Best Cold Storage Methods For LTC and BTC

[dlauth]

Reading a ton of different ways for cold storage.

What is the most secure/easiest way to cold store BTC and also LTC.

Do you really need to keep the wallet.dat file or just the Private and Public keys?

Thanks

[1715681753]

1715681753

[1715681753]

1715681753

[Cubic Earth]

The only thing you need is the private key.  From it you can generate public keys, addresses, etc.  You could write it down with a pen and paper if you wanted too.

[Mike Christ]

Paper wallets seem to be pretty cool.  You can hide the paper in a little safe and then nobody can get your coins.  Personally, I don't trust storing them on any kind of electronic device.  It just bugs me.  Paper sticks around for a loooong time.

[Zangelbert Bingledack]

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

[EtherDais]

The customers I've had who buy 3D printed NFC tags generate a private key for a new account and deposit to that directly, rather than trying to import a particular private key from a wallet. 

[SomeWhere]

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is not a problem if you use armory or electrum, because they use deterministic address generation. You only ever need the seed or the first address of your wallet to recover all others.

[jmw74]

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

I'm trying to figure out what this issue is, exactly, and how to avoid it.  Anyone have a link?

If you import a private key, and spend some of the coins, wouldn't the client create a new key to send the change to?  I just can't believe a client would ever send change to an address that it couldn't unlock.

[franky1]

as soon as you import a private key into a client. treat it as dynamite. very risky
spend the coins you want. but then make a new paper wallet and send the coins in the client to the new paper wallet.

dispose of the old, empty and used key.

don't hold onto your used private key as its hot.. not cold.

anything that has ever touched a client is not considered cold.

[Notanon]

Armory.

Shame there isn't a Litecoin equivalent, but yes, wouldn't settle for less than Armory.

[jmw74]

as soon as you import a private key into a client. treat it as dynamite. very risky
spend the coins you want. but then make a new paper wallet and send the coins in the client to the new paper wallet.

dispose of the old, empty and used key.

don't hold onto your used private key as its hot.. not cold.

anything that has ever touched a client is not considered cold.

Ok so tell me if I understand the "change" issue correctly:

Let's say I have 100btc in a cold wallet, and I want to take 25btc out of my "savings".

If I were naive, I might import the key into some client, send 25btc to my "spending" wallet address.  Then I mistakenly think that the remaining 75 bitcoins are still in my cold wallet, when in fact they have been sent to an entirely new change address.  The key for this change address is in the wallet of the client I just used.

Then if I think that all I need is my paper copy of the cold wallet, I delete the client's wallet (to destroy extra copies of the cold wallet key) and thereby destroy 75btc.

Do I have that right?

[mrbitbank]

What I do is keep my BTC in multiple BTC addresses of say 5BTC each in cold storage. I treat each address as a Banknote, When I want to spend I will import  the private key of one of my btc addresses into my MTGOX account and from my mtgox a/c spend what ever I need to and whats left I will transfer to a new cold address thats offline. I use BTCBALANCE.NET to keep a track of each of my btc depoits

[Rassah]

Armory.

Definitely Armory. For BTC, Armory is, hands-down, the best option to store your bitcoins. Nothing else even comes close.

[John (John K.)]

Armory.

Definitely Armory. For BTC, Armory is, hands-down, the best option to store your bitcoins. Nothing else even comes close.

Yes, Armory. I keep all escrow funds and my own funds in Offline Armory, and have the seed backed in GPG-encrypted papers at multiple places.

[justusranvier]

[Rincewind]

Ok so tell me if I understand the "change" issue correctly:

Let's say I have 100btc in a cold wallet, and I want to take 25btc out of my "savings".

If I were naive, I might import the key into some client, send 25btc to my "spending" wallet address.  Then I mistakenly think that the remaining 75 bitcoins are still in my cold wallet, when in fact they have been sent to an entirely new change address.  The key for this change address is in the wallet of the client I just used.

Then if I think that all I need is my paper copy of the cold wallet, I delete the client's wallet (to destroy extra copies of the cold wallet key) and thereby destroy 75btc.

Do I have that right?

Correct. It's just like fiat money, but in this case the keys are the money.

