Best Cold Storage Methods For LTC and BTC

[WishIStartedSooner]

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is something that should be more clearly stated for all new Bitcoins users.

Ive been saving bitcoin in a wallet that I generated at bitaddress.org, offline -- with the private key written down.

Have I fucked myself like a noob?

[1713871370]

1713871370

[1713871370]

1713871370

[Rassah]

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is something that should be more clearly stated for all new Bitcoins users.

Ive been saving bitcoin in a wallet that I generated at bitaddress.org, offline -- with the private key written down.

Have I fucked myself like a noob?

Nope. If you never used that private key, they should still be there. You can use the public key to check.

[WishIStartedSooner]

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is something that should be more clearly stated for all new Bitcoins users.

Ive been saving bitcoin in a wallet that I generated at bitaddress.org, offline -- with the private key written down.

Have I fucked myself like a noob?

Nope. If you never used that private key, they should still be there. You can use the public key to check.

I check it regularly. They're all there.

Ok then, when I go to withdraw how can I protect myself from getting fucked?

[jubalix]

Reading a ton of different ways for cold storage.

What is the most secure/easiest way to cold store BTC and also LTC.

Do you really need to keep the wallet.dat file or just the Private and Public keys?

Thanks

why dont' people pdf print and use trucrypt and leave copies everywhere?

[jmw74]

Reading a ton of different ways for cold storage.

What is the most secure/easiest way to cold store BTC and also LTC.

Do you really need to keep the wallet.dat file or just the Private and Public keys?

Thanks

why dont' people pdf print and use trucrypt and leave copies everywhere?

Because if anything happens to your trucrypt password, the bitcoins are lost forever.  If you didn't write down the password, and you forget it you're hosed.  If you die, your family doesn't inherit your bitcoins.

So then you figure ok I'll write down the trucrypt password.  Now you're right back where you started with the wallet.

One solution to this that I'm using is Shamir's Secret Sharing algorithm.  It gives you redundancy (losing one of the printed keys is ok) but without the increased risk (an attacker finding one of your copies doesn't help him steal your coins).

[Rassah]

Just watch out: importing private keys is a minefield. Some guy on reddit lost $10,000 because he didn't know about "change" addresses and assumed his unspent coins stayed in his cold wallet address.

This is something that should be more clearly stated for all new Bitcoins users.

Ive been saving bitcoin in a wallet that I generated at bitaddress.org, offline -- with the private key written down.

Have I fucked myself like a noob?

Nope. If you never used that private key, they should still be there. You can use the public key to check.

I check it regularly. They're all there.

Ok then, when I go to withdraw how can I protect myself from getting fucked?

Least safe method: Add the private key to Blockchain.info, spend what you need, send all remaining money (and change) to a new never-used paper wallet. Security concerns: keyloggers on your computer, Blockchain.info being compromised, general interwebs hacking douchebaggery.

Moderately safe method: Use a private key import software to import it into your official Blockchain-QT wallet (after making sure that password protection is turned on). Spend what you need, send the remaining money to a new paper wallet in case your PC was compromised without your knowledge. Security concerns: keyloggers on your computer.

Most safe method: Get a computer you never have to put on the internet, and stick a copy of offline Armory on that, and an online Armory on your main connected computer. Armory has a convenient built-in feature that lets you import the private key, so import it into the offline copy of Armory only. Then export a "Watching-Only" copy of the wallet (only has public keys) from the offline Armory to the online one. Use the online Armory computer to create transactions, the offline Armory to sign them, and the online again to transmit them (you have to copy an unsigned transaction file to a USB stick, actually walk it over to your offline computer, sign the file there, then walk it back to the online one and transmit from there). Spend what you need... and just keep your private key/paper wallet safe. You can keep using it, since it never touched the web. Security concerns: none, really, since the private key never touches the internet and is never exposed to any keyloggers, viruses, or hacks. About the only security threat is a physical attack, where someone comes to your house and beats your passwords and paper wallets out of you.

[dlauth]

I was going to use the method of offline armory and a computer with online armory. I shouldnt have the problem with change addresses?

What is the solution for storing LTC?

[justusranvier]

I was going to use the method of offline armory and a computer with online armory. I shouldnt have the problem with change addresses?

With Armory wallets there will be no problem with change addresses because they are generated deterministically instead of randomly. The online and offline wallets will always generate the same change addresses.

[dlauth]

so as long as you have a paper wallet or a backup of the .wallet you should be fine on armory?

Solution for LTC?

[Rassah]

so as long as you have a paper wallet or a backup of the .wallet you should be fine on armory?

