some questions about bitcoin address and private key and wallets

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

Quote from: user187fr on May 14, 2020, 03:02:00 PM

so, tuesday i updated my coinbase exchange app, and guess what ? i can't send money anymore (so i will have to find/reinstall the previous version that worked well)

this is exactly why i prefer to know and keep the address/privatekey myself and not rely on any third party app !

imagine if there is an economic crisis (coming!) and some of these companies are in difficulties (financialy because of taxes or legaly because of governements facism) well not the best idea to have to rely on one specific app isn't it ?

anyway !

Yeah to be honest these companies should not exist. But they do. They take the decentralized currency and they make it centralized.

user187fr

newbie

Activity: 12

Merit: 2

so, tuesday i updated my coinbase exchange app, and guess what ? i can't send money anymore (so i will have to find/reinstall the previous version that worked well)

this is exactly why i prefer to know and keep the address/privatekey myself and not rely on any third party app !

imagine if there is an economic crisis (coming!) and some of these companies are in difficulties (financialy because of taxes or legaly because of governements facism) well not the best idea to have to rely on one specific app isn't it ?

anyway !

bob123

legendary

Activity: 1624

Merit: 2481

Quote from: user187fr on May 13, 2020, 04:39:06 PM

i do a similar approach, except instead of encryption i use a combination of obfuscation (of the address+privatekey) and hiding (in files Wink

)

Security by Obscurity is not the approach you want to rely on.
You are far better off by simply encrypting it.

And please keep in mind, that storing them encrypted (or hidden) on an usb device, is not nearly the same as a hardware wallet.
Once you want to spend the coins, you actually need to import them somewhere. That's the crucial point.

If you don't want a hardware wallet and don't use an offline computer to sign transactions (e.g. from a paper wallet), you have to rely on the security of your computer.
But same applies to using ANY exchange. You have to rely on the security of your PC.

HCP

legendary

Activity: 2086

Merit: 4361

I like that you're cautious... but it seems that you might have moved somewhat into "paranoia" territory! Tongue

If you want to generate "single private keys" to create paper wallets, then DON'T use websites like bitaddress.org unless you are actually downloading the code and running it offline on an airgapped computer or "LiveOS".

When dealing with "private keys" and trying to use/spend from them manually, you're more likely to lose funds, unless you are confident with how all this works. Instead, you're much better off letting a well known and popular (and preferably open source) software wallet like Electrum, create and manage your private keys for you.

Once you gain a bit of experience with Bitcoin, then by all means, experiment with ways to securely generate private keys offline (flipping coins, rolling dice etc) and create/use paper wallets... but I certainly don't recommend that new users start out with paper wallets. There are a number of traps that can catch you out and lead to loss of funds... and not just through theft!

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

Quote from: user187fr on May 13, 2020, 04:47:34 PM

Quote

Wow, hold up. What third-party app asked your private key?

none so far, but i suppose that i will have to type it somewhere in order to send coins to another address ? (to prove that i am the "owner" of this address) (with electrum, for example), i have not tried yet, but i will do it with a test address with small amounts, don't worry...

In electrum you won't need to type anything, the private key will be saved (I think encrypted) in your memory so each time you send bitcoins it means you've "already typed it".

I don't know about web wallets but I would avoid them. If you are a suspicious guy like me, avoid them too. There have been some bitcoins thefts in the past with these sites...

user187fr

newbie

Activity: 12

Merit: 2

Quote

Wow, hold up. What third-party app asked your private key?

none so far, but i suppose that i will have to type it somewhere in order to send coins to another address ? (to prove that i am the "owner" of this address) (with electrum, for example), i have not tried yet, but i will do it with a test address with small amounts, don't worry...

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

Quote from: user187fr on May 13, 2020, 04:39:06 PM

i did not understand how an account (address) could stay mine/private, if i had to give my privatekey to a third party (app) in order to send coins to another address, but the open source and several (many) developpers aspects, reassured me.