If you go to McDonalds and buy a $5 combo meal with a $20, you're going to get a $10 and a $5 back. Think of it as a bunch of micro-transactions all bundled together. Five $1s isn't technically equivilent either, because that's five transactions to spend $5 (you hand over a $1, then you hand over a $1, then you hand over a $1 ...). The only way you can spend $5 exactly with one transaction is to have a $5 bill.

[chufchuf]

I get it, so basically the problem with cold wallets is they don't keep up with the addresses that get eaten up and created with every new transaction, because at any one time, a bitcoin wallet can only contain 100 untouched addresses. I assume by that that the issue would arise by the time we do the 101st transaction from or to a cold wallet, that that is when we would start losing money because the two wallets, the updated live one and the cold storage one, would begin to be different and the use of one in a transaction would invalidate whatever only the other one can see.. Or maybe by 101st transaction, these addresses just disappear from both wallets. That is a doubt I have. Another doubt is that maybe cold wallets dont register change at all if money is sent from a cold wallet. Thats where it shows how unfamiliar I am with btc- it could very well be instead, that bitcoins can only be sent from hot wallets and that the problem is that the cold wallet used to import and create the hot wallet, must be eliminated forever and never touched again and if we are to go about storing our wallet again we have to do it from the result of our latest hot wallet. Am I on the right track?

[justusranvier]

I get it, so basically the problem with cold wallets is they don't keep up with the addresses that get eaten up and created with every new transaction, because at any one time, a bitcoin wallet can only contain 100 untouched addresses. I assume by that that the issue would arise by the time we do the 101st transaction from or to a cold wallet, that that is when we would start losing money because the two wallets, the updated live one and the cold storage one, would begin to be different and the use of one in a transaction would invalidate whatever only the other one can see.. Or maybe by 101st transaction, these addresses just disappear from both wallets. That is a doubt I have. Another doubt is that maybe cold wallets dont register change at all if money is sent from a cold wallet. Thats where it shows how unfamiliar I am with btc- it could very well be instead, that bitcoins can only be sent from hot wallets and that the problem is that the cold wallet used to import and create the hot wallet, must be elimipaper wallet Other clients use deterministic wallets so your paper backup is good forever.nated forever and never touched again and if we are to go about storing our wallet again we have to do it from the result of our latest hot wallet. Am I on the right track?

You can use cold wallets in this way. You can also use a client like Armory that uses deterministic keys so that your wallet only needs to backed up once but can still contain more keys than you'll use in a lifetime.

[Gordonium]

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is something that should be more clearly stated for all new Bitcoins users.

[zenid]

What I do is keep my BTC in multiple BTC addresses of say 5BTC each in cold storage. I treat each address as a Banknote, When I want to spend I will import  the private key of one of my btc addresses into my MTGOX account and from my mtgox a/c spend what ever I need to and whats left I will transfer to a new cold address thats offline. I use BTCBALANCE.NET to keep a track of each of my btc depoits

That's exactly what I plan to do. As soon as I have enough coins to feel nervous about them all being at a single address, I'll turn them into 'banknotes' divided across a handful of addresses.

[christop]

Ok so tell me if I understand the "change" issue correctly:

Let's say I have 100btc in a cold wallet, and I want to take 25btc out of my "savings".

If I were naive, I might import the key into some client, send 25btc to my "spending" wallet address.  Then I mistakenly think that the remaining 75 bitcoins are still in my cold wallet, when in fact they have been sent to an entirely new change address.  The key for this change address is in the wallet of the client I just used.

Then if I think that all I need is my paper copy of the cold wallet, I delete the client's wallet (to destroy extra copies of the cold wallet key) and thereby destroy 75btc.

Do I have that right?

Correct. It's just like fiat money, but in this case the keys are the money.

If you go to McDonalds and buy a $5 combo meal with a $20, you're going to get a $10 and a $5 back. Think of it as a bunch of micro-transactions all bundled together. Five $1s isn't technically equivilent either, because that's five transactions to spend $5 (you hand over a $1, then you hand over a $1, then you hand over a $1 ...). The only way you can spend $5 exactly with one transaction is to have a $5 bill.

A transaction can have multiple Bitcoin "bills" as input so you could do something exactly like paying for something with 5 $1 bills.

