Pages:
Author

Topic: Best Cold Storage Methods For LTC and BTC - page 2. (Read 9649 times)

legendary
Activity: 2632
Merit: 1023
Reading a ton of different ways for cold storage.

What is the most secure/easiest way to cold store BTC and also LTC.

Do you really need to keep the wallet.dat file or just the Private and Public keys?

Thanks

why dont' people pdf print and use trucrypt and leave copies everywhere?
sr. member
Activity: 252
Merit: 250
Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is something that should be more clearly stated for all new Bitcoins users.

Ive been saving bitcoin in a wallet that I generated at bitaddress.org, offline -- with the private key written down.

Have I fucked myself like a noob?

Nope. If you never used that private key, they should still be there. You can use the public key to check.

I check it regularly. They're all there.

Ok then, when I go to withdraw how can I protect myself from getting fucked?
legendary
Activity: 1680
Merit: 1035
Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is something that should be more clearly stated for all new Bitcoins users.

Ive been saving bitcoin in a wallet that I generated at bitaddress.org, offline -- with the private key written down.

Have I fucked myself like a noob?

Nope. If you never used that private key, they should still be there. You can use the public key to check.
sr. member
Activity: 252
Merit: 250
Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is something that should be more clearly stated for all new Bitcoins users.

Ive been saving bitcoin in a wallet that I generated at bitaddress.org, offline -- with the private key written down.

Have I fucked myself like a noob?
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
Yes. Pretty much as above. You could think of the cold private key as disposable, and consider it "hot" after you have used it once.
legendary
Activity: 1680
Merit: 1035
^^^ That's pretty much correct. Just make sure that you send all change back to the same private key when you spend it, otherwise it may send your change to one of your other addresses, and you may lose it when you delete your keys/wallet.

A better cold wallet option is Bitcoin Armory. It may look more complicated, but it's actually much easier to set up and use than this bit address paper method. (And more secure)
full member
Activity: 144
Merit: 100
So to create a cold wallet we:

  • Send to a new public key
  • Record the private key (e.g., Write on a piece of paper, backup on multiple USB drives)
  • Hold for safe keeping

Then to access the funds we:

  • Load the private key on a client (e.g., Bitcoin client, blockchain.info, Mt. Gox)
  • Make transaction (Does something happen here that changes the private key?)

Lastly, make the funds cold again:

  • Record new private key, or send to a new public/private key pair

Can someone please weigh-in on the above?
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
You can also sweep the private key using Mt.Gox.

Personally, I'd importprivkey using the bitcoin-qt client.
hero member
Activity: 546
Merit: 500
I have a related noob question.

If you have the public and private key printed out, maybe just as QR codes, (like what you can make at http://www.bitaddress.org) and you want to spend them, is there any online wallet or exchange that lets you just input those two keys and access the coins, or do you have to do it by importing keys though a wallet client application on your computer, then transfer it to on online exchange?


You can redeem with blockchain.info
full member
Activity: 237
Merit: 101
I have a related noob question.

If you have the public and private key printed out, maybe just as QR codes, (like what you can make at http://www.bitaddress.org) and you want to spend them, is there any online wallet or exchange that lets you just input those two keys and access the coins, or do you have to do it by importing keys though a wallet client application on your computer, then transfer it to on online exchange?
full member
Activity: 205
Merit: 100
Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.
This is not an issue with private keys or importing them. It is perfectly safe to use importprivkey with bitcoind/litecoind. The problem comes when people go creating raw transactions (the brainwallet site let you do this and you can deliberately / not accidentally do it with bitcoind/litecoind). If you create a raw transaction and do not send all of the funds from the old address what's left will become a fee for the miners. The moral of the story is stay away from raw transactions unless you know exactly what you are doing. No need to be afraid of single private keys. If you have a question, ask!

