Bitcoin Forum
November 23, 2017, 09:06:12 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 [3] 4 »  All
  Print  
Author Topic: Best Cold Storage Methods For LTC and BTC  (Read 9260 times)
WishIStartedSooner
Sr. Member
****
Offline Offline

Activity: 252


View Profile
April 05, 2013, 04:54:54 AM
 #41

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is something that should be more clearly stated for all new Bitcoins users.

Ive been saving bitcoin in a wallet that I generated at bitaddress.org, offline -- with the private key written down.

Have I fucked myself like a noob?
1511471172
Hero Member
*
Offline Offline

Posts: 1511471172

View Profile Personal Message (Offline)

Ignore
1511471172
Reply with quote  #2

1511471172
Report to moderator
1511471172
Hero Member
*
Offline Offline

Posts: 1511471172

View Profile Personal Message (Offline)

Ignore
1511471172
Reply with quote  #2

1511471172
Report to moderator
1511471172
Hero Member
*
Offline Offline

Posts: 1511471172

View Profile Personal Message (Offline)

Ignore
1511471172
Reply with quote  #2

1511471172
Report to moderator
Join ICO Now Coinlancer is Disrupting the Freelance marketplace!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Rassah
Legendary
*
Offline Offline

Activity: 1680


Director of Bitcoin100


View Profile
April 05, 2013, 05:00:49 AM
 #42

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is something that should be more clearly stated for all new Bitcoins users.

Ive been saving bitcoin in a wallet that I generated at bitaddress.org, offline -- with the private key written down.

Have I fucked myself like a noob?

Nope. If you never used that private key, they should still be there. You can use the public key to check.

WishIStartedSooner
Sr. Member
****
Offline Offline

Activity: 252


View Profile
April 05, 2013, 05:15:28 AM
 #43

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is something that should be more clearly stated for all new Bitcoins users.

Ive been saving bitcoin in a wallet that I generated at bitaddress.org, offline -- with the private key written down.

Have I fucked myself like a noob?

Nope. If you never used that private key, they should still be there. You can use the public key to check.

I check it regularly. They're all there.

Ok then, when I go to withdraw how can I protect myself from getting fucked?
jubalix
Legendary
*
Offline Offline

Activity: 1652


View Profile
April 05, 2013, 06:04:36 AM
 #44

Reading a ton of different ways for cold storage.

What is the most secure/easiest way to cold store BTC and also LTC.

Do you really need to keep the wallet.dat file or just the Private and Public keys?

Thanks

why dont' people pdf print and use trucrypt and leave copies everywhere?

Admitted Practicing Lawyer::BTC/Crypto Specialist.
B.Engineering/B.Laws
jmw74
Full Member
***
Offline Offline

Activity: 236


View Profile
April 05, 2013, 12:20:19 PM
 #45

Reading a ton of different ways for cold storage.

What is the most secure/easiest way to cold store BTC and also LTC.

Do you really need to keep the wallet.dat file or just the Private and Public keys?

Thanks

why dont' people pdf print and use trucrypt and leave copies everywhere?

Because if anything happens to your trucrypt password, the bitcoins are lost forever.  If you didn't write down the password, and you forget it you're hosed.  If you die, your family doesn't inherit your bitcoins.

So then you figure ok I'll write down the trucrypt password.  Now you're right back where you started with the wallet.

One solution to this that I'm using is Shamir's Secret Sharing algorithm.  It gives you redundancy (losing one of the printed keys is ok) but without the increased risk (an attacker finding one of your copies doesn't help him steal your coins).

Rassah
Legendary
*
Offline Offline

Activity: 1680


Director of Bitcoin100


View Profile
April 05, 2013, 01:48:17 PM
 #46

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is something that should be more clearly stated for all new Bitcoins users.

Ive been saving bitcoin in a wallet that I generated at bitaddress.org, offline -- with the private key written down.

Have I fucked myself like a noob?

Nope. If you never used that private key, they should still be there. You can use the public key to check.

I check it regularly. They're all there.

Ok then, when I go to withdraw how can I protect myself from getting fucked?

Least safe method: Add the private key to Blockchain.info, spend what you need, send all remaining money (and change) to a new never-used paper wallet. Security concerns: keyloggers on your computer, Blockchain.info being compromised, general interwebs hacking douchebaggery.