A transaction is basically like gathering a bunch of bills together and then sending one "bill" of a single denomination to each recipient. The "change" address is just a regular recipient in the protocol itself. So your example of spending a $20 bill for a $5 meal is like splitting that $20 bill into a $5 bill and $15 bill. The $5 bill goes to McDonalds and the $15 bill goes to your change address.

[weex]

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is not an issue with private keys or importing them. It is perfectly safe to use importprivkey with bitcoind/litecoind. The problem comes when people go creating raw transactions (the brainwallet site let you do this and you can deliberately / not accidentally do it with bitcoind/litecoind). If you create a raw transaction and do not send all of the funds from the old address what's left will become a fee for the miners. The moral of the story is stay away from raw transactions unless you know exactly what you are doing. No need to be afraid of single private keys. If you have a question, ask!

[SnowDog2003]

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

I'm trying to figure out what this issue is, exactly, and how to avoid it.  Anyone have a link?

If you import a private key, and spend some of the coins, wouldn't the client create a new key to send the change to?  I just can't believe a client would ever send change to an address that it couldn't unlock.

Right, but the guy who loads his cold-storage private address into his wallet so that he can spend bitcoins, finds that after he spends them, and then deletes the wallet, that the remaining bitcoins are no longer in his cold-storage private address, but rather, were in a change address in the wallet that he just deleted.

[ralree]

I forked this project on my home server and I use it to generate paper wallets:

https://www.bitaddress.org/

Just print them with the QRcodes and keep them safe, and you can cash them in easily with your phone or another scanning device.

[jmw74]

You can use cold wallets in this way. You can also use a client like Armory that uses deterministic keys so that your wallet only needs to backed up once but can still contain more keys than you'll use in a lifetime.

This sounds convenient, but doesn't it give up some security?

I mean, let's say you use this deterministic wallet for years.  After 6 months you have 10btc and someone compromises it, but you don't realize it.  They just bide their time and after 2 years you have 1000 btc, then they just steal them.

If you use wallets generated fresh, then the window to steal coins becomes smaller, doesn't it?

[justusranvier]

This sounds convenient, but doesn't it give up some security?

I mean, let's say you use this deterministic wallet for years.  After 6 months you have 10btc and someone compromises it, but you don't realize it.  They just bide their time and after 2 years you have 1000 btc, then they just steal them.

If you use wallets generated fresh, then the window to steal coins becomes smaller, doesn't it?

On offline deterministic wallet is generated on a computer that does not, and never will, have Internet access. Compromising that wallet is not impossible as Stuxnet has shown, but currently not within the capability of the typical bot herder.


Hopefully by the time attackers are capable of reaching wallets that are held offline we'll be using specialized hardware wallets which are not vulnerable to remote attack.

[Dabs]

I don't like deterministic wallets for that reason. A compromise of the root chain or master password or the wallet, is a compromise of all keys from that deterministic wallet.

But hey, if it's offline, I guess it is secure, so long as you can be sure no one else has gotten to your offline computer.

[jmw74]

This sounds convenient, but doesn't it give up some security?

I mean, let's say you use this deterministic wallet for years.  After 6 months you have 10btc and someone compromises it, but you don't realize it.  They just bide their time and after 2 years you have 1000 btc, then they just steal them.

If you use wallets generated fresh, then the window to steal coins becomes smaller, doesn't it?

On offline deterministic wallet is generated on a computer that does not, and never will, have Internet access. Compromising that wallet is not impossible as Stuxnet has shown, but currently not within the capability of the typical bot herder.


Hopefully by the time attackers are capable of reaching wallets that are held offline we'll be using specialized hardware wallets which are not vulnerable to remote attack.

Yeah, I guess you have to compare the risk of compromise to the risk of screwing up and losing your coins.  I would have to agree that the latter is probably quite a bit larger.

[MarlboroMan]

Can someone please inform me on this, I have 130 bitcoins stored in blockchain i've had it stored in there for months because Im worried if I put them on armory client and my computer brakes I will never be able to recover my coins.

[Rassah]

Can someone please inform me on this, I have 130 bitcoins stored in blockchain i've had it stored in there for months because Im worried if I put them on armory client and my computer brakes I will never be able to recover my coins.

You need to make a backup whether you are storing them in Blockchain or Armory, since Blockchain can break to. Best method is to make a paper backup, and store a few copies of it in different locations.

