The Billfodl is one of the best devices that you can use to keep your BIP 39 seed phrase/mnemonic in cold storage. It’s made of fire and water-resistant stainless steel, it can withstand physical shocks, and it also protects you from your own terrible mistakes (unlike a notebook or a piece of paper, you wouldn’t accidentally throw away a Billfodl).
But the Billfodl isn’t really private – anyone who spots one of these devices can open it and check out your 12-word or 24-word backup. All they have to do is take a picture or memorize the words, then get to the nearest computer and steal your funds.
Since you write the words on paper before doing your Billfodl backup, you can apply a few privacy tricks to make sure that nobody else figures out your seed phrase if they see it. These tricks can be labelled in two categories:
- The ones that replace letters from your backup;
- The ones that replace or scramble words from your backup;
So I thought it would be useful to create a video (and subsequently write an article) about how you can boost the privacy of your Billfodl backup. Since privacy is the main precondition for good security, the effects of these tips extend towards making your bitcoins more secure.
However, keep in mind that the complexity of your backup should follow your own ability to remember or write down sophisticated methods. Don’t do anything too complicated, as you may forget how to replicate the process and irreversibly lock yourself out. The damage is permanent, nobody else is responsible for your own mistakes, so you must be careful and embrace your sovereignty accordingly.
Billfodl Privacy Trick #1: Double the fun
This trick is one of the simplest that you can pull off and will most likely prove to be effective thanks to the two-sided numbered design of the Billfodl. Yet it only works for 12-word seed phrase backups.
Basically, the idea is to put your 12 words in the slots corresponding to words 13-24 and fill the other side with made-up words from the BIP 39 dictionary. This way, somebody who finds your backup will think that you’re using a 24-word setup and fail to retrieve any funds. And if they’re going to try to recover a 12-word backup, they will most likely start with the words numbered 1 to 12.
Though it’s not unlikely for them to try the words numbered from 13 to 24, you’re still giving the thieves a harder time. Also, it’s easy for you to remember to only count the words on the second Billfodl layer as the valid ones.
But if you want to increase the complexity of your backup, here are some more ways.
Billfodl Privacy Trick #2: Mirror the words
Though you can purposely place the letters in mirrored position, it’s not what this trick is all about. So you’ve placed your 12 or 24 words in the slots. How do you make sure that somebody who finds your Billfodl won’t be able to also steal your funds?
Well, the Billfodl is structured in 3 rows and 4 columns. So you can use its compact size and numbering system to your own advantage by purposely misplacing the words in a structured order that makes sense to you. Mirroring is one of the easiest principles and it works like this (applied to every line):
Word no. 4 gets moved to position 1;
Word no. 3 gets moved to position 2;
Word no. 2 gets moved to position 3;
Word no. 1 gets moved to position 4;
Essentially, whenever you want to recover your funds you will know that you should follow the words from the right side to the left side (which is counter-intuitive to most people, but easy to remember). If you have a 12-word backup, you can combine this method with the first trick for increased privacy and security.
If you want to take the sophistication to the next level, you can also do vertical permutations. But a smart hacker will know how to put your 12 or 24 words in a scrambler which generates all possible pairs, only to perform brute force attempts afterwards. The process is time intensive, but someone dedicated to stealing your bitcoins will definitely do it.
Now let’s add a little more sophistication with letter scrambling.
Billfodl Privacy Trick #3: Alphabet Soup
If you’re extra paranoid, you can replace the letters from your BIP 39 backup by following a simple logic that you follow yourself (but you should write down this logic somewhere, just in case you forget how it works in a few years).
The most simple setup is to move every letter one position in the alphabet. So if one of your words is “animal”, then it turns into “bojnbm” (A becomes B, B becomes C, and so on until Z becomes A). On the Billfodl metal plate it’s going to be only “bojn” – so you do need to remember what the word is, or else write it down somewhere else for extra security.
Feeling confident that you can do better? You can do more dramatic shifts which span across the entire alphabet. You can do a +5, a +7, or even a –10. As long as you have a good system that you know, understand, and therefore can remember (or write down) to later replicate, you’re good to go.
Now here’s a way to further encrypt your message, so that it becomes even less obvious: treat vowels and consonants differently. For example, all consonants get a +7 which skips vowels (B becomes J, C becomes K, D becomes L, F becomes N, and so on), while vowels get a +2 interchange (A becomes I while I becomes A, E becomes O while O becomes E, and U stays the same).
So if I write “animal”, it’s going to be iwavit. On the Billfodl metal plate you can only put the first 4 letters, so you (and your possible hacker) will only read “iwav”.
This last example is very complicated and requires some extra work to get right. This is why you should write down the algorithm you create and keep it in a safe place that you know is safe. Your own imagination and ability to compute creative solutions is the only limit – but ultimately, your sophistication should match your ability to remember and replicate a system a few decades later. For your own sake, it’s better to keep it simple in relation to your known limits.
Billfodl Privacy Trick #4: BIP 39 Dictionary Soup
Wait, so you thought that scrambling letters was crazy? Just wait until you figure out that you can do the same with the BIP 39 dictionary.
The English version of this dictionary has 2048 words – and whenever a new wallet gets created, 12 or 24 of them are combined. So if you want to mislead thieves and hackers, you can use the logic from the previous section to replace entire words.
For example, “animal” is number 73 in the dictionary. How about I create a +7 rule for the entire backup? So “animal” turns into “antique” (number 80), “farm” turns into “favorite”, “great” turns into “grow”, and so on.
If I want to make it even more difficult, I use different rules for even and uneven numbers. For instance, +3 for even numbers (position 2, 4, 6, and so on) and –1 for uneven numbers (positions 1, 3, 5, and so on).
So if my 12-word BIP 39 seed phrase is “animal farm great novel number one book like very much thank mom”, then this algorithm that I made up is going to make it into “angry fatal gravity number nuclear only online bonus link version movie then modify”.
If you don’t understand how this works, check out the BIP 39 dictionary. For a summary of this article, check out my video on the topic.
And if you’d like to learn more about Billfodl, listen to my podcast interview with Bryan Aulds.
Billfodl also make Faraday bags and sell hardware wallets while respecting your privacy rights, so if you’d like to place an order please use my referral link. It won’t make me rich, but it helps me pay the bills.
Donate to Bitcoin Takeover!
If you found this article and/or video useful, please consider making a donation. Here are the ways in which you can help me keep on writing:
Send bitcoins: 3P89r9PdGuFmjJmbX2xdVh78JQdEr7xqGV
Send a Lightning tip: https://tippin.me/@TheVladCostea
Dump your dirty criminal fiat on Patreon: https://www.patreon.com/bitcointakeover
If you send me an e-mail after making a donation, I can add your name to the Hall of Patrons.