Bitcoin-Qt and "Cold Storage"

[Haole]

Sorry if this question has essentially been covered before indirectly throughout other posts, I'm really finding it a bit hard to get my old mind around the subtleties and mechanics of BTC.  This site is a tremendous resource so thanks for being here, I would have given-up on this long ago if it weren't for all of you.

I bought my first Bitcoins today and I'm happy I've gotten this far.  I may buy some more during the next couple of weeks but that will be it.  I have no intention on transacting with them, I want to put them away safely for another day.

*For my purposes, please keep in mind that I am buying Bitcoins as a speculative investment, something to sit on as savings.*  Please forgive me if "hoarding"/saving Bitcoins conflicts with your principles, I've been a saver all my life and I can't stop now. 

I currently have Bitcoin-Qt installed on two machines with up to date blockchain data and my wallet.dat.  Both installs show my correct balance and transactions.  I have it on two machines because one is old and I have trouble trusting it now, I've done this for back-up purposes while I get up and running but would like to keep both installs if I can (see below).

My encrypted wallet.dat file (encrypted in the client) is currently backed-up to a TrueCrypt volume copied in a number of locations (both machines in two places a piece, two external HDs, one USB drive) so far.

My question is this:

Can I simply delete the wallet.dat files in both installs now and run the clients every once in a while to update the blockchain data, etc. (and creating new blank wallet.dat files in the process??) to keep my installs current yet with no Bitcoins in the wallets?  Basically installs with zero balance in each?

If/when I want to redeem, spend or otherwise use my Bitcoins can I simply bring my loaded wallet.dat file out of "cold storage" and copy it into one or both install folders (replacing the "dummy" wallet.dat files) for use at that time?  Then simply run the client and use my bitcoin as if I'd never removed the wallet.dat file in the first place?

Is this a simple and sensible way for one to basically keep two installs up to date for another day (with empty wallets) yet with my real Bitcoin wallet stored safely away? 

I not only hope my intentions and this post make sense to you out there but hopefully I can be graced with some of your expert advice and suggestions on this matter.  Thanks very much if you can spare a moment or two to help a glowing green n00b out with this.

Cheers all!

[CIYAM]

If you delete the wallet.dat in the data directory then next time bitcoin-qt is run it will indeed create a new "empty" wallet and for keeping the blockchain up to date I see no problem with this approach (although I guess if paranoid then you will want to not just delete but "shred" your real wallet on the machine you are doing this with).

As well as the private keys, transactions and address labels the wallet file also keeps a record of the last block that was checked against its owned addresses.

Therefore there should be no problem in swapping back in your "real" wallet when you are wanting to transact (or re-check your balance) although you will need to wait for a little while (depending upon hardware) for all the newer blocks (since the wallet was last used) to be checked for new tx's.

[DannyHamilton]

I'm sure you are probably already aware of this, but as a reminder to any newbie who may be reading this thread...

Be VERY sure that you don't lose that original wallet.dat that you have backed up to multiple places.  If you lose access to that (including forgetting your encryption password), your coins are gone, nobody can get them back for you.

Something else you may want to consider is printing out (or writing down) the private keys associated with the coins that you own.  If you store the paper with the private keys in a secure location you can still recover your coins even if you lose your original wallet.dat files or forget your encryption password.  This of course is a bad idea if you can't secure the paper sufficiently.  If someone else copies down your private keys from the paper, they can steal your bitcoins.

[Haole]

Big thanks to you both for the help!  A few more pieces of the puzzle in better understanding BTC.

Just to be clear DannyHamilton, the keys I would need to write down to create the "paper wallet" are the ones shown in the "Receive Coins" tab of the client corresponding with the Bitcoins I receive correct?  In other words, the addresses I create in the client and give to VirtEx in exchange for my purchased Bitcoins?

Thanks again guys, much appreciated!

[CIYAM]

Danny was referring to the "private keys" (each being effectively a 256 bit "random" number that is used to derive a single bitcoin address) which are not visible in bitcoin-qt at all.

A private key can be "exported" using "bitcoind" and the RPC command "dumpprivkey" (assuming you have added server=1 into the bitcoin.conf file in order to run bitcoin as a server) although this is perhaps a little more advanced.

At the very least make sure that you have tested "restoring" your wallet from backup to be sure it is okay and maybe as far as keeping something on paper you might want to do this with your password (because if you ever forget it in the future then you will have lost all your bitcoins).

[Gabi]

Big thanks to you both for the help!  A few more pieces of the puzzle in better understanding BTC.

Just to be clear DannyHamilton, the keys I would need to write down to create the "paper wallet" are the ones shown in the "Receive Coins" tab of the client corresponding with the Bitcoins I receive correct?  In other words, the addresses I create in the client and give to VirtEx in exchange for my purchased Bitcoins?

Thanks again guys, much appreciated!

NO!

The addresses you see in the client are the public keys, used to receive money. You need to backup the private key! Because if you lose the private keys, you can say byebye to your bitcoins.

