Wallets and Cold Storage.

[PartsSlinger]

After studying bitcoin for the past few months and collecting Lealana and Casascius coins I'm ready to buy some actual bitcoins. I've been looking into exchanges and made a thread about it.

Next is wallet and cold storage. My goals for bitcoin is to buy some and store it and forget about it. Ideally, cold storage looks to be the best method. So, my question is, do I really need to get a wallet like, Electrum, or can I skip getting a wallet and just transferring my coins from the exchange to a bit address from bitaddress.org and storing the information in a safe place?

Sorry for the newb level question, but I want to do this right and not have to worry about my btc being stolen or lost because of a careless error.

Thanks.

[1715596229]

1715596229

[1715596229]

1715596229

[1715596229]

1715596229

[1715596229]

1715596229

[saturn643]

You should store them on paper wallets, so do it with bitaddress.org. As long as you have somewhere with the private keys to your Bitcoin address, the Bitcoin is safe. It doesn't matter whether it is in a wallet (really just a collection of private keys) or on a piece of paper.

[unholycactus]

The whole point is to generate the private key offline (computer that isn't connected to the internet and never will be) and send the funds to the public address.

If not done like this, safety wise, it will be the same as using a standard wallet.
Some would argue even less since you generated the private key on a site that could also access it.

[foxkyu]

After studying bitcoin for the past few months and collecting Lealana and Casascius coins I'm ready to buy some actual bitcoins. I've been looking into exchanges and made a thread about it.

Next is wallet and cold storage. My goals for bitcoin is to buy some and store it and forget about it. Ideally, cold storage looks to be the best method. So, my question is, do I really need to get a wallet like, Electrum, or can I skip getting a wallet and just transferring my coins from the exchange to a bit address from bitaddress.org and storing the information in a safe place?

Sorry for the newb level question, but I want to do this right and not have to worry about my btc being stolen or lost because of a careless error.

Thanks.

Good research before asking here.

If you have a lot of bitcoin, hardware wallet is the best choice for cold storage.

For daily use, you can use electrum wallet.

And do not store your bitcoin in the exchange, unless it was for trading.

[notlist3d]

Also you might look into hardware wallets.  They are something I have been testing lately.  I like being able to use the device and key is never on computer.  The hardware wallet sign's the transaction on it.  So computer never even get's key.   

But paper wallets are not bad if done right.  If done wrong you are going to be in trouble.

[traderbit]

I also suggest to use hardware wallets, the cheapest one seems to be ledger wallet hw1.
It looks cheap but it does the job, then another one is ledger nano, unpluged, trezor, etc.

[PartsSlinger]

Thanks for the replies.

I have been looking into hardware wallets also. I like a lot of things about the Trezor wallet. It looks like it never exposes your private key to your computer. I think I read also that even if you were to lose the device you can still recover your btc as long as you have your encryption information.

Has anyone used a TREZOR? Any know issues with them?

Thanks.

[traderbit]

Thanks for the replies.

I have been looking into hardware wallets also. I like a lot of things about the Trezor wallet. It looks like it never exposes your private key to your computer. I think I read also that even if you were to lose the device you can still recover your btc as long as you have your encryption information.

Has anyone used a TREZOR? Any know issues with them?

Thanks.

So far not any problem with trezor but i would suggest reading more about it in this thread How much would you trust trezor?
Also if you like watching videos you can check a good overview here: https://www.youtube.com/watch?v=YL6o6WLGM58

[genesysOS]

Thanks for the replies.

I have been looking into hardware wallets also. I like a lot of things about the Trezor wallet. It looks like it never exposes your private key to your computer. I think I read also that even if you were to lose the device you can still recover your btc as long as you have your encryption information.

Has anyone used a TREZOR? Any know issues with them?

Thanks.

One potential issue is you have to trust that the trezor itself doesn't have some kind of backdoor built into it. Even though the device is mostly open source it is still very easy to hide hard-to-detect backdoors in it. I believe trezor's ship with some kind of tamper proofing so that you can tell if it has been tampered with during shipping, but maybe a rogue employee worked on your trezor and hid a backdoor which he could use to steal your Bitcoins sometime in the future, or maybe even a hacker has compromised some computer involved in the manufacturing process and used it to backdoor your trezor. It all comes down to trust really, if you trust the trezor guys to do their job right then you don't have to worry about this, but that's kind of difficult to do isn't it.

