Bitcoin Forum

I have a laptop, which I use to do all my bitcoin-relating activities.  If my laptop were to get stolen, or if the HDD died, I would lose all of my bitcoins, wouldn't I?  Is there a way I can prevent this?

Copy, and preferably encrypt, your wallet.dat to another hard drive/usb/cloud/etc

Backup your wallet every now and then, copy wallet.dat and store it somewhere safe

Backup you wallet.dat file - that's the thing you need to prove your coins. If you lose your laptop then you can install bitcoin software someplace else, copy your wallet.dat into the right place and you're good to go again. Encrypt your backup!

Thank you all very much for your help.

Would it be wise to backup the entire data directory, in addition to wallet.dat?  It seems like that would save me having to re-download the older blocks if I lost my installation.

I would say you a bit of time and internet bandwidth to backup the whole data directory. *shrugs* I don't bother personally, but you could.

One word of warning: do regular backups OR use a different "savings account" type setup, there can be issues if you try to restore an old backup directly.

Ideal setup is to have a wallet.dat with a single address generated offline, backup and encrypt it then send any spare bitcoins there. Your day-to-day stuff should be backed up roughly every 10 transactions.

This does make me think of a scenario - the bitcoin aware thief, who steals your laptop and transfers your coins before you had a chance to recover your wallet, download the blockchain and send them on to a new address (one that also isn't in your wallet already).

This is quite interesting - perhaps there should be an option in the client to make a new address that hasn't been seen already, for this possible situation where your wallet has been compromised.

Another thing I'd like to see is a secure and heavily backed up service where you can upload an encrypted wallet.dat - if your laptop gets stolen you can send the service a decryption key(kept on a usb stick with you all the time perhaps) to have the coins sent to a new address immediately, and just hope that the thief hasn't had the chance to send them on to another address yet. The service can take a small percentage of the recovered coins (after decrypting the wallet) as payment for holding it.

I wonder how long it will be until this becomes an actual issue?

After recovery of lost wallet.dat, transfer all the coins to an address from another, secure wallet. Don't forget about transaction fee when sending BTC.

The only solution is to encrypt your harddrive with a key that is stored only in your brain

How does that help the above situation?
Anyway, generate a new address, write it down, generate a new address again - it'll never get mentioned on the network.

A monthly fee for hosting is more likely - otherwise the service provider never breaks even unless some theft occurs. Plus you'd want to avoid adding incentives for theft such as giving a percentage of recovered coins.

I'd happily run such a service myself without the % of recovered coins aspect - you encrypt your wallet, send it to me and i'll store it in a secure fashion for 2BTC/month. I might do just that if there's sufficient interest, seems like a nice business plan.

The bitcoin wallet stores 100 addresses that have not yet been "generated". That means when you generate a new address and send coins to it, the thief will also see those coins because he has the same extra addresses in the wallet.

So generate a new address on a totally new client and send all your coins to it

Sure but you have to do that before the thief does it himself and it's not always going to be simple (imagine if you only had 1 computer and that got stolen). That's my point, which is why I want a service where I can log in (from my phone if need be) and quickly get my wallet decrypted and my coins sent to a new separate address that the thief will have no access to.

Makes sense :)
Of course you then need to have total trust in the service holding your wallet for decryption AND you need to update them all the time. What if the service decides to rip you off too?

Service that receives payments from its users has more trust than thieves. Under normal circumstances, encryption key is unknown to the backup service, so it does not have access to your bitcoins. The only time when it has the access (and chance to appropriate bicoins) is when your wallet is already stolen. If your wallet gets damaged, but not stolen, you can download the encrypted walled and decrypt it locally.

If I was a scammer this is what I would do:

(This is of course pure speculation, but it is also the reason why if I did run such a service I would not WANT the decryption keys in order to avoid this possibility):
First, setup a service with a small monthly fee offering to store encrypted wallets and as you suggest decrypt and send the coins elsewhere on demand.
Then I sit and wait.
One of my clients has a theft occur, they call me and I decrypt their wallet. I send all the coins to myself. Then I tell the client "Sorry, the thief got there first".
I would be unlikely to get caught and the incentives are quite huge.

What would prevent this?

Time of transaction is recorded. If transaction occurred  before revealing the key, we assume, it was thief. If transaction occurred  after revealing the key, we assume, it was dishonest service. You or someone trusted has to watch transactions in order to detect this.

Ok, now the service provider is honest but the thief is very clever and waits for that window between you giving the key to the service provider and them running the transaction - this window could be hours if it's a manual process, or seconds if it's automated, but if it's automated the window can be made longer through careful use of a DoS attack.

Clever thief normally performs the transaction ASAP to outstrip the victim with her backup service.

Clever thief wants to lead any investigations away from him and onto the innocent 3rd party ;)

If the above sounds silly, my basic point is this:

The only way to be 100% secure is to not give your key to anyone else, ever and only decrypt on your own machine.
Doing so would also prevent theft in the first place - as soon as your computer is turned off, the plaintext wallet disappears from RAM.

How would a thief know when you give the service your key?

This is getting silly now, but it's for those with sufficient paranoia:

Network sniffers

There are better ways to launder stolen bitcoins. And if the thief will be caught, he will be prosecuted anyway in most cases.

I assume that my data is never 100% secure, because any today's computer system is way too complex to be absolutely sure about anything. But of course, such practices, combined with strong passwords, can make you at least 99.99% sure.

Generally, if you encrypt sensitive data (such as wallet.dat) and only store the plaintext version in RAM then with a good implementation you should stay secure for a long time - by giving it to someone else you open up the security risks massively.

Could you expand on what kind of issues please.

Put simply, you could lose the keys for your newer coins, and those old coins in your old wallet may already have been spent.

clever thief rob only wealthy/rich people, ride horses and wear black coat :P
like Robin Hood or Zorro, yes :-P