Oddbean new post about | logout
morningglow | 8 months ago (raw) | export | reply | flag +4 
 Just listening to #RHR and the dice roll feature from coldcard.

I rolled a d6 100x for my coldcardMk4 seed. Is this feature safe or not? @NVK
Relic | 8 months ago (raw) | root | parent | reply | flag 
 I am pretty sure if you  rolled 100 times you have more than enough entropy.  I think they are talking about minimal rolls, sub 50.  I wouldn’t lose sleep over it but do some more research until you feel 100% comfortable..
BitcoinLizard | 8 months ago (raw) | root | parent | reply | flag 
 Pretty sure 99 is the magic number. I've seen that with 99 rolls you get 256 bits of entropy.
Deleted account | 8 months ago (raw) | root | parent | reply | flag +1 
 I thought you had to roll like 200 times or 256 times I never heard of rolling only 100 times.
Deleted account | 8 months ago (raw) | root | parent | reply | flag 
 https://youtu.be/LxTkLwpV1Po?si=LYq_0FGTpENfHh5R
Custom Designed | 8 months ago (raw) | root | parent | reply | flag 
 Why not just take pics of the dice with the webcam and use the hash of the pics?
morningglow | 8 months ago (raw) | root | parent | reply | flag 
 I think I followed @BTCsessions  tutorial and he did 100 rolls.  I going to do some more research. Thanks 👍
BitcoinLizard | 8 months ago (raw) | root | parent | reply | flag 
 @MartyBent and @ODELL didn't do a great job explaining the issue on #RHR. What you did is fine as I understand it. I think from what I saw on the bird app was that some people were using the automatic seed generation and then they  thought they were adding entropy with dice rolls after the fact but were ending up with seeds with 1 dice roll of entropy and their funds would be stolen as soon as they were sent to the wallet.

I trust dice rolls more than the #Coldcard  seed generation. The #SeedSigner has the same dice roll seed generation feature with the same algorithm so I enter my dice rolls into both at the same time to confirm that the Coldcard is using the correct seed (same one the SeedSigner generates). You might say I'm a bit paranoid!
morningglow | 8 months ago (raw) | root | parent | reply | flag +1 
 From what I remember when creating my seed words, the cold card generates a seed, and then you add 100 dice rolls to increase entropy. Does that sound right to you? Was awhile ago when I created it..
ODELL | 7 months ago (raw) | root | parent | reply | flag 
 YOU ARE GOOD.

COLDCARD HAS TWO DICE MODES. 

ONE USES COLDCARD ENTROPY AND THEN ADDS USER PROVIDED DICE RANDOMNESS ON TOP. 

THE OTHER IS USER PROVIDED DICE ROLL ENTROPY ONLY. IF A USER DOES NOT BRING ENOUGH RANDOMNESS TO SEED GENERATION IN THIS MODE - RECOMMENDED TO PROVIDE GREATER THAN 100 GOOD DICE ROLLS  - THEY GENERATE AN INSECURE SEED. 

SORRY IF THIS WAS UNCLEAR ON RHR. WILL BE MORE CLEAR NEXT WEEK.
BitcoinLizard | 7 months ago (raw) | root | parent | reply | flag 
 Well you did tell people not to use the dice roll feature which would keep them safe and that's the most important thing.

Basically if you don't understand what's happening with the advanced features don't use them, sound advice.