How to protect crypto holdings on a Mac with plausible deniability

We all know that if you’re going to manage your own private keys, the best solution is a hardware wallet. But sometimes we may want to hold coins which are too new or too immature to have been integrated into hardware wallets, and in those occasions we need a secure way of storing those funds on our local computer.

For those using Mac OS X, this article describes a fantastic approach, that integrates the powerful concept of plausible deniability.

Introducing Espionage

Espionage is an application for Mac OS X that lives in the menu bar, and when clicked, presents the user with a simple window asking for a password:

When you enter a correct password, the window unlocks to display a list of folders that the user has added for control by Espionage:

From this list, let’s navigate to the “Confidential” folder in the Finder, and look at its contents prior to unlocking it in this Espionage list:

We see a single file called “my_innocous_file.png”, but this folder could just as well contain anything we wanted an attacker to see, if they hacked our computer, or otherwise coerced us into revealing its contents.

Now, having opened our password protected list in Espionage, let’s click to unlock the “Confidential” folder in Espionage:

And once unlocked, let’s return to the Finder and see what few find inside now:

We find completely different contents!

What’s happening behind the scenes is the following:

When we drag a folder into an Espionage list for management, the app creates an encrypted disk image, and moves the original contents of the folder into the disk image, after which it empties the original folder. You’re then free to put any innocuous contents into the folder you like.

Then, anytime you unlock that folder in Espionage, it will mount the encrypted disk image at that point in Finder, replacing the folder’s innocuous contents with the protected contents in the encrypted disk image.

Later, when you then re-lock the folder in Espionage, the disk image is closed, and the original innocuous contents are returned.

This means that for someone poking around your folders in the Finder, they’ll find innocuous contents, without any indication that you maintain a shadow version of the same folder, locked away behind a password-protected list in Espionage!

Plausible deniability

Espionage goes even further, by providing for plausible deniability. How does that work? Espionage is not only capable of maintaining a singe list of folders, behind a single password. Rather, it’s capable of maintaining any number of folder lists, behind any number of passwords!

This means that even if someone knows you have Espionage running on your Mac, there’s no way for them to know how many lists of folders you are actually managing. You can even manage two lists of identical folders, such that if you were coerced to open a list in Espionage, you could open an innocuous list, without the attacker knowing you have another copy of the same list behind a different password.

This is known as plausible deniability.

(And if you’ve cleverly asked the question, “But what if the attacker searches for the number of disk images on my computer?”, Espionage helps with this as well, by creating, on first launch, a large number of empty disk images, such that this search wouldn’t reveal the number of folders you’re actually protecting.)

Using Espionage to protect crypto holdings

Let’s now put Espionage to work to protect our crypto holdings. Most wallet apps store their data in the “Application Support” folder within your local “Library” folder. For example, the Ravencoin wallet stores its data here:

~/Library/Application Support/Raven

As you’re probably already thinking, you can create a protected list in Espionage that contains the application data folders for all your crypto wallets. I’ve created a test one here containing the data folders for my Ravencoin and Hexxcoin wallet data:

So if someone discovers that I’ve got the Ravencoin wallet on my computer, and coerced me to open it, they’d find an empty wallet:

And if I wanted to make things look more realistic, I could maintain a small around of RVN in this innocuous version of the wallet. Now, let’s unlock the Ravencoin folder in Espionage:

…and then re-open the Ravencoin app, to access our real data:


As you can see, an application like Espionage opens the door to a world of data protection possibilities, including everything from crypto data folders, to confidential documents folders, to more. I know someone who even keeps their entire email application data folder protected!

While our first line of defense will always be a hardware wallet, for those times when that’s simply not an option, Espionage provides us with the means to greatly increase the security of funds held directly on our Macs!

As you’ll have noticed from my previous articles, I’m transitioning from the world of traditional investing, to the world of crypto investing, and in the process am doing a lot of hands-on learning to make sure I understand the ins and outs of this space.

Through this blog, and for the benefit of new entrants to this space, I hope to write articles that simplify some of the complex topics that I’ve struggled with, including details that many others have glossed over or left out entirely.

I hope you’ve enjoyed this one about data security on a Mac, and if you have any questions or feedback, don’t hesitate to leave a comment below or email me through the contact form.

Leave a Reply

Your email address will not be published. Required fields are marked *