Another Wallet question.

[Kaos116]

I have been making backups of my wallets. I have older backups. If, for some strange reason, I lose all my current backups and have to recover from an old backup, what happens?

Let's say I back up once a month and I have 10 transactions a month (in and out). In 6 months I'll have 6 backups. I will also have made 60 transactions since the first backup.

If I recover my wallet with the 6 month old back up, will everything update itself as it syncs to the blockchain?

The question is coming from the idea of placing a backup in a very secure location that is not quickly or easily accessed. Which in turn would mean it will not be the most current backup. If everything else is lost, I can retrieve that very old backup and continue on with bitcoin life .

[DannyHamilton]

I have been making backups of my wallets. I have older backups. If, for some strange reason, I lose all my current backups and have to recover from an old backup, what happens?

Let's say I back up once a month and I have 10 transactions a month (in and out). In 6 months I'll have 6 backups. I will also have made 60 transactions since the first backup.

If I recover my wallet with the 6 month old back up, will everything update itself as it syncs to the blockchain?

The question is coming from the idea of placing a backup in a very secure location that is not quickly or easily accessed. Which in turn would mean it will not be the most current backup. If everything else is lost, I can retrieve that very old backup and continue on with bitcoin life .

It depends on which wallet you are using.

• Armory?
• Bitcoin-Qt?
• Electrum?
• MultiBit?
• blockchain.info?
• YACC?

[Qim]

I have been making backups of my wallets. I have older backups. If, for some strange reason, I lose all my current backups and have to recover from an old backup, what happens?

Let's say I back up once a month and I have 10 transactions a month (in and out). In 6 months I'll have 6 backups. I will also have made 60 transactions since the first backup.

If I recover my wallet with the 6 month old back up, will everything update itself as it syncs to the blockchain?

The question is coming from the idea of placing a backup in a very secure location that is not quickly or easily accessed. Which in turn would mean it will not be the most current backup. If everything else is lost, I can retrieve that very old backup and continue on with bitcoin life .

As well as you don't generate any new receiving address, then the backup is OK.
In another word, prepare enough receiving addresses for future usage, then start to backup.

[DannyHamilton]

As well as you don't generate any new receiving address, then the backup is OK.
In another word, prepare enough receiving addresses for future usage, then start to backup.

This is very bad advice and is likely to result in people losing bitcoins if they think you know what you are talking about.

Please don't give advice to others if you are just guessing and don't understand how the wallet works.  Some newbie that doesn't realize that you're just making stuff up is likely to lose money after following your advice.

[canford]

There is every reason to backup your bitcoin private keys.  The safest possible way is to print out the private key, put it in an envelope, and put it in a bank safety deposit box.  Other people have copied a backup of their wallet keys to a USB thumb drive and locked that up.  The key thing to remember is that it is the private key associated with your bitcoin addresses that matters.  Where people get in trouble using online wallets is where the online wallet service has the private key, which means the bitcoins can be stolen.  Blockchain.info deliberately tries to structure things so that they can reconstruct the private key from your passwords, but they never store it anywhere.  A wallet like Multibit stores the private keys encrypted on your computer's hard drive.

There is no reason, other than accounting and taxes, to backup your transaction history.  Anybody with the private key to a public bitcoin address can spend any bitcoins that have been sent to that address.  Most bitcoin websites now use a 3-tier security plan: "hot wallet" address for immediate needs, "online storage" to keep excess hot wallet funds and topping up the hot wallet when needed, and "offline storage" for everything else.  The goal is that "offline storage" is not in any way connected to the internet, i.e., the coins cannot be stolen over the internet.

For most people, a simple backup of your private keys will suffice, usually an encrypted file on a USB drive.  Multibit offers that by default, and Blockchain even emails you the backup file.  If you handle large amounts of bitcoins, you need a heavier duty approach.

[Qim]

This is very bad advice and is likely to result in people losing bitcoins if they think you know what you are talking about.

Please don't give advice to others if you are just guessing and don't understand how the wallet works.  Some newbie that doesn't realize that you're just making stuff up is likely to lose money after following your advice.

Oh really this backup is likely to lose money? I'm doing my backup in this way. So what is the best way to backup ? Advice please ?

