Pages:
Author

Topic: Best Cold Storage Methods For LTC and BTC - page 3. (Read 9650 times)

full member
Activity: 236
Merit: 100
You can use cold wallets in this way. You can also use a client like Armory that uses deterministic keys so that your wallet only needs to backed up once but can still contain more keys than you'll use in a lifetime.

This sounds convenient, but doesn't it give up some security?

I mean, let's say you use this deterministic wallet for years.  After 6 months you have 10btc and someone compromises it, but you don't realize it.  They just bide their time and after 2 years you have 1000 btc, then they just steal them.

If you use wallets generated fresh, then the window to steal coins becomes smaller, doesn't it?
hero member
Activity: 518
Merit: 500
Manateeeeeeees
I forked this project on my home server and I use it to generate paper wallets:

https://www.bitaddress.org/

Just print them with the QRcodes and keep them safe, and you can cash them in easily with your phone or another scanning device.
jr. member
Activity: 41
Merit: 1
Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

I'm trying to figure out what this issue is, exactly, and how to avoid it.  Anyone have a link?

If you import a private key, and spend some of the coins, wouldn't the client create a new key to send the change to?  I just can't believe a client would ever send change to an address that it couldn't unlock.

Right, but the guy who loads his cold-storage private address into his wallet so that he can spend bitcoins, finds that after he spends them, and then deletes the wallet, that the remaining bitcoins are no longer in his cold-storage private address, but rather, were in a change address in the wallet that he just deleted.
legendary
Activity: 1102
Merit: 1014
Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.
This is not an issue with private keys or importing them. It is perfectly safe to use importprivkey with bitcoind/litecoind. The problem comes when people go creating raw transactions (the brainwallet site let you do this and you can deliberately / not accidentally do it with bitcoind/litecoind). If you create a raw transaction and do not send all of the funds from the old address what's left will become a fee for the miners. The moral of the story is stay away from raw transactions unless you know exactly what you are doing. No need to be afraid of single private keys. If you have a question, ask!
member
Activity: 84
Merit: 10
Ok so tell me if I understand the "change" issue correctly:

Let's say I have 100btc in a cold wallet, and I want to take 25btc out of my "savings".

If I were naive, I might import the key into some client, send 25btc to my "spending" wallet address.  Then I mistakenly think that the remaining 75 bitcoins are still in my cold wallet, when in fact they have been sent to an entirely new change address.  The key for this change address is in the wallet of the client I just used.

Then if I think that all I need is my paper copy of the cold wallet, I delete the client's wallet (to destroy extra copies of the cold wallet key) and thereby destroy 75btc.

Do I have that right?
Correct. It's just like fiat money, but in this case the keys are the money.

If you go to McDonalds and buy a $5 combo meal with a $20, you're going to get a $10 and a $5 back. Think of it as a bunch of micro-transactions all bundled together. Five $1s isn't technically equivilent either, because that's five transactions to spend $5 (you hand over a $1, then you hand over a $1, then you hand over a $1 ...). The only way you can spend $5 exactly with one transaction is to have a $5 bill.
A transaction can have multiple Bitcoin "bills" as input so you could do something exactly like paying for something with 5 $1 bills.

A transaction is basically like gathering a bunch of bills together and then sending one "bill" of a single denomination to each recipient. The "change" address is just a regular recipient in the protocol itself. So your example of spending a $20 bill for a $5 meal is like splitting that $20 bill into a $5 bill and $15 bill. The $5 bill goes to McDonalds and the $15 bill goes to your change address.
newbie
Activity: 52
Merit: 0
What I do is keep my BTC in multiple BTC addresses of say 5BTC each in cold storage. I treat each address as a Banknote, When I want to spend I will import  the private key of one of my btc addresses into my MTGOX account and from my mtgox a/c spend what ever I need to and whats left I will transfer to a new cold address thats offline. I use BTCBALANCE.NET to keep a track of each of my btc depoits

That's exactly what I plan to do. As soon as I have enough coins to feel nervous about them all being at a single address, I'll turn them into 'banknotes' divided across a handful of addresses.
sr. member
Activity: 392
Merit: 250
Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is something that should be more clearly stated for all new Bitcoins users.
legendary
Activity: 1400
Merit: 1013
I get it, so basically the problem with cold wallets is they don't keep up with the addresses that get eaten up and created with every new transaction, because at any one time, a bitcoin wallet can only contain 100 untouched addresses. I assume by that that the issue would arise by the time we do the 101st transaction from or to a cold wallet, that that is when we would start losing money because the two wallets, the updated live one and the cold storage one, would begin to be different and the use of one in a transaction would invalidate whatever only the other one can see.. Or maybe by 101st transaction, these addresses just disappear from both wallets. That is a doubt I have. Another doubt is that maybe cold wallets dont register change at all if money is sent from a cold wallet. Thats where it shows how unfamiliar I am with btc- it could very well be instead, that bitcoins can only be sent from hot wallets and that the problem is that the cold wallet used to import and create the hot wallet, must be elimipaper wallet Other clients use deterministic wallets so your paper backup is good forever.nated forever and never touched again and if we are to go about storing our wallet again we have to do it from the result of our latest hot wallet. Am I on the right track?
You can use cold wallets in this way. You can also use a client like Armory that uses deterministic keys so that your wallet only needs to backed up once but can still contain more keys than you'll use in a lifetime.
full member
Activity: 205
Merit: 100
I get it, so basically the problem with cold wallets is they don't keep up with the addresses that get eaten up and created with every new transaction, because at any one time, a bitcoin wallet can only contain 100 untouched addresses. I assume by that that the issue would arise by the time we do the 101st transaction from or to a cold wallet, that that is when we would start losing money because the two wallets, the updated live one and the cold storage one, would begin to be different and the use of one in a transaction would invalidate whatever only the other one can see.. Or maybe by 101st transaction, these addresses just disappear from both wallets. That is a doubt I have. Another doubt is that maybe cold wallets dont register change at all if money is sent from a cold wallet. Thats where it shows how unfamiliar I am with btc- it could very well be instead, that bitcoins can only be sent from hot wallets and that the problem is that the cold wallet used to import and create the hot wallet, must be eliminated forever and never touched again and if we are to go about storing our wallet again we have to do it from the result of our latest hot wallet. Am I on the right track?
newbie
Activity: 56
Merit: 0
Ok so tell me if I understand the "change" issue correctly:

