Bitcoin Forum

There are SO many wallets out there in SO many flavors from SO many places.  In fact, a simply Google search doesn't even yield an "official" site or wallet to newbies that want to join in the fun.

It would seem to be a no-brainer for bad guys to make an awesome looking site with free wallets that transfer money to their own wallet after a period of time (after you finally felt safe) or even to make your wallet mine on their behalf while it is running (or probably 100 other things I haven't considered).

How do you KNOW, or what criteria do you look for, that the wallet that you are trying with those fancy new features, shiny new skins or new platform compliance is actually safe to use?

Is this a subtle question with ulterior motives? Personally, I would look for the wallet creator's github or bct thread.

1 - go to official bitcoin site, see the wallet they list
2 - if you know enough programming, see by yourself if the wallet is safe. Or make your own wallet.
3 - do some research in the internet about your wallet, related to security issues
4 - never use beta or not open source wallet
5 - never use any wallet(bitcoin or other) that is windows only. This is a great sign of a scam wallet.

Use open-source wallets and check the sources.

So I see disagreement about open source wallets and beta wallets - so let me ask you guys: 

(1) What exactly IS the official site?  Bitcoin.org, Bitcoin.com?
(2) The wallet I downloaded and have been using is Bitcoin-Qt version v0.8.6-beta and the new one says it is 0.9 - and I thought I downloaded it from the "official " site.  Have I already screwed up?

The official site for Bitcoin Core (previously called Bitcoin-qt) is bitcoin.org, and the latest version should 0.9.1.
Each wallet has its own official site (eg. https://electrum.org/ for Electrum)

I ask technical question on this author : https://bitcointalk.org/index.php?board=100.0

Alright I went there and loaded the 9.1.0 version and after it finished "verifying blocks" it came up and it looked like it lost my send and receive addresses.  I found them eventually but the interface has changed somewhat.  Thank you for the head's up for the new version.

This is the official wallet on the official site and this is the most mature coin we have - but this is still tagged as beta software and the version starts with a zero - it seems counterintuitive that this coin (above all others) would not have at least one release that is not marked beta.  I think that is the bottom line of my original fear and why I had the original question.

Let me ask you this:  Does it make sense to keep separate folders with both the software for a wallet and the wallet data together so that when the wallets go from release to release I maintain a 1:1 correspondence between the wallet data and the software that created it?  Asked another way, is there a reasonable fear that a new release will no longer support a wallet from a previous release?

No, noone would be able to update without sending the coins. There might be a cenario in the future that recuires to throw downwards compability overboard. Anyway, as long as you backup your wallet.dat to somewhere safe on a regular basis you are fine. Even with a newer version you could just reinstall the old version and use that.

All my wallets are generated offline. All except my hot wallets on blockchain.info

I only use those what is posted in the bitcoin official site. Also check for reviews on the forum.

Yes, it is still beta as we are in 0.9.1, but it should be not anymore for the next major release 1.0.0  :)

I personally think the only wallets you should use are like these: real wallets where you actually own your Bitcoins.
Using online wallets is the worst decision you can make.

If there are updates ESP when a forum actually announces it as well.

Which is still up there on top of this forum news: Open SSL heartbleed bug, it shows they are on top of security.

Keep in mind, bitcoin qt wallet is part of the original block foundation before any of the mobile and web wallets were around.

I agree with that. Why go ahead and throw the control over your money that bitcoin gives you overboard again right away even before really getting started by trusting a third party with holding it for you?
That's not saying online wallet provider's are not to be trusted, it's more like: they are not necessarily safer from hacks than your local machine and they definetly are a much more attractive and bigger target.

Doesn't have to be bitcoin-core (formerly bitcoin-qt) if you don't want to lift the heavy weight of the full blockchain, but using a local wallet preferably on an offline machine, that goes online only spradically for synching/transfers alongside a safely created paperwallet to store BTC longterm on should be the way to go.

Good question, I for one didn't know all this important info was out there on the subject.  Gonna have to do reading on this for future reference.

Exactly. A simple way to say that is: You don't have your bitcoin, if you don't control the privkey.

I always tell people to use only bitcoin-qt. Its the safest wallet out there. I know its going to be 100Gig soon but safety first...

It is only just 19 GB now. I am sure my HDD will die first, before the blockchain reaches 100 GB :)

It depends on how important the bitcoin is to you.  If you can't afford to lose it, then perhaps stick with the slow but must trusted bitcoin-qt.  If it is a small amount that won't impact your life much, then you might try one of the alternatives that will be more responsive and less resource intensive.  I don't know enough to give any specific suggestions.

The only way you'd know is to look at the open source code and check each line for yourself so that you know the function of every single line and that none of it is suspicious. However, in reality few people have that expertise and the number of manhours needed would be huge. Nonetheless, an open source client is always best - Qt is good if you have time to download the blockchain, or I would advise Multibit/Electrum. Both have a large enough userbase to ensure that nothing untoward has been added to the code as of yet.

Can I diversify the risk of hacker attack if I'll use different wallets? How wallet's security is depend on me?

It helps if the problem is in one particular wallet client.
If you have malware in your computer, or your computer has been hacked, your bitcoin will be stolen even if you used 5 different wallets.

The best way to secure your bitcoin would be to use an offline wallet or a paper wallet IMO.

There seems to be agreement that a paper wallet is safe, but how long term?  Do wallet updates effect the paper wallet?  Should I keep a redundant set of usb's with the program that created the paper with the paper (in case the software goes through some form of evolution)?  Does the paper wallet keep track of all of the different receive addresses?  It just seems odd to me that a single QR code is going to be able to hold enough information to recreate my wallet.

And of that, once you create the paper wallet, I assume that you destroy the digital one.  If it is still around and falls into the wrong hands, the paper wallet would quickly become useless.  Wow.  Hitting the delete key on that file is gotta be hard to do.

I guess u should actually look at the website, bitcoin.org before making any decision. They provide the official wallet sources. Try to download a wallet client that is opensourced so that you could review the sourcecode first. Do not download from any other sources other than the official one.

How can you know  your USD is safe?
 Nobody can be completely sure of it

Impossible to know.  It would be best to keep yourself aware of any major new developments in Bitcoin if you are holding any bitcoin.  In general, a paper wallet (if created in a safe manner) should be safe until mathematicians manage to completely break all three of ECDSA, SHA-256, and RIPEMD-160.  I'll be surprised if all three of those are completely broken to the point of being reversible in less than a decade.


While not impossible, what would be more likely than that is for the current cryptography to become weakened with new mathematical developments.  The bitcoin protocol would be updated with new cryptography, and your old paper wallet (while still supported by the new protocol) would become vulnerable to theft.


That wouldn't hurt, but it isn't likely to help.  If the protocol changes in a way that makes it impossible to spend your bitcoins (extremely unlikely), then your old program won't be recognized as valid by the rest of the network.


Not usually.  Usually, a paper wallet only has a single receiving address.


The single QR-Code will most likely hold enough information to recreate a single receiving address.  If you want multiple receiving addresses, then each one will have it's own pair of QR-Codes.


The paper wallet is generally created separate from the digital one.  It has its own address that doesn't eve exist in the digital wallet.  You send the bitcoins from your digital wallet to the paper wallet.  Therefore, there aren't any bitcoins in the digital wallet for anyone to steal.  As such, there is no need to destroy the digital wallet.  If it falls into the wrong hands it is useless (since it doesn't contain any of the bitcoins.


Deleting an empty wallet isn't a very difficult thing to do.  Trusting that the paper wallet receiving address matches the paper wallet private key, and sending the bitcoins to the paper wallet receiving address can take some faith though.