[Dabs]

Gimme some of your bitcoins. I will store it for you. Any time after, you can request for it to be sent back to you, at a new address. We can discuss the storage fee later (or just tip me 1% or 1.3 BTC for it.)

Seriously. I'm in another country, in another continent. I have access to at least 20 different physical locations each one more than 5 kilometers to 10 kilometers away from the others, so I can make redundant backups in cold storage. (none of those physical locations have any internet access, so I would have to physically go there.)

Each location is protected by armed guards, and trustworthy people, and all of them have no idea what bitcoin is all about, so they wouldn't dare open the little package I send them for safe-keeping that contains an encrypted copy of the private key that holds the bitcoins.

I operate an offline business, so that's where those 20 locations come from. I can even document the process for you. All you have to do is send 130 coins to an address I make.

Of course, this means you have to trust me. So feel free to ask all the documentation you would want or need, or to come fly over here to my country and have a tour.

Oh yeah, I also have some influence over the local police and military here, so we're covered from violent attempts to get your private key.

[EtherDais]

Can someone please inform me on this, I have 130 bitcoins stored in blockchain i've had it stored in there for months because Im worried if I put them on armory client and my computer brakes I will never be able to recover my coins.

I'd split that up into a few separate accounts with well backed up private keys. 

[justusranvier]

Can someone please inform me on this, I have 130 bitcoins stored in blockchain i've had it stored in there for months because Im worried if I put them on armory client and my computer brakes I will never be able to recover my coins.

Paper backups are how you protect your offline from computer failure. If you're protecting 130 bitcoins it's worth it to buy a used laptop for a dedicated offline machine to hold your wallet if you don't already have a spare machine available.

[mai77]

print out on paper

[chufchuf]

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is not an issue with private keys or importing them. It is perfectly safe to use importprivkey with bitcoind/litecoind. The problem comes when people go creating raw transactions (the brainwallet site let you do this and you can deliberately / not accidentally do it with bitcoind/litecoind). If you create a raw transaction and do not send all of the funds from the old address what's left will become a fee for the miners. The moral of the story is stay away from raw transactions unless you know exactly what you are doing. No need to be afraid of single private keys. If you have a question, ask!

I don't quite understand what you're saying here. Isn't the problem as such: cold wallets don't renew their pool of 100 unused addresses, so by the 101st transaction they make they start sending change to addresses they don't have and so these go back to the miners. But then hot wallets do create these new addresses and deterministic wallets have a huge amount of spare addresses, so there's no problem with them. But as far as that understanding of the issue goes, there's no problem with the old address (the address that's sending the coins) only sending part of its funds elsewhere. What you're saying is that any given address in a wallet has to send all its coins, if not the difference between the originating address and the transaction will be lost to the miners?

[mccoyspace]

I have a related noob question.

If you have the public and private key printed out, maybe just as QR codes, (like what you can make at http://www.bitaddress.org) and you want to spend them, is there any online wallet or exchange that lets you just input those two keys and access the coins, or do you have to do it by importing keys though a wallet client application on your computer, then transfer it to on online exchange?

[drrussellshane]

I have a related noob question.

If you have the public and private key printed out, maybe just as QR codes, (like what you can make at http://www.bitaddress.org) and you want to spend them, is there any online wallet or exchange that lets you just input those two keys and access the coins, or do you have to do it by importing keys though a wallet client application on your computer, then transfer it to on online exchange?

You can redeem with blockchain.info

[Dabs]

You can also sweep the private key using Mt.Gox.

Personally, I'd importprivkey using the bitcoin-qt client.

[robamichael]

So to create a cold wallet we:

• Send to a new public key
• Record the private key (e.g., Write on a piece of paper, backup on multiple USB drives)
• Hold for safe keeping

Then to access the funds we:

• Load the private key on a client (e.g., Bitcoin client, blockchain.info, Mt. Gox)
• Make transaction (Does something happen here that changes the private key?)

Lastly, make the funds cold again:

• Record new private key, or send to a new public/private key pair

Can someone please weigh-in on the above?

[Rassah]

^^^ That's pretty much correct. Just make sure that you send all change back to the same private key when you spend it, otherwise it may send your change to one of your other addresses, and you may lose it when you delete your keys/wallet.