[DannyHamilton]

Oh really this backup is likely to lose money? I'm doing my backup in this way. So what is the best way to backup ? Advice please ?

As I already said:

It depends on which wallet you are using.

• Armory?
• Bitcoin-Qt?
• Electrum?
• MultiBit?
• blockchain.info?
• YACC?

Neither you, nor the OP have indicated yet which wallet you are using.  The required backup strategy will differ depending on which wallet you are using.

[canford]

Save an encrypted copy of your wallet keys.  For most people, save it on a USB stick and lock it up.  If it's bitcoins you do not intend to access for a while, you can delete the keys from your wallet.  Like all backups, there is a whole spectrum of options, from do nothing all the way to ultra-paranoid paper copies in bank safety deposit boxes.  Some people generate their wallet keys on a computer never connected to the internet, print them out, then delete them and overwrite the free space on the disk drive.  Think about it like cash, and take the same precautions you would take with that amount of cash.  Most people just need to save an encrypted wallet backup somewhere.

[DannyHamilton]

There is every reason to backup your bitcoin private keys.  The safest possible way is to print out the private key, put it in an envelope, and put it in a bank safety deposit box.  Other people have copied a backup of their wallet keys to a USB thumb drive and locked that up.

This advice is ok for long term storage, but if you're going to be spending he bitcoins then paper wallets can be quite inconvenient and can result in lost bitcoins if you don't understand what you are doing.

The key thing to remember is that it is the private key associated with your bitcoin addresses that matters.  Where people get in trouble using online wallets is where the online wallet service has the private key, which means the bitcoins can be stolen.

Another place people get in trouble is when they import a private key into Bitcoin-Qt, create a transaction, and assume that the rest of the bitcoins are still associated with the private key on the paper.  If, because of this assumption, they then delete the wallet from Bitcoin-Qt, then will permanently lose bitcoins.

Blockchain.info deliberately tries to structure things so that they can reconstruct the private key from your passwords, but they never store it anywhere.

That is completely false.  I don't think there is anything you said in that sentence that is true.

A wallet like Multibit stores the private keys encrypted on your computer's hard drive.

As far as I know, MultiBit only encrypts your private keys if you set a password.

There is no reason, other than accounting and taxes, to backup your transaction history.

And since the entire transaction history is available in the blockchain, I guess this means that there is never any reason to backup your transaction history?  Apparently it isn't even necessary for accounting or taxes?

For most people, a simple backup of your private keys will suffice, usually an encrypted file on a USB drive.  Multibit offers that by default, and Blockchain even emails you the backup file.  If you handle large amounts of bitcoins, you need a heavier duty approach.

As I said:
It depends on which wallet you are using.

[canford]

Blockchain.info deliberately tries to structure things so that they can reconstruct the private key from your passwords, but they never store it anywhere.

That is completely false.  I don't think there is anything you said in that sentence that is true.

Really?  Blockchain provides client-side code that takes the passwords you provide and is then able to send a signed transaction out.  The design is such that all of the private key information stays on the client, so Blockchain never has your private key.  The only risk is that if Blockchain is totally compromised, what they send client side could be modified to leak information.  The Blockchain code they have your browser executing constructs the bitcoin private key from the passwords you provide, then uses it.  So everything I said in that sentence is true, with the clairification that by "they" I meant both code running on their servers AND code they provide that is running on the client.

[canford]

A wallet like Multibit stores the private keys encrypted on your computer's hard drive.

As far as I know, MultiBit only encrypts your private keys if you set a password.

Good point, let me restate: All Multibit users should set passwords on their wallets, and save an encrypted backup somewhere.  If you use Blockchain, store the encrypted backup wallet they email you somewhere.

[DannyHamilton]

Blockchain.info deliberately tries to structure things so that they can reconstruct the private key from your passwords, but they never store it anywhere.

That is completely false.  I don't think there is anything you said in that sentence that is true.

