Topic: HOWTO: create a 100% secure wallet - page 124. (Read 276225 times)

Can't the wallet.dat be encrypted already? (password when starting the bitcoin client...)

While I'm a complete n00b to BTC as of yesterday, I do know a thing or two about public/private key encryption.

1) Correct.  If the unencrypted "wallet" (read "key") exists in a vulnerable place, then it doesn't matter how securely you back it up.  It's like keeping a copy of your house key under your mat but making a "secure" copy regularly.  A burglar can simply check under your mat, regardless of how securely you keep the copies.

I can think of two valid reasons for separate physical copies.  The first is simply to guard against data corruption, drive destruction, etc.  The second is to keep the "secure" file only on media other than your hard drive, created and saved in a "secure" operating system.

Keeping at least one backup is a good idea.  Just remember that the *least* secure copy of your "wallet" (read "key") is effectively the only one that matters for security.

2) Hard drive corruption/destuctions/loss is why it's good to keep a backup copy on another physical medium.  Note that having your drive stolen with an unencrypted wallet means that wallet is forfeit, unless you happen to transfer all BTC out from that account to another using a backup copy before the "bad guys" get to it, first.

I can't speak much on local encryption, as I've never personally had anything worth the bother.  But if you have a keylogger on your system, then encryption probably isn't worth crap once you type in your password.

3) The point is that any "wallet" (read "key") that has ever existed in unencrypted form on your computer (which may have keyloggers, trojans, and the like - regardless of whatever your anti-malware software says) could potentially be compromised.  The suggestion of using a bootable linux distro so that the "wallet" (read "key") file never touches your potentially tainted system is pretty good, if a little hardcore.  But if I had 25k BTC, that's probably what I'd do.

As soon as you create a "wallet" (read "key") in your (potentially compromised) operating system, then your wallet is already potentially compromised.  Remember: securing one copy doesn't secure all copies.  Only if *every* single copy that has ever existed is secure can you consider the "wallet" (read "key") to be "secure".

Thank you Alex, it's more clear now.

Though when you say it's automatically claimed & added to my balance, which balance is it added to? i.e., which of my current addresses?

Also, wouldn't it be easier to avoid this situation by always sending coins to one address rather than having them dispersed at multiple addresses?

0) because even if you want to send exactly 20 btc, your wallet may contain addresses which have the following balances:

10 btc
15 btc
19 btc
25 btc

So what does it choose? It might choose something like the 10 and the 15, combine them together to send 25, sending 20 to your destination, and 5 back to a change address.

Then you'd have the following in your wallet:

19 btc
25 btc
5 btc (residing in the new 'change' address)

1) it's automatically claimed and will show up in your balance.

Sorry, I just have to ask:  Why did you start your numbering at 0?

0) Why does that happen (the change itself) if I'm sending the exact amount I want to send?
1) As I understand, the change address is created and saved in the wallet.dat file but doesn't show up in the User Interface (UI). So how do I claim my money?

I read the wiki page https://en.bitcoin.it/wiki/Transactions but it's still not quite clear to me on why there's a change address or value.

Quoting the wiki: "If the input is worth 50 BTC but you only want to send 25 BTC, Bitcoin will create two outputs worth 25 BTC: one to the destination, and one back to you (known as "change", though you send it to yourself). Any input bitcoins not redeemed in an output is considered a transaction fee; whoever generates the block will get it."

0) Why does that happen (the change itself) if I'm sending the exact amount I want to send?
1) As I understand, the change address is created and saved in the wallet.dat file but doesn't show up in the User Interface (UI). So how do I claim my money?

Alex, I think you're wrong. You can send anything you want to a given bitcoin address

I can confirm this as correct.

So it sounds like receiving BitCoin does not require either usage or backup of your wallet (it can stay offline and hidden in a safe), but every so many times of sending BitCoin (~100?) will require replacing the backup due to new "change" keys.

There appears to be a little more to the wallet's key handling than I had thought.  There are a couple posts in another thread that make it sound like every time you send BitCoin from your wallet, the client uses a new "hidden" receiving address for any remainder.


So it sounds like receiving BitCoin does not require either usage or backup of your wallet (it can stay offline and hidden in a safe), but every so many times of sending BitCoin (~100?) will require replacing the backup due to new "change" keys.

If I send you 4btc but my only coin is worth 5btc, 1btc is sent back to me at a new 'change' address.

1 - So tell me if I understood this right - you wallet is a physical file on your HDD (wallet.dat) and it contains all the addresses (the long strong of characters/digits) created with the bitcoin program, correct?

2 - If the above is true then technically you could have one wallet with 5 addresses and if 4 different people send me coins to each address then all these coins together would be contained within the one wallet?

3 - Hypothetical scenario - I secure my savings wallet containing 100 coins on a flash drive, by cut and paste. Then I restart the program so a new wallet is created - I record its only address and then delete the wallet. Then I copy the savings wallet from the flash drive back to the AppData\Roaming\Bitcoin directory and open the program so it is recognized. Finally I transfer all 100 coins to the address recorded earlier. The outcome would be total lost of all the coins, correct?

4 - I would guess the Bitcoin program the the wallet should be kept on a separate machine and not on the Mining rig?

5 - If you secure you wallet on a flash drive and then someone sends you coins on an address that is contained within that wallet when do the coins actually appear in your wallet? I mean that wallet is "offline", so how will the transaction work out?

6 - I read an article somewhere that after 50 coins accumulated in your wallet you need to back it up, because you might lose the coins. Is that just pure gibberish?