Author

Topic: How are you supposed to keep your wallet.dat safe from physical attackers? (Read 263 times)

legendary
Activity: 4256
Merit: 8551
'The right to privacy matters'
you can have 3 or more trezor wallets and know your seeds.


or if you don't buy and hold
if you don't trade.

Merely mine and hold and report to your government you do not need to report any holding gains on the coins.

Ie mine 10 coins at a cost of 3000 a coin last December when coins were 3100

you have a net gain of 1000 if you hold the coins for the year of 2018

stop mining and simply hold the coins.  is you sold them all yesterday you have a net gain of about

136000 - 31000 = 95000  and you would owe short term cap gains tax.

Pay the gov the tax and do what you want with the rest of the cash.
legendary
Activity: 3500
Merit: 6981
Top Crypto Casino
You could consider taking the Electrum route and sending all of your BTC inside an Electrum wallet and memorize the seed so a file doesn't exist, however, how safe is this?
That's one of the reasons why I love Electrum wallets.  If it came to it, it really isn't that hard to hide a sheet or sheets of paper with seed phrases on them.  There are many ways that could be done--and right now I'm actually thinking about something along those lines, even though I really don't have much crypto at present.  If you're ever involved in a crime, even if you're not the perpetrator, the cops can and will seize anything they think is relevant--and you never know what that's going to be.  Better to have those seed phrases hidden away from prying eyes.

If your memory is good, keeping a seed phrase in your noggin isn't impossible.  There are even artificial memory tricks to help, and with those you can be as creative as you want to be.

For other coins I own, the wallet.dat files are the best I can do, and so be it.  I've made multiple backups on flash drives, so hopefully that'll do the trick.  I certainly realize the importance of keeping all of this stuff safe, and the only relatively sure method I can think of is to bury it.  Sheets of paper won't be caught by metal detectors, though I'm fairly sure thumb drives might.  It's risky, but then again everything is.
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
Ledger nano allows you to have 2 pin, then you would have your main wallet and a fake wallet with Les funds. You could give your fake wallet to the hacker.

https://support.ledger.com/hc/en-us/articles/115005214529-Advanced-passphrase-security
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
You could consider taking the Electrum route and sending all of your BTC inside an Electrum wallet and memorize the seed so a file doesn't exist, however, how safe is this? Keeping all of your current and future addresses on there doesn't seem too sound. It is possible that if someone subtracts the necessary info key derivation could be exploited.

So wallet.dat is the safest, yet, the most annoying to keep safe, as you need to keep a physical medium to store it offline, and you need the synced node to transact as well.

Actually I favor keeping the seed or the private key printed or noted in a book, whether buried somewhere or hidden in plain sight.
wallet.dat is harder to store because all means can be either hacked, either have faster decay rate than anything else, whether we talk about USB sticks, HDDs or CD/DVDs.

I clearly don't advise memorizing the seed since there are many things that can make you completely forget in a couple of years what the seed was.


If the amounts are indeed significant, I'd also try to not show that off.
Because if unwanted ones find out, whether the government, whether simple thieves could come after you and no digital protection can overcome the 5$ wrench.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
It's better to plan ahead, so what are you doing about it?
Personally, I wouldn't be that paranoid about it. If you have a government that can keep you in jail indefinitely just to get your Bitcoins, then you have much more to worry about. It's not exactly difficult to hide a wallet.dat either, search up steganography though it does have certain downsides to it but it should be a good enough obfuscation method.
Keeping all of your current and future addresses on there doesn't seem too sound. It is possible that if someone subtracts the necessary info key derivation could be exploited.
To be fair, even Bitcoin Core uses HD wallets as a format to store Bitcoin. I think it would be more convenient and secure this way as the necessary frequent backups meant that unsecured old backups could be lying around anywhere.
So wallet.dat is the safest, yet, the most annoying to keep safe, as you need to keep a physical medium to store it offline, and you need the synced node to transact as well.
As long as you are able to get the transaction information, you don't need to keep the client itself synchronized. There are ways to obtain the UTXO of a transaction, though it might be slightly more inconvenient.
legendary
Activity: 2464
Merit: 3878
Hire Bitcointalk Camp. Manager @ r7promotions.com
~snip~

What can be done?
I have my seed with extended seed and printed them. It's a 2/2 multiSig wallet. Two key were given to two person who will never come across (in my knowledge) to each others, in fact they do not know each other physically.

I have the Electrum .DAT file stored in my Laptop for one key and another one in another Laptop but I am considering to remove them from my system.
newbie
Activity: 25
Merit: 8
Either from robbers, or from governments?

A thief will torture you until you give away your password. Governments will put you in jail indefinitely, and they will become increasingly tyrannical about it. Just look at how how many people are getting busted in LocalBitcoins. If you for instance bought bitcoin in exchange of cash in LocalBitcoins and then sold it on some exchange for fiat, you are now on a possible list of people that will receive a knock on their door. Pretty much any bitcoin -> fiat or viceversa operations are subject to possible audits which may reveal your total stack as they look inside your computer. Once they find your wallet.dat you are in trouble. It's better to plan ahead, so what are you doing about it?

I don't see a solution. As long as you have to keep a file (wallet.dat) you are at risk. You could consider taking the Electrum route and sending all of your BTC inside an Electrum wallet and memorize the seed so a file doesn't exist, however, how safe is this? Keeping all of your current and future addresses on there doesn't seem too sound. It is possible that if someone subtracts the necessary info key derivation could be exploited.

So wallet.dat is the safest, yet, the most annoying to keep safe, as you need to keep a physical medium to store it offline, and you need the synced node to transact as well.

Electrum bypasses this but it's not as safe as the wallet.dat model.

What can be done?
Jump to: