Breaking A Bitcoin Brainwallet

Bitcoin might have solved the physicality bug, but it can’t solve the human bug.

Humans are the weak point, the choke point, the X factor.

Since spending Bitcoin requires a connection to a computers with the Internet, Bitcoin users are constantly subject to attacks on their material wealth.i These attacks can be self-induced through loss of a computer or password, or externally induced through theft, malware, or social engineering attacks.

One manner in which Bitcoin users can protect themselves from this is, broadly speaking, offline storage. If, for example, your wallet lives on an airgapped computer and isn’t exposed to the Internet, a large number of attack vectors are eliminated, though physical theft, fire, flood, natural disaster, and hard drive failures are still very much on the table. This latter angle can be eliminated with USB backups, but all things digital being also corruptible, we can use high-entropy paper wallets instead. Not that paper wallets don’t have their drawbacks, ink and paper can still fade and QR codes can become unreadable. Neither method is perfect even if they’re far and away more sane than, say, some fucking webwallet with multisig.

Another solution to the problem of Bitcoin storage is the brainwallet.

As MP notes in his article on stenographic brainwallets, this is a wicked idea:ii

The idea is overpoweringly simple : since Bitcoin is deterministic in the correct directions, any arbitrary string properly hashed produces a perfectly valid Bitcoin address. He who is in the possession of the original string can subsequently spend any Bitcoin associated with that address. All you have to do is remember the string.

With a brainwallet, the bug of physicality that plagued gold for the last 6,000 years would seem to be well and truly fixed. But… not so fast.

Even if you diceware some elaborate stringiii and never have a stroke or concussion, to paraphrase Mohammed Khan’siv famous quote: There are ways of making men talk.

Notably, however, in an era of SEWs, social media, and everyone-is-a-victim-of-socialism,v not all of these ways require the potential bad publicity that comes with cutting off fingers or lashings with a whip. Not all of these ways leave (visible) marks.

Large nation states are broadly speaking impotent, broke, and nowhere near as powerful as you might fear,vi but they aren’t entirely powerless either, and there’s considerable difference between them.vii So if, instead of swallowing your jools, you intend on protecting your Bitcoins in your noggin, what should you be preparing yourself for? What sort of evil lurks in the hearts of men?

One of the better accounts of the methods of psychological torture comes from the all-too-modern Aleksandr Solzhenitsyn, and includes, but is not limited to:viii

1. Night
2. Sincere Persuasion
3. Foul language
4. Psychological contrast
5. Humiliation
6. Confusion
7. Intimidation
8. Lying
9. Leveraging family ties
10. Sound effects
11. Tickling
12. Cigarette burns
13. Light effects
14. Continual shuffling
15. Being “boxed”
16. Sitting on a stool
17. Sitting in an open pit
18. Standing on knees
19. Standing still
20. Water deprivation
21. Sleep deprivation
22. Continuous interrogation
23. Bed bugs
24. Punishment cells
25. Water torture
26. Starvation
27. Markless beatings
28. Squeezing fingernails
29. Straitjacket
30. Breaking the back
31. The swan dive

These are all possible, and not just under a socialist regime like Stalin’s Russia. These are possible today. Maybe not where you live right now, but man is man, and the possibility remains. This list isn’t intended to dissuade you from using a brainwallet, only to demonstrate to the largely sheltered western reader what its limitations are. You can be made to cough up that private key whether you want to or not.

The brainwallet is a remarkable invention, perhaps one of the greatest and most powerful in the past thousand years, but it still can’t solve that pesky human bug.

Nothing can.

___ ___ ___

  1. And there’s no recourse, no one to cry to when your coins are stolen. There’s no 1-800-Bitcoin to dial up when Home Depot coughs up your account info. []
  2. “Wicked” in the Old English sense of the term, that is, sorcerous, sacred, and conjured by powerful beings. []
  3. All but eliminating the chances of a hash collision. []
  4. The Lives of a Bengal Lancer, 1935. No, it’s not a James Bond quote! []
  5. Because, y’know, they actually are. []
  6. Military Superpowers” being a pre-Computer Times construction that survives only in the backwaters of Best Korea, where no Internet and no productive institutions remain. []
  7. Canada is soft, Russia, less so. The US of Egypt is somewheres in between. []
  8. In case you’re interested in more intimate details… []

6 thoughts on “Breaking A Bitcoin Brainwallet

  1. […] gulags and the iatrogenics and the regulatory capture and the shit food and the useless money and the […]

  2. […] helicopter atomic dirigible to make your getaway. With Bitcoin, whether you’re carrying a brainwallet, a paper wallet, or a USB key, you’re as agile and mobile as an acrobat in the Cirque du […]

  3. […] cost of effectively securing it. Bitcoin, of course, resolves this mathematically, digitally, and weightlessly and therefore allows individuals to control their wealth, and thus their destinies, for the first […]

  4. […] cost of effectively securing it. Bitcoin, of course, resolves this mathematically, digitally, and weightlessly and therefore allows individuals to control their wealth, and thus their destinies, for the first […]

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>