[Haole]

Oh thanks you two!

So what you're saying is I can't access private keys using Bitcoin-Qt or accessing files in my Bitcoin directory and am left having to make sure I don't lose my wallet.dat.  

Is there any way I can get access to my private keys without getting too complicated at this point?

[DannyHamilton]

Oh thanks you two!

So what you're saying is I can't access private keys using Bitcoin-Qt or accessing files in my Bitcoin directory and am left having to make sure I don't lose my wallet.dat.  

Is there any way I can get access to my private keys without getting too complicated at this point?

Yes, you can use the RPC console found in the "Help" Debug Window.

I know that with an unencrypted wallet, you can enter:

dumpprivkey <bitcoinaddress>

to get the private key associated with the public address. (note: replace <bitcoinaddress> with the actual address from the "Receive Coins" tab)

Be VERY CAREFUL with these private keys.  These are all anybody needs to take/spend your coins. They don't need to know the addresses, have access to your computer, or have access to your wallet.dat if they know these private keys. Of course, that is the good news as well.  As long as you have these private keys, you can regain access to the coins even if all the backups of your wallet.dat are lost or destroyed.

Since your wallet is encrypted you probably need to first use the command:

walletpassphrase <passphrase> <timeout>

where <passphrase> is the passphrase you used to encrypt your wallet, and <timeout> is the amount of time in seconds that your wallet will remain unlocked before you will get the correct private key from the dumpprivkey command.

[DannyHamilton]

If you've NEVER sent any bitcoin, and only received them, then the method I described above should be enough to ensure that you have all of your private keys.

On the other hand, if you have ever sent any bitcoin anywhere, then you need to be aware that when sending bitcoin the program will create (and hide from you) additional bitcoin addresses that are not listed in "Receive coins".  It will then move some of your bitcoin from addresses that you know about to these hidden unknown addresses.

I'm not sure how to find these "hidden" addresses, but I *think* you might be able to get them in the Console with the listaddressgroupings or listreceivedbyaddress commands.

[Haole]

Thanks so much for going to the trouble of writing all that Danny!!

I have not yet sent any Bitcoins so that's all good.

I did what you described and I got a key in the same format as the public key (some upper case letters, some lower case, some numbers, etc.).

Whereas the public key I received my Bitcoins with, and used for the dumpprivkey console command is 34 characters, the private key(?) the console spat out is 52 characters.  Is this in fact the private key I'm looking for?

Thanks again!

 

[CIYAM]

Whereas the public key I received my Bitcoins with, and used for the dumpprivkey console command is 34 characters, the private key(?) the console spat out is 52 characters.  Is this in fact the private key I'm looking for?

That sounds correct for a "compressed key" (am pretty sure it is output in base58 which is the same set of characters used for the addresses).

You might be interested to have a play with http://brainwallet.org (the page can be saved for offline usage) - even if you aren't wanting to create a "brain wallet" it is quite useful to help visualise the various parts and formats of bitcoin addresses and raw transactions.

[Haole]

Danny and Ian, many thanks to you both for your time and advice.

I'll assume the address and compressed private key pair is sufficient as a paper wallet in the event I ever need it.

Naturally I guess the general rule is to never have to need something like this to retrieve one's coins though eh?   

Thanks again very, very much and hopefully this thread can be helpful to other n00bs in the future.

Cheers lads!

[DannyHamilton]

Danny and Ian, many thanks to you both for your time and advice.

I'll assume the address and compressed private key pair is sufficient as a paper wallet in the event I ever need it.

Naturally I guess the general rule is to never have to need something like this to retrieve one's coins though eh?   

Thanks again very, very much and hopefully this thread can be helpful to other n00bs in the future.

Cheers lads!

Yes, the compressed private key is all you need to retrieve your coins (you don't even need the address, since that can be regenerated from the private key).

The private key should generally be a 52 character code that starts with a 5.

[Haole]

The private key should generally be a 52 character code that starts with a 5.

Hmmm, mine starts with a "K"..?

[DannyHamilton]

The private key should generally be a 52 character code that starts with a 5.

Hmmm, mine starts with a "K"..?

Ah, that's right.  Starting with a 5 is uncompressed.  Compressed starts with a K or L. See here:

https://en.bitcoin.it/wiki/Private_key#Base_58_Wallet_Import_format

Hmmm, I'm not sure exactly what it means to have a "compressed" key?  I wonder if you can import that key and use it.  I'll try some tests and see if I can figure out an answer for you.

[Haole]

Great, thanks for the confirmation Danny!

I just messed around on Brainwallet.org as per Ian's recommendation (great site, thanks Ian!) and was just about to post this same information (Uncompressed=5  /  Compressed=K or L) for posterity's sake.

Thanks again Danny, I really appreciate the lesson in private keys and all the help with this in general.  

I'd love to know the results of your "compressed private key importation" testing sometime if you get the chance and it would make a great addition to the thread.

Cheers!