Cold storage security

[SgtSpike]

I've thought a lot about a potential Bitcoin business I could start that would be handling people's Bitcoins (albeit for no longer than 24 hours at a time).  Given the number of hacks, and the fact that I am far from an expert on security, this scares me to death.  The only solution, in my mind, is to keep 100% of coins in cold storage, create transactions from an online machine, and have the cold storage offline machine sign the transactions on a USB stick (Armory's method).  For the purposes of my business idea, this should be acceptable.

But here's the problem:  People know where I live (or could easily find out, as I make little effort at hiding my offline identity).  If I have thousands of Bitcoins on hand, and people know that, then I fear I would be making myself a target for home invasion.

Any suggestions?

[1713574809]

1713574809

[1713574809]

1713574809

[casascius]

Use m-of-n private key (a working implementation with source for Windows: https://casascius.com/btcaddress.zip - Vitalik Buterin also created one in python that works a bit differently)

Don't keep all the pieces in one place.  Use any and all of the following to hide some or all of the pieces: safety deposit boxes, with friends/family, with estate-planning attorney, as well as hidden where only you know.  A critical element of several of the places is that getting access to them takes time, effort, and involves the scrutiny of other people who can't be put under duress by an attacker as easily, and in some cases hopefully can't be identified by a would-be attacker.

Create a document and keep it in your own home that explains that the key is in pieces and drop hints as to how to acquire and assemble the pieces that would only be fully understood by people who know you well.  This gives you plausible deniability in a robbery as well as a way for your family to find your stash if your demise is untimely.  Include on a USB stick any software needed for your family to reconstruct the keys once they assemble them, just in case the software becomes unavailable or difficult for your family to find.

[SgtSpike]

casascius - it seems you misunderstood my intent.  I am not looking for long-term storage.  I would need to have the cold storage transactions signed every 24 hours.  If I had to drive to do it, then I could make that happen, but having to gather pieces every day, then redistribute them would seem highly impractical.  Sorry if I did not make this clear in my OP.

[casascius]

casascius - it seems you misunderstood my intent.  I am not looking for long-term storage.  I would need to have the cold storage transactions signed every 24 hours.  If I had to drive to do it, then I could make that happen, but having to gather pieces every day, then redistribute them would seem highly impractical.  Sorry if I did not make this clear in my OP.

It sounds like I have conveyed enough of the basic concept though, in any case, for you to craft a specific plan that would be more appropriate for your needs.  Assuming of course you thought it was a good idea.

[nevafuse]

I'm sure you'll be fine.  You pay taxes right?  Just give the police a heads up & they'll send a patrolman over ASAP.

Seriously though, depending on how much you may have access to, you may want to hire a private security firm.  Build the cost into the price.

[FreeMoney]

You can either easily access the coins all the time (including during a robbery) or not.

If you want to suddenly be -unable- to access them, just send them to an address with a key that you don't have handy (something like cas describes). That doesn't help if someone decides they don't believe you or don't care, but at this point it is pretty much someone randomly murdering you because you use bitcoin.

[DeathAndTaxes]

I guess it all depends on how paranoid you want to be.  Looking at it from a high level there are only two general concepts to prevent a third party from forcing you to give access. The first is to create a setup which requires a second party who isn't on-site (counterpart).  The second is to create a setup where you can cause yourself to intentionally lose access.

Second party:
You could split the private keys (protocol independent m of m).  For example you could XOR two 256 bit numbers (half-keys) to produce the private key.  You keep one list of half keys and your partner keeps the other.  To send funds would require both of you to XOR your half-key to produce the full key and sign a tx.

Another option would be a wallet where it requires two pass-phrases to decrypt and you only have one.  You would need to notify your partner and he (via RPC call or some other method) enters his passphrase.  The "dual missile key option".  

For either method you likely would want some challenge and password type setup to ID the counterpart is not compromised.  Upon hearing a duress codeword the counterpart would refuse access.  If you have the info stored securely in a third location the counterpart could destroy his secret upon hearing the duress word.


