|
September 01, 2016, 04:38:20 AM |
|
Please don't do this. The setup that you are proposing is horribly insecure.
You are correct in saying that a server administrator could trivially access your wallet, and they could get either the decryption key to your wallet, an unencrypted version of your wallet, or both once you decrypt your wallet on your server. The same is true for anyone with physical access to your server.
Since you are proposing using a VPS (or something similar thereto), it is possible that one or some of your "neighbors" could potentially get your private keys by listening very closely to what is in the physical server's (that is for your VPS) RAM. This is less trivial, and I don't think it is very common for people to do this. Although your risk of this happening would probably increase if it was known that your VPS contained private keys associated with large amounts of bitcoin.
One way to mitigate against this would be to have a setup so that your server will only contain an encrypted version of your wallet, and the decryption will only be done locally after you download a copy from your server -- in other words, you should be able to decrypt then sign a transaction after you disconnect your computer from your server. Although I still think this is a bad idea because you can probably get a slightly higher level of security then this using blockchain.info (which I also generally do not recommend, but is probably best among online wallets in which you control the private keys), and your cost would probably be a lot less. If you wanted to, you could still use a VPS full node to verify and broadcast transactions if you are using blockchain.info.
An alternative setup that would give you much more security then any of the above, would be to use a VPS to create a full node that is also running an electrum server (even a private one). You could then use either your electrum seed, or a trezor to store your private keys, and you can even potentially use the same wallet across multiple devices if this was something you wanted to do. Provided that you are hosting your own electrum server, you should probably have the same general level of privacy as if you were running your own full node.
|