A better cold wallet option is Bitcoin Armory. It may look more complicated, but it's actually much easier to set up and use than this bit address paper method. (And more secure)

[Dabs]

Yes. Pretty much as above. You could think of the cold private key as disposable, and consider it "hot" after you have used it once.

[WishIStartedSooner]

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is something that should be more clearly stated for all new Bitcoins users.

Ive been saving bitcoin in a wallet that I generated at bitaddress.org, offline -- with the private key written down.

Have I fucked myself like a noob?

[Rassah]

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is something that should be more clearly stated for all new Bitcoins users.

Ive been saving bitcoin in a wallet that I generated at bitaddress.org, offline -- with the private key written down.

Have I fucked myself like a noob?

Nope. If you never used that private key, they should still be there. You can use the public key to check.

[WishIStartedSooner]

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is something that should be more clearly stated for all new Bitcoins users.

Ive been saving bitcoin in a wallet that I generated at bitaddress.org, offline -- with the private key written down.

Have I fucked myself like a noob?

Nope. If you never used that private key, they should still be there. You can use the public key to check.

I check it regularly. They're all there.

Ok then, when I go to withdraw how can I protect myself from getting fucked?

[jubalix]

Reading a ton of different ways for cold storage.

What is the most secure/easiest way to cold store BTC and also LTC.

Do you really need to keep the wallet.dat file or just the Private and Public keys?

Thanks

why dont' people pdf print and use trucrypt and leave copies everywhere?

[jmw74]

Reading a ton of different ways for cold storage.

What is the most secure/easiest way to cold store BTC and also LTC.

Do you really need to keep the wallet.dat file or just the Private and Public keys?

Thanks

why dont' people pdf print and use trucrypt and leave copies everywhere?

Because if anything happens to your trucrypt password, the bitcoins are lost forever.  If you didn't write down the password, and you forget it you're hosed.  If you die, your family doesn't inherit your bitcoins.

So then you figure ok I'll write down the trucrypt password.  Now you're right back where you started with the wallet.

One solution to this that I'm using is Shamir's Secret Sharing algorithm.  It gives you redundancy (losing one of the printed keys is ok) but without the increased risk (an attacker finding one of your copies doesn't help him steal your coins).

[Rassah]

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is something that should be more clearly stated for all new Bitcoins users.

Ive been saving bitcoin in a wallet that I generated at bitaddress.org, offline -- with the private key written down.

Have I fucked myself like a noob?

Nope. If you never used that private key, they should still be there. You can use the public key to check.

I check it regularly. They're all there.

Ok then, when I go to withdraw how can I protect myself from getting fucked?

Least safe method: Add the private key to Blockchain.info, spend what you need, send all remaining money (and change) to a new never-used paper wallet. Security concerns: keyloggers on your computer, Blockchain.info being compromised, general interwebs hacking douchebaggery.

Moderately safe method: Use a private key import software to import it into your official Blockchain-QT wallet (after making sure that password protection is turned on). Spend what you need, send the remaining money to a new paper wallet in case your PC was compromised without your knowledge. Security concerns: keyloggers on your computer.

Most safe method: Get a computer you never have to put on the internet, and stick a copy of offline Armory on that, and an online Armory on your main connected computer. Armory has a convenient built-in feature that lets you import the private key, so import it into the offline copy of Armory only. Then export a "Watching-Only" copy of the wallet (only has public keys) from the offline Armory to the online one. Use the online Armory computer to create transactions, the offline Armory to sign them, and the online again to transmit them (you have to copy an unsigned transaction file to a USB stick, actually walk it over to your offline computer, sign the file there, then walk it back to the online one and transmit from there). Spend what you need... and just keep your private key/paper wallet safe. You can keep using it, since it never touched the web. Security concerns: none, really, since the private key never touches the internet and is never exposed to any keyloggers, viruses, or hacks. About the only security threat is a physical attack, where someone comes to your house and beats your passwords and paper wallets out of you.

[dlauth]

I was going to use the method of offline armory and a computer with online armory. I shouldnt have the problem with change addresses?

What is the solution for storing LTC?

[justusranvier]

I was going to use the method of offline armory and a computer with online armory. I shouldnt have the problem with change addresses?

With Armory wallets there will be no problem with change addresses because they are generated deterministically instead of randomly. The online and offline wallets will always generate the same change addresses.

