Topic: Wallet Safekeeping - Best Practices (Read 5647 times)

I don't trust USB sticks either, that's why I prefer sd cards. Maybe you must copy the content once a year from one card to another, then you have refreshed the memory cells and have a second backup at the same time...

Hopefully this is just the canary wallet. The real saving wallet could have a slightly different private key.

Paper is still king.  Stored properly in a cheap firesafe, paper will survive a house fire.

I also use M-disc, but I don't trust them yet.  The concept seems very solid.  The drives suck, I think I've got a 50% failure rate on the LG drives (of about 40 installed) in the first year, but that doesn't seem to be a problem for media lifetime.  I also have a few media that have appear to have spontaneously grown what appears to be a thick dust layer despite storage in Tyvek sleeves, but they still read fine.

I have no idea about that memory vault.  I note that the linked website doesn't give any indication of what it really is, or how it works.  Appears to be just flash memory plus marketing.  Assuming that they've solved the discharge problem (and I see no reason to believe that they have), you still have the problem that flash drives sometimes just die a sudden and mysterious death.  Or am I the only one that occasionally plugs in a USB stick only to find that it has turned itself into a brick since the last time I used it?

The middle ones founders disappeared sadly

A few people are engraving on stainless steel:



Some even have it laser engraved stainless steel the size of a credit card:



And you can use tungsten too:

Yeah those are good. There used to be worm sd write once but you can't find them. I bought some and they were counterfeit.

You're right about the sd cards, only last a few years... did'nt know that! 

M-Disks are great or you could take this: http://www.sandisk.com/products/usb/memory-vault/

They need power every once in a while

Get these http://www.newegg.com/Product/Product.aspx?Item=N82E16800995117

Discharged sd cards? Never heard about it!

SD cards are the safest digital storage, much more reliable than CDs or DVDs. But better create an additional paper wallet from your private key, then you're completely covered.

Yeah it's not really a promoted fact but fatal

https://en.bitcoin.it/wiki/Securing_your_wallet#Securing_the_Bitcoin-QT_or_bitcoind_wallet

Thats interesting. Where did you see that?
That would seem to be an important point to nail down.
With the multiple change addresses etc it would seem 100 addresses could be exceeded quite quickly on a busy wallet.

Agree re Armory, there are too many variables with anything else.

I think it only backs up 100 addresses still
Unless you use armory, your backup must be refreshed. This fact is kinda hidden

@etotheipi
Ah right. Thanks.
Ill edit.
Love the product BTW

Was I correct that the paper backups only use the 26 character alphabet?

For me this a the perfect use for a paper backup.

P.S.
Anyone with Euler in their avatar is OK by Me

Armory paper backups are explicitly unencrypted.  The vast majority of people using the paper backups is because they forgot their wallet password.  If you need physical security, use Armory's "fragmented backup" feature to create multiple pieces and store them separately. 

Heres my take....

Use Armory, create your wallet(s) etc,
https://bitcoinarmory.com/

Then do a "paper backup" of it.
The backups are "Deterministic" meaning they only have to be backed up once and will always work.

Purchase some some piece(s)/ingots/whatever of stainless steel ....
Something about the size of a credit card would be ideal... but depends how small you can engrave the numbers..
I would recommend getting the best quality steel possible, as you want it to last and cheap steel may have impurities..

These Stainless Steel Dog Tags  $5 each - but possibly a bit small
http://www.ebay.com/itm/Mens-Stainless-Steel-Flat-Blank-Military-Dog-Tag-Pendant-Ball-Chain-Necklace-/121101538317?pt=Fashion_Jewelry&hash=item1c3236d40d

Or maybe a piece of Stainless Steel plumbing like this  $54.95 for 4 of them
http://www.ebay.com/itm/Lot-of-4-NW-KF-50-Blank-Flange-Blind-Flange-Cap-Vacuum-Fitting-Stainless-Steel/271326364659?_trksid=p2047675.m1982&_trkparms=aid%3D333005%26algo%3DRIC.FIT%26ao%3D1%26asc%3D177%26meid%3D3698187346659690298%26pid%3D100009%26prg%3D1088%26rk%3D1%26rkt%3D5%26sd%3D331092260391%26

And then buy something like a set of these (Steel Alphabetic punch set) $18
http://www.ebay.com.au/itm/like/230881776683?lpid=87
It appears the paper backups only use the 26 alphabetic characters, but I have not confirmed that...
 