Wow, hold up. What third-party app asked your private key? You don't need to give that key to nobody, never. Even if Satoshi Nakamoto comes up to you and asks your private key, you should never reveal it.

Do you mean, they asked your public key?

user187fr

newbie

Activity: 12

Merit: 2

no, it is ok, all your explanations reassured me.

i did not understand how an account (address) could stay mine/private, if i had to give my privatekey to a third party (app) in order to send coins to another address, but the open source and several (many) developpers aspects, reassured me.

and i also don't want to rely on complicated stuff like several steps authenfication or on devices or third party apps which may disappear in the future, but electrum seems old and robust, so i like it so far...

Quote

then save them on a very-strong password protected rar and then keep that rar on several devices (like your pc, your laptop, your phone, your usb)

i do a similar approach, except instead of encryption i use a combination of obfuscation (of the address+privatekey) and hiding (in files Wink

)

thanks !

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

Quote

i don't want to rely on an hardware wallet because of long term reliability and to stay discreet, but i like the idea of only saving the address/privatekey on several usb disks (in an obfuscated way, of course

), and being able to receive/send coins using a smartphone app or laptop app on another address (with low amount)...

Buddy, I don't get you very much. You don't trust coinbase.com or bitaddress.org neither your own PC's wallet?

You wanna read my suggestion? If you are that scared (which is of course justified if you want to hide a big amount of BTC) I would suggest you creating a private and public key using a wallet like electrum which is open source (nothing to be afraid of), then save them on a very-strong password protected rar and then keep that rar on several devices (like your pc, your laptop, your phone, your usb). If you trust WinRar of course. You'll have to remember that rar password, or you're done.

If you don't care about sending bitcoins then uninstall electrum (if you're suspicious of your other softwares). Just keep the rar.

Just a suggestion, it may not be the ideal one and I know the other members will not approve it Grin

user187fr

newbie

Activity: 12

Merit: 2

Quote

The number of available private keys is slightly less than 2^256 while the number of addresses is 2^160

ok i see

a good video about that : https://www.youtube.com/watch?v=ZloHVKk7DHk&t=4m27s

but still, with luck somebody could generate an address/privatekey already used by somebody else ? Undecided

if yes it would be safer to store small amounts in several addresses rather than a big amount in only one address....

Quote

Don't you any website to generate private keys.
Use a proper wallet (desktop-, mobile- or hardware wallet) to generate keys / store your funds.

i don't want to rely on an hardware wallet because of long term reliability and to stay discreet, but i like the idea of only saving the address/privatekey on several usb disks (in an obfuscated way, of course Wink

), and being able to receive/send coins using a smartphone app or laptop app on another address (with low amount)...

bob123

legendary

Activity: 1624

Merit: 2481

Quote from: user187fr on May 13, 2020, 05:05:19 AM

Q2)when i generate a new address/privatekey on bitaddress.org, how do i know that it is not an already a used address ?

No, don't do that.
Don't you any website to generate private keys.

Use a proper wallet (desktop-, mobile- or hardware wallet) to generate keys / store your funds.

Quote from: user187fr on May 13, 2020, 05:05:19 AM

Q3)if i use electrum to send some (fractions of) bitcoins to another address, how do i know that my privatekey will not be stolen and used by somebody else ? (i suppose that i have to trust the developers of electrum and the open source aspect ?)

Yes, you have to trust 1) electrum and 2) your own computer.
If one of both is malicious or compromised, you can easily lose your private keys and funds.

Quote from: user187fr on May 13, 2020, 05:05:19 AM

Q4)so a safe approach would be to have several addresses with small amounts rather than only one address with a big amount ? what do you think ? (in case a privatekey is stolen)

Not really. It depends on where the private keys are stored.
If all are stored on the same machine, it doesn't matter at all. If you spread them between your mobile and your desktop, then yes (theoretically).
The amount of lost coins in an incident is lower, although the probability increases of something happening.