I don't quite understand what you're saying here. Isn't the problem as such: cold wallets don't renew their pool of 100 unused addresses, so by the 101st transaction they make they start sending change to addresses they don't have and so these go back to the miners. But then hot wallets do create these new addresses and deterministic wallets have a huge amount of spare addresses, so there's no problem with them. But as far as that understanding of the issue goes, there's no problem with the old address (the address that's sending the coins) only sending part of its funds elsewhere. What you're saying is that any given address in a wallet has to send all its coins, if not the difference between the originating address and the transaction will be lost to the miners?
newbie
Activity: 28
Merit: 0

print out on paper
legendary
Activity: 1400
Merit: 1013
Can someone please inform me on this, I have 130 bitcoins stored in blockchain i've had it stored in there for months because Im worried if I put them on armory client and my computer brakes I will never be able to recover my coins.
Paper backups are how you protect your offline from computer failure. If you're protecting 130 bitcoins it's worth it to buy a used laptop for a dedicated offline machine to hold your wallet if you don't already have a spare machine available.
member
Activity: 60
Merit: 10
Can someone please inform me on this, I have 130 bitcoins stored in blockchain i've had it stored in there for months because Im worried if I put them on armory client and my computer brakes I will never be able to recover my coins.

I'd split that up into a few separate accounts with well backed up private keys. 
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
Gimme some of your bitcoins. I will store it for you. Any time after, you can request for it to be sent back to you, at a new address. We can discuss the storage fee later (or just tip me 1% or 1.3 BTC for it.)

Seriously. I'm in another country, in another continent. I have access to at least 20 different physical locations each one more than 5 kilometers to 10 kilometers away from the others, so I can make redundant backups in cold storage. (none of those physical locations have any internet access, so I would have to physically go there.)

Each location is protected by armed guards, and trustworthy people, and all of them have no idea what bitcoin is all about, so they wouldn't dare open the little package I send them for safe-keeping that contains an encrypted copy of the private key that holds the bitcoins.

I operate an offline business, so that's where those 20 locations come from. I can even document the process for you. All you have to do is send 130 coins to an address I make.

Of course, this means you have to trust me. So feel free to ask all the documentation you would want or need, or to come fly over here to my country and have a tour.

Oh yeah, I also have some influence over the local police and military here, so we're covered from violent attempts to get your private key.
legendary
Activity: 1680
Merit: 1035
Can someone please inform me on this, I have 130 bitcoins stored in blockchain i've had it stored in there for months because Im worried if I put them on armory client and my computer brakes I will never be able to recover my coins.

You need to make a backup whether you are storing them in Blockchain or Armory, since Blockchain can break to. Best method is to make a paper backup, and store a few copies of it in different locations.
newbie
Activity: 56
Merit: 0
Can someone please inform me on this, I have 130 bitcoins stored in blockchain i've had it stored in there for months because Im worried if I put them on armory client and my computer brakes I will never be able to recover my coins.
full member
Activity: 236
Merit: 100
This sounds convenient, but doesn't it give up some security?

I mean, let's say you use this deterministic wallet for years.  After 6 months you have 10btc and someone compromises it, but you don't realize it.  They just bide their time and after 2 years you have 1000 btc, then they just steal them.

If you use wallets generated fresh, then the window to steal coins becomes smaller, doesn't it?
On offline deterministic wallet is generated on a computer that does not, and never will, have Internet access. Compromising that wallet is not impossible as Stuxnet has shown, but currently not within the capability of the typical bot herder.


Hopefully by the time attackers are capable of reaching wallets that are held offline we'll be using specialized hardware wallets which are not vulnerable to remote attack.

Yeah, I guess you have to compare the risk of compromise to the risk of screwing up and losing your coins.  I would have to agree that the latter is probably quite a bit larger.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
I don't like deterministic wallets for that reason. A compromise of the root chain or master password or the wallet, is a compromise of all keys from that deterministic wallet.

But hey, if it's offline, I guess it is secure, so long as you can be sure no one else has gotten to your offline computer.
legendary
Activity: 1400
Merit: 1013
This sounds convenient, but doesn't it give up some security?

I mean, let's say you use this deterministic wallet for years.  After 6 months you have 10btc and someone compromises it, but you don't realize it.  They just bide their time and after 2 years you have 1000 btc, then they just steal them.

If you use wallets generated fresh, then the window to steal coins becomes smaller, doesn't it?
On offline deterministic wallet is generated on a computer that does not, and never will, have Internet access. Compromising that wallet is not impossible as Stuxnet has shown, but currently not within the capability of the typical bot herder.


Hopefully by the time attackers are capable of reaching wallets that are held offline we'll be using specialized hardware wallets which are not vulnerable to remote attack.
Pages:
Jump to: