Author

Topic: some questions about bitcoin address and private key and wallets (Read 275 times)

legendary
Activity: 1512
Merit: 7340
Farewell, Leo
so, tuesday i updated my coinbase exchange app, and guess what ? i can't send money anymore (so i will have to find/reinstall the previous version that worked well)

this is exactly why i prefer to know and keep the address/privatekey myself and not rely on any third party app !

imagine if there is an economic crisis (coming!) and some of these companies are in difficulties (financialy because of taxes or legaly because of governements facism) well not the best idea to have to rely on one specific app isn't it ?

anyway !

Yeah to be honest these companies should not exist. But they do. They take the decentralized currency and they make it centralized.
newbie
Activity: 12
Merit: 2
so, tuesday i updated my coinbase exchange app, and guess what ? i can't send money anymore (so i will have to find/reinstall the previous version that worked well)

this is exactly why i prefer to know and keep the address/privatekey myself and not rely on any third party app !

imagine if there is an economic crisis (coming!) and some of these companies are in difficulties (financialy because of taxes or legaly because of governements facism) well not the best idea to have to rely on one specific app isn't it ?

anyway !
legendary
Activity: 1624
Merit: 2481
i do a similar approach, except instead of encryption i use a combination of obfuscation (of the address+privatekey) and hiding (in files Wink )

Security by Obscurity is not the approach you want to rely on.
You are far better off by simply encrypting it.

And please keep in mind, that storing them encrypted (or hidden) on an usb device, is not nearly the same as a hardware wallet.
Once you want to spend the coins, you actually need to import them somewhere. That's the crucial point.

If you don't want a hardware wallet and don't use an offline computer to sign transactions (e.g. from a paper wallet), you have to rely on the security of your computer.
But same applies to using ANY exchange. You have to rely on the security of your PC.

HCP
legendary
Activity: 2086
Merit: 4361
I like that you're cautious... but it seems that you might have moved somewhat into "paranoia" territory! Tongue

If you want to generate "single private keys" to create paper wallets, then DON'T use websites like bitaddress.org unless you are actually downloading the code and running it offline on an airgapped computer or "LiveOS".

When dealing with "private keys" and trying to use/spend from them manually, you're more likely to lose funds, unless you are confident with how all this works. Instead, you're much better off letting a well known and popular (and preferably open source) software wallet like Electrum, create and manage your private keys for you.

Once you gain a bit of experience with Bitcoin, then by all means, experiment with ways to securely generate private keys offline (flipping coins, rolling dice etc) and create/use paper wallets... but I certainly don't recommend that new users start out with paper wallets. There are a number of traps that can catch you out and lead to loss of funds... and not just through theft!
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Quote
Wow, hold up. What third-party app asked your private key?
none so far, but i suppose that i will have to type it somewhere in order to send coins to another address ? (to prove that i am the "owner" of this address) (with electrum, for example), i have not tried yet, but i will do it with a test address with small amounts, don't worry...

In electrum you won't need to type anything, the private key will be saved (I think encrypted) in your memory so each time you send bitcoins it means you've "already typed it".

I don't know about web wallets but I would avoid them. If you are a suspicious guy like me, avoid them too. There have been some bitcoins thefts in the past with these sites...
newbie
Activity: 12
Merit: 2
Quote
Wow, hold up. What third-party app asked your private key?
none so far, but i suppose that i will have to type it somewhere in order to send coins to another address ? (to prove that i am the "owner" of this address) (with electrum, for example), i have not tried yet, but i will do it with a test address with small amounts, don't worry...
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
i did not understand how an account (address) could stay mine/private, if i had to give my privatekey to a third party (app) in order to send coins to another address, but the open source and several (many) developpers aspects, reassured me.

Wow, hold up. What third-party app asked your private key? You don't need to give that key to nobody, never. Even if Satoshi Nakamoto comes up to you and asks your private key, you should never reveal it.

Do you mean, they asked your public key?
newbie
Activity: 12
Merit: 2
no, it is ok, all your explanations reassured me. Smiley

i did not understand how an account (address) could stay mine/private, if i had to give my privatekey to a third party (app) in order to send coins to another address, but the open source and several (many) developpers aspects, reassured me.

and i also don't want to rely on complicated stuff like several steps authenfication or on devices or third party apps which may disappear in the future, but electrum seems old and robust, so i like it so far...

Quote
then save them on a very-strong password protected rar and then keep that rar on several devices (like your pc, your laptop, your phone, your usb)
i do a similar approach, except instead of encryption i use a combination of obfuscation (of the address+privatekey) and hiding (in files Wink )

thanks !
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Quote
i don't want to rely on an hardware wallet because of long term reliability and to stay discreet, but i like the idea of only saving the address/privatekey on several usb disks (in an obfuscated way, of course  Smiley ), and being able to receive/send coins using a smartphone app or laptop app on another address (with low amount)...

Buddy, I don't get you very much. You don't trust coinbase.com or bitaddress.org neither your own PC's wallet?