[dlauth]

so as long as you have a paper wallet or a backup of the .wallet you should be fine on armory?

Solution for LTC?

[Rassah]

so as long as you have a paper wallet or a backup of the .wallet you should be fine on armory?

Yes. Paper wallet is prefered, because with a backup you could still lose your password or have a corrupt file. Just make sure to keep the papers in really secure places where they won't get stolen

[etotheipi]

All this talk about "change addresses" is dangerous.  If you don't understand change addresses, you shouldn't be doing anything like this manually.  It'd be like someone without an education trying to rewire their fuse-box.  I'm sure if you spend some time reading up how to do it, you might get it right -- but also might electricute yourself and/or burn your house down.

In this case, I am the electrician.  I wrote Armory to do exactly what is being requested in this thread.  It's used by thousands of people, and has been for more than a year.  I have figured out all the gory details and put in endless error catching, corner cases, etc, and it's been thoroughly tested.  I wrapped it up in a nice GUI that a non-technical user can use safely.  

-- Backup your wallet one time.  Ever.  Period.  Forget about change addresses, it's all backed up with your paper backup.  Print it or copy it by hand.  A digital backup kinda works, but it is encrypted which doesn't help you if you forget your passphrase.  You laugh, but this is by far the most common reason people lose coins -- not theft or hard drive loss.  Plus digital backups get corrupted.  There's no guarantee it will work when you need it 10 years from now.
-- You create the wallet on the offline computer, and "Create a watching-only wallet" and import it on the online computer.  That wallet behaves exactly like a regular wallet, but without the ability to spend.  You can generate and distribute trillions of addresses if you want, and see payments come in exactly as if you had the full wallet on your system... but it actually has no private keys.
-- To send money, create a transaction like you would with a regular wallet, and the "Send" button will instead say "Create Unsigned Transaction".  Save it to a USB key, take it to the offline computer, hit "Sign", then bring it back to the online computer and hit "Broadcast".  

There's a tutorial here, which will soon be updated with illustrations and screenshots.  Though, most people can figure it out from the in-app hints and that webpage (or from the app, by itself).  If you're really starting from scratch, start at the quick start guide.

Solution for LTC?

There is no LTC version of Armory, but I imagine it wouldn't be too hard for a bitcoin-knowledgeable dev to implement.  I can answer questions about it, but I don't have time to actually do it myself.  You'd probably have to change some constants near the top of armoryengine.py and modify the C++ utilities to use scrypt instead of double-sha256 for the blockheaders.  

[unabridged]

Is there anyway to easily encrypt the private keys from armory before writing them on paper? I would feel much safer if they were password protected.

And any word from Armory about LTC support? lol happened while i was writing my post

[dlauth]

etotheipi, thank for your hard work on armory! I will for sure use that.

Im sure there is enough people who would want Armory to integrate LTC into the mix and would be willing to pay for it! I know I would.

Please keep that in mind if you ever decide you have some free time.

Thanks

[etotheipi]

Is there anyway to easily encrypt the private keys from armory before writing them on paper? I would feel much safer if they were password protected.

I'm working on using Shamir's Secret Sharing as an alternative to encrypted backups.  It's actually implemented and usable from the command-line right now, but not implemented in the GUI.  You can PM me for more details if you want it.

And any word from Armory about LTC support?

See the end of my previous message.

[etotheipi]

etotheipi, thank for your hard work on armory! I will for sure use that.

Im sure there is enough people who would want Armory to integrate LTC into the mix and would be willing to pay for it! I know I would.

Please keep that in mind if you ever decide you have some free time.

Thanks

Thanks!  I hope you can get Armory to work for you!  It's still got some usability curve (and some resource requirements), but it works quite nicely when it works   And the resource requirements will be lowered in the next few weeks as I make some major upgrades to the blockchain engine.

I know there's some demand for LTC, but I just can't do it.  But I think someone else could pretty easily, and those changes would merge easily with future Armory updates that I make.  For now, I'm focused on a variety of usability improvements, as well as new wallets with multi-sig, android-support, etc.  Any LTC support will have to be parallel.  You could always post a bounty

[Zomdifros]

-- Backup your wallet one time.  Ever.  Period.  Forget about change addresses, it's all backed up with your paper backup.  Print it or copy it by hand.  A digital backup kinda works, but it is encrypted which doesn't help you if you forget your passphrase.  You laugh, but this is by far the most common reason people lose coins -- not theft or hard drive loss.  Plus digital backups get corrupted.  There's no guarantee it will work when you need it 10 years from now.

Couldn't you just write your passphrase down and have an encrypted digital backup somewhere in your email or dropbox? That would solve the situation where your house burns down, just before you found out your parents lost the other paper backup you gave them.

[dlauth]

My issue with the only Litecoin qt client is I cant find out what the private key is and how to import another set of keys.

[etotheipi]

-- Backup your wallet one time.  Ever.  Period.  Forget about change addresses, it's all backed up with your paper backup.  Print it or copy it by hand.  A digital backup kinda works, but it is encrypted which doesn't help you if you forget your passphrase.  You laugh, but this is by far the most common reason people lose coins -- not theft or hard drive loss.  Plus digital backups get corrupted.  There's no guarantee it will work when you need it 10 years from now.

Couldn't you just write your passphrase down and have an encrypted digital backup somewhere in your email or dropbox? That would solve the situation where your house burns down, just before you found out your parents lost the other paper backup you gave them.

Actually, this is a poor-man's Shamir's Secret Sharing scheme, and it's not a bad one, though you can only 2-of-2 out of it.  Encrypt your backup with a really long passphrase on one sheet of paper.  Write the passphrase on another sheet of paper.  Now you need both to recover your wallet.  But if you lose one, you're screwed. 

Actually, you could encrypte multiple times, and get M-of-M out of it (3-of-3, 4-of-4, etc). 

But the beauty of Shamir's Secret Sharing is that you can have, say, 3-of-5 backups -- print off 5 sheets of paper, and any subset of 3 is sufficient to recover your wallet.  As I linked, it exists for Armory wallets, but only if you're comfortable with the command line.  It will eventually be merged into the GUI... it's just going to take some work to unify all the backup options into an intuitive "Backup Center".

But the experience of this "electrician" is that, by far, the most vulnerable part of holding Bitcoins is losing your passphrase, your hard-drive, or online/virtual attacks (like the recent Skype malware).  Not physical security.  Most people are capable of physically securing a sheet of paper -- SSS will simply improve that.

[Zomdifros]

-- Backup your wallet one time.  Ever.  Period.  Forget about change addresses, it's all backed up with your paper backup.  Print it or copy it by hand.  A digital backup kinda works, but it is encrypted which doesn't help you if you forget your passphrase.  You laugh, but this is by far the most common reason people lose coins -- not theft or hard drive loss.  Plus digital backups get corrupted.  There's no guarantee it will work when you need it 10 years from now.

Couldn't you just write your passphrase down and have an encrypted digital backup somewhere in your email or dropbox? That would solve the situation where your house burns down, just before you found out your parents lost the other paper backup you gave them.

Actually, this is a poor-man's Shamir's Secret Sharing scheme, and it's not a bad one, though you can only 2-of-2 out of it.  Encrypt your backup with a really long passphrase on one sheet of paper.  Write the passphrase on another sheet of paper.  Now you need both to recover your wallet.  But if you lose one, you're screwed. 

Actually, you could encrypte multiple times, and get M-of-M out of it (3-of-3, 4-of-4, etc). 

But the beauty of Shamir's Secret Sharing is that you can have, say, 3-of-5 backups -- print off 5 sheets of paper, and any subset of 3 is sufficient to recover your wallet.  As I linked, it exists for Armory wallets, but only if you're comfortable with the command line.  It will eventually be merged into the GUI... it's just going to take some work to unify all the backup options into an intuitive "Backup Center".

But the experience of this "electrician" is that, by far, the most vulnerable part of holding Bitcoins is losing your passphrase, your hard-drive, or online/virtual attacks (like the recent Skype malware).  Not physical security.  Most people are capable of physically securing a sheet of paper -- SSS will simply improve that.

Well that sounds reasonable indeed. The thing I'm most worried about by far are keyloggers and keeping the whole thing offline would pretty much solve that. I'm really looking forward toward the SSS solution within the GUI then, this would solve my other worry of somehow losing the piece of paper with the key.
 