Rath_

legendary

Activity: 1876

Merit: 3132

Quote from: BlackHatCoiner on May 13, 2020, 06:21:46 AM

So does this mean that multiple private keys can produce this address?

Yes, but don't get your hopes up. Finding a colliding private key to a specific address is even more tedious task. It is neither cost-effective nor feasible during our lifetime (with the current technology).

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

Quote from: Rath_ on May 13, 2020, 06:06:12 AM

Quote from: BlackHatCoiner on May 13, 2020, 06:00:18 AM

The number of available addresses is lower? Why that? Because already there are many addresses generated? Or maybe collisions may happen within this huge number? Collisions like private key = public key.

The number of available private keys is slightly less than 2^256 while the number of addresses is 2^160 (long-style bech32 address have 2^256 combinations). So yes, collisions are a thing; they are highly unlike, though.

Why there are "only" 2^160 possible addresses? Well, that's a good explanation.

Oh, so the base58 addresses like the Nakamoto's one, yes, they are probably 2^160. So does this mean that multiple private keys can produce this address?

Rath_

legendary

Activity: 1876

Merit: 3132

Quote from: BlackHatCoiner on May 13, 2020, 06:00:18 AM

The number of available addresses is lower? Why that? Because already there are many addresses generated? Or maybe collisions may happen within this huge number? Collisions like private key = public key.

The number of available private keys is slightly less than 2^256 while the number of addresses is 2^160 (long-style bech32 address have 2^256 combinations). So yes, collisions are a thing; they are highly unlike, though.

Why there are "only" 2^160 possible addresses? Well, that's a good explanation.

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

Quote from: Rath_ on May 13, 2020, 05:25:23 AM

The chances of generating an already used address are incredibly small. There are 115,792,089,237,316,195,423,570,985,008,687,907,852,837,564,279,074,904,382,605,163,141,518,161,494,336 possible private keys combinations. The number of available addresses is lower, but you can clearly see that you have nothing to worry about.

The number of available addresses is lower? Why that? Because already there are many addresses generated? Or maybe collisions may happen within this huge number? Collisions like private key = public key.

Rath_

legendary

Activity: 1876

Merit: 3132

Quote from: user187fr on May 13, 2020, 05:05:19 AM

Q2)when i generate a new address/privatekey on bitaddress.org, how do i know that it is not an already a used address ?

The chances of generating an already used address are incredibly small. There are 115,792,089,237,316,195,423,570,985,008,687,907,852,837,564,279,074,904,382,605,163,141,518,161,494,336 possible private keys combinations. The number of available addresses is lower, but you can clearly see that you have nothing to worry about.

Quote from: user187fr on May 13, 2020, 05:05:19 AM

Q3)if i use electrum to send some (fractions of) bitcoins to another address, how do i know that my privatekey will not be stolen and used by somebody else ? (i suppose that i have to trust the developers of electrum and the open source aspect ?)

Electrum is open-source and it has been reviewed by lots of people so far. You should be worried more about securing your setup so that your funds won't get stolen by some kind of malware.

Quote from: user187fr on May 13, 2020, 05:05:19 AM

Q4)so a safe approach would be to have several addresses with small amounts rather than only one address with a big amount ? what do you think ? (in case a privatekey is stolen)

As long as you keep those private keys separately then it is safe (don't forget to encrypt them too). However, it would make spending coins from those addresses difficult if you are going to do that.

user187fr

newbie

Activity: 12

Merit: 2

hi!

thanks for your explanations.

i have installed electrum on android and windows, it seems to work well. Cheesy

a few more questions (please) :

Q2)when i generate a new address/privatekey on bitaddress.org, how do i know that it is not an already a used address ?

Q3)if i use electrum to send some (fractions of) bitcoins to another address, how do i know that my privatekey will not be stolen and used by somebody else ? (i suppose that i have to trust the developers of electrum and the open source aspect ?)

