I am not a cryptographer, experienced or otherwise. But that sounds fine to mewith the killer caveat that your key will need to have as many bits as an independent seed, so why bother?
The idea here is that this key should be pretty useless on its own, so you can create a lot of copies of it and store them in different places like cloud storage, HDD, flash drives, paper. However, I'm not sure if this key really doesn't leak information about the seeds.
I am not a cryptographer, experienced or otherwise. But that sounds fine to mewith the killer caveat that your key will need to have as many bits as an independent seed, so why bother?
A better scheme may be to use a secret master seed, seed_0, run it through a KDF (as will be done anyway when your BIP39 seed is turned into a BIP32 HD wallet), and use the KDF to generate two independent seeds: seed_1 for your real treasure cave, and seed_2 the decoy. BIP39 simply takes a bag of bits as input; so you can still use
easyseed(1) to turn your seed_2 decoy into a string of words, write it on a yellow sticky note, and hide it somewhere that bad guys will be allowed to find it after they begin to torture you (so itll be convincing) but before they torture you too much (what is your personal tolerance for being hit with a $5 wrench?). Meanwhile, keep the words for seed_0 secretnot only that, but keep its
existence secret!; and it can be used to recover both other seeds.
My goal was to make a system when you don't have to store the seed for "treasure cave" anywhere at all, so in your setup I would use seed_0 as my decoy seed and when the bad guys would take it from me, I'd generate my "treasure cave" seed1 from a backup copy of seed0. Does this sound good?
But I've just discovered that BIP39 passwords are kinda like an arbitrary bonus words, so the setup for linked decoy/treasure wallets can be much simpler - you can generate one list of words and two passwords - one is decoy (can be written on paper next to seed words), the other is super secret.
And yes, it's all built on assumption that bad guys don't know how many coins you have, that they are not very good at crypto and are just looking for 12-24 words written on paper and will leave as soon as they get some plausible amount of coins after making sure that they've searched everything.
P.S. interesting tool, gotta check it out later.