Topic: key management (Read 319 times)

There is more to this then the knowledge of how encryption works.   It's also important to understand the mechanics, how it's been implemented.  Yes, it's obvious that an exchange, which offers a service would or could hold my keys which to me is not a good thing.  If I alone have my keys, how can the keys be backed up, can that backup be imported by some other agent.   The keys are only a small part of the issue.  If a user is to pick local wallet software how many choices will they have to research?   Just pick one and it could send my keys anywhere even though an open source entity would have a difficult time pulling that one off.  It's an issue of trust and with software that always comes with a degree of unknown risk.  Gold can be in my hand a private key to a bitcoin is a bit less tangible.

Knowing how the keys are used is rather obvious as you say but,  when I use software which manages a private key whether that software is on my personal hardware or at a distant server, I don't know how it is being handled.  As a consumer all I can do it try to find a highly regarded open source product where mass consensus is that it's safe in how my keys are protected.   Since I as an ordinary user don't have time to plow through source code, I mush have some degree of trust in the process which presumes transparency. 

Remember that I have just started digging into to all this and until I have a reasonable level assurance that the transparency is what people say it is, I will and should have reservations.   This is a huge system and it will take time to determine that it is what people clam it to be, a new currency which will change everything.   To a new comer, those are big claims which I have heard big claims about many things many times before.  1 in 1000 turns out to be the big game changer.

If you have a solid working knowledge on cryptography—public/privkey encryption in general—then you don't have to ask these thinga but here it goes anyway.

1. Yes, the exchange controls the wallets fuly and there's no way to extract the private key from them that's why it's not advisable to use exchanges as temporary wallets.

2. Any wallet that you have downloaded to your machine is a wallet that you control solely. Encrypt it and use a strong password and you're fine.

[/quote]

I'm gonna say it right now, 100 hours is not enough to have a good grasp on bitcoin or cryptocurrencies in general.
[/quote]

I only mentioned the 100 to indicate my starting position.   It is going up by the day.  I guess for now I will hold off on asking more of my questions since it's still too early and I am making progress.   Any pointers to good starting places would be of value to me.  The is like trying to eat an elephant. 

I was a software engineer for 25 years, now out of it for 15.  I worked on network protocols, distributed synchronized databases and have a good understanding of symmetric and asymmetric encryption systems.  My learning rate will be hundreds of time faster then most of my friends who are 100 percent cold, starting dead last. Sadly most have almost zero understand of simple interest rates, amortizations are way too much for them.   In their case and mine to some degree,   Bitcoin is being presented as a "just trust it",   and that has been said by many, Bernie Madoff just to name one.  Open source and key pair encryption are not talking points that are going to put a layperson at ease.  Over my life I have put in 30,000 hours learning finance/economics/investing.  Most of my friends who have been asking me about bitcoin won't even put in 10 hours.  I tell them them should stay away as I tell them to stay from investing in general.  They have little choice but to pay an advisor and hope for the best.

It seems, like most things, Bitcoin for a long time to come will only be a concept which should be taken on by those who are really willing to dig in.  Buying Bitcoins blindly will be no different then buy a hot stock just because someone feels the need to follow a heard.   I like to call it speculation as apposed to investing.

I'm learning fast and will say I am really impressed with design of everything I have seen up to this point.  I look forward to what's next in my evolution with Bitcoin.

Screw the Fed and Congress.

 

I'm gonna say it right now, 100 hours is not enough to have a good grasp on bitcoin or cryptocurrencies in general. But hey, it's a good start. Compared to other people who didn't read anything and comes here complaining how they got "hacked" or their bitcoin got "stolen" or something.

1. You don't give your wallet's keys to the exchange. You send your bitcoins to the exchange's wallet. Sending bitcoins doesn't expose your private keys. But yes, you don't have access to the exchange's wallet's private keys; that's why you put your coins on the exchange only for what it's purpose is, to be just an exchange platform, not a storage. Always withdraw your cryptocurrencies out of exchanges.

2. There are multiple wallets that doesn't handle your private keys, depending on your device. Try out electrum for Windows, Copay for Android, and Breadwallet for iOS.  Your best bet would be to get a hardware wallet though, like a Ledger Nano or a Trezor. Have a bit of research on them.

Best of luck on your crypto journey.

That is why its not safe to put big amounts of bitcoin in an exchange because they hold your private keys. If you don't have your private keys, then its not your bitcoin. Exchanges are just there for that reason, Exchange your bitcoin to fiat. And in a likelihood that an exchange or trading platform is hacked, say goodbye to your bitcoin. So you need to put just enough bitcoin for your trading activity but not your whole stash of bitcoin on it.



Electrum for me is the best wallet you can get, you have total control of your private keys, lightweight, and you can set how much fees you want to used. It is good for holding minimum amounts of bitcoin. If you are really planning to have huge amounts then offline wallet or hardware wallet is the best. Here you can check about all the wallets and see what fits your need. https://bitcoin.org/en/choose-your-wallet

100 hours is like 0.0000000000000001% of the overall time you need to learn basics of the crypto world. I am involved since 2014 and I still consider myself a newbie when it comes to the knowledge I gained so far about this world.


- They give you extra service against that compromise, in other words, you are allowing them to spend your Bitcoins but since you are the complete owner, they will do it only after your orders to do so.

However, hackers are not bound to follow your orders so if they somehow get the access to your Bitcoins then they will steal it.


- The offline wallet is the best way to hodl Bitcoins. You can either go with the hardware wallet or even securely generated paper wallet. The bearer of the private keys is a complete freedom to spend the funds associated with those keys. Exchanges are not breaching our trust just because they want to maintain their reputation for their business activities.

I have known about bitcoin for some time but just started digging for details.  I have put in about 100 hours of reading so far and the subject matter is vast.  I will start with this subject about key management and being new if it's in the wrong place I apologize in advance.  Any pointers are welcome.

I have a solid working knowledge of public/private key pair encryption.   I know that the management of my private keys is essential for protection of my bitcoins.

1)  I assume that if I use an exchange, that exchange system will have my keys.  If anyone else holds my private key, what's the point?

2)  What do I use, a wallet etc, to keep my private keys in my possession only?