Bitcoin Forum

I was thinking of setting up a single cold storage instead of all my wallets, and I wanted to ask for some technical advice:

This is the plan I have:

1) Disconnecting my laptop entirely from the internet, then installing Bitcoin Core from a USB drive.
2) Running Bitcoin Core and backing up the wallet.dat file on a few external hard drives.
3) Disconnecting all the drivers and formatting the computer when the process is done

I was wondering if there are any flaws in my method? Any way my private key touches the internet?

And is there a safer way of generating a wallet than Bitcoin Core? I was thinking about running a third party up when the computer is offline. and how do I extract the plaintext privkey from the wallet.dat file?
There are gonna be thousands in there before I even think about withdrawing, so it's gonna be deposit-only for a couple of months, maybe years.

And I can't really get hold of a hardware wallet locally, I'd love to, but they're not available anywhere.

Thanks in advance.

The laptop would have been connected to the internet at some point. It is possible that you could have received a malware on to your laptop which can transmit data even when offline (yes such malware exists, it does some crazy stuff).

So you would still have to run Bitcoin Core and connect to the internet?

It is possible that, since your computer was online, malware could be on your computer and then that malware writes itself onto your hard drives waiting for them to be plugged into a computer.

When you format, make sure you overwrite with 0's.

It would be safer to use a paper wallet.

Thanks for responding.

I don't really trust paper to keep the private key readable for years. that's why I prefer backing the file up on multiple drives.
So how can I possibly eliminate the risk of a malware copying the private key and waiting for it to go online?

I put together this years ago: https://susestudio.com/a/kp8B3G/ciyam-safe

It is an OS image that doesn't even have internet capabilities (your keys are safely kept on the offline computer and txs are done using QR codes so that you don't even need to have any "wire" attached to your offline computer apart from its power).

You can backup your encrypted private keys via QR codes also (it uses GPG to do the encryption of those).

The system has been used to safely look after well over 500 BTC since 2011.

Thank you very much for replying.
I have little to no experience with linux systems but centOS, would it be difficult for me to use this OS? and I really liked the idea of using QR codes.

Use a completely new device that has never been online and never will be online. You could use something cheap like a Raspberry Pi.

This really comes down to just how paranoid you are and how sure you want to be that the addresses generated are completely secure.

More importantly, it would be possible that some undiscovered malware got onto your laptop while it was connected to the internet that can influence the choices that Bitcoin Core makes when generating private keys and addresses.  In other words, the malware wouldn't need to transmit the data while offline, it would just need to trick your Bitcoin Core into choosing private keys with an algorithm that the attacker can reproduce on their own system.  Your keys would look completely random to you, and until the attacker empties your wallet, you'd never know.

Are you likely to have such hidden malware running on your computer?  No. But if you really, really want to be safe, then this is an attack vector to be aware of.

No.  It isn't necessary to connect to the internet to run Bitcoin Core.

Correct, it is possible that these external hard drives have malware on them (perhaps even installed in their firmware).  Again, this is unlikely (especially if you purchase brand new hard drives and never connect them to any other computer), but it is an attack vector to be aware of.

There are a variety of different forms of formatting of hard drives.  Some of them leave all the data on the drive and simply remove the indexes that indicate where that data is stored.  Even if the original data is all overwritten with new values, it can sometimes be possible to retrieve data from the slight weak data signals that may remain.

US Department of Defense in the clearing and sanitizing standard DoD 5220.22-M recommends the approach "Overwrite all addressable locations with a character, its complement, then a random character and verify"

It's relatively safe. There are additional steps you can take to increase the security, but doing as you've stated isn't a horrible method.

I really like the idea of rolling dice or shuffling cards.  Then I don't need to rely on a computer program generating a random enough private key.  There are a variety of tools that will convert a private key to a bitcoin address, and most of them are simple enough for an amateur programmer to confirm that they aren't doing anything malicious.

If you know how (or are willing to learn how) to convert a private key to Wallet Import Format (WIF), then you can even use Bitcoin Core to calculate the address from the value acquired from the dice or cards.

In the "Console" found under the "Debug Window" in the "Help" menu, you can run:

Replacing 1YourBitcoinAddressHere with the actual bitcoin address for which you want the private key.

What software are you recommending for creating the paper wallet?
Have you considered the fact that a networked printer can be hacked and the data sent to it to be printed can be captured?
How well reviewed is the software you are recommending?
Wouldn't you need a computer to run the paper wallet generating software?
If so, wouldn't that software and computer be subject to all the same risks as running Bitcoin Core?

Much like the OP proposed method, a paper wallet created with bitaddress.org running on an offline computer is probably pretty secure, but there are attack vectors to be aware of, and steps can be taken to increase the security.

It uses a custom SUSE distro and although it does come with documentation it is "console stuff" (I never had the time nor the interest from others to bother with creating a nicer UI sorry).

Thank you for reviewing my method, can you please add some steps to my method to ensure safe generation and storage of the private key? I am thinking about never letting the computer connect to the internet again, and uninstalling the WiFi and ethernet drivers completely. but that still doesn't eliminate the risk of the malware in the hard drive, and the key could be stolen once I use it to withdraw the bitcoins.


I would really like to see something like that with a new UI for newbies. I am pretty sure the community will be able to support you and create an alternative for bitcoin hardware wallets that can be installed on any machine.

The "community" has not been interested in doing this since I created it (years ago) but in any case the software is there and is open source (the scripts and other software used are on github).

https://github.com/ciyam/safe

Why not just buy a Ledger Nano S for $65 do you dislike hardware wallets for some reason?

