Not to say everything is all bad but there are many potential weakness out there, and some in the Bitcoin and crypto community like to know the edge cases of things. I will also highlight some of the aspects of the Keyois Capsule which is a 'physical bitcoin'
We will focus on mediums relating to cold storage and not ones designed for more everyday use, but this applies to the seed you save to keep your everyday spending wallets safe and backed up.
We will assume you generated your keys securely and that you already have them on some medium. We will also have to ignore endpoint physical security because they can all be carried away the same. Remember your cell phone /hardware wallet/ computer client are only as good as where you put the backup seed phrase, which can be thought of as data much like the SK discussed below.
----
**Written on a piece of paper**
* Anyone who can see it, can steal it
* Handwriting can be hard to read or completely illegible
* Human error in transcription can cause errors on end product
* Paper can rot, be torn, burn, or be smoke damaged
**Printed on a piece of paper**
* Anyone who can see it, can steal it
* Type of printer - non-laser printers can run if paper gets wet
* Have to trust printer - some have internet connections, wifi, and memory
* Paper can rot, be torn, burn, or be smoke damaged
**On laminated paper**
* Anyone who can see it, can steal it
* Lamination is prone or degradation over time and puncture or cuts that could allow moisture to get trapped in the paper and cause deterioration or rotting in some circumstances - store in cool dry place
* Can burn or be smoke damaged
* 'Fireproof' & 'Fire-resistant' boxes can help protect paper in a small house fire but be warned that they can sometimes fall apart in the fire and get wet if the fire is put out with water. Remember people can just carry out a small safe.
**Engraved / etched/ ablated/ stamped on a piece of metal**
* Anyone who can see it, can steal it
* Some metals can deteriorate or corrode, choose a good metal; also store your metal away from direct contact other metals. Some metals that are corrosion resistant have low melting points, are extremely expensive, orhard to machine. Previously we had been working with 316 Marine grade Stainless Steel for the Keyois capsule engraving material, it is the best type of steel my research led me to, however we made the switch to Titanium because it is even better.
* Metals can still deform or melt from heat, destroying any engraved SK.
"Most house fires do not burn hotter than 1,200 degrees Fahrenheit. This temperature is typically associated with the hottest portion of a home, which is in the roof area. Homes that burn for longer than 30 minutes or consist of multiple levels sometimes burn at higher temperatures."
You want to pick a metal that won't be destroyed by a fire. So Brass, bronze, tin, lead, silver, gold, and copper are all out as engraving materials.
Aluminium should survive but I haven't tested this. At around 1500° Steel and Nickel should be okay.
Titanium is what the Keyois Capsule has the SK engraved on and it has a melting point of over 1600° C / 3000°F. Tungsten is double that but can be brittle.
* The Cryptosteel, http://cryptosteel.com/, product, made of 304 Stainless Steel is in this category. It is an assemble-at-home secret key backup however it does not have tamper evident properties (but I bet it can easily). So anyone who can see it, can steal it.
* There are multiple companies that sell laser-engraved metal key pairs about the size of a calling-card; often there are color, material, and design options. This is a great option for BIP38 addresses, although anyone who can see it can see it, they still have to crack your BIP38 pass phrase. However it is my opinion that the Keyois capsule is much prettier than all of them.
**Stored digitally on a computer**
* Computers can crash, making data recoveryexpensive
* Data can still technically be recovered after a system is abandoned by the user. In some cases data can be recovered after multiple overwriting attempts and physical destruction (as long as the attacker can get all or most the pieces) so if you copy files to a new computer and ditch the old one, be careful.