You wanna read my suggestion? If you are that scared (which is of course justified if you want to hide a big amount of BTC) I would suggest you creating a private and public key using a wallet like electrum which is open source (nothing to be afraid of), then save them on a very-strong password protected rar and then keep that rar on several devices (like your pc, your laptop, your phone, your usb). If you trust WinRar of course. You'll have to remember that rar password, or you're done.

If you don't care about sending bitcoins then uninstall electrum (if you're suspicious of your other softwares). Just keep the rar.

Just a suggestion, it may not be the ideal one and I know the other members will not approve it  Grin


newbie
Activity: 12
Merit: 2
Quote
The number of available private keys is slightly less than 2^256 while the number of addresses is 2^160
ok i see Grin

a good video about that : https://www.youtube.com/watch?v=ZloHVKk7DHk&t=4m27s

but still, with luck somebody could generate an address/privatekey already used by somebody else ?  Undecided if yes it would be safer to store small amounts in several addresses rather than a big amount in only one address....


Quote
Don't you any website to generate private keys.
Use a proper wallet (desktop-, mobile- or hardware wallet) to generate keys / store your funds.
i don't want to rely on an hardware wallet because of long term reliability and to stay discreet, but i like the idea of only saving the address/privatekey on several usb disks (in an obfuscated way, of course Wink ), and being able to receive/send coins using a smartphone app or laptop app on another address (with low amount)...
legendary
Activity: 1624
Merit: 2481
Q2)when i generate a new address/privatekey on bitaddress.org, how do i know that it is not an already a used address ?

No, don't do that.
Don't you any website to generate private keys.

Use a proper wallet (desktop-, mobile- or hardware wallet) to generate keys / store your funds.



Q3)if i use electrum to send some (fractions of) bitcoins to another address, how do i know that my privatekey will not be stolen and used by somebody else ? (i suppose that i have to trust the developers of electrum and the open source aspect ?)

Yes, you have to trust 1) electrum and 2) your own computer.
If one of both is malicious or compromised, you can easily lose your private keys and funds.



Q4)so a safe approach would be to have several addresses with small amounts rather than only one address with a big amount ? what do you think ? (in case a privatekey is stolen)

Not really. It depends on where the private keys are stored.
If all are stored on the same machine, it doesn't matter at all. If you spread them between your mobile and your desktop, then yes (theoretically).
The amount of lost coins in an incident is lower, although the probability increases of something happening.
legendary
Activity: 1876
Merit: 3132
So does this mean that multiple private keys can produce this address?

Yes, but don't get your hopes up. Finding a colliding private key to a specific address is even more tedious task. It is neither cost-effective nor feasible during our lifetime (with the current technology).
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
The number of available addresses is lower? Why that? Because already there are many addresses generated? Or maybe collisions may happen within this huge number? Collisions like private key = public key.

The number of available private keys is slightly less than 2^256 while the number of addresses is 2^160 (long-style bech32 address have 2^256 combinations). So yes, collisions are a thing; they are highly unlike, though.

Why there are "only" 2^160 possible addresses? Well, that's a good explanation.

Oh, so the base58 addresses like the Nakamoto's one, yes, they are probably 2^160. So does this mean that multiple private keys can produce this address?
legendary
Activity: 1876
Merit: 3132
The number of available addresses is lower? Why that? Because already there are many addresses generated? Or maybe collisions may happen within this huge number? Collisions like private key = public key.

The number of available private keys is slightly less than 2^256 while the number of addresses is 2^160 (long-style bech32 address have 2^256 combinations). So yes, collisions are a thing; they are highly unlike, though.

Why there are "only" 2^160 possible addresses? Well, that's a good explanation.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
The chances of generating an already used address are incredibly small. There are 115,792,089,237,316,195,423,570,985,008,687,907,852,837,564,279,074,904,382,605,163,141,518,161,494,336 possible private keys combinations. The number of available addresses is lower, but you can clearly see that you have nothing to worry about.

The number of available addresses is lower? Why that? Because already there are many addresses generated? Or maybe collisions may happen within this huge number? Collisions like private key = public key.
legendary
Activity: 1876
Merit: 3132
Q2)when i generate a new address/privatekey on bitaddress.org, how do i know that it is not an already a used address ?

The chances of generating an already used address are incredibly small. There are 115,792,089,237,316,195,423,570,985,008,687,907,852,837,564,279,074,904,382,605,163,141,518,161,494,336 possible private keys combinations. The number of available addresses is lower, but you can clearly see that you have nothing to worry about.

Q3)if i use electrum to send some (fractions of) bitcoins to another address, how do i know that my privatekey will not be stolen and used by somebody else ? (i suppose that i have to trust the developers of electrum and the open source aspect ?)

Electrum is open-source and it has been reviewed by lots of people so far. You should be worried more about securing your setup so that your funds won't get stolen by some kind of malware.

Q4)so a safe approach would be to have several addresses with small amounts rather than only one address with a big amount ? what do you think ? (in case a privatekey is stolen)

As long as you keep those private keys separately then it is safe (don't forget to encrypt them too). However, it would make spending coins from those addresses difficult if you are going to do that.
newbie
Activity: 12
Merit: 2
hi!  Smiley

thanks for your explanations.

i have installed electrum on android and windows, it seems to work well.  Cheesy

a few more questions (please) :

Q2)when i generate a new address/privatekey on bitaddress.org, how do i know that it is not an already a used address ?

