|
Title: keeping old wallet files dangerous ? Post by: petermeuris on September 25, 2011, 07:07:11 AM Hello all,
I was just wondering. I upgraded my client to 0.4, and encrypted my wallet. Should I keep the older wallet files ? Like a month old, or is it dangerous ? I mean can somebody get the BTC out, starting from an older wallet file ? Thanks for explaining, Peter Title: Re: keeping old wallet files dangerous ? Post by: kokjo on September 25, 2011, 09:48:01 AM yes! its danrouruse in that sense. BUT i think its more dangerouse to not have a secure plaintext copy...
the keys in the old wallet is the same keys that is in the encrypted wallet. Title: Re: keeping old wallet files dangerous ? Post by: kokjo on September 25, 2011, 11:18:06 AM no it is not. yes it is, the private keys are still unencrypted in the old wallet.anyone who can get their hands on his keys, is able to spend his btc. Title: Re: keeping old wallet files dangerous ? Post by: Stephen Gornick on September 25, 2011, 09:38:01 PM I was asking for suggestions here:
- http://bitcoin.stackexchange.com/questions/1243/can-i-force-my-wallet-to-only-have-news-keys-post-encryption I suspect the best way to be fully protected will be to create a new wallet and send all the coins to the new wallet. Title: Re: keeping old wallet files dangerous ? Post by: fireball500 on September 26, 2011, 04:47:22 PM I like that 0.4 has encryption but I've been hesitant to update because it seems like it would be a pita to use
Title: Re: keeping old wallet files dangerous ? Post by: memvola on September 26, 2011, 05:55:02 PM Should I keep the older wallet files ? Like a month old, or is it dangerous ? I mean can somebody get the BTC out, starting from an older wallet file ? Not only the keys are the same, there is also a pool of 100 "future" keys that are kept in your old wallet, so the next 100 keys you generate using your encrypted wallet are already contained in the old one. I don't like deleting backups. Anything can happen, the new encryption feature can fail, you can forget your password, etc. Just create an encrypted backup of your old wallet.dat instead of deleting it (preferably using a different passphrase). I use gpg, just because it's very handy. Keeping cleartext backups of your wallet is not a very good idea anyway. Title: Re: keeping old wallet files dangerous ? Post by: Maged on September 26, 2011, 06:15:01 PM I remember seeing somewhere that a new keypool is created after you encrypt your wallet, but I can't find it anymore. I also can't find anything like that in the code, but it's quite possible that I'm looking in the wrong place.
Title: Re: keeping old wallet files dangerous ? Post by: memvola on September 26, 2011, 07:10:03 PM I remember seeing somewhere that a new keypool is created after you encrypt your wallet, but I can't find it anymore. I also can't find anything like that in the code, but it's quite possible that I'm looking in the wrong place. I just tested it, doesn't seem to be the case. I created a new wallet, backed it up, encrypted it and reloaded bitcoin. I then generated a new address using the new encrypted wallet and then the unencrypted backup wallet. They both generated the same address. I think this behaviour is expected, otherwise old backups would be invalid after encryption (EDIT: of course "invalid" is the wrong word here, they would just cease to be future proof). There are a lot of people who don't take snapshots that often and rely on the keypool. Title: Re: keeping old wallet files dangerous ? Post by: petermeuris on September 26, 2011, 07:16:50 PM However, once the old backups are not distributed anywhere, I can safely remove them and start backing-up the encrypted wallet file, right ?
|