Yes. Paper wallet is prefered, because with a backup you could still lose your password or have a corrupt file. Just make sure to keep the papers in really secure places where they won't get stolen

[etotheipi]

All this talk about "change addresses" is dangerous.  If you don't understand change addresses, you shouldn't be doing anything like this manually.  It'd be like someone without an education trying to rewire their fuse-box.  I'm sure if you spend some time reading up how to do it, you might get it right -- but also might electricute yourself and/or burn your house down.

In this case, I am the electrician.  I wrote Armory to do exactly what is being requested in this thread.  It's used by thousands of people, and has been for more than a year.  I have figured out all the gory details and put in endless error catching, corner cases, etc, and it's been thoroughly tested.  I wrapped it up in a nice GUI that a non-technical user can use safely.  

-- Backup your wallet one time.  Ever.  Period.  Forget about change addresses, it's all backed up with your paper backup.  Print it or copy it by hand.  A digital backup kinda works, but it is encrypted which doesn't help you if you forget your passphrase.  You laugh, but this is by far the most common reason people lose coins -- not theft or hard drive loss.  Plus digital backups get corrupted.  There's no guarantee it will work when you need it 10 years from now.
-- You create the wallet on the offline computer, and "Create a watching-only wallet" and import it on the online computer.  That wallet behaves exactly like a regular wallet, but without the ability to spend.  You can generate and distribute trillions of addresses if you want, and see payments come in exactly as if you had the full wallet on your system... but it actually has no private keys.
-- To send money, create a transaction like you would with a regular wallet, and the "Send" button will instead say "Create Unsigned Transaction".  Save it to a USB key, take it to the offline computer, hit "Sign", then bring it back to the online computer and hit "Broadcast".  

There's a tutorial here, which will soon be updated with illustrations and screenshots.  Though, most people can figure it out from the in-app hints and that webpage (or from the app, by itself).  If you're really starting from scratch, start at the quick start guide.

Solution for LTC?

There is no LTC version of Armory, but I imagine it wouldn't be too hard for a bitcoin-knowledgeable dev to implement.  I can answer questions about it, but I don't have time to actually do it myself.  You'd probably have to change some constants near the top of armoryengine.py and modify the C++ utilities to use scrypt instead of double-sha256 for the blockheaders.  

[unabridged]

Is there anyway to easily encrypt the private keys from armory before writing them on paper? I would feel much safer if they were password protected.

And any word from Armory about LTC support? lol happened while i was writing my post

[dlauth]

etotheipi, thank for your hard work on armory! I will for sure use that.

Im sure there is enough people who would want Armory to integrate LTC into the mix and would be willing to pay for it! I know I would.

Please keep that in mind if you ever decide you have some free time.

Thanks

[etotheipi]

Is there anyway to easily encrypt the private keys from armory before writing them on paper? I would feel much safer if they were password protected.

I'm working on using Shamir's Secret Sharing as an alternative to encrypted backups.  It's actually implemented and usable from the command-line right now, but not implemented in the GUI.  You can PM me for more details if you want it.

And any word from Armory about LTC support?

See the end of my previous message.

[etotheipi]

etotheipi, thank for your hard work on armory! I will for sure use that.

Im sure there is enough people who would want Armory to integrate LTC into the mix and would be willing to pay for it! I know I would.

Please keep that in mind if you ever decide you have some free time.

Thanks

Thanks!  I hope you can get Armory to work for you!  It's still got some usability curve (and some resource requirements), but it works quite nicely when it works   And the resource requirements will be lowered in the next few weeks as I make some major upgrades to the blockchain engine.

I know there's some demand for LTC, but I just can't do it.  But I think someone else could pretty easily, and those changes would merge easily with future Armory updates that I make.  For now, I'm focused on a variety of usability improvements, as well as new wallets with multi-sig, android-support, etc.  Any LTC support will have to be parallel.  You could always post a bounty

[Zomdifros]

-- Backup your wallet one time.  Ever.  Period.  Forget about change addresses, it's all backed up with your paper backup.  Print it or copy it by hand.  A digital backup kinda works, but it is encrypted which doesn't help you if you forget your passphrase.  You laugh, but this is by far the most common reason people lose coins -- not theft or hard drive loss.  Plus digital backups get corrupted.  There's no guarantee it will work when you need it 10 years from now.

Couldn't you just write your passphrase down and have an encrypted digital backup somewhere in your email or dropbox? That would solve the situation where your house burns down, just before you found out your parents lost the other paper backup you gave them.

[dlauth]

My issue with the only Litecoin qt client is I cant find out what the private key is and how to import another set of keys.

[etotheipi]

-- Backup your wallet one time.  Ever.  Period.  Forget about change addresses, it's all backed up with your paper backup.  Print it or copy it by hand.  A digital backup kinda works, but it is encrypted which doesn't help you if you forget your passphrase.  You laugh, but this is by far the most common reason people lose coins -- not theft or hard drive loss.  Plus digital backups get corrupted.  There's no guarantee it will work when you need it 10 years from now.

