|
gigabytecoin (OP)
|
 |
June 16, 2011, 04:42:21 AM |
|
So with all this talk about hacking, everybody is rightfully paranoid about their wallet.dat security.
I was thinking... wouldn't it be possible to generate a bitcoin address whilst OFFLINE/not connected to the internet? On a fresh ubuntu/linux install...
If you send the coins to that wallet after encrypting it securely and uploading it to a few remote cloud storage type services... and then sent some bitcoins to an address you had generated in the wallet... that wallet would still contain the coins you sent it correct? Even if it was NEVER connected to the network?
So that in 20 years if I wanted to access my "rainy day" fund, I could retrieve my wallet.dat file that had been encrypted on "the cloud", pop it into a bitcoin client, and my coins would magically appear? (After a massive block download wait I assume).
Am I right?
What is wrong with this idea? Anything?
I am only worried about trying it because it means I would never actually have any proof that the bitcoins were indeed in the wallet, if I never connected to the network that is.
Couldn't somebody else create a wallet and generate the same address as me, since I never told the network about my address?
|
|
|
|
|
|
|
|
|
|
|
|
"I'm sure that in 20 years there will either be very large transaction volume or no volume." -- Satoshi
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
MoonShadow
Legendary
 Offline
Activity: 1708
Merit: 1007
|
|
June 16, 2011, 04:56:52 AM |
|
Not only would that work, it's a fair description of what I have already done with the majority of my bitcoins.
|
"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."
- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
|
|
|
|
bitlotto
|
|
June 16, 2011, 04:58:25 AM |
|
It will work. The chance of someone generating the same private key/address are amazingly improbable! Not going to happen! The odds are just way too small.
|
*Next Draw Feb 1* BitLotto: monthly raffle (0.25 BTC per ticket) Completely transparent and impossible to manipulate who wins. TOR TOR2WEB Donations to: 1JQdiQsjhV2uJ4Y8HFtdqteJsZhv835a8J are appreciated. |
|
|
|
Dude65535
|
|
June 16, 2011, 05:03:52 AM |
|
It would work just fine. To confirm it has worked you can manually copy the block chain to the offline machine. When you send coins to an address the network becomes aware of it. However the network being aware of an address has no effect on someones ability to create the same address. This is not a problem because there are 1.4*10^59 possible addresses. To give you an idea of how big a number that is there are 1*10^50 atoms in the Earth. So there are 1,400,000,000 times as many possible bitcoin addresses as there are atoms in the Earth.
|
1DCj8ZwGZXQqQhgv6eUEnWgsxo8BTMj3mT
|
|
|
Insti
Sr. Member
Offline
Activity: 294
Merit: 252
Firstbits: 1duzy
|
|
June 16, 2011, 05:23:14 AM |
|
So with all this talk about hacking, everybody is rightfully paranoid about their wallet.dat security.
I was thinking... wouldn't it be possible to generate a bitcoin address whilst OFFLINE/not connected to the internet? On a fresh ubuntu/linux install...
If you send the coins to that wallet after encrypting it securely and uploading it to a few remote cloud storage type services... and then sent some bitcoins to an address you had generated in the wallet... that wallet would still contain the coins you sent it correct? Even if it was NEVER connected to the network?
So that in 20 years if I wanted to access my "rainy day" fund, I could retrieve my wallet.dat file that had been encrypted on "the cloud", pop it into a bitcoin client, and my coins would magically appear? (After a massive block download wait I assume).
Am I right?
What is wrong with this idea? Anything?
I am only worried about trying it because it means I would never actually have any proof that the bitcoins were indeed in the wallet, if I never connected to the network that is.
Couldn't somebody else create a wallet and generate the same address as me, since I never told the network about my address?
There is nothing theoretically wrong with this suggestion. You can check that there are bitcoins in your wallet by checking the individual addresses in the blockexplorer. You only need the wallet if you want to spend the coins. I'd be most worried about cloud services being around in 20 years. and/or losing/forgetting my strong password |
|
|
|
|
|
gigabytecoin (OP)
|
|
June 16, 2011, 05:43:31 AM |
|
So with all this talk about hacking, everybody is rightfully paranoid about their wallet.dat security.
