Bitcoin Forum
November 10, 2024, 10:34:44 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Bitcoin safe box  (Read 2438 times)
wumpus (OP)
Hero Member
*****
Offline Offline

Activity: 812
Merit: 1022

No Maps for These Territories


View Profile
November 18, 2010, 08:26:35 AM
 #1

Are there any good solutions for splitting your wallet, or having multiple wallets?

For example, take the hypothetical case that I had 1,000,000 BCs somewhere. I would be very scared that they would be stolen if stored on my computer, which is connected to the internet 24/7.

Let's say I wanted to store the bulk of them safely. In day-to-day payment I only want about 500 BCs around on my computer/phone. These are the ones that could be stolen if my computer was rooted.

I would want to have the other coins on an encrypted, isolated storage, and only connect it to my computer if I needed the coins, or wanted to put more coins into the safe.
 
Is this possible?

Bitcoin Core developer [PGP] Warning: For most, coin loss is a larger risk than coin theft. A disk can die any time. Regularly back up your wallet through FileBackup Wallet to an external storage or the (encrypted!) cloud. Use a separate offline wallet for storing larger amounts.
davout
Legendary
*
Offline Offline

Activity: 1372
Merit: 1008


1davout


View Profile WWW
November 18, 2010, 09:30:24 AM
 #2

Create a new wallet somewhere, generate an address, put the wallet offline, send the bulk to this address.
Your private keys will remain inaccessible since they're offline.

You can keep sending coins to the offline wallet at anytime, they'll show up in your balance whenever you use this wallet with an online client.

wumpus (OP)
Hero Member
*****
Offline Offline

Activity: 812
Merit: 1022

No Maps for These Territories


View Profile
November 18, 2010, 10:24:10 AM
 #3

Thanks man, that makes sense. So the only time the 'secure' wallet will have to be online is when taking coins out.

Although it would need to be online once in a while to pick up coins sent to it, otherwise they won't register.

I wonder if this can be done without having a direct connection to the internet. Could the 'public' host connected to the internet act as proxy, passing through just the coins/transactions to and from the 'secure' host, and nothing else? Without actually having the secret keys ever accessible to the 'public' host.

So basically I want all the network handling in the public host, and a simple receive/send coin protocol from there to the secure host. The secure host will have its own wallet, keys, which are impossible to access any way from outside, and expose just a very limited protocol.

Bitcoin Core developer [PGP] Warning: For most, coin loss is a larger risk than coin theft. A disk can die any time. Regularly back up your wallet through FileBackup Wallet to an external storage or the (encrypted!) cloud. Use a separate offline wallet for storing larger amounts.
davout
Legendary
*
Offline Offline

Activity: 1372
Merit: 1008


1davout


View Profile WWW
November 18, 2010, 10:59:43 AM
 #4

Although it would need to be online once in a while to pick up coins sent to it, otherwise they won't register.

Doesn't' work like this.

Your wallet holds a set of private keys, regardless of your wallet being 'online', the network will credit you with the coins.
You need to put your wallet online only to sign outgoing transactions with one of your private keys, the network will recognize the transaction as valid since it will be able to check the signature with the public key the balance is associated to.

So theoretically you wouldn't even have to ever go online with a massive wallet, you'd just have to sign a transaction on an offline box, and then take it to an online one to broadcast it.

You might have to download the up to date block chain to put on the offline box for the standard client to credit you the correct balance, that wouldn't be necessary with a custom client that would let you create transactions regardless of your balance.

Anonymous
Guest

November 18, 2010, 11:01:37 AM
 #5

Is it possible to truecrypt a volume on a remote server?

You could upload a copy of your wallet by secure vpn and store it securely. Not even the server admin could break into your files.
wumpus (OP)
Hero Member
*****
Offline Offline

Activity: 812
Merit: 1022

No Maps for These Territories


View Profile
November 18, 2010, 11:38:18 AM
 #6

Your wallet holds a set of private keys, regardless of your wallet being 'online', the network will credit you with the coins.
Thanks for the explanation. So how would I see how many coins are in the 'offline' wallet? Which key is needed for this, the public or private one?
Quote
So theoretically you wouldn't even have to ever go online with a massive wallet, you'd just have to sign a transaction on an offline box, and then take it to an online one to broadcast it.
Very cool.
Quote
You could upload a copy of your wallet by secure vpn and store it securely. Not even the server admin could break into your files.
Yes, but this would still allow full access with the truecrypt key, which would be on my PC. So a hacker with remote access to my PC could access everything. I'm trying to isolate the wallet as much as possible, so there isn't even a small bit of time in which a hacker could have full access to it.

Basically, like a safe, the secure box has a physical interface to send a transaction after authenticating me in some way. The network traffic from and to it should be limited as much as possible, most of the time it isn't even connected to my computer or the internet at all.