Lose Access:
The simplest option would be a wallet where upon duress would send the full balance to an address you don't have direct control over (private key is off-site, bank vault, m of n type setup, etc).

Another option would be a deterministic wallet stored only in memory (say a netbook dedicated as a hardware wallet) and created using two 256 bit seeds.  On setup you and your counterpart would enter the seeds.  The wallet could be operated by you alone but upon duress you kill the power and you couldn't restore the wallet without your counterpart.

The in-memory wallet could be done with one person if you can limit access to the seed and don't routinely keep it on site.  For example setup in-memory wallet and then have seed secure in a safety deposit box.

Obviously the disadvantage of the "lose access" method would be that if you are compromised before the duress action can be taken the wallet will be lost.  One option would be to trigger the lose access method to an alarm system.  Someone breaks in, alarm sounds, and a relay kills power to the in-memory wallet.

Consequences:
So there are a couple different ways of doing it but one thing you may wish to consider is .... do you want to be in a situation where you can't give criminals what they want?  Will they believe you?  Will they accept the truth in a non-violent manner?  Maybe investing in a good monitored alarm system (not ADT), strong doors, secure locks, and firearms is better insurance.

[SgtSpike]

Thanks for all the input!

It looks like, at this time, I will be unable to conduct this Bitcoin business that I had wanted.  No solution presented thus far is "good enough" for me (I don't want to deal with a second person), and I don't want anyone showing up at my door, strong locks and firearms or not.

Really, an online solution of some sort with insurance sounds better.  But I doubt Bitcoins are something that any insurance company would want to insure...

Maybe another day, I'll find a good solution.  For now, I'll hang on to the idea and the IP associated with it.

[casascius]

(I don't want to deal with a second person)

For what it's worth, simply opening a safety deposit box costs as little as $10/year, can be done at the bank you already visit, and can be accessed without any questions other than your identity (which will be checked by someone also in a position to detect whether you're under duress and to do something effective about it, including deny access to the box, trip silent alarms, and gain the highest priority attention from law enforcement in the fewest words).

[kangasbros]

But here's the problem:  People know where I live (or could easily find out, as I make little effort at hiding my offline identity).  If I have thousands of Bitcoins on hand, and people know that, then I fear I would be making myself a target for home invasion.

How big risk this really is? The money is behind a safe, which only you know the password to. So they have to threat you with violence to get the private keys/bitcoins. To me it seems like a high-risk operation from robbers viewpoint.

[SgtSpike]

(I don't want to deal with a second person)

For what it's worth, simply opening a safety deposit box costs as little as $10/year, can be done at the bank you already visit, and can be accessed without any questions other than your identity (which will be checked by someone also in a position to detect whether you're under duress and to do something effective about it, including deny access to the box, trip silent alarms, and gain the highest priority attention from law enforcement in the fewest words).

Hmmm... now there's an idea.

I wonder if they would have a power plug in the same area where the deposit boxes are made available?  If not, I could always just take a battery with me.  Potentially, I could put cold storage on a netbook-type device (with paper and USB backup), then stop by the safety deposit box with a USB key to sign transactions as necessary.  If no power is available, I could simply take the battery home and charge it (assuming I had two of the same netbooks), then bring it with me to conduct the transactions.

A bit of a hassle, but doable.

I've never used a safety deposit box.  Are they typically available 24/7?  Can they fit a netbook inside?

[SgtSpike]

But here's the problem:  People know where I live (or could easily find out, as I make little effort at hiding my offline identity).  If I have thousands of Bitcoins on hand, and people know that, then I fear I would be making myself a target for home invasion.

How big risk this really is? The money is behind a safe, which only you know the password to. So they have to threat you with violence to get the private keys/bitcoins. To me it seems like a high-risk operation from robbers viewpoint.