I was thinking... wouldn't it be possible to generate a bitcoin address whilst OFFLINE/not connected to the internet? On a fresh ubuntu/linux install...
If you send the coins to that wallet after encrypting it securely and uploading it to a few remote cloud storage type services... and then sent some bitcoins to an address you had generated in the wallet... that wallet would still contain the coins you sent it correct? Even if it was NEVER connected to the network?
So that in 20 years if I wanted to access my "rainy day" fund, I could retrieve my wallet.dat file that had been encrypted on "the cloud", pop it into a bitcoin client, and my coins would magically appear? (After a massive block download wait I assume).
Am I right?
What is wrong with this idea? Anything?
I am only worried about trying it because it means I would never actually have any proof that the bitcoins were indeed in the wallet, if I never connected to the network that is.
Couldn't somebody else create a wallet and generate the same address as me, since I never told the network about my address?
There is nothing theoretically wrong with this suggestion. You can check that there are bitcoins in your wallet by checking the individual addresses in the blockexplorer. You only need the wallet if you want to spend the coins. I'd be most worried about cloud services being around in 20 years. and/or losing/forgetting my strong passwordThis is my biggest worry as well. I have thought about this quite a bit. What kind of password can you create that is easy to remember, but hard to brute force? And even still... amnesia is a bitch. It would suck to get hit by a truck, memory erased, AND forget the password to your millions of dollars in bitcoins that are your only possible solution to the current problem. I know I am being paranoid but... I can't even remember my parent's birthdays or my own sometimes for that matter. I guess one solution would be to only store the flash drives in local bank's safety deposit box at which you had account information, and to leave the data unencrypted on the drive. Not too sure I even trust my bankers from not entering my safety deposit box however. That seems like too wide of a hole to leave open. |
|
|
|
|
MoonShadow
Legendary
Offline
Activity: 1708
Merit: 1007
|
|
June 16, 2011, 06:41:36 AM |
|
I guess one solution would be to only store the flash drives in local bank's safety deposit box at which you had account information, and to leave the data unencrypted on the drive. Not too sure I even trust my bankers from not entering my safety deposit box however. That seems like too wide of a hole to leave open.
two cheap (128 meg) usb drives, or even multiples for redundency. Wallet.dat file, equal amount of random bits. XOR the two together. Keep the original set of random data on one drive and the random-like output on the other. Destroy the wallet.dat file. Keep the two drives in physically secure locations, but in different ones. For example, one could be in a safety deposit box, the other in your file at your attorney's office. Or another safety deposit box at another bank. Gun safe at the house. Your dropbox account? You could have multiple copies of each, as long as they were never kept together. A thief could then steal one, and you would still have at least one copy of each to be able to recreate the wallet.dat file, and the thief would just have a thumbdrive with useless data. Mark each of the thumbdrives so that it's obvious what they are and which they are. Perhaps a sticker on each that says "codex" and "key". Both are necessary for recreating the wallet.dat file, forever; but it doesn't require that you remember a complex keyphrase, nor is it a very complicated process that can't be simply explained in your will. |
"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."
- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
|
|
|
Timo Y
Legendary
Offline
Activity: 938
Merit: 1001
bitcoin - the aerogel of money
|
|
June 16, 2011, 07:03:16 AM |
|
What is wrong with this idea? Anything?