And spend an hour bashing the backup numbers onto the steel plate/ingot/whatever with a hammer.

Put them in a safe, in the attic, carve a small slot in the top of a door it can slide into,
or even nail them to the underside of your house.

Why Stainless Steel, rather than Titanium/gold/copper/brass/bronze etc etc?

Stainless steel does not rust or tarnish much and has a very high melting point (1500c/2750f)
so its very likely to survive a house fire.
Also its cheap, although that is not really important..

It will outlast anything else I can think of... It will probably outlive you and your money troubles

Indeed. But they discharge extremely slowly. I can't think of a more reliable way to digitally store data.

All types of flash memory are a bad idea for long term storage.  They discharge over time.

Or you can tatoo your private key on your private parts 

In five years, the CD's and DVD's you burned may be corrupt. Optical discs' quality isn't what it used to be. Of course, this varies from manufacturer to manufacturer. If you want to digitally store data, the most future-proof way would probably be to use multiple good quality SD cards.


Keeping wallet.dat for long term storage is not a good idea. Although you will be able to extract your private keys even if the wallet.dat format changes in the future, it would be better to generate your private keys using vanitygen or bitaddress.org software (offline!) and store them into paper.

It is hard to beat paper for this application.

DVD-R or CD-R would be a good idea because they are cheap and guaranteed read-only.

I strongly believe bitcoin-qt source code contributors would do their best not to compromise old version wallet...
With many years, attackers may find a security hole, then dev team may have to compromise old version wallet file format. This case will be a very big news and dev team would announce proper wallet upgrade guide... I can't imagine more details for now...

If any attacker can hack bitcoin(or blockchain) by completely dominating dev team, so quickly that lots of wallets could be already stolen, that will be the end of bitcoin. Even alt-coins will lose trust that case. That could boost physical precious metal.

I would backup on multiple different mediums. CD, USB, HDD, old SD cards. As well as store them in various locations like parents house, friends house, in-laws house etc

You could also use deterministic wallets that generate a bunch of pseudorandom addresses from a random key. This is how electrum does it and I like their approach very much. You can just store a 12-word passphrase in your safe, or even just in your brain if you're careful (but brain+safe+completely separate USB keys somewhere is best).
Of course you have to be careful about how you're going to generate the random key for those. But I find dice work very nicely!

I appreciate the response. This pretty much answers my question. Yes, of course multiple immediate copies on multiple external storage. Perhaps even burning a copy of wallet.dat, a copy in .rar and .zip of the same file over multiple dvd copies would achieve the same purpose.

What about code changes or even "forking" as I have seen with some Alt-Coins. Does that not require some changes to the wallet.dat to remain valid?

Yes, it will catch up.

IMO,
5 years of time, the HDD or USB stick could be corrupted in hardware level. Low probability but could happen.
Preparing 2~3 USB sticks and storing identical wallet.dat file will be safer to keep it long. Also, check both USB's condition once a month, by mounting onto "linux or mac, offline computer" I wouldn't consider windows as a safe computer.

Lastly, if you encrypted wallet file, 5 years could be long enough time to forget your own password. There's no such thing as "reset password". Be very careful not to forget.

Hi,

I would like to obtain some clarification on what are the technical best practices to safekeeping wallets. I apologize for my newbieness on this matter, but I am looking for some clear and concise advice on the following:

a. If I understand correctly, our unique wallet data is held in wallet.dat -- this is the most important file that uniquely represents our identifier on the bitcoin network.

This would be my hypothetical question.

Let's pretend that I downloaded a fresh Bitcoin client, extracted my address. Then immediately backed-up my wallet.dat on some type of offline storage for example. Then placed this offline storage in a vault

If I was to send myself payments to this address and in 5 years for example -- I would place wallet.dat back into another Bitcoin wallet, would it catch-up and find all the payments that were ever sent to that wallet?

Essentially, my proposed approach is to instantiate the Bitcoin Client once to have a wallet.dat generated and to obtain the associated address. Delete the wallet.dat for this not to be active on a computer connected to a network. Then store offline (hack-proof), and simply use the address to bank coins.  

Are there any technical risks to this approach? E.g. Major Code changes that would negate such storage methodology?

Thanks in advance.