I guess most people prefer to use exchanges as a wallet (yeah, that's ridiculous) and the "safe" way for keeping the bitcoins in their eyes would be blockchain.info.
For the more paranoid, careful, and people who hold large amounts, I am sure an OS like this one will be helpful. Trezors are not widely available worldwide, and cost an extra while you might have an old laptop capable of doing the same. I'll start a topic in the bitcoin discussion and ask if there is any demand of something like this. will you be able to add a UI? if you don't have the time maybe someone else may be able to continue this using your github contribution.

For sure - it wouldn't be a huge amount of work to do some GUI (Linux has some easy stuff for doing forms that actually works in the console).

You need to understand that I didn't create this project in order to make any money (so it had zero publicity and backing).

I created what I did in order to securely store a lot of Bitcoin back in 2013 and for that purpose it has worked flawlessly.

Of course after Segwit is released then maybe it will need to be revised to use the new forms of raw transactions required for that.

I meant to understand from the forum, that using multisig helps to increase security.
It adds a layer of complexity, but reduces the risk, if your private keys are partially compromised, that bitcoins can be stolen easily.
So one could even think of having one set of keys in an online wallet, the others offline, and both must sign a trx (or 2 out of 3; and so on...).
 ???

I keep my PK on an encrypted thumb drive and run Electrum on an air-gapped computer with lots of security and no NIC or audio.

Cold storage isn't hard to do for any type of person it's just isolating the private-key. It'd take a firmware or EMR level attack on my USB drive to compromise my policy and malware developers are too lazy and government don't care about my relative chump-change..

If you want to not have the hassle in a mobile environment watch out for a solution that uses Android or IOS hardware-isolated key services for multi-sig or even PK storage. With this you can use a system almost as secure the same way you do with standard key-storage.

Don`t go why go so far in speculating, just get the original Microsoft ISO you can check with hash is it valid and not home cooked
Before you install do a fast zero mbr wipe if you think something could be hidden on HDD mbr sector, install it boot some valid wallet, I like electum because I get seed wards at creation which are easy to backup at the papers and no way anyone can sniff it

Multisig itself does not guarantee security. The addresses that is used to generate the multisig address must be kept separate from each other, preferably in separate offline computers. The signing of the transaction must not be done on one system and must be done on separate offline systems. It is quite a hassle however and I feel that using a paper wallet would suffice.

It's not just MBR it can be VBR or wininit.exe or another early PID or even driver or kernel patch after registry entry-points..

Use something like DeepFreeze that restores volume on boot and cryptographic checks the shadow copy before loading it. Or just use Tails live like I do and only use public key on that potentially hostile Windows box or volume.

Ubuntu or Fedora or another live distro would work too. Tails isn't any more protected from remote attacks.

Okay so I have installed Windows 10 from a USB drive and then Bitcoin Core 0.13.0 from bitcoin.org after verifying the digital signature. Backed up the wallet.dat and the private key I extracted using dumpprivkey on several external USB hard drives. I think this setup should be relatively safe, because the private key has never touched the internet.

One of the issues I'm experiencing is the WiFi driver getting automatically installed after I uninstall it using the device manager, so I just disabled it for now. I hope it's good enough.

Do you guys have any additional advice? and how should I spend the bitcoins when the time comes? import them to an online wallet such as blockchain.info or simply sync the blockchain with bitcoin core?

Thanks for all the answers.

I recommend that you don't use any online wallets, regardless. If you don't want to wait for the blockchain to download, then use an SPV wallet like Electrum.

Okay I will not use blockchain for spending the bitcoins then. is Electrum really that much more secure than it?

Electrum, as with most or all SPV wallets can compromise privacy since it leaks the addresses to the nodes the client connects to. Electrum is safer than Blockchain.info simply because Blockchain.info transfers the private key to their server and Electrum does not. You can use Electrum/Bitcoin Core offline by crafting an unsigned transaction, transfer it to the wallet to sign and broadcast it to the network

---

---

As a mentioned above, you can sign the transaction on the offline computer before broadcasting it. For Bitcoin Core, the steps are of below:
Isn't the most perfect way but I found this the most userfriendly.
For Electrum, look at this: http://docs.electrum.org/en/latest/coldstorage.html.

Another safe way to track if you have a malware is to have a lot of sloppy wallets with few cents in them.Add these wallets to your blockchain.info wallet as watch only.Keep monitoring them and if the balance changes in any of them you will know that someone is snoppy around your system looking for bitcoins.

You do know, well taken cared of books are hundreds of years old. Take care of your "declaration of independence" from banks, and it too, will last hundreds of years.

seems like easy/cheap opion.my choice at fact

We don't want to have anything to add other than the fact that we have been doing research on cold wallets and this thread has been very useful.

We've documented a few of the ideas for our own use. Thanks kindly everyone.

I have seen many of the bitcoin core wallet users complaining about their wallets that they are getting hard times with their laptop. They need to acess the wallet like a bank account but it is more capable of it

You're welcome, I wasn't able to find much technical information before I started this one. and I have another question: I was thinking about adding an encryption layer to my backups. what program would you guys recommend me to use? VeraCrypt is one of the more popular programs but I'm not sure if it's the best for this use. I just wanna encrypt the folder I store the private key and a few more files in.

Why go through this process? The USB could be infected, even if you are online it does not guarantee that the PC has malware which will compromise you once you're back online.

Just get a hardware wallet if you have any decent amount of holdings - even .5 BTC is worth $300 USD which justifies the hardware in the first place

What are the  features of Raspberry pi and how does it help us?

It's cheap, fairly easy to setup, and runs linux. Since it has no wireless networking capabilities built in, it is difficult to remotely hack.