Topic: Cold storage security - page 3. (Read 4993 times)

One idea, you could just have a USB flash drive laying around, containing a wallet.dat file (which contains just random noise), and kept in a place where one would likely store something valuable... and hand it over when asked.  It could have in sharpie marker, "bitcoin backup".

Not very many armed robbers are going to pull out their laptop and rescan the blockchain to make sure it was the real deal.  And it will take them a while to figure out that the wallet is bogus.

Meanwhile, if Alice points a gun at Bob, and in return, Bob gives Alice a flash drive which she then scours and runs everything it contains... which person is the attacker?  

The flash drive may as well contain an executable that starts sending you e-mail, named "wallet.dat.exe", which they are likely to run, and this will squeal their IP to you.  While you're at it, you could include scripts that will gather the MAC addresses of nearby wireless base stations (e.g. in Windows: "netsh wlan show networks mode=bssid")... which might result in you getting lucky and finding out their physical location.

Encrypt the computer who have Bitcoins with TrueCrypt and strong password. Dont lose the rescue CD also as it will help in case of MBR damage.

If You live in USA buy a gun. Problem solved, no escaped slaves will successfully invade your home and take your Bitcoins.

A few "crazy" ideas come to mind.

One that is kind of blown by mentioning it here at all would be a "pretend secure coldwallet service" which holds signed documents from you they can use to prove you and they both agree you do not actually have anything of value in their care, so that if for any reason at all anyone including you does try to claim they have something of yours they are off the hook. It would function by simply being a very public pretense that your emergency coldwallet is safe in their care. The purpose of this would be so that if someone raids you can claim the coins are in someone else's care and point at who; you would not actually place anything in their care, their purpose is simply to be a decoy, you and they both maintain a public sham that they have your emergency coldwallet.

Another idea is put your emergency coldwallet into police evidence locker, as evidence of your being blackmailed or under duress or murdered or rendered incommunicado by violence or whatever. It will only be needed in the event of such a scenario, so anyone coming for it is evidence of such an event having occurred. Arrange that all your coins get sent to that wallet automatically if you hit a panic button or take your hand off a deadman switch. Then in the event someone comes to your house you can show them the button or switch and explain that the coins are all in the evidence locker as evidence that they are at your house.

You could even use both methods; when someone comes to your house you tell them about the pretend secure wallet service people; when someone comes to their house they tell them about the evidence locker...

NOTE: Any number of online services could be monitoring your evidence-locker wallet address, ready to send in SWAT or call fire brigade or whatever in response to cries for help sent out by means of pre-agreed amounts being sent to it from pre-agreed dire-straights wallets etc...

-MarkM-

Sorry, I should clarify.  Certainly, there would be multiple contingency plans in the event of my unfortunate departure from this world.  I just mean that I don't want to have to deal with gathering information from a second person on a day-to-day basis just to get some transactions signed.

Will these customers be informed that the entire amount of funds they've entrusted with you are then one heartbeat away from being lost forever?

What do you mean by "a public bitcoin facility"?

This business wouldn't turn enough coin to hire "lots of security", so I am attempting to figure out a way to run it securely without resorting to such drastic measures.

EDIT:  Thanks for the answer on that Casascius.

That would probably work, in the sense that the bank is unlikely to have any problem with you doing it.  As for whether it's safe is mostly hypothetical.  Someone in the bank to conduct a robbery is probably there to rob the bank.  Who knows.


I imagine USB versus local storage shouldn't make a significant difference.

I wouldn't want to be anywhere near a public bitcoin facility especially with a known high balance if it doesn't have adequate protection.  Even if you made it perfectly clear no private keys are available on location, some moron criminal is still going to attempt to steal some money.  They may even harm you as an example to future victims.  Bottom line - either don't make the address public or hire lots of security.

Why do you say there is no reason why people would come to my house looking for bitcoins?

As I said in the OP, my name and street address are fairly easily associable with my online identities.  Couple that with the fact that I would be running a business where anyone could see the exact amount of Bitcoins I am holding at any given time, and that number of Bitcoins may increase to a significant number (thousands or tens of thousands of BTC), and I can see very good reason for people wanting to "pay me a visit".

His scenario is someone DOES come to his house to take the large sum of bitcoins in his offline wallet.  You solved the scenario he isn't asking about. 

Just use a brainwallet. That way your bitcoins are not stored "offline"... they aren't stored anywhere at all. There would be no reason why people would come to your house looking for bitcoins, there would be no point. The only way to get them would be coerce you to give up the passphrase. I can go into more details about this (it's a pretty simple system -> you still use an offline computer to sign transactions, but the offline computer never stores the private key).

For the sake of this argument, I'll trust the bank and its staff, but will still ensure that the contents of whatever I leave in the deposit box are encrypted.

Assume I rent a large enough box to fit a netbook in then... What about grabbing the netbook, going out to the lobby, conducting my transactions, then stowing it back away again?  Would it be unsafe to have the data "out in the open" in the lobby?

Or, would it be ridiculously slow to simply keep the private keys on a USB drive in the deposit box, then bring a netbook along with me to sign the transactions?  I don't know how having a wallet file on a USB device would affect the speed at which signing with Armory could occur.  And, of course, never actually bringing the netbook online while it is elsewhere, to ensure it truly remains uninfected cold storage.

