Bitcoin Forum

Are there any good solutions for splitting your wallet, or having multiple wallets?

For example, take the hypothetical case that I had 1,000,000 BCs somewhere. I would be very scared that they would be stolen if stored on my computer, which is connected to the internet 24/7.

Let's say I wanted to store the bulk of them safely. In day-to-day payment I only want about 500 BCs around on my computer/phone. These are the ones that could be stolen if my computer was rooted.

I would want to have the other coins on an encrypted, isolated storage, and only connect it to my computer if I needed the coins, or wanted to put more coins into the safe.
 
Is this possible?

Create a new wallet somewhere, generate an address, put the wallet offline, send the bulk to this address.
Your private keys will remain inaccessible since they're offline.

You can keep sending coins to the offline wallet at anytime, they'll show up in your balance whenever you use this wallet with an online client.

Thanks man, that makes sense. So the only time the 'secure' wallet will have to be online is when taking coins out.

Although it would need to be online once in a while to pick up coins sent to it, otherwise they won't register.

I wonder if this can be done without having a direct connection to the internet. Could the 'public' host connected to the internet act as proxy, passing through just the coins/transactions to and from the 'secure' host, and nothing else? Without actually having the secret keys ever accessible to the 'public' host.

So basically I want all the network handling in the public host, and a simple receive/send coin protocol from there to the secure host. The secure host will have its own wallet, keys, which are impossible to access any way from outside, and expose just a very limited protocol.

Doesn't' work like this.

Your wallet holds a set of private keys, regardless of your wallet being 'online', the network will credit you with the coins.
You need to put your wallet online only to sign outgoing transactions with one of your private keys, the network will recognize the transaction as valid since it will be able to check the signature with the public key the balance is associated to.

So theoretically you wouldn't even have to ever go online with a massive wallet, you'd just have to sign a transaction on an offline box, and then take it to an online one to broadcast it.

You might have to download the up to date block chain to put on the offline box for the standard client to credit you the correct balance, that wouldn't be necessary with a custom client that would let you create transactions regardless of your balance.

Is it possible to truecrypt a volume on a remote server?

You could upload a copy of your wallet by secure vpn and store it securely. Not even the server admin could break into your files.

Thanks for the explanation. So how would I see how many coins are in the 'offline' wallet? Which key is needed for this, the public or private one?
Very cool.
Yes, but this would still allow full access with the truecrypt key, which would be on my PC. So a hacker with remote access to my PC could access everything. I'm trying to isolate the wallet as much as possible, so there isn't even a small bit of time in which a hacker could have full access to it.

Basically, like a safe, the secure box has a physical interface to send a transaction after authenticating me in some way. The network traffic from and to it should be limited as much as possible, most of the time it isn't even connected to my computer or the internet at all.

The only other piece of functionality that needs to be available is to see how much coins are in it, I don't mind if this is from a 'public' host or the secure host itself.  Although it would be strange pecularity of the bitcoin network if everyone can see your balance.

Everyone can see the balance of any bitcoin address, this is by design.
Someone correct me if I'm wrong here, but I think multiple addresses can "own" the same coins, the first one spending them invalidates the coins on the other address, so that's why, in my understanding lightweight clients based on balance sheets can't check transactions validity for themselves.

However, if you use a new address for each transaction, or if you dispatch your coins on different addresses it'll be very hard to make a link between them.

Basically, all transactions are public otherwise the bitcoin protocol wouldn't be possible.

Yes, this is how I do my bitcoin 'savings' account on a thumbdrive.  The entire program and all data is on the thumbdrive, and my computer at home is busted.  So I have to do any work on my 'savings' at the computer at work, which has a very effective firewall, that functionally prohibits bitcoin from doing anything.  So every so often I download a new copy of the blockchain with Explorer, and just swap the files onto the thumbdrive.  The client checks the new chain upon next startup, and finds any new coins that I have 'deposited' from my Mybitcoin.com account.

Of course, I have yet to figure out how to transfer out of my 'savings', but I'm sure that there is a way to pipe the transaction to a file.  At some point, such transactions should be able to move as email extensions, and the regular client should be able to import a transaction and incorporate it into the network in the normal way.

Functionally, yes.  But more than one address cannot "own" the same coins in the blockchain, because the blockchain only records settled transactions.  A special transaction that could have multiple claims must remain outside of the blockchain until someone actually claims it, I believe. 

Balance sheets for lightweight clients are redundant anyway, and not just for this reason.

No; it's possible to create a transaction with a script that allows claim by any listed transactions. This is valid and would be included in the block chain.

There's even a special command in Bitcoin's scripting system that does this: OP_CHECKMULTISIG.

Does "claim" mean "spend", when used as above by creighto and theimos?

In other words, there isn't any way to "claim" a coin without spending it, is there?

Right. An coin/output can be referenced/claimed/spent one time.

The claimer could simply transfer the coins to a different address he already owns, which isn't really spending them.

In the current block chain, all the transactions (with very few exceptions) are just plain transfers from one address to another. It's therefore easy for the client to work out the current balance but this is something just synthesized from the transactions. If lots of non-standard transactions existed it might be very difficult for the client to work out whether you could spend them and hence it would not be able to determine your balance.

The idea of balance sheets has changed somewhat over time as I understood more about how the scripting functioned. In order to implement a full client while throwing away the most unecessary information, the balance sheet client has to keep all the relevant details of all the unspent transactions. When spent, they are forgotten. It also has to remember a certain number of past blocks.

If balance sheets were implemented then it would no longer make sense to have a fee based on transaction size. Instead the fee would be related to how much new information needed to be stored compared to how much could now be forgotten. It raises the prospect of people getting paid the fees to make the transaction!

Also, for clients using balance sheets the transaction rate would be limited by network bandwidth rather than the block size limits. One might imagine that miners using balance sheets might have a competitive advantage over traditional miners.
Bitcoin peers wishing to use the lower fee structure of balance-sheet based miners might neglect to forward their transactions to traditional miners. This might fracture the network somewhat but the issue is complicated and I will make a separate post about it.


ByteCoin