Bitcoin Forum

I recently bought bitcoins on Mt.gox, but have been hesitant to send them to my wallet. I found out that they had a physical authentication device that you can bind to your exchange account. Is this sort of security good enough to store a fair quantity on the exchange?

I was also thinking of converting them into physical bitcoins and perhaps putting them in a safe deposit box, though I don't know much more about that process other than its possibility.

With Yubikey, I feel account access is pretty safe, however the risks of storing large amount of bitcoins with exchange also include other types of risk such as business failure, government intervention, etc.
A word of advice, even gold & silver can be stolen, and no technology is 100% safe.

Business failure is a risk I did consider, but have thought acceptable considering how much of the exchange market mtgox has.

Government intervention though; is there legislation in Japan at the moment that would affect mtgox?

I suppose if something like that came down the pipe I would be able to move my BTC out of the exchange account before the fact.

I would love to know how to make my own physical bitcoins. I know casascius (https://www.casascius.com/ (https://www.casascius.com/)) can make some really spiffy physical coins, but even he admits there is some risk as he does have access to "the private key", which I guess means if he really wanted to he could take your BTC. I would rather just be able to make my own and store them like savings bonds.

If you don't trust your own devices, you can create bitcoin addresses just for your savings and store the private keys offline. You then can keep some coins on MtGox for your daily expenditures or trading and send the excess to your savings address or addresses. When you want to access your savings, you just need to import the corresponding private key to your wallet. You can even redeem a private key through MtGox.

There are many ways to create key pairs, one of them being https://www.bitaddress.org though what I normally do is create a wallet with the standard Bitcoin client, generate keys, close the client, encrypt the wallet and distribute it to multiple online/offline places (edit: and optionally delete the local wallet afterwards). If you prefer the bitaddress route, I'd suggest you keep multiple copies of the private keys in whatever form you prefer.

Also: https://en.bitcoin.it/wiki/Paper_wallet , http://printcoins.com/

Not as I know of. US gov is far more bigger risk. megaupload saga is a telltale warning sign:
http://technologyspectator.com.au/industry/internet/megaupload-users-set-lose-their-data

I use Paper Wallets to store my bitcoins.

Paper Wallets are king.

Print them from a computer that has no internet access.

If you know how, print them from a brand new freshly formatted computer that has never been online, where you copied the .html file from BitAddress.org to a flash drive.  The html file runs just fine from your local hard drive and generates unlimited paper wallets with no need for internet access.

When the bitaddress html file says move the mouse around to generate randomess, don't ignore this: move the mouse around the browser window crazily.

Do it as I just explained, and your bitcoins should be airtight.

Don't store large numbers of bitcoins on exchanges unless you have to or unless you intend to trade them soon.  Their building could burn down, the staff could go somewhere and crash in a plane, anything.  Your bitcoins on a paper wallet stay under your control.

You can get the bitcoins out of the paper wallet simply by redeeming the private key on MtGox.  Simply "add funds" and choose "redeem private key".

...or your account might get locked out due to the "anti-money-laundering" procedures, a.k.a. user-harassment procedures (https://bitcointalk.org/index.php?topic=55413.0).
Eventually you'll regain access but additional costs may be necessary to get the required paperwork translated/notarized).
Personally, I wouldn't store 5 Bitcoins at MtGox... by definition, exchanges are not meant for storage.

Paper wallet sounds like what im looking for. Thank you everyone for your input!

But say Godzilla destroys the mtgox facility, how would I redeem my bitcoins?

You actually don't have to "redeem" a private key, it's already an awkward way of doing it. You can import the key to the client of your choice directly and continue using the same address.

EDIT: To clarify, as long as you have the private keys, there will always be a way to access your coins. Don't worry about that. You can see your balances through https://blockexplorer.com/ or http://blockchain.info/ until that time. I don't prefer to suggest a client, because bitcoin tools are constantly evolving. The official Bitcoin client will probably support importing of private keys in the near future for instance (you can do it now, but you'd have to use an external tool for it (http://bitcoin.stackexchange.com/questions/2254/how-can-i-import-a-private-key-into-the-bitcoin-client)). If you just want to get a feel of it, you can use the import feature of https://strongcoin.com/ . Also, to add to casascius' post, if you really want to do this operation on a clean system, just boot with a live CD.

