Bitcoin Forum

I use TrueCrypt on Linux to create and mount just a small encrypted volume that holds only the wallet.dat.  That wallet.dat is well under 1MB now, but 5MB seems to be a ample yet convenient upper bound as far as size goes.  I'ld like to ensure that the wallet.dat has not and will not ever be stored on a non-encrypted volume.

For me to be able to ensure that a new wallet is created on an encrypted volume, I created a much larger encrypted volume (e.g, 300MB or larger, depending on volume of logging kepts) and launch the Bitcoin client there.  Once I have the wallet.dat, I then move it to the smaller 5MB encrypted volume.

The protected 5MB volume is not normally mounted and is only used sporadically.   When I do wish to use it, I mount the volume and then create a symlink to its wallet.dat before launching bitcoin.

It would be more convenient if, instead of having to create a symlink, I was able to specify which directory to use just for the wallet.dat.  e.g.,
  $ bitcoin -walletdir=/media/truecrypt1 -datadir=/usr/local/bitcoin/data

Something like a -walletdir option would allow me to create the wallet in a separate directory as well.  An added benefit for that would be that I could then skip having the 300MB encrypted volume as well.

Does anyone have a better solution, or other thoughts on this suggestion?

What do you have against symlinks ?

Would it work, on a new machine with no wallet, to create the .bitcoin directory, with wallet.dat a symlink to an empty file on your 5MB volume? Then when you launch the client for the first time, would it create the wallet on the encrypted volume? Or would it just overwrite the symlink file with wallet data?

Wallet size depends on the amount of bitcoin-chunks, right? So if I have used the faucet 1000 times (gavin don't hit me :-) the wallet is ~1000 times larger than when I just mine a single block, even though in both cases the wallet holds 50btc.
Can s/1 tell me? Not motivated to search the code...
If so, can you recombine chunks that have been broken down?

Thanks in advance.

Without having to create a symlink, I can have a "launcher" on the desktop to launch bitcoin with a specific wallet.  (though that could be a script that creates the symlink, but not having to do that step is a usability improvement.  Even so, a symlink doesn't help when creating the wallet.dat -- see below.


It overwrites the symlink.

+1

Is this an appropriate forum to make feature requests?

If so, I heartily support the ability to configure the wallet's location apart from the rest of the data. I was just setting up my own Truecrypt file to store my wallet and was looking to configure the wallet's location when, lo and behold, the whole data directory has to stick together.

The symbolic link is fine and dandy, but I'm using my Windows machine at work, and symbolic links on Windows are . . . not friendly.

Even better: let the wallet location be configured in the config file.

You can recombine coins that have been broken down across many transactions, but this has little affect on the wallet.dat file.  The bitcoins don't actually reside in any form in the wallet.dat file, your public/private keypairs and references to your transactions do.  In truth, the bitcoins don't actually exist even as a digital object.  Everything is in the transactions.

The link shell extension (http://schinagl.priv.at/nt/hardlinkshellext/hardlinkshellext.html (http://schinagl.priv.at/nt/hardlinkshellext/hardlinkshellext.html)) makes it a lot easier to work with symbolic links/junctions points on Windows.

Using a symlink is only a complicated workaround for the current lack of this feature, a very basic and very essential feature which is missing only accidentally (its absence is a non-critical bug and other bugs were more critical) and that will be fixed as soon as one of the devs has the needed 3 minutes extra time available (which I hope will happen soon).

I would love to help out myself and would have done so for exactly this very bug already weeks ago but unfortunately I can't do it for technical reasons (temporary lack of suitable hardware to develop and test) at the moment.

The question "what's the problem with symlinks?" that was asked at the beginning of this thread can only be interpreted as some form of bitter sarcasm, there is no doubt that this *CAN* not be the serious opinion of anyone.

Imagine one would for example have to create a symlink

%APPDATA%/Word/TheWordFile.doc -> ~/Documents/whatever.doc
every time before one wants to open a different file. And the MS hotline would ask "Whats the problem with symlinks?"