The way I figure it is, people will break into a car for a quarter.  I am certain there are individuals out there who would conducted an armed robbery of some sort for $200,000 worth of digital cash.  Sure, it's high risk, but it's also high reward if business is booming for me and I actually have that many bitcoins moving through the service in a 24 hour period.

[casascius]

Hmmm... now there's an idea.

I wonder if they would have a power plug in the same area where the deposit boxes are made available?  If not, I could always just take a battery with me.

Hanging out and doing any kind of work inside their vault is not something they're anticipating you'll do.  They expect you will come in, identify yourself, sign their logbook, and go in the vault accompanied with your key and they will insert their key (each box has two locks) and then you will either add things or take them out while they stand by.

Potentially, I could put cold storage on a netbook-type device (with paper and USB backup), then stop by the safety deposit box with a USB key to sign transactions as necessary.  If no power is available, I could simply take the battery home and charge it (assuming I had two of the same netbooks), then bring it with me to conduct the transactions.

A bit of a hassle, but doable.

I've never used a safety deposit box.  Are they typically available 24/7?  Can they fit a netbook inside?

A typical safety deposit box is small but LONG (unless you pay for more size).  A typical size is 3x5x22 (inches).  It will definitely fit a USB stick, or rolled-up documents.  But not a computer.  They are only accessible during banking hours unless your bank offers some sort of after-hours access.

Between me and the company I work for, we have several boxes of this size, specifically for contingency plans.  The boxes I use to hold Bitcoin private keys contain parts of m-of-n sets, and they are printed on paper in the form of QR codes.  When I visit the boxes, if I want 1 code, I will usually just scan it with my phone, or if I need several, I might just take part or all of a sheet out of the stapled-&-rolled-up stack.  I always assume that the bank personnel "could" access my box for any reason, so I never leave private keys in the box that would be useful by themselves.

[SgtSpike]

Hmmm... now there's an idea.

I wonder if they would have a power plug in the same area where the deposit boxes are made available?  If not, I could always just take a battery with me.

Hanging out and doing any kind of work inside their vault is not something they're anticipating you'll do.  They expect you will come in, identify yourself, sign their logbook, and go in the vault accompanied with your key and they will insert their key (each box has two locks) and then you will either add things or take them out while they stand by.

Potentially, I could put cold storage on a netbook-type device (with paper and USB backup), then stop by the safety deposit box with a USB key to sign transactions as necessary.  If no power is available, I could simply take the battery home and charge it (assuming I had two of the same netbooks), then bring it with me to conduct the transactions.

A bit of a hassle, but doable.

I've never used a safety deposit box.  Are they typically available 24/7?  Can they fit a netbook inside?

A typical safety deposit box is small but LONG (unless you pay for more size).  A typical size is 3x5x22 (inches).  It will definitely fit a USB stick, or rolled-up documents.  But not a computer.  They are only accessible during banking hours.

Between me and the company I work for, we have several boxes of this size, specifically for contingency plans.  The boxes I use to hold Bitcoin private keys contain parts of m-of-n sets, and they are printed on paper in the form of QR codes.  When I visit the boxes, if I want 1 code, I will usually just scan it with my phone, or if I need several, I might just take part or all of a sheet out of the stapled-&-rolled-up stack.  I always assume that the bank personnel "could" access my box for any reason, so I never leave private keys in the box that would be useful by themselves.

For the sake of this argument, I'll trust the bank and its staff, but will still ensure that the contents of whatever I leave in the deposit box are encrypted.

Assume I rent a large enough box to fit a netbook in then... What about grabbing the netbook, going out to the lobby, conducting my transactions, then stowing it back away again?  Would it be unsafe to have the data "out in the open" in the lobby?

Or, would it be ridiculously slow to simply keep the private keys on a USB drive in the deposit box, then bring a netbook along with me to sign the transactions?  I don't know how having a wallet file on a USB device would affect the speed at which signing with Armory could occur.  And, of course, never actually bringing the netbook online while it is elsewhere, to ensure it truly remains uninfected cold storage.