[helloeverybody]

I would be tempted just to transfer them straight to a paper wallet, What i always do is send a small amount first just to check that you have the correct address and all is working as should and then once thats confirmed you can send in the mother load. paper wallets are your cheapest option, just stuff them away in a safe place and forget about them. come back in a few years and be richer than your wildest dreams.

[notlist3d]

Thanks for the replies.

I have been looking into hardware wallets also. I like a lot of things about the Trezor wallet. It looks like it never exposes your private key to your computer. I think I read also that even if you were to lose the device you can still recover your btc as long as you have your encryption information.

Has anyone used a TREZOR? Any know issues with them?

Thanks.

One potential issue is you have to trust that the trezor itself doesn't have some kind of backdoor built into it. Even though the device is mostly open source it is still very easy to hide hard-to-detect backdoors in it. I believe trezor's ship with some kind of tamper proofing so that you can tell if it has been tampered with during shipping, but maybe a rogue employee worked on your trezor and hid a backdoor which he could use to steal your Bitcoins sometime in the future, or maybe even a hacker has compromised some computer involved in the manufacturing process and used it to backdoor your trezor. It all comes down to trust really, if you trust the trezor guys to do their job right then you don't have to worry about this, but that's kind of difficult to do isn't it.

You need to read a little more before giving advice.  TREZOR is opensource so you can read the code if you like, to see no back door.   The code is so good at least another wallet uses TREZOR's code.

And yes it is tamper proof on TREZOR's case.  The big thing though which stops your idea on employee or someone getting wallet, is it's shipped as empty it's not till you actually go through install it has a wallet.  You get 24 seed words that only you know during install.  So until you install it literally contains no wallet.  

Have you used a hardware wallet?

Here is some real hands on with some hardware wallets:
Trezor: https://bitcointalk.org/index.php?topic=1298917.0
KeepKey: https://bitcointalk.org/index.php?topic=1283805
Ledger Nano: https://bitcointalk.org/index.php?topic=1305888

[helloeverybody]

Thanks for the replies.

I have been looking into hardware wallets also. I like a lot of things about the Trezor wallet. It looks like it never exposes your private key to your computer. I think I read also that even if you were to lose the device you can still recover your btc as long as you have your encryption information.

Has anyone used a TREZOR? Any know issues with them?

Thanks.

One potential issue is you have to trust that the trezor itself doesn't have some kind of backdoor built into it. Even though the device is mostly open source it is still very easy to hide hard-to-detect backdoors in it. I believe trezor's ship with some kind of tamper proofing so that you can tell if it has been tampered with during shipping, but maybe a rogue employee worked on your trezor and hid a backdoor which he could use to steal your Bitcoins sometime in the future, or maybe even a hacker has compromised some computer involved in the manufacturing process and used it to backdoor your trezor. It all comes down to trust really, if you trust the trezor guys to do their job right then you don't have to worry about this, but that's kind of difficult to do isn't it.

You need to read a little more before giving advice.  TREZOR is opensource so you can read the code if you like, to see no back door.   The code is so good at least another wallet uses TREZOR's code.

And yes it is tamper proof on TREZOR's case.  The big thing though which stops your idea on employee or someone getting wallet, is it's shipped as empty it's not till you actually go through install it has a wallet.  You get 24 seed words that only you know during install.  So until you install it literally contains no wallet.  

Have you used a hardware wallet?

That was actually one of my concerns as well with buying hardware wallets of ebay, i thought perhaps someone had opened them and taken the codes then sealed them again. Since i was previously corrected on paper vs hardware i never brought it up though =p glad i never

you are a true hardware wallet supporter, youve convinced me anyway, im just too cheap to buy one.

[notlist3d]

Thanks for the replies.

I have been looking into hardware wallets also. I like a lot of things about the Trezor wallet. It looks like it never exposes your private key to your computer. I think I read also that even if you were to lose the device you can still recover your btc as long as you have your encryption information.