Keep your bitcoins on your own source. What if mtgox website goes down?? you will sit there emailing hoping that they will give em back and nothing you can do.

I have created a paper wallet, but now I think I may have a stupid question:

What if someone generates an identical bitcoin address to my own? Wont they get a private key to that address?

This will never happen.

Excellent... ummm... how does that work then?

It's a probability thing.  THe probability of it happening is so low as to be negligible.

Even if you could generate a trillion addresses every second for the rest of your life, generating someone else's address is still less probable than the chance that Barack Obama will pick you up as a hitchhiker, take you to a gas station, where you'll buy the winning lottery ticket for Mega Millions at 12:12pm on 12/12/12 with a ten-dollar bill that fell out of an overhead helicopter into your shirt pocket while the Pope is simultaneously being struck by lightning.

Sounds like something that would happen to me. You forgot the part where I survive with mild brain damage and the winning ticket was consumed in the lightning strike.

But, I created my paper wallet and started transferring my bitcoins. Tomorrow, that paper wallet is going into a safe deposit box :D

I embellished my story at the last second before you replied =)

confound you!

So I just tried to deposit some BTC into my paper wallet, but the funds were re-deposited back into my exchange account immediately.

is this because I used the private key on that address already?

Edit: Ok I was unlazy for a moment and googled it. Turns out Mtgox will keep the private key and auto deposit any coins sent to that address. oops!

OK, big warning: ONLY USE A PAPER WALLET ADDRESS ONCE.

You can send BTC to it unlimited times, but... once you have typed a private key into a computer, for any reason whatsoever, NEVER USE THE ADDRESS AGAIN.... you lose much of your protection if you don't heed this.

paper is cheap, print yourself a stack.

I should probably suggest that as a warning to be printed on each paper wallet.

I read the sticky at the top of the section, but this seems like a much forward way of storing coins. I appreciate your input on this as I'd been thinking of something simple and you pretty much nailed it.

How long would it take the super-ist super-computer to generate & save 1/10 of all possible addresses? .0686 btc bounty!

I'll give it a shot, someone please correct me if I'm wrong.

Let's say we generate 10 trillion addresses per second, which corresponds to a few times more than 100,000 high-end ATI cards.

2^160 / 10 / 10^13 / 60 / 60 / 24 / 365 / 1000, or ~ 4.63x10²³ is the number of millennia it would take to generate nearly 1/10 of all possible addresses. "Nearly", because we disregarded collisions.

There are almost 2²⁵⁶ (2²⁵⁶-2³²-2⁹-2⁸-2⁷-2⁶-2⁴-1) valid private keys. Two private keys can correspond to the same address. So actually it would take ~ 3.67x10⁵² millennia to be absolutely sure you've generated 1/10 of all possible addresses.

If it's possible to check whether you have generated an address before, with zero cost, then you will know that you have generated 1/10 of all possible addresses some time between 4.63x10²³ and 3.67x10⁵² millenia. By comparison, the universe existed for about 1.4x10⁷ millennia.

My short answer would be that if hard drives could each hold a million terabytes, it would still take a batch of hard drives greater than the weight of the entire earth to save all of those addresses.

According to my back of the envelope calculation, that would be 304479.5 earth masses (~ 1 solar mass). (Assuming 1 exabyte per 500 gr. hard drive, each address is 25 bytes.)

Additional .6174BTC bounty for percent chance of that super-ist super-computer creating an address which collides with any already-existing address within 20 years.
+.314BTC bounty to give percent chance of successfully brute-forcing this password ("ingk32%(#ldNUI93") on a WinZip archive with AES-128 encryption within 1 minute using 100k of those same ATI cards, assuming they are each able to push out 4million valid passwords per second.

ETA: Feel free to round to the nearest billionth. :P


Heh. Forgot what this thread was even about. I'll quit bumping.

https://bitcointalk.org/index.php?topic=4858.msg71102#msg71102

It is getting off-topic though, why don't you create a new thread to resume this? Large numbers kinda turn me on I guess... :P