In practice, the only thing that is wrong with this idea for me is that I tend to forget passwords that I don't use often. |
|
|
|
|
gigabytecoin (OP)
|
|
June 16, 2011, 07:06:30 AM |
|
I guess one solution would be to only store the flash drives in local bank's safety deposit box at which you had account information, and to leave the data unencrypted on the drive. Not too sure I even trust my bankers from not entering my safety deposit box however. That seems like too wide of a hole to leave open.
two cheap (128 meg) usb drives, or even multiples for redundency. Wallet.dat file, equal amount of random bits. XOR the two together. Keep the original set of random data on one drive and the random-like output on the other. Destroy the wallet.dat file. Keep the two drives in physically secure locations, but in different ones. For example, one could be in a safety deposit box, the other in your file at your attorney's office. Or another safety deposit box at another bank. Gun safe at the house. Your dropbox account? You could have multiple copies of each, as long as they were never kept together. A thief could then steal one, and you would still have at least one copy of each to be able to recreate the wallet.dat file, and the thief would just have a thumbdrive with useless data. Mark each of the thumbdrives so that it's obvious what they are and which they are. Perhaps a sticker on each that says "codex" and "key". Both are necessary for recreating the wallet.dat file, forever; but it doesn't require that you remember a complex keyphrase, nor is it a very complicated process that can't be simply explained in your will. This sounds like the idea of the year in terms of securing bitcoins. It's perfect. My only question is... is it at all possible to re-create a wallet.dat file from one half of it? Perhaps we will never know until it happens..? |
|
|
|
|
MoonShadow
Legendary
Offline
Activity: 1708
Merit: 1007
|
|
June 16, 2011, 07:09:29 AM |
|
I guess one solution would be to only store the flash drives in local bank's safety deposit box at which you had account information, and to leave the data unencrypted on the drive. Not too sure I even trust my bankers from not entering my safety deposit box however. That seems like too wide of a hole to leave open.
two cheap (128 meg) usb drives, or even multiples for redundency. Wallet.dat file, equal amount of random bits. XOR the two together. Keep the original set of random data on one drive and the random-like output on the other. Destroy the wallet.dat file. Keep the two drives in physically secure locations, but in different ones. For example, one could be in a safety deposit box, the other in your file at your attorney's office. Or another safety deposit box at another bank. Gun safe at the house. Your dropbox account? You could have multiple copies of each, as long as they were never kept together. A thief could then steal one, and you would still have at least one copy of each to be able to recreate the wallet.dat file, and the thief would just have a thumbdrive with useless data. Mark each of the thumbdrives so that it's obvious what they are and which they are. Perhaps a sticker on each that says "codex" and "key". Both are necessary for recreating the wallet.dat file, forever; but it doesn't require that you remember a complex keyphrase, nor is it a very complicated process that can't be simply explained in your will. This sounds like the idea of the year in terms of securing bitcoins. It's perfect. My only question is... is it at all possible to re-create a wallet.dat file from one half of it? Perhaps we will never know until it happens..? Not from have of what I described. This is basicly the digital version of the Vernon Cypher, the only cryptographic method that has been proven to be secure from brute force attacks forever. Even a quantum computer couldn't do anything with it. |
"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."
- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
|
|
|
|
cuddlefish
|
|
June 16, 2011, 07:10:11 AM |
|
This sounds like the idea of the year in terms of securing bitcoins. It's perfect.
My only question is... is it at all possible to re-create a wallet.dat file from one half of it? Perhaps we will never know until it happens..?
If the 'key' flash drive is truly random, it's PROVABLY SECURE. against any form of computer (quantum, etc.) it's called a one-time-pad. |
|
|
|
|
|
BubbleBoy
|
|
June 16, 2011, 08:31:02 AM |
|
To simplify, when you are making a transaction you are basically saying: this here money is claimable by whoever knows the magic password.
The magic password is a ECDSA key pair that is best stored on a computer, but it theory it could be memorized (256bit, a random sentence of 25 English words). Since no one can prove you know a password, no one can prove you own the amount. Once you write the password down or leave it on the computer it was generated, things get a bit more tricky, but not unmanageable if you practice safe hex and computer hygiene.
|
|
|
|
|
flug
|
|
June 16, 2011, 11:33:55 AM |
|
So that in 20 years if I wanted to access my "rainy day" fund, I could retrieve my wallet.dat file that had been encrypted on "the cloud", pop it into a bitcoin client, and my coins would magically appear? (After a massive block download wait I assume).
Oh the anticipation! |
|
|
|
|
|