Q3)if i use electrum to send some (fractions of) bitcoins to another address, how do i know that my privatekey will not be stolen and used by somebody else ? (i suppose that i have to trust the developers of electrum and the open source aspect ?)

Q4)so a safe approach would be to have several addresses with small amounts rather than only one address with a big amount ? what do you think ? (in case a privatekey is stolen)

thanks!
HCP
legendary
Activity: 2086
Merit: 4361
what i am interested in is how to securely store bitcoins, offline, but also be able to send some of these bitcoins, when needed...
If you want to securely store your bitcoins "private keys" offline (remember, bitcoins are on the blockchain, not in your wallet!), but also be able to spend easily and without complications... then I would recommend a hardware wallet like the Trezor or Ledger devices.

Other option is a software wallet on an "airgapped" PC/laptop (this device needs to be dedicated to this purpose and can NEVER touch a network)... create unsigned transactions on online "watching only" wallet, transfer to airgapped machine via USB stick, sign transaction on offline machine, transfer signed transaction back to online machine via USB stick, broadcast transaction (Hardware wallet essentially do the same thing, but with a LOT less hassle!)

As for losing your coins... as the others mentioned, make sure you keep your seed mnemonic (12 or 24 words) safely stored offline (written on paper, stamped on steel, or use a cryptosteel type device) and you won't have a problem. Your wallet (hardware or software) will be fully recoverable with your seed mnemonic.
copper member
Activity: 2338
Merit: 4543
Join the world-leading crypto sportsbook NOW!
how will i be able to then send bitcoins to others addresses ?

I agree with BitCryptex here, use Electrum to import your private key when you're ready to spend the funds.  If you plan to hold your coin, store that private key someplace safe, and carry on the way you have been.


from what i understand :
i could use an hardware wallet, but if it breaks, or if i lose the device, then i lose the bitcoins ?
or
i could use a wallet app (on a smartphone), but if the app bugs or if i lose the smartphone, then i lose the bitcoins ?
or
i could use a wallet software (on a laptop), but if the app bugs or if i lose the laptop, then i lose the bitcoins ?^

None of those are concerns due to the back-up that BitCryptex mentioned, i.e. the 12 or 24 word mnemonic phrase.  These types of wallets create heirarchal deterministic wallets which generate a ton of addresses.  There are advantages to using a HD wallet that enhance your privacy and security.  A good way to learn about them is download Electrum and play around with it.  Make sure you understand the importance of storing your seed phrase someplace safe, it is the only way you'll be able to restore your bitcoin.
legendary
Activity: 1876
Merit: 3132
i could use an hardware wallet, but if it breaks, or if i lose the device, then i lose the bitcoins ?

No, a hardware wallet will give you a 12/24 word seed which you can later use to recover your wallet. The same goes for most software wallets. Most recovery phrases are BIP39 compatible which means that you can import your seed from your hardware wallet into a compatible software wallet if you lose your device.

but then, how can i send some bitcoins to others addresses ? without having my privatekey stolen ? i don't understand that...

If you intend to spend your coins often then a simple paper wallet is not for you. I would recommend you either to use Electrum or buy a hardware wallet if you are going to store a significant amount of coins. Before you decide to use Electrum as your main wallet, read this thread. If you are concerned about your coins being stolen if you use Electrum then you can use an offline PC to store your private keys and sign transactions after preparing them on an online computer.

Note: Electrum is an exception and it generates recovery phrases which are incompatible with other wallets, but you can still export your private keys and import them to any other software wallet which lets you do that.
newbie
Activity: 12
Merit: 2
hi, Smiley

i am new to bitcoin, but i have some understanding about computers and programming...
for now i have an account on coinbase exchange to buy bitcoins
and i have a bitcoin address + privatekey generated on bitaddress.org

since january 2020 i have bought small amounts of bitcoins and transfered a little on my bitcoin address.

and nothing has been stolen so far, good Grin

no i realize that the bitcoins on the coinbase exchange account are not really mine, in the sense that i don't own the private key for this address.

so my idea was to transfer most of the bitcoins on my own address (generated on bitaddress) (i store the address + privatekey offline)

however, if i do that, then how will i be able to then send bitcoins to others addresses ?

from what i understand :
i could use an hardware wallet, but if it breaks, or if i lose the device, then i lose the bitcoins ?
or
i could use a wallet app (on a smartphone), but if the app bugs or if i lose the smartphone, then i lose the bitcoins ?
or
i could use a wallet software (on a laptop), but if the app bugs or if i lose the laptop, then i lose the bitcoins ?^

hence why i have chosen to simply use a paper wallet (or rather just keep the address number and privatekey number, offline)

but then, how can i send some bitcoins to others addresses ? without having my privatekey stolen ? i don't understand that...

what i am interested in is how to securely store bitcoins, offline, but also be able to send some of these bitcoins, when needed...

(please don't warn me about the necessity to generate a bitcoin address / privatekey offline on a newly installed os, i already understand the issue)

thanks for the advices / tips
Jump to: