diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-scenarios-mobile.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-scenarios-mobile.png new file mode 100644 index 000000000..02599a213 Binary files /dev/null and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-scenarios-mobile.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-scenarios-mobile@2x.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-scenarios-mobile@2x.png new file mode 100644 index 000000000..b07a0aa41 Binary files /dev/null and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-scenarios-mobile@2x.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-scenarios.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-scenarios.png new file mode 100644 index 000000000..9f5b224c5 Binary files /dev/null and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-scenarios.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-scenarios@2x.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-scenarios@2x.png new file mode 100644 index 000000000..1cc275f50 Binary files /dev/null and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-scenarios@2x.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-mobile.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-mobile.png index 10493b79b..164984f35 100644 Binary files a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-mobile.png and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-mobile.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-mobile@2x.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-mobile@2x.png index 8b9b3f54b..7631af196 100644 Binary files a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-mobile@2x.png and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-mobile@2x.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-pwm-mobile.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-pwm-mobile.png new file mode 100644 index 000000000..59aec341e Binary files /dev/null and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-pwm-mobile.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-pwm-mobile@2x.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-pwm-mobile@2x.png new file mode 100644 index 000000000..74ab0bbc9 Binary files /dev/null and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-pwm-mobile@2x.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-pwm.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-pwm.png new file mode 100644 index 000000000..317e5b9bc Binary files /dev/null and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-pwm.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-pwm@2x.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-pwm@2x.png new file mode 100644 index 000000000..dc46e939a Binary files /dev/null and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-pwm@2x.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-safe-mobile.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-safe-mobile.png new file mode 100644 index 000000000..666a44f8b Binary files /dev/null and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-safe-mobile.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-safe-mobile@2x.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-safe-mobile@2x.png new file mode 100644 index 000000000..7d2deaffa Binary files /dev/null and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-safe-mobile@2x.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-safe.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-safe.png new file mode 100644 index 000000000..94181b825 Binary files /dev/null and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-safe.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-safe@2x.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-safe@2x.png new file mode 100644 index 000000000..64986271c Binary files /dev/null and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-safe@2x.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-secondary-mobile.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-secondary-mobile.png new file mode 100644 index 000000000..38d50c5c1 Binary files /dev/null and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-secondary-mobile.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-secondary-mobile@2x.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-secondary-mobile@2x.png new file mode 100644 index 000000000..533ef4319 Binary files /dev/null and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-secondary-mobile@2x.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-secondary.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-secondary.png new file mode 100644 index 000000000..7daaf28b8 Binary files /dev/null and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-secondary.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-secondary@2x.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-secondary@2x.png new file mode 100644 index 000000000..cf0209819 Binary files /dev/null and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-secondary@2x.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution.png index 5527169cf..53bd2fcfa 100644 Binary files a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution.png and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution.png differ diff --git a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution@2x.png b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution@2x.png index a11e4bf45..dc4fb088d 100644 Binary files a/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution@2x.png and b/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution@2x.png differ diff --git a/guide/inheritance-wallet/backup.md b/guide/inheritance-wallet/backup.md index 1393f4c18..15a733c9e 100644 --- a/guide/inheritance-wallet/backup.md +++ b/guide/inheritance-wallet/backup.md @@ -49,58 +49,64 @@ https://www.figma.com/file/h5GP5v5dYfpXXfEUXf6nvC/Inheritance-wallet?type=design --- -As we have covered in the time-based recovery [reference design]({{ '/guide/savings-wallet/time-based-recovery/' | relative_url }}) there are two parts to backing up a multi-key wallet: the private