* Can burn or be smoke damaged
* A traditional hard disc drive can have data corrupted by powerful magnetic fields and can physically shatter
* A non-negligible amount of HDDs suffer from factory defects that will cause them to fail unexpectedly during their lifetime
* Accidents can happen that could result in loss of data
* Solid state drives (SSDs) will lose data if unpowered, they may last years before this becomes a problem but it is unwise to store long-term data in unpowered SSDs
* If connected to internet it is another attack vector and the safety is only as good as the encryption used; I don't know what I would recommend but it wouldn't be BitLocker. Someone could be trying to break into the computer constantly. Even with good encryption if the machine or location is compromised the key could be stolen as soon as it is decrypted.
* There are a lot of ongoing threats with computers, from 0-day exploits to [firmware exploits](https://www.wired.com/2015/02/nsa-firmware-hacking/) and malicious USB cords
* External hdds are good for storage for a few years at least if stored properly
* If not connected to internet, safety is only as good as the physical protection encryption used; could someone break into the location and copy the data without anyone noticing?
**Stored digitally on CD, floppy disk, laserdisc, or mini-disc**
* Plastics break down over time and with exposure to heat, humidity, regular light, all sorts of chemicals, even the oxygen in the air. This can lead to the loss of your data when stored on a medium made of plastic or written/printed on plastic.
* Can burn or be smoke damaged
* Can be physically damaged, making data recovery expensive or even impossible
* Magnetic media (tapes, floppy disc) can be damaged by magnets
* Data can become difficult to recover if the software and/or hardware to decode is old, don't use proprietary formats
**Stored digitally on a flash drive**
* Can break and have to be physically repaired before use
* Rapidly changing magnetic fields can damage the data stored on flash drives
* Can be burned
* Can become corroded from salt water or some atmospheric conditions
* If they break apart, some lighting conditions can cause data corruption (you can also put them back together and often still get the data)
* Different devices are all different, even similar devices from the same production batch can be different. There are large quality differences in drives but I am assuming you aren't using these for anything but storage.
* There are some fake flash drivesthat look like they saved the data but you can't get it back later
* Flash drives are not advised for long term storage; they can be used as one part of a multi-medium-location-format plan.
***Backups are essential for digital data***
Computer code for performing operations can be corrupted in transfer or in operation.
Special systems exist and procedures help data to last longer. For ideas, see this archive.gov page
Remember to store in multiple locations. You can lose everything in single structure
**A physical bitcoin coin**
* Trust in the manufacturer themselves, they could copy the key
* Trust in their key generation procedure
* Trust in the operational security of the manufacturer, they could be generating the keys on their everyday computer
* Trust no one is successfully spying on them, electronically, looking through their documents while they are out of town, or with tiny tin foil hat cameras or long range ones
* Trust that the object was not tampered with in delivery
* Trust that no one has tampered with the object since you got it
---
What can solve most of these problems? A combination of good backup procedures and encryption.
If you have permeant access to more than one location (people who live in big cities, without family or cars have a hard time with this) or have people you trust with your money (don't) then look into using some form of Multi-signaturemethod.
The Keyois Capsule is a crypto piggy bank; it can be funded from the outside but you to break it open to get them out.
You give me a BIP38 encrypted key pair (well the address not the public key) and I engrave it in this tamper evident and time resistant package. You still have to hold on to the pass phrase that allows you to decrypt it; that is however the same problem as all methods with BIP38 encryption. How to store this without having to trust anyone but still being assured of it's security?
* Engraving
, embossing, or stamping on a sheet of metal is one option; however the metals that are easiest to stamp are ones that melt in a house fire. They could be put in a glass jar that's filled with aerogel and buried. These is the best readily available option for most people but it really can be tedious. * The cryptosteel is another ready-made option
* Have the words etched onto glass at home with off the shelf products; but be carful of this idea because the glass can shatter from impact and heat or even sudden temperature changes
* Anodize the words yourself on a pieces of metal, there used to be a service to help use your home printer to print the words with some chemicals you can buy
* Bake them in clay, then encase that in epoxy resin so it can't shatter. then paint the outside, in the future you can solvent the paint off and see the written seed
* Use a combination of techniques to split the seed so that it is safe(because split and separated) and redundant (because backed up).