Has anyone used a TREZOR? Any know issues with them?

Thanks.

One potential issue is you have to trust that the trezor itself doesn't have some kind of backdoor built into it. Even though the device is mostly open source it is still very easy to hide hard-to-detect backdoors in it. I believe trezor's ship with some kind of tamper proofing so that you can tell if it has been tampered with during shipping, but maybe a rogue employee worked on your trezor and hid a backdoor which he could use to steal your Bitcoins sometime in the future, or maybe even a hacker has compromised some computer involved in the manufacturing process and used it to backdoor your trezor. It all comes down to trust really, if you trust the trezor guys to do their job right then you don't have to worry about this, but that's kind of difficult to do isn't it.

You need to read a little more before giving advice.  TREZOR is opensource so you can read the code if you like, to see no back door.   The code is so good at least another wallet uses TREZOR's code.

And yes it is tamper proof on TREZOR's case.  The big thing though which stops your idea on employee or someone getting wallet, is it's shipped as empty it's not till you actually go through install it has a wallet.  You get 24 seed words that only you know during install.  So until you install it literally contains no wallet.  

Have you used a hardware wallet?

Here is some real hands on with some hardware wallets:
Trezor: https://bitcointalk.org/index.php?topic=1298917.0
KeepKey: https://bitcointalk.org/index.php?topic=1283805
Ledger Nano: https://bitcointalk.org/index.php?topic=1305888
(My post was cut in previous quote)

That was actually one of my concerns as well with buying hardware wallets of ebay, i thought perhaps someone had opened them and taken the codes then sealed them again. Since i was previously corrected on paper vs hardware i never brought it up though =p glad i never

you are a true hardware wallet supporter, youve convinced me anyway, im just too cheap to buy one.

I also support paper aswell. It does serve a purpose when done right.    If your going to store something cold for years and do not plan to access it, paper is going to make a lot of sense.

It is for those who need access to the coin's hardware wallets do great.  It does not let the key on the computer the hardware wallet actually signs transactions where the computer never see's the key.  So even if compromised computer it cant send Bitcoin.  That is why I like them for people who need to use/access coins.

But there is nothing wrong with paper when done right.   I think the person's usage is best to determine what should be used.

[busybee7]

i think paper wallet is the best for cold storage as its pretty unbreakable if hidden in a good place

[PartsSlinger]

Thanks for the replies.

I have been looking into hardware wallets also. I like a lot of things about the Trezor wallet. It looks like it never exposes your private key to your computer. I think I read also that even if you were to lose the device you can still recover your btc as long as you have your encryption information.

Has anyone used a TREZOR? Any know issues with them?

Thanks.

One potential issue is you have to trust that the trezor itself doesn't have some kind of backdoor built into it. Even though the device is mostly open source it is still very easy to hide hard-to-detect backdoors in it. I believe trezor's ship with some kind of tamper proofing so that you can tell if it has been tampered with during shipping, but maybe a rogue employee worked on your trezor and hid a backdoor which he could use to steal your Bitcoins sometime in the future, or maybe even a hacker has compromised some computer involved in the manufacturing process and used it to backdoor your trezor. It all comes down to trust really, if you trust the trezor guys to do their job right then you don't have to worry about this, but that's kind of difficult to do isn't it.

You need to read a little more before giving advice.  TREZOR is opensource so you can read the code if you like, to see no back door.   The code is so good at least another wallet uses TREZOR's code.

And yes it is tamper proof on TREZOR's case.  The big thing though which stops your idea on employee or someone getting wallet, is it's shipped as empty it's not till you actually go through install it has a wallet.  You get 24 seed words that only you know during install.  So until you install it literally contains no wallet.  

Have you used a hardware wallet?

Here is some real hands on with some hardware wallets:
Trezor: https://bitcointalk.org/index.php?topic=1298917.0
KeepKey: https://bitcointalk.org/index.php?topic=1283805
Ledger Nano: https://bitcointalk.org/index.php?topic=1305888

This is some great information. Thank you for taking the time do such great reviews.