keys as well as the wallet configuration. + +With the family savings wallet in place, establishing a robust backup strategy is crucial. However, there's no universal solution for wallet backups. Each family must tailor their approach based on their unique circumstances, considering factors such as: + +- Relationships between family members +- Amount of funds stored +- Access to secure storage locations +- Technical comfort level of family members +- Desired balance between security and accessibility + +The backup scheme outlined below is one potential approach. It aims to balance security, privacy, and ease of use, but may not suit every family's needs. As you read through this guide, consider how you might adapt these strategies to best fit your family's situation. + +## What needs to be backed up +There are two parts to backing up a multi-key wallet: the private keys as well as the wallet configuration. + +- **Private Keys**: Secure backups of all private keys used in the wallet. +- **Wallet Descriptor**: A small piece of text containing the wallet configuration. {% include picture.html image = "/assets/images/guide/inheritance-wallet/wallet-backup/multikey-backup-components.png" retina = "/assets/images/guide/inheritance-wallet/wallet-backup/multikey-backup-components@2x.png" alt-text = "An illustration showing the two parts of a multi-key wallet backup." - width = 1600 - height = 800 + width = 560 + height = 480 %} -Users need not only to back up the individual private keys that are used to sign transactions. But they also have to back up the wallet configuration as such. This is needed for recovery, because the wallet application needs to know how to generate addresses and the rules that define how bitcoin can be spent from these addresses. +#### Private keys +Firstly, users need to back up the private keys. In our example, the Joneses need to safely backup and store six private keys. We describe some best practices on how to back up and store private keys on the [bitcoin backups page]({{ '/guide/how-it-works/backups/' | relative_url }}). -This means that, in our use case, the Joneses need to safely backup and store six private keys as well as the wallet configuration. +#### Wallet configuration +In addition to the private keys, it is also necessary to back up the wallet configuration as such. This is needed to recover a multi-key wallet, because the wallet application needs to know how to generate bitcoin addresses as well as the rules that define how bitcoin can be spent from these addresses. The wallet configuration, also called the [wallet descriptor]({{ '/guide/glossary/#output-script-descriptor' | relative_url }}), is a small piece of text that contains all the information that a wallet application needs to recover a multi-key wallet. -### Private key backups -Of course, all six private keys need to be backed up properly. We describe some best practices on how to back up private keys on the [bitcoin backups page]({{ '/guide/how-it-works/backups/' | relative_url }}), so we won’t be covering this topic here. +#### Don’t store them together +The wallet descriptor does not contain any private key material. For this reason, it does not require the same level of security as the backup of a private key. If a third party gains access to the descriptor, they can import the wallet to their own application and monitor all past and future activity. However, they cannot spend any funds, as long as they don’t have access to the necessary number of private keys to sign transactions. This is why it is critical that private keys are stored separately from the wallet descriptor. -Our app emphasizes that users should keep one of the primary keys at all times, even if they move their funds to a new wallet. The reason is simple: there is still the possibility that some bitcoins will be sent to that old wallet. Keeping one of the keys around will make sure that users will be able to spend such funds, because the recovery path will be available to them. +## Recovery Kit +Our application goes a bit further than only providing the users with a wallet descriptor. It generates a recovery kit that contains all necessary information in a variety of formats, so that users can easily restore a wallet in case of need. The recovery kit is a ZIP folder that includes: -### Wallet configuration backup -After the wallet has been created, the application prompts Bob to download the wallet backup kit. +- **Wallet backup files** compatible with third-party applications like Sparrow or Nunchuk. +- **A Recovery PDF** with: + - Wallet information and descriptor (as a QR code and in text form) + - Details about the two key sets and individual signing keys + - Visual representation of the wallet's unlocking rules -#### Bob saves the backup kit -Bob saves the the backup kit into his password manager that he has enabled on his phone. - -{% include image-gallery.html pages = page.images_wallet-backup %} - -Alice and Bob then encrypt the ZIP file with a strong password and both of them stores a copy of it in their personal password manager account, case they need to recover the wallet themselves. - -#### What is in the backup kit? -The backup kit is just a ZIP file that contains the following contents: - -
+If Alice or Bob need to recover the wallet, they can use the Recovery PDF to quickly understand the wallet structure and import it into his preferred wallet software. {% include picture.html - image = "/assets/images/guide/inheritance-wallet/wallet-backup/backup-kit-contents.png" - retina = "/assets/images/guide/inheritance-wallet/wallet-backup/backup-kit-contents@2x.png" - alt-text = "An illustration showing what is included in the backup kit." + image = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-pdf.png" + retina = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-pdf@2x.png" + modalImage = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-pdf@2x.png" + alt-text = "An example of the recovery PDF file." width = 1600 height = 800 - layout = "float-right-desktop" -%} - -**A PDF file** that contains the wallet descriptor and information about all six XPUBs. Is also contains a visual representation of the rules that are used to unlock the recovery path and the inheritance key set. - -**Wallet backup files in various formats**, which can be used to import the wallet to other wallet applications like Sparrow, Nunchuk or others. - -
