Oddbean new post about | logout
 VeraCrypt is Monero’s best friend

VeraCrypt is an open source encrypted virtual drive tool.  Basically it makes these containers that you can put files inside, and specifically I’m recommending KeePass files with your Monero seed phrases.  So, KeePass database files inside VeraCrypt.  This could then go for cold storage on an external drive(s).  

There’s some debate over what encryption algorithm and hash is best, because AES is considered the gold standard by the industry, but it has roots with the US government, leading some internet speculators to criticize it.  I have not seen any credible evidence that the government can break AES algorithm or the SHA hash, and Bitcoin uses SHA-256.  Since the day Bitcoin is broken will be warning shot to switch my local drives, I tend to use this.  But again, some protest literally anything the government says.

Don’t store large amounts of cryptocurrency on mobile phones ever, they are vulnerable to sophisticated hacks.  But it’s fine for small amounts for spending on the go.  Instead, I highly recommend VeraCrypt on a Linux PC.  One advantage of VeraCrypt is that you can have hidden drives.  This means that one password unlocks the fake “outer” drive, and the other password you pick is the hidden internal drive.  One strategy is to send Monero from one wallet to another.  Put the low or zero balance Monero wallet in the outer drive, and high real balance in the inner hidden drive.  This way any adversary trying to steal or oppress you, would force you to unlock it, only to find out you’re showing them you’re poor.

An adversary will never know for sure if there’s a hidden drive or not, but everyone is aware of the potential for hidden drives on VeraCrypt.  So expect the adversary to threaten you.  If corrupt government thugs illegally threaten you in violation of their own constitutions, it’s a good idea to insist on speaking with a lawyer before you even unlock the outer drive.  Be aware that sophisticated criminals will likely use violence if they think you have a very large amount of cryptocurrency in that VeraCrypt drive.  If that’s your threat model, consider keeping more significant amounts in the outer fake drive, to make it believable, and so they can just take the money and bounce with a win.

Another strategy to make your fake outer drive more realistic is to schedule a reminder to login to it and send a small transaction.  By keeping a fresh date on a transaction on the fake outer Monero wallet, it’s more believable that it’s your real daily driver.  On the other hand if it has 0.001 XMR and was last modified 3 years ago, you’re in for some nasty threats.

Now if you keep small amounts of crypto or any data you need to hide.  This same strategy of a 2nd password can be replicated on Android with the Duress app.  It wipes the phone on the 2nd password that you tell the “adversary”, so obviously you want to have a backup of any crypto.