Bitcoin Forum

I have seen a thread (that I cannot find now) that had a slew of interesting ideas of how people were storing their private keys for offline wallets. From engraving into metal to tattoos.

Now that some time has passed and people have surly come up with other methods, I'd love to hear some of them. I am currently trying to find the best way(s) to store a few private keys of my own. I'd like to be cautious, because if the perfect storm happens, I don't want to lose all of my bitcoins. By this, I mean simply throwing it on a piece of paper and putting it in a safe deposit box, and then another in my home isn't going to cut it. What if the bank gets robbed and my home safe is stolen? Likely not to happen, I know, but I still want a better way to store them.

Any ideas? The more nerdy the better  ;D

How about encrypted paper wallets?

I like the idea, but was thinking more of ways to store the private key as-is, even if it's possibly broken up into different locations.

I don't know. Just rambling.

cut your paper wallets in half?

Tattoo the private keys in my butt chic. :P :P ;D ;D

But what if all the mirrors get stolen?

BIP38 encrypted and shared with Shamir Secret Sharing technique in as many parts as you please and pick your number for recovery. After that it's just a matter of mitigating risk, think your house will burn down? Engrave some of the shares in metal. Think your USB stick will fail? Use several from different manufacturers. Etc.

Distribute the shares in different physical locations and be imaginative.

At the same time think about how your heirs can get to your keys, in case you get hit by a bus.

check this strange method   ;D : http://soundwallet.net/

it's dangous not interesting

I'm not sure that I like the sound of step #4  ;D ;D

Make a small hole in a titanium screw, either ingrave the privkey inside that cavity, or insert something durable with the privkey engraved on it within the cavity. Seal it. Now, go and break your arm, insert a few screws to fix it. The screw with the privkey goes along with the other screw. If somebody ever asks, just say you were in a horrible ice skating accident when you tried to qualify for the nationals. Privkey secured. Retrieval might be another matter, but you're in this for the long term, no?

This is a bad idea. Not only should you not hurt yourself to keep your money safe, but you would also need to further hurt yourself to be able to spend your money. In order for cold storage to be effective it not only needs to be safe from attackers but also allow you to be able to spend your money with semi ease.

You would also risk that the doctor would put in the incorrect screw in your arm (you would not be able to put them in yourself)

lol

That seems a bit extreme. You can just dig a hole and hide it somewhere or within a tree cavity or something. Never the less, i like the style :D +1

Bad idea. Body scanner at the airport would be able to see your pkey.

http://aeternum.in/products/keyvault-gemini

Those scanners are not able to see that level of detail.

It would still be a bad idea because you would be unable to access your funds without hurting yourself.....again

Silverwallets.com are so cewl!

There's no need to worry – I'm here to answer your question! ...  I got three words for all of y'all: Get a life!  ;D ;)

one word: Steganography.  ;D

Well in that case I will just find another reflection of my bottom. 8)

This is not a problem. Because of my religion, I can only use church certified screws. I'll have my friend, who's a priest in my church bless the screw, and then oversee the screwing as well, to ensure everything's screwed in tightly and properly.

Split encrypted paper wallets.

take a plasma torch, and cut the letters and numbers forming the key into a 6+ x  30" piece of 1/4" steel.  Triple check that you did it right, and that all the characters are correctly readable.

done.  

then if you want to go further, grind an edge on it, and using big rivets and a hammer, put a handle.

While the majority of responses were less than helpful, although somewhat entertaining, I've come up with the following solution:

I have two offline wallets that split my BTC between the two. If something happens to one, I don't lose them all.

I have my public addresses as 'watch only' so I can monitor the balances.

I have my private keys stamped into metal that won't melt if the house burned down.

AND I have paper copies in another location, split up so you need both parts to complete the key.

I'm HODLing long term, so I wanted to be safe.

An interesting solution could be to PGP-encrypt the private keys, and print them on paper in base64 format,
then send the encrypted private keys to one entity, and send a copy of the private PGP key to another entity, none
of the entities know about each other.

If your house burn down, you contact the holder of the PGP privkey and uses it to decrypt the privkeys. Or even better,
have each of them hold encrypted privkeys and a private PGP key, that only works with the version the other entity has.

Scale up as necessary.

Another way could be to go into the woods and dig it into the ground. If they keys are stored properly, nobody should ever find it.
You could also encrypt the privkeys, and then put the pgp privkey somewhere else. Many possibilities..

I am wondering where I can stamp something into metal on my own.
Asking a third party to do that for me, doesn't seem like a good idea.

http://sandiego.craigslist.org/csd/tls/4709990946.html

Have two PCs at home - one online, the other offline. Always keep your private keys in that offline PC. So do I :)

So, I take this and a hammer to stamp it into steel? Sounds like hell of work.
Wouldn't I also need lower-case letters?

turn the letter sideways for lower case.