Really?  Blockchain provides client-side code that takes the passwords you provide and is then able to send a signed transaction out.  The design is such that all of the private key information stays on the client, so Blockchain never has your private key.  The only risk is that if Blockchain is totally compromised, what they send client side could be modified to leak information.  The Blockchain code they have your browser executing constructs the bitcoin private key from the passwords you provide, then uses it.  So everything I said in that sentence is true, with the clairification that by "they" I meant both code running on their servers AND code they provide that is running on the client.

You are mistaken.

Blockchain.info provides client-side code that generates completely random private keys.  The private keys can NOT be "reconstructed" from your password.

Blockchain.info uses your password client side to encrypt the private keys, then it sends the encrypted private keys to their server where they DO store the private keys for you (in encrypted form).

[canford]

Blockchain.info deliberately tries to structure things so that they can reconstruct the private key from your passwords, but they never store it anywhere.

That is completely false.  I don't think there is anything you said in that sentence that is true.

Really?  Blockchain provides client-side code that takes the passwords you provide and is then able to send a signed transaction out.  The design is such that all of the private key information stays on the client, so Blockchain never has your private key.  The only risk is that if Blockchain is totally compromised, what they send client side could be modified to leak information.  The Blockchain code they have your browser executing constructs the bitcoin private key from the passwords you provide, then uses it.  So everything I said in that sentence is true, with the clairification that by "they" I meant both code running on their servers AND code they provide that is running on the client.

You are mistaken.

Blockchain.info provides client-side code that generates completely random private keys.  The private keys can NOT be "reconstructed" from your password.

Blockchain.info uses your password client side to encrypt the private keys, then it sends the encrypted private keys to their server where they DO store the private keys for you (in encrypted form).

We are in total agreement.  The blockchain client side code CAN "reconstruct" your private keys from the passwords you provide.  It does this by using the passwords to decrypt the private keys stored encrypted on their server.  We are describing the exact same thing here.  My point was only that you are trusting Blockchain to provide client side code that you can trust.  The client side code could leak your private key if it were compromised.

[DannyHamilton]

We are in total agreement . . . We are describing the exact same thing here . . .

Am I the only one who sees this:

Blockchain.info deliberately tries to structure things so that they can reconstruct the private key from your passwords, but they never store it anywhere.

and this:

Blockchain.info provides client-side code that generates completely random private keys.  The private keys can NOT be "reconstructed" from your password.

Blockchain.info uses your password client side to encrypt the private keys, then it sends the encrypted private keys to their server where they DO store the private keys for you (in encrypted form).

as saying the opposite of each other?

[canford]

We are in total agreement . . . We are describing the exact same thing here . . .

Am I the only one who sees this:

Blockchain.info deliberately tries to structure things so that they can reconstruct the private key from your passwords, but they never store it anywhere.

and this:

Blockchain.info provides client-side code that generates completely random private keys.  The private keys can NOT be "reconstructed" from your password.

Blockchain.info uses your password client side to encrypt the private keys, then it sends the encrypted private keys to their server where they DO store the private keys for you (in encrypted form).

as saying the opposite of each other?

I was not complete enough or detailed enough in my description, for which I apologize.  As far as I can tell, we agree completely about the underlying mechanism that Blockchain is using.  I did NOT mean to say that you could reconstruct the private keys without the encrypted information from the Blockchain server, only that if the client-side code from Blockchain were somehow maliciously modified, that the private keys could be leaked that way.  It is about as close as possible to an offline wallet as it is possible to get without installing software on the client, and I really like the Blockchain solution to the problem.  For the truly paranoid, a wallet that can be installed and used on an offline machine is slightly more secure.  We should drop this, we agree on the facts.

[Kaos116]

Wow, I didn't know there are different strategies based on the wallet. The wallet I'm using in Bitcoin-QT.

From what I am reading above is that it doesn't matter how old the backup is, as long as no new addresses are created after the backup.

But if many transactions are sync'd into the wallet after the back up was created. Would the back-up, when used to restore the wallet, just sync all the transactions from the block chain that happend after the backup was created?

Making backups does nothing to the block chain, correct? So it doesn't matter when the back up was made, it will just fill in the missing transactions based on the block chain.

I just have this stupid idea that when you make a new backup, the old back up will just pick up from where the new one was made. You'll end up losing anything that happened between the two back ups.