I like the idea of a hardware wallet, but here's something that concerns me, and maybe I'm wrong but follow me for a second here.

Like I said before I plan to buy some btc and sit on it for years. Let's say I get a TREZOR and I put a nice little bit of btc on it. So I take my TREZOR and toss it into a safe and let it sit there. 10 to 15 years go by and btc is through the roof. It's all our dreams come true and I'm ready to sell and take my money and retire early and live the good life. Then disaster happens. I plug my TREZOR into my computer and it's deader than dead. I try a few things and nothing still happens. So I try and contact TREZOR to only find out they closed doors three years ago. In this scenario I would be screwed out of all my btc, correct?

[genesysOS]

You need to read a little more before giving advice.  TREZOR is opensource so you can read the code if you like, to see no back door.   The code is so good at least another wallet uses TREZOR's code.

And yes it is tamper proof on TREZOR's case.  The big thing though which stops your idea on employee or someone getting wallet, is it's shipped as empty it's not till you actually go through install it has a wallet.  You get 24 seed words that only you know during install.  So until you install it literally contains no wallet.  

Have you used a hardware wallet?

Here is some real hands on with some hardware wallets:
Trezor: https://bitcointalk.org/index.php?topic=1298917.0
KeepKey: https://bitcointalk.org/index.php?topic=1283805
Ledger Nano: https://bitcointalk.org/index.php?topic=1305888

Actually you are the one who needs to do more research. Yes you are right the software that runs on it is mostly open source (no hardware wallet released so far is actually 100% open source, some have 99% of the code open source like the trezor but most don't have any part of the hardware open sourced, none of the ones you have linked are 100% code and hardware open source), however there are still many other worries. One thing that scares me a lot is that trezor hard an onboard RNG chip that is not open source and was completely designed and manufactured by a third party vendor, however it doesn't use this chip exclusively it combines it with random data from your PC so unless both are colluding you are safe. First of all unless you actually build the software from source and load it onto the device yourself how can you know what is running on it. How do you know that the device hasn't got some extra code that generates non random seed words, or even more hard to detect - non random R values, similar to the bug in blockchain.info before, or even code that transmits the seed words hidden in inside the tx data allowing the attacker to retrieve them from the blockchain after you push a tx. Even if you do load the code yourself it is still possible that some chip on the device is the thing that is backdoored and able to execute these kinds of attacks, this is called "hardware hacking". This is near impossible to detect. The US military has invested billions into trying to solve this problem and are able to detect backdoored chips by destructive testing by means that are not yet public however we do know that the chip is useless afterwards, so when they need to source chips from China or such they buy lots of chips and destroy 80% of them and if they find no backdoors they decide the remaining 20% are safe enough and those are the ones that end up in black hawk helicopters and other important things. So tl;dr; It is really hard to be sure your hardware wallet isn't backdoored. Unless you build it from bare silicon yourself there is trust involved.

[Velkro]

After studying bitcoin for the past few months and collecting Lealana and Casascius coins I'm ready to buy some actual bitcoins. I've been looking into exchanges and made a thread about it.

That is some weird order, anyway, good way now. Owning actual bitcoins is essential for learning about bitcoins and more.

[notlist3d]

You need to read a little more before giving advice.  TREZOR is opensource so you can read the code if you like, to see no back door.   The code is so good at least another wallet uses TREZOR's code.

And yes it is tamper proof on TREZOR's case.  The big thing though which stops your idea on employee or someone getting wallet, is it's shipped as empty it's not till you actually go through install it has a wallet.  You get 24 seed words that only you know during install.  So until you install it literally contains no wallet.  

Have you used a hardware wallet?

Here is some real hands on with some hardware wallets:
Trezor: https://bitcointalk.org/index.php?topic=1298917.0
KeepKey: https://bitcointalk.org/index.php?topic=1283805
Ledger Nano: https://bitcointalk.org/index.php?topic=1305888

Actually you are the one who needs to do more research. Yes you are right the software that runs on it is mostly open source (no hardware wallet released so far is actually 100% open source, some have 99% of the code open source like the trezor but most don't have any part of the hardware open sourced, none of the ones you have linked are 100% code and hardware open source), however there are still many other worries. One thing that scares me a lot is that trezor hard an onboard RNG chip that is not open source and was completely designed and manufactured by a third party vendor, however it doesn't use this chip exclusively it combines it with random data from your PC so unless both are colluding you are safe. First of all unless you actually build the software from source and load it onto the device yourself how can you know what is running on it. How do you know that the device hasn't got some extra code that generates non random seed words, or even more hard to detect - non random R values, similar to the bug in blockchain.info before, or even code that transmits the seed words hidden in inside the tx data allowing the attacker to retrieve them from the blockchain after you push a tx. Even if you do load the code yourself it is still possible that some chip on the device is the thing that is backdoored and able to execute these kinds of attacks, this is called "hardware hacking". This is near impossible to detect. The US military has invested billions into trying to solve this problem and are able to detect backdoored chips by destructive testing by means that are not yet public however we do know that the chip is useless afterwards, so when they need to source chips from China or such they buy lots of chips and destroy 80% of them and if they find no backdoors they decide the remaining 20% are safe enough and those are the ones that end up in black hawk helicopters and other important things. So tl;dr; It is really hard to be sure your hardware wallet isn't backdoored. Unless you build it from bare silicon yourself there is trust involved.

Your talking in theatricals.  It is kinda non-sense your computer has chips.. your printer has chips.. are they all set with backdoor?   You can go on and on with it.... at end of day there has not been a hardware wallet with a backdoor (to my knowledge).  Can you point to so meting that shows a modern hardware wallet with a security flaw this big?   Do you have anything hard proof not theoretical?  And which hardware wallets have you used?

And I'm not saying paper does not have a place if your planning on leaving it cold for long period of time and not using it, if done right paper is great.  I just don't like to use you have to import into wallet.  On hardware I like that if you need use it signs transactions on the device huge pro if you need to access it.  But if you are putting it away for the next year or so paper wallet is great for you.

[PartsSlinger]

After studying bitcoin for the past few months and collecting Lealana and Casascius coins I'm ready to buy some actual bitcoins. I've been looking into exchanges and made a thread about it.

That is some weird order, anyway, good way now. Owning actual bitcoins is essential for learning about bitcoins and more.

Yea, it might be a little unorthodox, but I really want to get all my ducks in a row before just running out and getting btc and losing them due to a rookie mistake.

[genesysOS]

Your talking in theatricals.  It is kinda non-sense your computer has chips.. your printer has chips.. are they all set with backdoor?   You can go on and on with it.... at end of day there has not been a hardware wallet with a backdoor (to my knowledge).  Can you point to so meting that shows a modern hardware wallet with a security flaw this big?   Do you have anything hard proof not theoretical?  And which hardware wallets have you used?

And I'm not saying paper does not have a place if your planning on leaving it cold for long period of time and not using it, if done right paper is great.  I just don't like to use you have to import into wallet.  On hardware I like that if you need use it signs transactions on the device huge pro if you need to access it.  But if you are putting it away for the next year or so paper wallet is great for you.

theoreticals* and hardware hacking is not theory, its been done just not in the Bitcoin space yet... as far as we know.

Right but which is more likely to have Bitcoin stealing malware, a chip in a Dell PC or a chip in a device designed to store bitcoins? I would think that the hardware wallets are the ones most likely to be targeted by this sort of thing. Also hardware wallets are much simpler devices which makes this sort of thing a bit easier.

If there was a hardware wallet with a backdoor it would be unlikely anyone would have found it. I don't think there are many publicly known techniques for detecting this sort of thing other than dipping the chip in acid and using an electron microscope. Certainly there have been many Bitcoins stolen from hardware wallets where the owners claim not to know why but its more likely those thefts were due to user error rather than a backdoor. What is certain is that hackers will try this as there are many hackers out there capable of these kinds of attacks and the incentive is definitely there. You must trust the manufacturer of any computer you use to store Bitcoins, whether it be a general purpose PC or a hardware wallet. If you use a hardware wallet you are still putting significant trust into the hands of the manufacturer and anyone who tries to say otherwise is completely wrong.