Hanging out and doing any kind of work inside their vault is not something they're anticipating you'll do.  They expect you will come in, identify yourself, sign their logbook, and go in the vault accompanied with your key and they will insert their key (each box has two locks) and then you will either add things or take them out while they stand by.


A typical safety deposit box is small but LONG (unless you pay for more size).  A typical size is 3x5x22 (inches).  It will definitely fit a USB stick, or rolled-up documents.  But not a computer.  They are only accessible during banking hours unless your bank offers some sort of after-hours access.

Between me and the company I work for, we have several boxes of this size, specifically for contingency plans.  The boxes I use to hold Bitcoin private keys contain parts of m-of-n sets, and they are printed on paper in the form of QR codes.  When I visit the boxes, if I want 1 code, I will usually just scan it with my phone, or if I need several, I might just take part or all of a sheet out of the stapled-&-rolled-up stack.  I always assume that the bank personnel "could" access my box for any reason, so I never leave private keys in the box that would be useful by themselves.

The way I figure it is, people will break into a car for a quarter.  I am certain there are individuals out there who would conducted an armed robbery of some sort for $200,000 worth of digital cash.  Sure, it's high risk, but it's also high reward if business is booming for me and I actually have that many bitcoins moving through the service in a 24 hour period.

Hmmm... now there's an idea.

I wonder if they would have a power plug in the same area where the deposit boxes are made available?  If not, I could always just take a battery with me.  Potentially, I could put cold storage on a netbook-type device (with paper and USB backup), then stop by the safety deposit box with a USB key to sign transactions as necessary.  If no power is available, I could simply take the battery home and charge it (assuming I had two of the same netbooks), then bring it with me to conduct the transactions.

A bit of a hassle, but doable.

I've never used a safety deposit box.  Are they typically available 24/7?  Can they fit a netbook inside?

How big risk this really is? The money is behind a safe, which only you know the password to. So they have to threat you with violence to get the private keys/bitcoins. To me it seems like a high-risk operation from robbers viewpoint.

For what it's worth, simply opening a safety deposit box costs as little as $10/year, can be done at the bank you already visit, and can be accessed without any questions other than your identity (which will be checked by someone also in a position to detect whether you're under duress and to do something effective about it, including deny access to the box, trip silent alarms, and gain the highest priority attention from law enforcement in the fewest words).

Thanks for all the input!

It looks like, at this time, I will be unable to conduct this Bitcoin business that I had wanted.  No solution presented thus far is "good enough" for me (I don't want to deal with a second person), and I don't want anyone showing up at my door, strong locks and firearms or not.

Really, an online solution of some sort with insurance sounds better.  But I doubt Bitcoins are something that any insurance company would want to insure...

Maybe another day, I'll find a good solution.  For now, I'll hang on to the idea and the IP associated with it.

I guess it all depends on how paranoid you want to be.  Looking at it from a high level there are only two general concepts to prevent a third party from forcing you to give access. The first is to create a setup which requires a second party who isn't on-site (counterpart).  The second is to create a setup where you can cause yourself to intentionally lose access.

Second party:
You could split the private keys (protocol independent m of m).  For example you could XOR two 256 bit numbers (half-keys) to produce the private key.  You keep one list of half keys and your partner keeps the other.  To send funds would require both of you to XOR your half-key to produce the full key and sign a tx.

Another option would be a wallet where it requires two pass-phrases to decrypt and you only have one.  You would need to notify your partner and he (via RPC call or some other method) enters his passphrase.  The "dual missile key option".  

For either method you likely would want some challenge and password type setup to ID the counterpart is not compromised.  Upon hearing a duress codeword the counterpart would refuse access.  If you have the info stored securely in a third location the counterpart could destroy his secret upon hearing the duress word.


Lose Access:
The simplest option would be a wallet where upon duress would send the full balance to an address you don't have direct control over (private key is off-site, bank vault, m of n type setup, etc).

Another option would be a deterministic wallet stored only in memory (say a netbook dedicated as a hardware wallet) and created using two 256 bit seeds.  On setup you and your counterpart would enter the seeds.  The wallet could be operated by you alone but upon duress you kill the power and you couldn't restore the wallet without your counterpart.

The in-memory wallet could be done with one person if you can limit access to the seed and don't routinely keep it on site.  For example setup in-memory wallet and then have seed secure in a safety deposit box.

Obviously the disadvantage of the "lose access" method would be that if you are compromised before the duress action can be taken the wallet will be lost.  One option would be to trigger the lose access method to an alarm system.  Someone breaks in, alarm sounds, and a relay kills power to the in-memory wallet.

Consequences:
So there are a couple different ways of doing it but one thing you may wish to consider is .... do you want to be in a situation where you can't give criminals what they want?  Will they believe you?  Will they accept the truth in a non-violent manner?  Maybe investing in a good monitored alarm system (not ADT), strong doors, secure locks, and firearms is better insurance.

You can either easily access the coins all the time (including during a robbery) or not.

If you want to suddenly be -unable- to access them, just send them to an address with a key that you don't have handy (something like cas describes). That doesn't help if someone decides they don't believe you or don't care, but at this point it is pretty much someone randomly murdering you because you use bitcoin.