- -## Backup distribution + modalWidth = 4050 + modalHeight = 2168 +%} -Alice and Bob are not willing to trust their life savings to one application. That's why they carefully chose the way in which they store the above wallet backup material. The illustration below shows the chosen setup in more detail. +## Backup Strategy +Alice and Bob want to ensure that they can restore the wallet, if they ever need to. They also want to make sure that their children can access the funds if needed, while maintaining security and privacy. They decide to distribute the wallet backup material such that there are two main acces routes to retrieve it. The diagram below provides a high-level overview. {% include picture.html image = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution.png" @@ -118,54 +124,124 @@ Alice and Bob are not willing to trust their life savings to one application. Th modalHeightMobile = 2936 %} -Please note that this is one of many possible ways to approach wallet backups and should not be understood as the only correct way to do it. +### Primary Access (Self-Recovery) +The primary access setup makes sure that they don’t need anybody else to retrieve the backup material and recover the wallet. To achieve this, Alice and Bob distribute the material between their home safe and the password manager. -It is important that users determine the best way to handle backups based on their own specific circumstances. Factors that will influence such decisions include the relationship between family members, the amount of funds stored, their access to safe locations, etc. Based on these and other factors it can be more appropriate to chose a simpler or more advanced backup scheme. +#### Home Safe -We would also like to reiterate the point made in the "Use case & scope" page: the complexity of the backup scheme increases with the complexity of the wallet configuration. Therefore, user education is critical during wallet creation as well as during the backup phase. +Bob places the following items in a tamper-evident bag and stores it in their home safe: -## Assembling the backup material +- A USB drive that contains the recovery kit (unencrypted). +- The printed Recovery PDF. +- The encryption password for the recovery kit. -The illustration above reveals that Christina and David can access in two different ways. +{% include picture.html + image = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-safe.png" + retina = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-safe@2x.png" + mobile = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-safe-mobile.png" + mobileRetina = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-safe-mobile@2x.png" + alt-text = "A diagram showing the sequence of recovery scenarios." + width = 682 + height = 316 +%} -#### Self-sovereign route -Bob and Alice want to provide the children a way to access the funds on their own, using only the backup parts that are stored in the house safe. They store the password in a tamper-evident bag, along with a USB drive. Since electronics can fail, they also place a printout of their will and the recovery PDF in it. -The PIN to the house safe is stored in the shared family vault in the password manager, where the family also keeps other digital items. +This way, the family can access the material if needed, but any tampering would be immediately noticeable. -This is an acceptable trade-off for them, since they have good relationships and trust their children. After all, this is the reason they have chosen to include them in the setup in the first place. -But even if Christina and David would breach that trust and recover the wallet, they would not be able to move the funds, because their inheritance keys are timelocked. They would only be able to see the balance and monitor transactions, but they would not be able to spend any bitcoins. +#### Password Manager -Because Alice and Bob access their safe regularly, they would notice that the bag with the backup material has been opened. They can then safely move the funds to a new wallet, for which they would implement more restrictive security measures. +Alice and Bob each store an encrypted version of the recovery kit in their respective password manager vaults. Encrypting the recovery kit protects it from a potential security breach at the password manager. -#### Assisted route +{% include picture.html + image = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-pwm.png" + retina = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-pwm@2x.png" + mobile = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-pwm-mobile.png" + mobileRetina = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-pwm-mobile@2x.png" + alt-text = "A diagram showing the sequence of recovery scenarios." + width = 1600 + height = 800 +%} + +#### Privacy considerations +This approach makes a potential trade-off in terms of privacy, because the children could access the backup material and recover the wallet. This is acceptable for Alice and Bob, since they have good relationships and trust their children. After all, this is the reason they have chosen to include them in the setup in the first place. + +But even if Christina and David would breach their parents’ trust and import the wallet, they would not be able to move any funds, because their inheritance keys are time locked. And since Alice and Bob access their safe regularly, they would notice that the bag with the backup material has been opened. They can then safely move the funds to a new wallet, for which they would implement more restrictive security measures. + +### Secondary Access (Assisted Recovery) + +##### Separation of Backup Material +Alice and Bob provide their lawyer, Edward, with an encrypted copy of the recovery kit. They store the password separately in a bank deposit