Locks vs Seals: Why the New Cryptosteel Capsule Doesn’t have a Locking Mechanism

When it comes to cold storage, a padlock may seem like a good idea, adding an extra bit of security.

  1. Security theater
  2. Shamir Backup aka SLIP39 (SatoshiLabs implementation of SSS)
  3. What should you expect from Cryptosteel devices?
  4. How it works

Security theater

However, this is only “security theater.” It may make you feel safer but in reality, it does little to nothing in that regard. As my grandmother used to say, a lock does nothing but keep an honest man honest.

our new device, the Cryptosteel Capsule

Every lock can be broken, given the right tools. With a quick internet search, even a determined amateur can find all they need to know to unlock the mechanism without a visible trace and the wallet owner is none the wiser. A lock does not tell a user whether their wallet has been tampered with and will leave them unaware that their data has been compromised.

Tamper-indicating seals are often used to help detect theft or alteration, but unlike locks, are not meant to hinder unauthorized access or entry. Instead, they are meant to record that it took place, according to security expert Roger G Johnston.

To put it another way, think of the warning on your favorite jar of peanut butter — “Do Not Consume If Seal Is Broken.” The seal didn’t stop the bad guy from opening it, but it did give you the knowledge someone else was there. You use that knowledge to take the next step, which in this case would be to not eat something that has been messed with.

Cryptosteel’s first product, the Cassette, had a hole that some people used for a padlock. Due to our belief that this is simply unnecessary, we decided not to include any misleading provisions on our new device, the Cryptosteel Capsule.

Instead of a place for a lock, we focused on providing the possibility of a DIY seal. How do you put a tamper-indicating seal on a Cryptosteel Capsule? If you have the tools and know-how, you can weld it closed. This has the added bonus of making the barrier seal fireproof.

If you can’t — or don’t want to — do that, here is a simple DIY solution: after securely closing the Capsule, paste a sticker where the cap and shell meet. Paint the border of the sticker with nail polish (glitter polish makes for a distinctive result). Once the polish has dried, take pictures of that spot and keep them safe. Should anyone open the device, it will be obvious.

The most important aspect in seal security is the inspection process. Seals must be examined to detect tampering. Defeating a seal means gaining access without notice so regular monitoring needs to be part of your protocol. Keep in mind that there’s no such thing as a tamper-proof seal and seals based on advanced technology don’t always provide better security. The good news is that seals can be very effective with correct use but as you can see, it takes some effort to do so.

Cryptosteel Capsule

Shamir Backup aka SLIP39 (SatoshiLabs implementation of SSS)

Even if you have sealed your Capsule, the possibility remains that someone can access the information contained inside. What then? You can protect your information using Shamir Backup with multiple Capsules.

Shamir Backup is a cryptographic secret-sharing scheme based on Adi Shamir’s algorithm. It’s an ingenious way to help protect data by allowing you to split your recovery seed backup into multiple independent parts called shares. A minimum number, called the threshold, is required to gain access to the master secret. Anything below that is, simply, useless.

What should you expect from Cryptosteel devices?

Our original belief is the same — the greatest risk to safety and prosperity today lies with the centralization of information, resources, and power. By letting people physically safeguard their own digital keys, we champion the decentralization of digital assets, virtual identities, and personal data. With SSS you can decentralize the Capsule itself and finally free yourself of the single point of failure (SPOF) anxiety!

To quote Winston Churchill, “with great power comes great responsibility.” Cryptosteel is putting that power in your hands. Use it wisely and protect what’s yours.

What should you expect from Cryptosteel devices?

How it works

Cryptosteel devices are pocket-sized stainless steel units designed to securely store the important data of your choice with no need for specialised tools or third-party involvement. Each product comes with its own kit of stainless steel tiles engraved on each side. Also check out: How it works.