Topic: Are old core wallet backups useless to a third party ? (Read 1128 times)

I don't think you can ever be too cautious. :-)

Thanks cr1776 appreciate the reply......

think i am probably being overly cautious, but have already lost 2BTC to a scam and dont want to lose any more....lol

In theory a 12 character random password should be good enough.  Is it just alpha-numeric characters? Lower case?  Upper case mix?  Special characters etc? (Don't answer, but that changes the math).  Was the random generator that generated it really random?  I think the smart advice is: if you don't need to leave the wallet.dat somewhere where someone could copy it and then try to brute force it, don't.

But it really depends on the threat that you are worried about.  If this is just a computer that your family is using, that is one thing.  If this is a USB that you are going to throw away where someone might find it and look at it that is something different.

If the wallet.dat is going to be somewhere where you have untrusted people -e.g. people you don't know- who have access to the wallet and computer at random, if you can remove it from the computer/drive etc, you'll be better off.   The more bitcoins you have stored in the wallet (or the more that you could potentially have in there at some point in the future) the more concerned you need to be about where it goes.

I think the main thing people have to be worried about is a virus on the computer that is stealing their credentials though.

i used a 12 random password that i had generated from counterparty wallet for some SJCX, could that be an issue?   counterwallet.io   i doubt very much that the counterparty wallet stored my password....... i think that it is browser based....

See the post by cr1776, I dont know. It depends on your way to select random words and the word basis or number of words. It sounds good though.


Usually not, no.

Ok so a random 12 word password should be strong enough then ?

and i prob have no need really to create a .conf file to be honest, but interesting to know.  thanks alot for the help

Yes, it is dangerous to do so. 

Even password protected wallets shouldn't be left where others have access.  People often overestimate the security of the passwords that they use and the password that they think is "good" is, in reality, bad.  So while the software is good at protecting the wallets reasonably well IF you have a "good" password, if you have any significant number of bitcoins (or alt coins in an alt coin wallet) leaving the wallet.dat exposed anywhere is not recommended if you have the ability to remove it.

Only if you use bad passwords. Cores wallet files are reasonably well defended against brute force attacks.


The file is not created by default, if you cant find one in %APPDATA%/Bitcoin you can just create a text file and rename it (make sure its no longer a .txt file).

With the keypool option you can change the default behavior to any other number of pregenerated private keys you prefer. Keep in mind that reducing the number also means you have to create a backup more often.

If you set a higher number core create the keys next time the wallet is unlocked.

Ok so then it is dangerous to leave old wallet backups on computers or USB pendrives that others have access to.  Shorena could you explain abit more about keypool 103 into bitcoin.conf?  where is that file? i have checked %appdata% and cant see it

Yeah exactly. You would need to exhaust the keypool and then send the bitcoins to a new randomly generated address for your old backups to be worthless.

It would actually be safer to just let core generate a new wallet for you. It will do that if it finds there is no wallet.dat file in the data dir. Then you send your bitcoins from the old wallet to the new.

But its wrong!. Bitcoin core keeps (by default) 100 unused private keys and addresses pre generated for you. This would only work if you would use all 100 (change)addresses.

You can change this by adding keypool=103 to your bitcoin.conf file.

I think it has more to do with being pseudo-anonymous than with security. I think the best security would be to have a strong password on your wallet.
But a side-effect of the default behaviour would indeed be that an attacker will gain less coins when he steals an old wallet.dat

Great help, thank you, so thats why it is always best to use a new address for sending and receiving Bitcoin 

Well... Let's use your example:
1) you have the private key for an address holding 3 BTC in a wallet. You backup your wallet.dat

2) Today, you send 1 BTC to a friend. This transaction is signed with the private key in step 1. If there is change for this transaction, the default setting of bitcoin core is to generate a new private key/address and send the change to this address. The change can also be sent back to the address in step 1 if you modified the default behaviour

3) you receive 1.5 BTC to the address in step 1

4) your backed up wallet.dat gets stolen. It contains the private key from step 1, but not the private key for the change address generated in step 2. The attacker will have access to all coins, exept the change you sent yourself when sending 1 BTC to a friend...

Offcourse, there are a lot of variables... If you received funds in step 3 to a newly generated address, the private keys will not be in the backup in step 1, so the attacker will not have access to this funds.

Also, the way bitcoin core handles change can be modified, and how much change will be sent will depend on the inputs. If the address in step 1 received 300 deposits of 0.01, there won't be a lot of change sent to the change address in step 2. On the other hand, if there was only 1 input of 3 BTC, the original private key will be worthless, since all the coins will be sent to the change address

Ok so lets say i had 3BTC and i backed-up my wallet.dat.  And then today i sent 1BTC to a friend, and recieved 1.5BTC the day after from another friend without backing up my wallet.  I understand that the attacker after brute forcing my wallet.dat could take 2BTC of the original 3BTC but surly they couldnt have access to the 1.5BTC as i did not back that up.  Am i right or am i missing something?

Thanks for the reply  

Edit: Only just seen your edit, Many Thanks that was what i was getting at.  

so if i send all my bitcoin to a new address within my core wallet every now and again that should make old backup.dat files irrelevant???

no.
They would have full access to all of your coins, as long as the old backup is from the same wallet you're using right now.

The only thing that can prevent this, is password protecting your wallet. In this case the attacker will have to bruteforce your wallet.dat (wich is inprobable when using a long, random, password or passphrase)

EDIT: i did forget the fact that when you use your wallet, new addresses can be generated or imported. New private keys will not be in the old backup, so inaccessible for attackers (AFAIK).

I was just wondering if i have old wallet backups laying around on my computer or on a usb drive that someone was to gain access too, are they useless to them?  is only the latest backup the one that works because i will have sent and received various different amounts since the older backups.  

What would happen if they loaded up bitcoin core and used my old wallet.dat file?  there could probably be coins there that my not have been sent, am i right?