box. This way, Christina and David can access the funds through legal channels if necessary, without compromising privacy. + +- **Edward's Office**: Encrypted copy of the recovery kit (without password) in a tamper-evident bag +- **Bank Deposit Box**: Recovery kit password in a tamper-evident bag + +{% include picture.html + image = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-secondary.png" + retina = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-secondary@2x.png" + mobile = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-secondary-mobile.png" + mobileRetina = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-tool-distribution-secondary-mobile@2x.png" + alt-text = "A diagram showing the sequence of recovery scenarios." + width = 751 + height = 397 +%} + + +##### Shared Password Manager +To make sure that Christina and David will be able to retrieve both the recovery kit and the password to decrypt it, Alice and Bob store the following pieces of information in a shared family vault: -But what if the first route fails? In that case, Christina and David should have a way to gain access to the backup material by going through the standard legal procedures. This is why Bob and Alice give their lawyer Edward a copy of the encrypted backup kit. The password is stored in a deposit box at their bank, in a tamper-evident bag. +- House safe PIN +- Lawyer's contact details +- Bank deposit box details -This setup will prevent Edward from recovering the wallet, because he does not know how or where to access the backup kit password. It also prevents bank employees from doing so, because the backup kit is not stored in the deposit box along with the password. +### Inheritance Planning +Alice and Bob keep a copy of their Last Will in the home safe and give another to Edward, ensuring smooth inheritance processes. +- Store a physical copy of the Last Will in the house safe. +- Provide another copy to the lawyer. -But it will enable Christina and David to access both parts of the wallet backup through legal channels upon their parents' death. +## Security and Privacy Considerations -#### Why backup redundancy? -The reason that there are two different ways in which Christina and David can gain access to the full backup material is redundancy. Redundancy is important because it is possible that one of the two routes fail. +1. **Tamper-Evidence**: The tamper-evident bag in the home safe allows Alice and Bob to quickly check if anyone has attempted to access the backup materials. +1. **Separation of Components**: By keeping the encrypted backup kit with Edward and the password in the bank deposit box, the Jones family ensures that no single party can access the funds without proper authorization. +1. **Limited Information Sharing**: Edward can't monitor the wallet transactions because he doesn't have the password. +1. **Redundancy**: If the home safe becomes inaccessible, Christina and David can still recover the wallet through Edward and the bank deposit box. +1. **Simplicity**: The streamlined process makes it easier for the Jones family to maintain and use the backup system when needed. -### Example resources +## Recovery Scenarios -Below is an example of the backup PDF file. The first page contains the information about the wallet itself. This includes the name of the wallet as well as the [wallet descriptor]({{ '/guide/glossary/#output-script-descriptor' | relative_url }}) in the form of a QR code as well as in clear text. It also shows a visual representation of the configuration of the key sets: +The setup outlined above allows The Jones family three different recovery scenarios. {% include picture.html - image = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-pdf.png" - retina = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-pdf@2x.png" - modalImage = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-pdf@2x.png" - alt-text = "An example of the recovery PDF file." - width = 1600 - height = 800 - modalWidth = 4050 - modalHeight = 2168 + image = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-scenarios.png" + retina = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-scenarios@2x.png" + mobile = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-scenarios-mobile.png" + mobileRetina = "/assets/images/guide/inheritance-wallet/wallet-backup/recovery-scenarios-mobile@2x.png" + alt-text = "A diagram showing the sequence of recovery scenarios." + width = 1304 + height = 480 %} -The subsequent pages describe the key sets and the individual signing keys, including the friendly names that Bob has given them. This will make it more convenient in case the wallet needs to be recovered. +#### Self Recovery (Alice and Bob) +If Alice or Bob need to recover the wallet themselves, for whatever reason, they can easily do so by using the backup materials from the home safe or their password manager. + +#### Self-Sovereign Inheritance (Primary) +If anything happens to Alice and Bob, Christina and David can access the funds using: +- The backup materials from the home safe +- The PIN to the safe, stored in the shared family vault of the password manager + +This route allows quick access while maintaining privacy within the family. + +#### Assisted Inheritance (Secondary) +If the primary route fails, Christina and David can recover the wallet by: + +- Obtaining the encrypted backup kit from Edward (the lawyer) +- Retrieving the password from the bank deposit box + +This route provides a legally verified method of inheritance while maintaining privacy and security. + +## Conclusion + +This backup strategy offers the Jones family a balanced approach to securing their multi-key wallet. It provides multiple access routes, maintains privacy, and simplifies the overall process while ensuring critical information remains protected and accessible when needed. It ensures both: immediate access for Alice and Bob and a clear path for inheritance. --- @@ -175,3 +251,4 @@ The subsequent pages describe the key sets and the individual signing keys, incl nextUrl = "/guide/upgradeable-wallet" nextName = "Upgradeable wallet" %} +