Moderately safe method: Use a private key import software to import it into your official Blockchain-QT wallet (after making sure that password protection is turned on). Spend what you need, send the remaining money to a new paper wallet in case your PC was compromised without your knowledge. Security concerns: keyloggers on your computer.

Most safe method: Get a computer you never have to put on the internet, and stick a copy of offline Armory on that, and an online Armory on your main connected computer. Armory has a convenient built-in feature that lets you import the private key, so import it into the offline copy of Armory only. Then export a "Watching-Only" copy of the wallet (only has public keys) from the offline Armory to the online one. Use the online Armory computer to create transactions, the offline Armory to sign them, and the online again to transmit them (you have to copy an unsigned transaction file to a USB stick, actually walk it over to your offline computer, sign the file there, then walk it back to the online one and transmit from there). Spend what you need... and just keep your private key/paper wallet safe. You can keep using it, since it never touched the web. Security concerns: none, really, since the private key never touches the internet and is never exposed to any keyloggers, viruses, or hacks. About the only security threat is a physical attack, where someone comes to your house and beats your passwords and paper wallets out of you.

dlauth
Jr. Member
*
Offline Offline

Activity: 30


View Profile
April 09, 2013, 04:03:21 PM
 #47

I was going to use the method of offline armory and a computer with online armory. I shouldnt have the problem with change addresses?

What is the solution for storing LTC?
justusranvier
Legendary
*
Offline Offline

Activity: 1400



View Profile WWW
April 09, 2013, 04:32:36 PM
 #48

I was going to use the method of offline armory and a computer with online armory. I shouldnt have the problem with change addresses?
With Armory wallets there will be no problem with change addresses because they are generated deterministically instead of randomly. The online and offline wallets will always generate the same change addresses.
dlauth
Jr. Member
*
Offline Offline

Activity: 30


View Profile
April 09, 2013, 05:42:40 PM
 #49

so as long as you have a paper wallet or a backup of the .wallet you should be fine on armory?

Solution for LTC?
Rassah
Legendary
*
Offline Offline

Activity: 1680


Director of Bitcoin100


View Profile
April 09, 2013, 06:03:32 PM
 #50

so as long as you have a paper wallet or a backup of the .wallet you should be fine on armory?

Yes. Paper wallet is prefered, because with a backup you could still lose your password or have a corrupt file. Just make sure to keep the papers in really secure places where they won't get stolen

etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 09, 2013, 06:08:49 PM
 #51

All this talk about "change addresses" is dangerous.  If you don't understand change addresses, you shouldn't be doing anything like this manually.  It'd be like someone without an education trying to rewire their fuse-box.  I'm sure if you spend some time reading up how to do it, you might get it right -- but also might electricute yourself and/or burn your house down.

In this case, I am the electrician.  I wrote Armory to do exactly what is being requested in this thread.  It's used by thousands of people, and has been for more than a year.  I have figured out all the gory details and put in endless error catching, corner cases, etc, and it's been thoroughly tested.  I wrapped it up in a nice GUI that a non-technical user can use safely.  

-- Backup your wallet one time.  Ever.  Period.  Forget about change addresses, it's all backed up with your paper backup.  Print it or copy it by hand.  A digital backup kinda works, but it is encrypted which doesn't help you if you forget your passphrase.  You laugh, but this is by far the most common reason people lose coins -- not theft or hard drive loss.  Plus digital backups get corrupted.  There's no guarantee it will work when you need it 10 years from now.
-- You create the wallet on the offline computer, and "Create a watching-only wallet" and import it on the online computer.  That wallet behaves exactly like a regular wallet, but without the ability to spend.  You can generate and distribute trillions of addresses if you want, and see payments come in exactly as if you had the full wallet on your system... but it actually has no private keys.
-- To send money, create a transaction like you would with a regular wallet, and the "Send" button will instead say "Create Unsigned Transaction".  Save it to a USB key, take it to the offline computer, hit "Sign", then bring it back to the online computer and hit "Broadcast".  

There's a tutorial here, which will soon be updated with illustrations and screenshots.  Though, most people can figure it out from the in-app hints and that webpage (or from the app, by itself).  If you're really starting from scratch, start at the quick start guide.


Solution for LTC?

There is no LTC version of Armory, but I imagine it wouldn't be too hard for a bitcoin-knowledgeable dev to implement.  I can answer questions about it, but I don't have time to actually do it myself.  You'd probably have to change some constants near the top of armoryengine.py and modify the C++ utilities to use scrypt instead of double-sha256 for the blockheaders.  

