Topic: HOWTO: create a 100% secure wallet - page 125. (Read 276225 times)

One of my favorite features of Windows Seven. The Shredder

First great artickle, thumbs up

But I have some additional questions and would be glad if anyone can provide the answers:

1 - So tell me if I understood this right - you wallet is a physical file on your HDD (wallet.dat) and it contains all the addresses (the long strong of characters/digits) created with the bitcoin program, correct?

2 - If the above is true then technically you could have one wallet with 5 addresses and if 4 different people send me coins to each address then all these coins together would be contained within the one wallet?

3 - Hypothetical scenario - I secure my savings wallet containing 100 coins on a flash drive, by cut and paste. Then I restart the program so a new wallet is created - I record its only address and then delete the wallet. Then I copy the savings wallet from the flash drive back to the AppData\Roaming\Bitcoin directory and open the program so it is recognized. Finally I transfer all 100 coins to the address recorded earlier. The outcome would be total lost of all the coins, correct?

4 - I would guess the Bitcoin program the the wallet should be kept on a separate machine and not on the Mining rig?

5 - If you secure you wallet on a flash drive and then someone sends you coins on an address that is contained within that wallet when do the coins actually appear in your wallet? I mean that wallet is "offline", so how will the transaction work out?

6 - I read an article somewhere that after 50 coins accumulated in your wallet you need to back it up, because you might lose the coins. Is that just pure gibberish?

I'm just trying to understand the whole idea behind the wallet and its addresses.

Thank you in advance.

Personally, I like the idea of running Bitcoin in a virtual machine with no other programs installed on it. Windows 7 has virtual PC built right into it, and Virtual PC is available as a download for Windows XP. Plus, it's a way of doing things that can be explained to your mother or father. There's only two files to move. The only issue is that they generally are larger than 2G, so you need to NTFS format a USB drive. Then if you need to securely remove the files, you can secure erase the Virtual PC files and be relatively assured that they are not going to be found as a deleted file.

I thought I was pretty clever, until I met a guy who pointed out, that if you store your wallet.dat in a safe deposit box, you don't even need to see the blocks get downloaded to a new client. You can go to block explorer and verify that the funds have been transferred. Granted, you do need to install the wallet to transfer the coins.

Unfortunately, multiple wallets is somewhat inevitable, and although bitcoin tries to hide the mechanics of all the key management, I think address management is a huge risk. People have a natural tendancy to use the last-known-good address and wait for something to go wrong. I'm sure we all know people who would write one bitcoin address down once, and expect it to always work. That's a really dangerous expectation. By this point, I've installed the client on 4 different machines several times, and although I don't need all of those addresses .. if it's out there .. there's a risk someone will use it.

While I'm a complete n00b to BTC as of yesterday, I do know a thing or two about public/private key encryption.

1) Correct.  If the unencrypted "wallet" (read "key") exists in a vulnerable place, then it doesn't matter how securely you back it up.  It's like keeping a copy of your house key under your mat but making a "secure" copy regularly.  A burglar can simply check under your mat, regardless of how securely you keep the copies.

I can think of two valid reasons for separate physical copies.  The first is simply to guard against data corruption, drive destruction, etc.  The second is to keep the "secure" file only on media other than your hard drive, created and saved in a "secure" operating system.

Keeping at least one backup is a good idea.  Just remember that the *least* secure copy of your "wallet" (read "key") is effectively the only one that matters for security.

2) Hard drive corruption/destuctions/loss is why it's good to keep a backup copy on another physical medium.  Note that having your drive stolen with an unencrypted wallet means that wallet is forfeit, unless you happen to transfer all BTC out from that account to another using a backup copy before the "bad guys" get to it, first.

I can't speak much on local encryption, as I've never personally had anything worth the bother.  But if you have a keylogger on your system, then encryption probably isn't worth crap once you type in your password.

3) The point is that any "wallet" (read "key") that has ever existed in unencrypted form on your computer (which may have keyloggers, trojans, and the like - regardless of whatever your anti-malware software says) could potentially be compromised.  The suggestion of using a bootable linux distro so that the "wallet" (read "key") file never touches your potentially tainted system is pretty good, if a little hardcore.  But if I had 25k BTC, that's probably what I'd do.

As soon as you create a "wallet" (read "key") in your (potentially compromised) operating system, then your wallet is already potentially compromised.  Remember: securing one copy doesn't secure all copies.  Only if *every* single copy that has ever existed is secure can you consider the "wallet" (read "key") to be "secure".

Until I read this thread, I was planning on doing the physical backup (of wallet.dat file) to usb. I don't have enough BTCs to justify "protecting", but I've learned that developing good security habits pays. Making those habits second nature is like insurance - in my experience.

Anyway, I just need clarification that I am understanding the following correctly - please advise so that I know I have not misunderstood the advice being given:

1)

Thanks man!

(and another post closer to post on grown-ups forums...)

wait an minute.  are u saying a new client install immediately creates 10 addresses?

which client version created only 1?

Thanks for this!

Thank god for this post! My laptop is pretty secure, hijack tracking software and finger scan technology, but that only protects from meatspace attacks. This helps for all others. I favor the usb attemp. Secure it on a thumb drive, only plugging it in to preform transactions or add to it.
--
Remember, Safety first! haha

Is it still actual that when you send part of your bitcoins to someone rest of BTC are sent to you but on another address so your old wallet backup is useless ?

The SHA1 signature was posted here with the announcement. It's a good practice not to put the signature on the same page the download resides, since if one is compromised the other can easily be altered too. That's assuming the forum is hosted on a different machine of course.

And that ladies and gentlemen is what you get when you let 4chan and Encyclopedia Dramatica rear your kids

Additional security measure: don't click on URL shortened links, especially in Bitcoin related fora.

Thanks for the sticky, and thanks for the corrections. Keep it up. 10 spelling mistakes corrected and I will personally invent a new swearword and post it here.

"that Linux is in now way automagically completely secure."

Typo.

Great read though!

And stickied.

Great post!

I installed Ubuntu on an encrypted LVM specifically for bitcoin realted use. I'll be taking your advice on the backups.

Yes. The problem arises if you assume a newly created wallet.dat has generated your first 100 addresses in it.

Which is what I would have assumed until that unfortunate person lost his coins and posted about it.

Oh snap. Good to know though, and yes, the wallet only contains the addresses already generated at the time the file was backed up. I will refrain from mentioning this in the guide though, since 1: I advise against using the wallet you just backed up, 2: with the 10 fresh addresses generated, this shouldn't happen anymore, 3: I'm trying to keep it simple and hope not to confuse anybody. As Confucius says: Confusion is the death of non-confusion (and oversight)

I think it was a case of the client only creating 1 address at first, whereas the user expected it to immediately create 100 addresses (which it only did after the first time he hit the "New..." button.

So he:

installed the client
backed up the wallet (which only contained 1 address)
clicked "New..." a few times and sent all his BTC to those new addresses. It was only after this that the client created the pool of 100.
Next, he deleted the wallet, because he thought it had already been backed up, when in actual fact only the first address had been.

Coins lost.

Thanks for this post.
It has some very important facts.

And it's funny to read! :-)

P.S. Maybe you should add that one should only use trusted distributions (Debian, Ubuntu, Fedora, etc.) and check the md5sum of that Live CD.