This would be hilarious. I am 100% sure everybody will agree with me on this.

I hope somebody who has (unlike me) no problems setting up the needed environment to compile and test on all supported platforms will supply a patch or maybe (more likely) this patch already exists and will (no doubt) be part of the next release.

Mini-bump. This would be a good option to implement, especially for simple obfuscation of the wallet.dat location from trojan wallet stealers. If only I know that my wallet is --walletfile=C:\Users\deepceleron\AppData\Roaming\SecuROM\UserData\voeF5h3x.bin, it's a bit harder for a virus to find, grab, and ftp it. Bitcoin client should also have a prompt "wallet file not found, create a new one?" on new installation or upon specifying a wallet file that does not exist, to go along with this.

I'd love to see this implemented as well.

I can't believe this feature has not yet been added or am I missing something?

This makes basic security common sense - a lack of a -walletdir option is a major bug.

If basic security goes that you maintain a hot-wallet for day to day transactions and a secure offline wallet for your bank account then surely you need the ability to secure and hide your account wallet.

The obvious way to do this is in a Truecrypt hidden volume - that way you're secure (with reasonable precautions) against trojans, hackers etc AND (and this is what no-one seems to be addressing if this experiment ever goes mainstream) against physical attacks where some guy threatens to break your legs if you don't reveal you truecrypt password to your off-shore account wallet.

Hiding a small wallet.dat file in a truecrypt hidden volume within a gb volume is impossible to detect, however having to haul the entire blockchain in there as well, kinda makes it obvious there's a hidden volume there.

I'm no coder but this must be two lines of code at most: if walletdir=NULL then walletdir="%data%\bitcoin" else walletdir=<-walletdir>

Please sort this out or show me a version of bitcoind that uses it already, but not electrum - I like bitcoind, I'm comfortable with it. I've no problem with downloading the complete blockchain, but a copy with each wallet is too much, especially if I need to encrypt public data just to secure my 1mb of private data.

This option makes so much sense, it would reduce this page : https://en.bitcoin.it/wiki/Securing_your_wallet to:
Download TrueCrypt;
create hidden volume;
stick hot wallet in the outer volume;
stick account wallet in hidden volume;
make several back ups;
set bitcoind -walletdir=TrueCryptvol:\MyWallet;
mount whichever wallet you wish to use;
boot bitcoind;
make sure no trojan steal your mounted wallet, which is encrpted on bitcoin-qt anyway.

Patch here: https://github.com/tcatm/bitcoin/commit/126fdaef110aca47acf888a2e599167554280fe7
Branch multi-wallet: https://github.com/tcatm/bitcoin/tree/multi-wallet

It allows to select between multiple wallets within the datadir. e.g. bitcoin -wallet=foo.dat will load $DATADIR/foo.dat (or create it if it doesn't exist). Don't use it to access wallets outside the datadir.

Er. This doesn't split the database environment, so if its used as this thread is requesting it will almost certainly result in wallet corruption. (and leak wallet information as well).

Any update to whether this feature was incorporated into the main client? Last update to the thread was nearly a year ago, and it looks like tcatm did a patch for it.

I am considering using the symlink option, but it seems a little dangerous.

Any news on this? I noticed Gavin closed the thread here: https://github.com/bitcoin/bitcoin/issues/68

But it still does not allow us to store the wallet.dat separately from the data directory. This is a MUCH needed feature as it would allow us to use the wallet.dat file inside a TrueCrypt folder. Gavin? Anything?

It would be useful.  Another use case is disk backups.  I have a hard-drive that I don't bother to backup.  Ideally, I could store the blockchain there, but still have the wallet included in the backups.

The blockchain should have nothing to do with the wallet file. One is the database, the other is the keys to access Bitcoins. Why on earth is it not possible to put the wallet file in its own location?