Couldn't you just write your passphrase down and have an encrypted digital backup somewhere in your email or dropbox? That would solve the situation where your house burns down, just before you found out your parents lost the other paper backup you gave them.

Actually, this is a poor-man's Shamir's Secret Sharing scheme, and it's not a bad one, though you can only 2-of-2 out of it.  Encrypt your backup with a really long passphrase on one sheet of paper.  Write the passphrase on another sheet of paper.  Now you need both to recover your wallet.  But if you lose one, you're screwed. 

Actually, you could encrypte multiple times, and get M-of-M out of it (3-of-3, 4-of-4, etc). 

But the beauty of Shamir's Secret Sharing is that you can have, say, 3-of-5 backups -- print off 5 sheets of paper, and any subset of 3 is sufficient to recover your wallet.  As I linked, it exists for Armory wallets, but only if you're comfortable with the command line.  It will eventually be merged into the GUI... it's just going to take some work to unify all the backup options into an intuitive "Backup Center".

But the experience of this "electrician" is that, by far, the most vulnerable part of holding Bitcoins is losing your passphrase, your hard-drive, or online/virtual attacks (like the recent Skype malware).  Not physical security.  Most people are capable of physically securing a sheet of paper -- SSS will simply improve that.

[Zomdifros]

-- Backup your wallet one time.  Ever.  Period.  Forget about change addresses, it's all backed up with your paper backup.  Print it or copy it by hand.  A digital backup kinda works, but it is encrypted which doesn't help you if you forget your passphrase.  You laugh, but this is by far the most common reason people lose coins -- not theft or hard drive loss.  Plus digital backups get corrupted.  There's no guarantee it will work when you need it 10 years from now.

Couldn't you just write your passphrase down and have an encrypted digital backup somewhere in your email or dropbox? That would solve the situation where your house burns down, just before you found out your parents lost the other paper backup you gave them.

Actually, this is a poor-man's Shamir's Secret Sharing scheme, and it's not a bad one, though you can only 2-of-2 out of it.  Encrypt your backup with a really long passphrase on one sheet of paper.  Write the passphrase on another sheet of paper.  Now you need both to recover your wallet.  But if you lose one, you're screwed. 

Actually, you could encrypte multiple times, and get M-of-M out of it (3-of-3, 4-of-4, etc). 

But the beauty of Shamir's Secret Sharing is that you can have, say, 3-of-5 backups -- print off 5 sheets of paper, and any subset of 3 is sufficient to recover your wallet.  As I linked, it exists for Armory wallets, but only if you're comfortable with the command line.  It will eventually be merged into the GUI... it's just going to take some work to unify all the backup options into an intuitive "Backup Center".

But the experience of this "electrician" is that, by far, the most vulnerable part of holding Bitcoins is losing your passphrase, your hard-drive, or online/virtual attacks (like the recent Skype malware).  Not physical security.  Most people are capable of physically securing a sheet of paper -- SSS will simply improve that.

Well that sounds reasonable indeed. The thing I'm most worried about by far are keyloggers and keeping the whole thing offline would pretty much solve that. I'm really looking forward toward the SSS solution within the GUI then, this would solve my other worry of somehow losing the piece of paper with the key.
 
One more question if you don't mind then: is there a risk that when you want to install Armory on your offline computer and transport it using a USB stick, malware somehow manages to copy itself on this stick and get onboard your offline computer, installs a keylogger and manages to get crucial information back on the internet using the same USB stick? Or is this way too far-fetched?

[etotheipi]

Well that sounds reasonable indeed. The thing I'm most worried about by far are keyloggers and keeping the whole thing offline would pretty much solve that. I'm really looking forward toward the SSS solution within the GUI then, this would solve my other worry of somehow losing the piece of paper with the key.
 
One more question if you don't mind then: is there a risk that when you want to install Armory on your offline computer and transport it using a USB stick, malware somehow manages to copy itself on this stick and get onboard your offline computer, installs a keylogger and manages to get crucial information back on the internet using the same USB stick? Or is this way too far-fetched?

Well, the next release of Armory will have some help on the keylogger front (see images below).  The keylogger would have to record mouse-clicks in order to get your passphrase, and even that is useless if you scramble the keyboard.  Anything advanced enough to break that, will get your private keys another way.

As for the USB viruses:  that is a very real, and very remote threat.  It's not to say it couldn't be done.  It's why I've got the Improving offline wallets thread.  The reason why I stick with USB is so that people use it.  I'd much rather they use USB keys, than get fed up with something complicated, or not supported on all OS (battling drivers issues), and then resort to just regular hot wallets.  USB keys are universal, and everyone understands them.  No doubt, though, I'm working on some alternatives, for advanced users.