Topic: Storing bitcoin offline, are these steps secure? (Read 182 times)

it is better to save it as wallet seed. it is 12 words that can be written to paper or steel plates than digitally encryption version of private key or 14 letter password.
generation your wallet seed using Offline, safe environment is enough and you can have multiple copies of your wallet seed.
Finally, using electrum enables you to can generate Master public key and run it from any device in order to increase your privacy.

I assume you wanted to try and write multiple copies on each disc until it was full in an attempt to prevent "disc rot"

CD-R discs are probably not the most trustworthy method of storing data long term unless kept in high quality archive type conditions. I would recommend that you use either USB thumb drives (which still have a limited shelf live, but longer than a CD-R) or simply use paper (laminated/waterproof) or engrave in steel plates etc.

Never mind this, you are right but just more clarification.

A public key is associated to an address, all addresses have their own public key which was even used during when public keys yet not have public key hash (addresses), and P2PK is the payment method as of the time. But, I understand what you meant, the master public key, whch can be used to generate all the addresses a wallet can generate is what you meant.

What I think the OP want is to hold, and I think copying first 20 addresses is enough which might even still be too much.

I find it easier and perhaps safer to download a Linux distro with Electrum already installed on it instead. Tails has Electrum preinstalled. It's amnesic, so there's no need to get rid of anything after using Electrum in the first place. The USB disk can be wiped through a Linux terminal afterwards.. or just destroy it instead and buy a new one - Tails requires minimum 8 GB of storage; in Romania a 8 GB flash disk is ~$3.5.

This is not very safe if you don't transfer the installer properly. If you do it by USB, chances are you're going to plug in a malicious device into the offline computer.

Here I think it's a better idea (although not sure if it's as safe as storing public keys) to store the pubkey which is basically the access key to all public addresses you own on that seed. Rather than copy-pasting hundreds/thousands of lines, you just import that one instead.

If you implied using paper wallet can be an uneasy way for people that do not know much about bitcoin, that would have been better, but for people that know how it works, it can still be used safely if run offline. 

I understood what you meant here, that paper wallet sites should not be trusted. But, bitaddress is still recommended, but should not be used online but offline. The source is on GitHub, so you can run it offline completely. It's sorce code is completely available on GitHub, did you see anything malacious when you checked it? I guess No. So, why are you implying it could pre-generate private key which I believe its what you meant, it can not.

Only close source will have such malacious codes that could pre-generate private key or seed phrase that people will not know, not open source like bitaddress.org.

Is important to mention that you don't need an online service like bitaddress to generate a private key, it would be more secure if you download vanity gen and create the address on an offline pc. Even you can do this under Linux running on a live USB, that way there will not trace once you reboot the pc.

Never trust online sites to generate bitcoin addresses, even if you do it offline they could pre-generate it when you open the site.

I think it's fine and safe as long as he no longer connects the pc to the internet.

@re4mat0r after generating a private key from bitaddress.org offline make sure to test it first by importing it in Electrum or use this https://coinb.in/#verify
So make sure that you downloaded both of them before you disconnect them to the internet.

You need coinb.in to make sure that you generated a correct public key and the right private key and make sure never to connect the PC to the internet.

The above suggestion(BlackHatCoiner) is also a good way to safely make an offline wallet. You can also make cold storage with CD or your best bet is to use a hardware wallet.

Why don't you run the source offline instead.

Why don't you have it offline instead on paper. You should be careful of PDF that do synchronize online.

There is an encryption while using paper wallet, BIP38 passphrase.

Know that the brain is not 100% certain in remembering paswords as you want to hodl.

---

Know that you can generate offline wallet using wallet like electrum, just make sure your device is airgapped, generate the seed phrase offline, you can include passphrase as a way to extend the seed phrase. Get yourself address(es). You can even import the address on an electrum online wallet to make it watch-only, but deleting the wallet from the offline airgapped device after wallet creation, you will be using the watch-only wallet to track transactions. But, if you like it this way, do not lose your seed phrase and passphrase if included, to be able to recover back the wallet when you want to spend from it. You can not spend from watch-only wallet.

I personally find it dangerous. Let me explain you the parts where I find incorrect.

You're choosing to generate the keys from a website. Whether if it's a malicious one or not, your wallet's compromisation may happen from a third party. Not to mention that you'll have to run javascript for the addresses' generation which is also not recommended. Can I ask you why you prefer to have a paper wallet instead of just writing a seed phrase? You will be, then, able to derive as many addresses as you want.

You probably don't know it, but WinRar isn't open-source. This means, that you'll encrypt using a compiled version of an unknown code.

I don't like it. It may work, but I don't like the way you've thought this.

I don't know how many people is this “several”, but I would have high doubts for the long term. I mean, how can you be so sure that a password that is more than 14 characters long will remain on your memory?

---

Here's a very secure way to do it:

0. Download electrum and verify it!.
1. Boot Linux.
2. Do not connect to your home internet.
3. Transfer the electrum installer that is verified to your freshly-booted machine.
4. Open electrum and create a new, standard wallet.
5. Write down those twelve words it'll pop you on a piece of paper..
6. Copy all of your receiving addresses and transfer them to your USB as a txt file. You can view them by clicking on “View” --> “Show Addresses”.  (Warning: The addresses, not the private keys!)
7. Get rid of the linux and copy that txt file to multiple drives.
8. Optional:  Store the piece of paper of with your seed phrase on multiple places, to prevent any loss.

You now have nothing to worry about. Everything's open-source, you have nothing to remember and you have only written down twelve words.

After researching about storing bitcoin securely offline I want to do the folowing steps:

1. Boot Tails Linux from USB flash drive
2. Connect to my home Internet via Wi-Fi
3. Open bitaddress.org
4. Disconnect from the Internet
5. Generate BTC keys, save as PDF
6. Archive and encrypt the file with WinRar (including file name and attributes encryption), using more than 14 letter password
7.Write the archive onto 3 mini CD-R disks. I will write multiple copies of the file until the disk is full, in case of partial disk damage/scratch or file corruption.
8. Shut down the PC
9. Store the disks in different locations.
10. Password will be stored in the memory (in the brain) by several people (family).

Is this sequence secure or are there incorrect/dangerous steps above?

Thanks!