how is this wallet encryption done ?

[bracek]

I installed version 4.0,
downloaded block chain,
encrypted wallet,
sent coins into it,
all works well.


when I first installed bitcoin,
wallet was created and not yet encrypted, so my question is :
was it deleted and replaced with encrypted one ?
My worry is that my keys are maybe left somewhere on disc unencrypted.

[FreeMoney]

I was wondering about this too. Generally is writing over a file a reasonable way to delete the original? I assume not. Can users do anything to make the original more gone?

[bracek]

?

[memvola]

I was wondering about this too. Generally is writing over a file a reasonable way to delete the original? I assume not. Can users do anything to make the original more gone?

I superficially skimmed through the code and it seems like the wallet is getting overwritten (someone correct me if I missed something). Since the new wallet is not shorter, it's fairly certain that clear data is completely gone. You can trust that writing over a file on a hard drive is good enough. This might not be the case for flash drives though.

[ovidiusoft]

Overwriting a file is not a guarantee that the data on disk was actually written over. Think about flash disks and SSD's who do wear leveling. Some filesystems will also move blocks on the fly.

If you are concerned that a unencrypted file might still be somewhere on the disk you should backup your data, wipe your disk (a few times), reinstall the operating system and enable disk encryption. Then restore your wallet from the backup.

On the other hand, if someone has physical access to your hard disk there are other ways to compromise your files, so I wouldn't worry about it...

[etotheipi]

Unfortunately, many journaled filesystems do not guarantee that overwriting files will actually write data to the original location on disk.  Just do a search on "shred" with ext3 or reiserfs -- the point of "shred" is to overwrite a block of harddisk N times (default 25) to obfuscate attempts to read it later, but frequently the filesystem will execute the write commands on different blocks, leading the old ones intact.

SSDs also move data around like this, but it is actually not a problem.  The wear-leveling guarantees it's always moving data around, and purging old sectors to improve performance.  Because it's a different kind of storage, it's not recoverable the same way.  See this article:  http://news.techworld.com/security/3263093/ssd-fimware-destroys-digital-evidence-researchers-find/ .  Apparently digital forensics experts are finding it impossible to recover data from SSDs.

[pointbiz]

You could download TrueCrypt, create an encrypted file and mount it as a drive. Run Bitcoin with a command line option to use a different wallet folder and point that to a folder on the TrueCrypt drive. It should create a new wallet.dat for you on your TrueCrypt drive and then you can send money from your old wallet to you new wallet.

[memvola]

Unfortunately, many journaled filesystems do not guarantee that overwriting files will actually write data to the original location on disk.

I didn't know journaled file systems did that for already open files, but it makes sense. I thought overwriting would be good enough, but I stand corrected. (EDIT: I guess it depends on how the db gets overwritten though.)

SSDs also move data around like this, but it is actually not a problem.

Thanks, it's a relief, though it's worth noting that concerns about journaled filesystems still apply for SSD's.

What about wiping free space by filling it with dd?

Code:

dd if=/dev/zero of=/home/myuser/.bitcoin/deleteme bs=1M ; sync ; rm /home/myuser/.bitcoin/deleteme

Or bcwipe?

Code:

bcwipe -Fvmz /home/myuser/.bitcoin/

EDIT: I'd trust dd more that bcwipe, since I know what it does.

[etotheipi]

If you read the article you'll see that SSDs are actually, constantly purging old sectors to improve performance, and that it's only a short time before the old data is completely destroyed.

From the article:

After examining an SSD for traces of data after it had been quick formatted, the team expected the purging routines to kick in around 30-60 minutes later, a process that must happen on SSDs before new data can be written to those blocks. To their surprise, this happened in only three minutes, after which only 1,064 out of 316,666 evidence files were recoverable from the drive.

This means that if you write your new encrypted wallet to disk, one of two things will happen:
(1) The data is overwritten in place :  GOOD
(2) The data is written to a different sector, but the old sector is purged within 3-60 minutes : GOOD

So you're really only vulnerable if someone steals your SSD within an hour of you encrypting your wallet.  By then, the data should be completely gone.