It can be trustless.  Check out how woodwallet does it. I think they use bip038

New ways might have major flaws in it. I just have to wait until it will be perfect.

BIP38 has been around for a year. So, yeah...

Bip38 ec multiplied two factor keys have been around for years.  You can read about how it works here:

https://github.com/bitcoin/bips/blob/master/bip-0038.mediawiki#Encryption_when_EC_multiply_mode_is_used

In short, it takes advantage of the fact that in elliptic curve math, pubkey1*privkey2 = pubkey3, and privkey1*privkey2 = privkey3.  So you are giving them your pubkey1 with the intermediate code, and they create a new private key and multiply it by your public key to generate a public address, and then they give you their privkey2, which enables you to get privkey3 because you also have privkey1.  Your bip38 password is run through a key derivation algorithm, and eventually also sha256 hashed, which produces a pseudo-private key, which has a corresponding public key, which is used to encrypt the entire payload.

So the guy who makes the key for you can decrypt the encrypted key, but he still can't get the private key, since your privkey1 is part of the key derivation from your password before everything is sha256'd to get the shared secret between you two.

So only you, with the correct password, can recreate the correct privkey1, and then also decrypt the payload, and then use privkey1 with the now decrypted privkey2 to get the actual relevant key, privkey3.

Additionally, the key derivation function is scrypt, with some additional random bytes that you create.  Because it's scrypt, it's really slow to brute force, and because you add in random bytes, rainbow tables won't work.  The actual bip38 encrypted payload in a bip38 ec multiplied address is those random bytes, privkey2 from the guy who generated the key, and a checksum hash of pubkey3 to verify that everything was decrypted properly.  That gives you all the information you need to be able to, along with the correct password, derive and decrypt everything and generate privkey3, which is the private key for the address that "belongs" to the bip38 encrypted key.  (And then you can verify that everything worked with the checksum hash.  If the hash doesn't match, the password entered was incorrect.)

You can effectively hide a private key in plain sight by applying an easy to remember rule to it.

For example, take your private key and invert the case of all characters following the 8th character.  Very easy to remember, very easy to do (e.g. in Word or with pen and paper by hand), impossible for anyone to guess (unless you somehow publicise or hint at your method).

Personally, I prefer to have multiple digial copies of my offline Electrum wallet's 12 word mnemonic code.

Split the mnemonic code into 2 or 3 groups of words, and hide them in different places.  Emails, files, photos, wherever.  So long as you know how to find them, you can hide multiple copies virtually anywhere e.g. your PC, your NAS, different email accounts, Dropbox, etc.

No one is going to find the 6 words of your mnemonic code hidden in a 200 page PDF stored in your Dropbox and OneDrive account, let alone the other 6 words hidden elsewhere.  Crucially, however, you will know where to look, you will know where the other 6 words are and you will be able to rebuild your wallet pretty much anywhere in the world.  It is also reasonably easy to explain to a loved one how to rebuild the wallet, should the worst happen.

Physical backups are great, of course, but there are always stories of safes being stolen from homes, for example, damaged paper wallets, or failed hard drives or USB thumbsticks.

If i write a random combination of numbers and separate them into several pieces would the guy that finds out know that it is the bitcoin private key. Probably he might think that it is for some online banking password. But just to keep it safe. I even write down several parts of the code and keep it at my other in law house in case something happens to mine  ;D

This makes tags for really harsh environments like pipelines, so it should do for permanent code storage including cases like fire and flooding.  Not sure if they do lower case but if not just put a slash in front of the char that is going to be lower case.

I'm going to get one and try it out.

http://www.amazon.com/DYMO-Tapewriter-Metal-Embosser-101105/dp/B000FD7Z7I/ref=sr_1_3?ie=UTF8&qid=1413480605&sr=8-3&keywords=tape+embosser

http://www.amazon.com/DYMO-Non-Adhesive-Stainless-Embossing-Cassette/dp/B000O78D94/ref=pd_sim_op_1?ie=UTF8&refRID=0S9RH5Z6WBSQ2RMV22PY

This is probably the best way to keep your private keys safe for cold storage. It is also, by far the simplest way. You will need to somehow create your private key (on an offline computer), so you might as well keep the keys there.

I do admit that there are a large number of very creative ways of storing your cold/offline private keys however you should really remember "KISS" - Keep It Simple Stupid

I have a fairly strong opinion that if you have an encrypted wallet, there is zero need for any additional layer of encryption.

Similarly, if you have a single private key, you encrypt it once, but to do this you can't trust other peoples' algorithms and "help."