One more question if you don't mind then: is there a risk that when you want to install Armory on your offline computer and transport it using a USB stick, malware somehow manages to copy itself on this stick and get onboard your offline computer, installs a keylogger and manages to get crucial information back on the internet using the same USB stick? Or is this way too far-fetched?

[etotheipi]

Well that sounds reasonable indeed. The thing I'm most worried about by far are keyloggers and keeping the whole thing offline would pretty much solve that. I'm really looking forward toward the SSS solution within the GUI then, this would solve my other worry of somehow losing the piece of paper with the key.
 
One more question if you don't mind then: is there a risk that when you want to install Armory on your offline computer and transport it using a USB stick, malware somehow manages to copy itself on this stick and get onboard your offline computer, installs a keylogger and manages to get crucial information back on the internet using the same USB stick? Or is this way too far-fetched?

Well, the next release of Armory will have some help on the keylogger front (see images below).  The keylogger would have to record mouse-clicks in order to get your passphrase, and even that is useless if you scramble the keyboard.  Anything advanced enough to break that, will get your private keys another way.

As for the USB viruses:  that is a very real, and very remote threat.  It's not to say it couldn't be done.  It's why I've got the Improving offline wallets thread.  The reason why I stick with USB is so that people use it.  I'd much rather they use USB keys, than get fed up with something complicated, or not supported on all OS (battling drivers issues), and then resort to just regular hot wallets.  USB keys are universal, and everyone understands them.  No doubt, though, I'm working on some alternatives, for advanced users.

[Zomdifros]

Well that sounds reasonable indeed. The thing I'm most worried about by far are keyloggers and keeping the whole thing offline would pretty much solve that. I'm really looking forward toward the SSS solution within the GUI then, this would solve my other worry of somehow losing the piece of paper with the key.
 
One more question if you don't mind then: is there a risk that when you want to install Armory on your offline computer and transport it using a USB stick, malware somehow manages to copy itself on this stick and get onboard your offline computer, installs a keylogger and manages to get crucial information back on the internet using the same USB stick? Or is this way too far-fetched?

Well, the next release of Armory will have some help on the keylogger front (see images below).  The keylogger would have to record mouse-clicks in order to get your passphrase, and even that is useless if you scramble the keyboard.  Anything advanced enough to break that, will get your private keys another way.

As for the USB viruses:  that is a very real, and very remote threat.  It's not to say it couldn't be done.  It's why I've got the Improving offline wallets thread.  The reason why I stick with USB is so that people use it.  I'd much rather they use USB keys, than get fed up with something complicated, or not supported on all OS (battling drivers issues), and then resort to just regular hot wallets.  USB keys are universal, and everyone understands them.  No doubt, though, I'm working on some alternatives, for advanced users.

Isn't the Simple Python Keylogger already able to record mouse-clicks and taking a snapshot in each instance? I'm sure if an open source keylogger is up to the job any malicious keylogger should be able to do so as well.

[etotheipi]

Isn't the Simple Python Keylogger already able to record mouse-clicks and taking a snapshot in each instance? I'm sure if an open source keylogger is up to the job any malicious keylogger should be able to do so as well.

The OSD keyboard can be defeated.  But simple, off-the-shelf pluggable keyloggers, only record keystrokes.  This isn't intended to be a replacement for real security, it just raises the bar a tad for what an attacker needs to attack you.

[Zomdifros]

Isn't the Simple Python Keylogger already able to record mouse-clicks and taking a snapshot in each instance? I'm sure if an open source keylogger is up to the job any malicious keylogger should be able to do so as well.

The OSD keyboard can be defeated.  But simple, off-the-shelf pluggable keyloggers, only record keystrokes.  This isn't intended to be a replacement for real security, it just raises the bar a tad for what an attacker needs to attack you.

Thanks for the link to your thread from last year! I read up on the QR code option and I think this could be done ultrasafe and very easy by slicing my Bitcoin holdings in several small accounts, then using the scanner from the Blockchain.info Android app to retreive the QR code with the private key. That way my offline laptop could remain more or less completely off-grid.

[Dabs]

There's this thing I've used before called Neo's SafeKeys. It's a virtual keyboard software that is supposed to defeat many software (and hardware) based keyloggers, unless someone is capturing live video feed of everything you do. Check it out, you might learn a trick or two.