency. It’s similar to a situation where you must travel to another country, go into a protected vault or something like that. Obviously, this depends on the amount of cryptocurrency that you own and what risks you are willing to take, but there are all kinds of key management scenarios. I think multi-signature is a good solution, but you must be careful not to over-complicate things.
Multi-signature works very well with hardware wallets. You could use hardware wallets to generate seeds, write the backups on paper, and store those somewhere safe. Use the hardware wallets with a client like Electrum to compose a multi-signature address. A 2-of-3 is a common standard. You should stay as close as possible to the standard: using BIP-39 for your mnemonic phrase, BIP-32 for your hierarchical deterministic wallet. That is exactly what Electrum will do with a multi-sig address.
In that scenario, I would recommend that you don’t add a passphrase to the mnemonic seed, because it is unnecessary to add that extra layer of security when you already have a 2-of-3 scheme. If you have a mnemonic seed that, by itself, gave you full access to the funds – I would add a passphrase. In a multi-sig scenario, I would probably not add a passphrase. I would also suggest that, if you can’t afford to buy three hardware wallets, you can generate the first mnemonic phrase on one hardware wallet, wipe the device, then generate the second mnemonic phrase.
You could create a 2-of-3 scheme where one or two of the keys are on hardware wallets, effectively live, where you can do transactions easily, and the third key was only stored on paper as a mnemonic seed, kept offline at all times, not instantiated on any device. You could even keep all three of the keys in cold storage as mnemonic seeds that only exist on paper.
In order to spend from this multi-sig, you must initialize a hardware wallet, create a transaction, sign it, then re-initialize the hardware wallet with the second seed and countersign that transaction.
To watch the full video of Andreas Antonopoulos explaining the solution to the $5 Wrench problem, click here.