I left a little gift for you. Do not open til Christmas 40,000,027 AD. -----BEGIN AGE ENCRYPTED FILE----- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNjcnlwdCAxZkFiRzhPU24vU0pnQy8x YWlBY1R3IDE4CnN6UFFTcVg0VTF4K0xDZTlpYVNZUnJQQmpQZWxySUNQMkdlYXhu Z2MyNHcKLS0tIDBvTjQwbFE4bTgydTVwV1VZUWg5dG5OQXVNWTVHdFE4RzZrR2xT eUt4aHcKLevHi4k80grNqdAU103UrMNX5h++THwl+ReCwzOfDHMwj4AuCW2R5qGz xpNdWWX1eodU309FXoNCgw== -----END AGE ENCRYPTED FILE----- This is what "paper keys" should look like. And this is how you can store them. The zen of key management is: there is no "key" to steal or to lose. Just encrypt, and exhale. Otherwise: If you try to lock down a plaintext key, you're in a double bind: 1. If the only copy of your key is in the fire-proof safe that got washed away in a flood, game over. 2. If the key gets stolen, game over. What a constant-anxiety cocktail. But if the key is encrypted? Well, it's pretty hard for me to lose it now that I put it on Twitter. And those would-be key thieves can have at it all they want. Whenever I need to use this key, I'll just type in the password, and be back to slinging my stack of CryptoKitties NFTs. Oh - did I just give away the surprise? But where is the "actual" key? No where. Not in a safe. Not in a password manager. Not etched in platinum. There is nothing to leak, and nothing to misplace. -- If you got yourself a Ledger "hardware wallet", you'll see they ship it with a little piece of paper that has the plaintext key written on it. (Just typing that last sentence makes me want to pull my hair out) Now, my brother, what do you do with this paper? Hide it? If the Ledger bricks (which I've seen happen) and the paper gets lost/stolen (which everyone has seen happen), you're done for. The fragility of that method is nerve wracking to the extreme. Here is how to reduce your key management anxiety dramatically: 1. Create an encryption key. This is your Master Key, and new best friend. 2. Encrypt that encryption key with a strong password. 3. Shred all remnants of the plaintext Master Key. 4. Now use your encrypted Master Key to encrypt all your "wallet private keys". It's easy: type in the password to decrypt the Master Key, and use that to encrypt all your "private keys." 5. Shred all remnants of your plaintext private keys. 6. Whenever you need to use your private key to sign something, reverse the process: decrypt the Master Key to decrypt the private key, and sign the thing. Diversify and make redundant to taste. Store copies of your encrypted private keys. Store copies of your encrypted Master Key. However much or little you want. As long as you have a good password, it doesn't really matter if it leaks. In one line: The key to storing keys is encrypt them with an encrypted key.