Let's say I have 100btc in a cold wallet, and I want to take 25btc out of my "savings".

If I were naive, I might import the key into some client, send 25btc to my "spending" wallet address.  Then I mistakenly think that the remaining 75 bitcoins are still in my cold wallet, when in fact they have been sent to an entirely new change address.  The key for this change address is in the wallet of the client I just used.

Then if I think that all I need is my paper copy of the cold wallet, I delete the client's wallet (to destroy extra copies of the cold wallet key) and thereby destroy 75btc.

Do I have that right?
Correct. It's just like fiat money, but in this case the keys are the money.

If you go to McDonalds and buy a $5 combo meal with a $20, you're going to get a $10 and a $5 back. Think of it as a bunch of micro-transactions all bundled together. Five $1s isn't technically equivilent either, because that's five transactions to spend $5 (you hand over a $1, then you hand over a $1, then you hand over a $1 ...). The only way you can spend $5 exactly with one transaction is to have a $5 bill.
legendary
Activity: 1400
Merit: 1013
legendary
Activity: 1288
Merit: 1227
Away on an extended break
Armory.

Definitely Armory. For BTC, Armory is, hands-down, the best option to store your bitcoins. Nothing else even comes close.
Yes, Armory. I keep all escrow funds and my own funds in Offline Armory, and have the seed backed in GPG-encrypted papers at multiple places.
legendary
Activity: 1680
Merit: 1035
Armory.

Definitely Armory. For BTC, Armory is, hands-down, the best option to store your bitcoins. Nothing else even comes close.
newbie
Activity: 48
Merit: 0
What I do is keep my BTC in multiple BTC addresses of say 5BTC each in cold storage. I treat each address as a Banknote, When I want to spend I will import  the private key of one of my btc addresses into my MTGOX account and from my mtgox a/c spend what ever I need to and whats left I will transfer to a new cold address thats offline. I use BTCBALANCE.NET to keep a track of each of my btc depoits
full member
Activity: 236
Merit: 100
as soon as you import a private key into a client. treat it as dynamite. very risky
spend the coins you want. but then make a new paper wallet and send the coins in the client to the new paper wallet.

dispose of the old, empty and used key.

don't hold onto your used private key as its hot.. not cold.

anything that has ever touched a client is not considered cold.

Ok so tell me if I understand the "change" issue correctly:

Let's say I have 100btc in a cold wallet, and I want to take 25btc out of my "savings".

If I were naive, I might import the key into some client, send 25btc to my "spending" wallet address.  Then I mistakenly think that the remaining 75 bitcoins are still in my cold wallet, when in fact they have been sent to an entirely new change address.  The key for this change address is in the wallet of the client I just used.

Then if I think that all I need is my paper copy of the cold wallet, I delete the client's wallet (to destroy extra copies of the cold wallet key) and thereby destroy 75btc.

Do I have that right?
sr. member
Activity: 388
Merit: 250
Armory.

Shame there isn't a Litecoin equivalent, but yes, wouldn't settle for less than Armory.
legendary
Activity: 4410
Merit: 4788
as soon as you import a private key into a client. treat it as dynamite. very risky
spend the coins you want. but then make a new paper wallet and send the coins in the client to the new paper wallet.

dispose of the old, empty and used key.

don't hold onto your used private key as its hot.. not cold.

anything that has ever touched a client is not considered cold.
full member
Activity: 236
Merit: 100
Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

I'm trying to figure out what this issue is, exactly, and how to avoid it.  Anyone have a link?

If you import a private key, and spend some of the coins, wouldn't the client create a new key to send the change to?  I just can't believe a client would ever send change to an address that it couldn't unlock.
member
Activity: 71
Merit: 10
Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is not a problem if you use armory or electrum, because they use deterministic address generation. You only ever need the seed or the first address of your wallet to recover all others.
member
Activity: 60
Merit: 10
The customers I've had who buy 3D printed NFC tags generate a private key for a new account and deposit to that directly, rather than trying to import a particular private key from a wallet. 

Pages:
Jump to: