Title: Improve the Security and Accessibility of this Wallet Setup ( .2 BTC BOUNTY ) Post by: securcoinsecur on February 06, 2014, 09:06:44 PM I'm really paranoid about securing bitcoins in a personal wallet. Whoever comes up with the best answers to the "Questions" section below will be rewarded .2 BTC. The winner will be chosen and paid by me on 02/10/14
My current setup is below. If there's anything that you think could be improved, please let me know. Computer Hardware Offline Computer Hardware - X200CA Asus that was bought directly from Amazon. Online Computer Hardware - Lenovo W520 bought from Lenovo. USB key - IronKey S250 Personal, which was bought directly from Ironkey, via Amazon. Computer Software Offline Computer Software ( All software signatures have been verified ) - Ubuntu 13.10 - Offline Wallet: Armory 0.90 Offline Bundle https://s3.amazonaws.com/bitcoinarmory-releases/armory_0.90-beta_OfflineBundle_12.04-64bit.tar.gz - This computer, has only the software that comes with Ubuntu, and the Armory Offline bundle. Online Computer Software - Ubuntu 12.1 ( All software signatures have been verified ) - Online Wallet: Armory 0.90 Installed from source via github https://github.com/etotheipi/BitcoinArmory ( All software signatures have been verified ) - There is a lot of various software installed on this computer. It is used as my personal and work laptop. Computer Setup Offline Computer - When the Asus laptop arrived from Amazon, all Bluetooth and Internet connections were disable at the BIOS level. - Ubuntu 13.10 was download onto my Online computer and was checked to be valid via a md5sum check. - Unetbootin was used to create a bootable ISO image of Ubuntu 13.10. - The bootable image was placedon a Personal S250 Ironkey, the IronKey was then mounted to the Offline computer, and Ubuntu 13.10 was installed on the Offline computer. - The Armory Offline Bundle was installed on the Offline computer, similarly to how Ubuntu was installed on it. That is, Armory was checked to be valid, it was moved from the Online computer to the IronKey, the IronKey was moved from the Online computer to the Offline computer, and the Armory Offline Bundle was installed on the Offline computer. Online Computer - Ubuntu 12.10 is installed on it. - This computer is used by me everyday. From surfing the web to doing heavy development work for my full time job. - Armory 0.90 was installed on this computer, from source, via Armory's github repo. ( All software signatures have been verified ) Securing the Wallet I create a paper backup of my wallet, on the Offline computer, via Armory. I then hand write the root and chain key on an index card. The index card is then cut in half. Half of the root and chain codes are on one half of the index card and the rest of the root and chain codes are on the other half of the index card. Then, the two pieces of the index cards are stored in safety deposit boxes. One piece of the index cards is stored in a bank's safety deposit box. And the other piece of the index card is placed in a different bank's safety deposit box. After the paper wallet was created and written down, I deleted the wallet from Armory on the Offline computer. Process of spending Bitcoins I stop at both banks and withdrawal half of the index card from each safety deposit box; the Armory wallet is restored on the Offline computer; a watch-only copy of the wallet is transferred to the Online computer ( via the IronKey ); an offline transaction is created on the Online computer; the unsigned transaction is sent to the Offline computer; the unsigned transaction is signed by the Offline computer; the signed transaction is transferred back to the online computer; and finally the transaction is broadcast. Questions - Are there any glaring security flaws to the Securing the Wallet or Process of spending Bitcoins above? - Right now most of my Bitcoins are in one Wallet? Is it better to split up the coins into multiple wallets? - What are some ways that I can improve the security of my current wallet setup. - Accessibility to my Bitcoins is a huge issue. With my current setup, I have to drive to, two separate banks, drive home, and then transfer bitcoins if need be. What is a good way to secure my wallet, at home, so that I can have immediate access to my wallet ( without driving to 2 banks )? At the same time minimizing the risk of someone breaking into my house and somehow getting access to my wallet. Or the risk of someone holding a gun to my head and demanding access to my wallet? |