Q4)so a safe approach would be to have several addresses with small amounts rather than only one address with a big amount ? what do you think ? (in case a privatekey is stolen)

thanks!

HCP

legendary

Activity: 2086

Merit: 4361

Quote from: user187fr on May 12, 2020, 05:01:03 PM

what i am interested in is how to securely store bitcoins, offline, but also be able to send some of these bitcoins, when needed...

If you want to securely store your ~~bitcoins~~ "private keys" offline (remember, bitcoins are on the blockchain, not in your wallet!), but also be able to spend easily and without complications... then I would recommend a hardware wallet like the Trezor or Ledger devices.

Other option is a software wallet on an "airgapped" PC/laptop (this device needs to be dedicated to this purpose and can NEVER touch a network)... create unsigned transactions on online "watching only" wallet, transfer to airgapped machine via USB stick, sign transaction on offline machine, transfer signed transaction back to online machine via USB stick, broadcast transaction (Hardware wallet essentially do the same thing, but with a LOT less hassle!)

As for losing your coins... as the others mentioned, make sure you keep your seed mnemonic (12 or 24 words) safely stored offline (written on paper, stamped on steel, or use a cryptosteel type device) and you won't have a problem. Your wallet (hardware or software) will be fully recoverable with your seed mnemonic.

DireWolfM14

copper member

Activity: 2338

Merit: 4543

Join the world-leading crypto sportsbook NOW!

Quote from: user187fr on May 12, 2020, 05:01:03 PM

how will i be able to then send bitcoins to others addresses ?

I agree with BitCryptex here, use Electrum to import your private key when you're ready to spend the funds. If you plan to hold your coin, store that private key someplace safe, and carry on the way you have been.

Quote from: user187fr on May 12, 2020, 05:01:03 PM

from what i understand :
i could use an hardware wallet, but if it breaks, or if i lose the device, then i lose the bitcoins ?
or
i could use a wallet app (on a smartphone), but if the app bugs or if i lose the smartphone, then i lose the bitcoins ?
or
i could use a wallet software (on a laptop), but if the app bugs or if i lose the laptop, then i lose the bitcoins ?^

None of those are concerns due to the back-up that BitCryptex mentioned, i.e. the 12 or 24 word mnemonic phrase. These types of wallets create heirarchal deterministic wallets which generate a ton of addresses. There are advantages to using a HD wallet that enhance your privacy and security. A good way to learn about them is download Electrum and play around with it. Make sure you understand the importance of storing your seed phrase someplace safe, it is the only way you'll be able to restore your bitcoin.

Rath_

legendary

Activity: 1876

Merit: 3132

Quote from: user187fr on May 12, 2020, 05:01:03 PM

i could use an hardware wallet, but if it breaks, or if i lose the device, then i lose the bitcoins ?

No, a hardware wallet will give you a 12/24 word seed which you can later use to recover your wallet. The same goes for most software wallets. Most recovery phrases are BIP39 compatible which means that you can import your seed from your hardware wallet into a compatible software wallet if you lose your device.

Quote from: user187fr on May 12, 2020, 05:01:03 PM

but then, how can i send some bitcoins to others addresses ? without having my privatekey stolen ? i don't understand that...

If you intend to spend your coins often then a simple paper wallet is not for you. I would recommend you either to use Electrum or buy a hardware wallet if you are going to store a significant amount of coins. Before you decide to use Electrum as your main wallet, read this thread. If you are concerned about your coins being stolen if you use Electrum then you can use an offline PC to store your private keys and sign transactions after preparing them on an online computer.

Note: Electrum is an exception and it generates recovery phrases which are incompatible with other wallets, but you can still export your private keys and import them to any other software wallet which lets you do that.

Topic: some questions about bitcoin address and private key and wallets (Read 275 times)