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
unabridged
Jr. Member
*
Offline Offline

Activity: 31


View Profile
April 09, 2013, 06:11:54 PM
 #52

Is there anyway to easily encrypt the private keys from armory before writing them on paper? I would feel much safer if they were password protected.

And any word from Armory about LTC support? lol happened while i was writing my post

BTC: 1FMzTWoaKyQjFg2tJn7TkVT4aSAQgKbCpj
LTC: LUwWqUt93QJFxHxkfehn73sqfvhbUSQ4qt
NMC: My3QKLe17Xc9D1tVUzkE7vxUqRMsQfAGSR
dlauth
Jr. Member
*
Offline Offline

Activity: 30


View Profile
April 09, 2013, 06:13:01 PM
 #53

etotheipi, thank for your hard work on armory! I will for sure use that.

Im sure there is enough people who would want Armory to integrate LTC into the mix and would be willing to pay for it! I know I would.

Please keep that in mind if you ever decide you have some free time.

Thanks
etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 09, 2013, 06:13:41 PM
 #54

Is there anyway to easily encrypt the private keys from armory before writing them on paper? I would feel much safer if they were password protected.

I'm working on using Shamir's Secret Sharing as an alternative to encrypted backups.  It's actually implemented and usable from the command-line right now, but not implemented in the GUI.  You can PM me for more details if you want it.

And any word from Armory about LTC support?

See the end of my previous message.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 09, 2013, 06:21:56 PM
 #55

etotheipi, thank for your hard work on armory! I will for sure use that.

Im sure there is enough people who would want Armory to integrate LTC into the mix and would be willing to pay for it! I know I would.

Please keep that in mind if you ever decide you have some free time.

Thanks

Thanks!  I hope you can get Armory to work for you!  It's still got some usability curve (and some resource requirements), but it works quite nicely when it works Smiley  And the resource requirements will be lowered in the next few weeks as I make some major upgrades to the blockchain engine.

I know there's some demand for LTC, but I just can't do it.  But I think someone else could pretty easily, and those changes would merge easily with future Armory updates that I make.  For now, I'm focused on a variety of usability improvements, as well as new wallets with multi-sig, android-support, etc.  Any LTC support will have to be parallel.  You could always post a bounty Smiley

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
Zomdifros
Full Member
***
Offline Offline

Activity: 210



View Profile
April 09, 2013, 06:58:27 PM
 #56

-- Backup your wallet one time.  Ever.  Period.  Forget about change addresses, it's all backed up with your paper backup.  Print it or copy it by hand.  A digital backup kinda works, but it is encrypted which doesn't help you if you forget your passphrase.  You laugh, but this is by far the most common reason people lose coins -- not theft or hard drive loss.  Plus digital backups get corrupted.  There's no guarantee it will work when you need it 10 years from now.

Couldn't you just write your passphrase down and have an encrypted digital backup somewhere in your email or dropbox? That would solve the situation where your house burns down, just before you found out your parents lost the other paper backup you gave them.

dlauth
Jr. Member
*
Offline Offline

Activity: 30


View Profile
April 09, 2013, 07:00:23 PM
 #57

My issue with the only Litecoin qt client is I cant find out what the private key is and how to import another set of keys.
etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 09, 2013, 07:08:27 PM
 #58

-- Backup your wallet one time.  Ever.  Period.  Forget about change addresses, it's all backed up with your paper backup.  Print it or copy it by hand.  A digital backup kinda works, but it is encrypted which doesn't help you if you forget your passphrase.  You laugh, but this is by far the most common reason people lose coins -- not theft or hard drive loss.  Plus digital backups get corrupted.  There's no guarantee it will work when you need it 10 years from now.

Couldn't you just write your passphrase down and have an encrypted digital backup somewhere in your email or dropbox? That would solve the situation where your house burns down, just before you found out your parents lost the other paper backup you gave them.

Actually, this is a poor-man's Shamir's Secret Sharing scheme, and it's not a bad one, though you can only 2-of-2 out of it.  Encrypt your backup with a really long passphrase on one sheet of paper.  Write the passphrase on another sheet of paper.  Now you need both to recover your wallet.  But if you lose one, you're screwed. 