[chriswilmer]

Just use a brainwallet. That way your bitcoins are not stored "offline"... they aren't stored anywhere at all. There would be no reason why people would come to your house looking for bitcoins, there would be no point. The only way to get them would be coerce you to give up the passphrase. I can go into more details about this (it's a pretty simple system -> you still use an offline computer to sign transactions, but the offline computer never stores the private key).

[DeathAndTaxes]

Just use a brainwallet. That way your bitcoins are not stored "offline"... they aren't stored anywhere at all. There would be no reason why people would come to your house looking for bitcoins, there would be no point. The only way to get them would be coerce you to give up the passphrase. I can go into more details about this (it's a pretty simple system -> you still use an offline computer to sign transactions, but the offline computer never stores the private key).

His scenario is someone DOES come to his house to take the large sum of bitcoins in his offline wallet.  You solved the scenario he isn't asking about. 

[SgtSpike]

Just use a brainwallet. That way your bitcoins are not stored "offline"... they aren't stored anywhere at all. There would be no reason why people would come to your house looking for bitcoins, there would be no point. The only way to get them would be coerce you to give up the passphrase. I can go into more details about this (it's a pretty simple system -> you still use an offline computer to sign transactions, but the offline computer never stores the private key).

Why do you say there is no reason why people would come to my house looking for bitcoins?

As I said in the OP, my name and street address are fairly easily associable with my online identities.  Couple that with the fact that I would be running a business where anyone could see the exact amount of Bitcoins I am holding at any given time, and that number of Bitcoins may increase to a significant number (thousands or tens of thousands of BTC), and I can see very good reason for people wanting to "pay me a visit".

[nevafuse]

As I said in the OP, my name and street address are fairly easily associable with my online identities.  Couple that with the fact that I would be running a business where anyone could see the exact amount of Bitcoins I am holding at any given time, and that number of Bitcoins may increase to a significant number (thousands or tens of thousands of BTC), and I can see very good reason for people wanting to "pay me a visit".

I wouldn't want to be anywhere near a public bitcoin facility especially with a known high balance if it doesn't have adequate protection.  Even if you made it perfectly clear no private keys are available on location, some moron criminal is still going to attempt to steal some money.  They may even harm you as an example to future victims.  Bottom line - either don't make the address public or hire lots of security.

[casascius]

Assume I rent a large enough box to fit a netbook in then... What about grabbing the netbook, going out to the lobby, conducting my transactions, then stowing it back away again?  Would it be unsafe to have the data "out in the open" in the lobby?

That would probably work, in the sense that the bank is unlikely to have any problem with you doing it.  As for whether it's safe is mostly hypothetical.  Someone in the bank to conduct a robbery is probably there to rob the bank.  Who knows.

Or, would it be ridiculously slow to simply keep the private keys on a USB drive in the deposit box, then bring a netbook along with me to sign the transactions?  I don't know how having a wallet file on a USB device would affect the speed at which signing with Armory could occur.  And, of course, never actually bringing the netbook online while it is elsewhere, to ensure it truly remains uninfected cold storage.

I imagine USB versus local storage shouldn't make a significant difference.

[SgtSpike]

As I said in the OP, my name and street address are fairly easily associable with my online identities.  Couple that with the fact that I would be running a business where anyone could see the exact amount of Bitcoins I am holding at any given time, and that number of Bitcoins may increase to a significant number (thousands or tens of thousands of BTC), and I can see very good reason for people wanting to "pay me a visit".

I wouldn't want to be anywhere near a public bitcoin facility especially with a known high balance if it doesn't have adequate protection.  Even if you made it perfectly clear no private keys are available on location, some moron criminal is still going to attempt to steal some money.  They may even harm you as an example to future victims.  Bottom line - either don't make the address public or hire lots of security.

What do you mean by "a public bitcoin facility"?

This business wouldn't turn enough coin to hire "lots of security", so I am attempting to figure out a way to run it securely without resorting to such drastic measures.

EDIT:  Thanks for the answer on that Casascius.