Actually, you could encrypte multiple times, and get M-of-M out of it (3-of-3, 4-of-4, etc). 

But the beauty of Shamir's Secret Sharing is that you can have, say, 3-of-5 backups -- print off 5 sheets of paper, and any subset of 3 is sufficient to recover your wallet.  As I linked, it exists for Armory wallets, but only if you're comfortable with the command line.  It will eventually be merged into the GUI... it's just going to take some work to unify all the backup options into an intuitive "Backup Center".

But the experience of this "electrician" is that, by far, the most vulnerable part of holding Bitcoins is losing your passphrase, your hard-drive, or online/virtual attacks (like the recent Skype malware).  Not physical security.  Most people are capable of physically securing a sheet of paper -- SSS will simply improve that.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
Zomdifros
Full Member
***
Offline Offline

Activity: 210



View Profile
April 09, 2013, 08:56:19 PM
 #59

-- Backup your wallet one time.  Ever.  Period.  Forget about change addresses, it's all backed up with your paper backup.  Print it or copy it by hand.  A digital backup kinda works, but it is encrypted which doesn't help you if you forget your passphrase.  You laugh, but this is by far the most common reason people lose coins -- not theft or hard drive loss.  Plus digital backups get corrupted.  There's no guarantee it will work when you need it 10 years from now.

Couldn't you just write your passphrase down and have an encrypted digital backup somewhere in your email or dropbox? That would solve the situation where your house burns down, just before you found out your parents lost the other paper backup you gave them.

Actually, this is a poor-man's Shamir's Secret Sharing scheme, and it's not a bad one, though you can only 2-of-2 out of it.  Encrypt your backup with a really long passphrase on one sheet of paper.  Write the passphrase on another sheet of paper.  Now you need both to recover your wallet.  But if you lose one, you're screwed. 

Actually, you could encrypte multiple times, and get M-of-M out of it (3-of-3, 4-of-4, etc). 

But the beauty of Shamir's Secret Sharing is that you can have, say, 3-of-5 backups -- print off 5 sheets of paper, and any subset of 3 is sufficient to recover your wallet.  As I linked, it exists for Armory wallets, but only if you're comfortable with the command line.  It will eventually be merged into the GUI... it's just going to take some work to unify all the backup options into an intuitive "Backup Center".

But the experience of this "electrician" is that, by far, the most vulnerable part of holding Bitcoins is losing your passphrase, your hard-drive, or online/virtual attacks (like the recent Skype malware).  Not physical security.  Most people are capable of physically securing a sheet of paper -- SSS will simply improve that.

Well that sounds reasonable indeed. The thing I'm most worried about by far are keyloggers and keeping the whole thing offline would pretty much solve that. I'm really looking forward toward the SSS solution within the GUI then, this would solve my other worry of somehow losing the piece of paper with the key.
 
One more question if you don't mind then: is there a risk that when you want to install Armory on your offline computer and transport it using a USB stick, malware somehow manages to copy itself on this stick and get onboard your offline computer, installs a keylogger and manages to get crucial information back on the internet using the same USB stick? Or is this way too far-fetched?

etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 09, 2013, 09:09:00 PM
 #60

Well that sounds reasonable indeed. The thing I'm most worried about by far are keyloggers and keeping the whole thing offline would pretty much solve that. I'm really looking forward toward the SSS solution within the GUI then, this would solve my other worry of somehow losing the piece of paper with the key.
 
One more question if you don't mind then: is there a risk that when you want to install Armory on your offline computer and transport it using a USB stick, malware somehow manages to copy itself on this stick and get onboard your offline computer, installs a keylogger and manages to get crucial information back on the internet using the same USB stick? Or is this way too far-fetched?

Well, the next release of Armory will have some help on the keylogger front (see images below).  The keylogger would have to record mouse-clicks in order to get your passphrase, and even that is useless if you scramble the keyboard.  Anything advanced enough to break that, will get your private keys another way.

As for the USB viruses:  that is a very real, and very remote threat.  It's not to say it couldn't be done.  It's why I've got the Improving offline wallets thread.  The reason why I stick with USB is so that people use it.  I'd much rather they use USB keys, than get fed up with something complicated, or not supported on all OS (battling drivers issues), and then resort to just regular hot wallets.  USB keys are universal, and everyone understands them.  No doubt, though, I'm working on some alternatives, for advanced users.






Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
Pages: « 1 2 [3] 4 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!