The only other piece of functionality that needs to be available is to see how much coins are in it, I don't mind if this is from a 'public' host or the secure host itself.  Although it would be strange pecularity of the bitcoin network if everyone can see your balance.



Bitcoin Core developer [PGP] Warning: For most, coin loss is a larger risk than coin theft. A disk can die any time. Regularly back up your wallet through FileBackup Wallet to an external storage or the (encrypted!) cloud. Use a separate offline wallet for storing larger amounts.
davout
Legendary
*
Offline Offline

Activity: 1372
Merit: 1008


1davout


View Profile WWW
November 18, 2010, 12:55:19 PM
 #7

The only other piece of functionality that needs to be available is to see how much coins are in it, I don't mind if this is from a 'public' host or the secure host itself.  Although it would be strange pecularity of the bitcoin network if everyone can see your balance.

Everyone can see the balance of any bitcoin address, this is by design.
Someone correct me if I'm wrong here, but I think multiple addresses can "own" the same coins, the first one spending them invalidates the coins on the other address, so that's why, in my understanding lightweight clients based on balance sheets can't check transactions validity for themselves.

However, if you use a new address for each transaction, or if you dispatch your coins on different addresses it'll be very hard to make a link between them.

Basically, all transactions are public otherwise the bitcoin protocol wouldn't be possible.

MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
November 18, 2010, 07:37:00 PM
 #8

I wonder if this can be done without having a direct connection to the internet.

Yes, this is how I do my bitcoin 'savings' account on a thumbdrive.  The entire program and all data is on the thumbdrive, and my computer at home is busted.  So I have to do any work on my 'savings' at the computer at work, which has a very effective firewall, that functionally prohibits bitcoin from doing anything.  So every so often I download a new copy of the blockchain with Explorer, and just swap the files onto the thumbdrive.  The client checks the new chain upon next startup, and finds any new coins that I have 'deposited' from my Mybitcoin.com account.

Of course, I have yet to figure out how to transfer out of my 'savings', but I'm sure that there is a way to pipe the transaction to a file.  At some point, such transactions should be able to move as email extensions, and the regular client should be able to import a transaction and incorporate it into the network in the normal way.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
November 18, 2010, 07:41:03 PM
 #9

The only other piece of functionality that needs to be available is to see how much coins are in it, I don't mind if this is from a 'public' host or the secure host itself.  Although it would be strange pecularity of the bitcoin network if everyone can see your balance.

Everyone can see the balance of any bitcoin address, this is by design.
Someone correct me if I'm wrong here, but I think multiple addresses can "own" the same coins, the first one spending them invalidates the coins on the other address, so that's why, in my understanding lightweight clients based on balance sheets can't check transactions validity for themselves.

Functionally, yes.  But more than one address cannot "own" the same coins in the blockchain, because the blockchain only records settled transactions.  A special transaction that could have multiple claims must remain outside of the blockchain until someone actually claims it, I believe. 

Balance sheets for lightweight clients are redundant anyway, and not just for this reason.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
theymos
Administrator
Legendary
*
Offline Offline

Activity: 5376
Merit: 13407


View Profile
November 18, 2010, 07:45:00 PM
 #10

Functionally, yes.  But more than one address cannot "own" the same coins in the blockchain, because the blockchain only records settled transactions.  A special transaction that could have multiple claims must remain outside of the blockchain until someone actually claims it, I believe. 

No; it's possible to create a transaction with a script that allows claim by any listed transactions. This is valid and would be included in the block chain.

There's even a special command in Bitcoin's scripting system that does this: OP_CHECKMULTISIG.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
ribuck
Donator
Hero Member
*
Offline Offline

Activity: 826
Merit: 1060


View Profile
November 18, 2010, 08:51:25 PM
 #11

Does "claim" mean "spend", when used as above by creighto and theimos?

In other words, there isn't any way to "claim" a coin without spending it, is there?
theymos
Administrator
Legendary
*
Offline Offline

Activity: 5376
Merit: 13407


View Profile
November 18, 2010, 08:58:20 PM
 #12

In other words, there isn't any way to "claim" a coin without spending it, is there?

Right. An coin/output can be referenced/claimed/spent one time.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
November 18, 2010, 09:45:21 PM
 #13

Does "claim" mean "spend", when used as above by creighto and theimos?

In other words, there isn't any way to "claim" a coin without spending it, is there?

The claimer could simply transfer the coins to a different address he already owns, which isn't really spending them.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
ByteCoin
Sr. Member
****
Offline Offline

Activity: 416
Merit: 277


View Profile
November 19, 2010, 05:16:58 AM
 #14

Everyone can see the balance of any bitcoin address, this is by design.
In the current block chain, all the transactions (with very few exceptions) are just plain transfers from one address to another. It's therefore easy for the client to work out the current balance but this is something just synthesized from the transactions. If lots of non-standard transactions existed it might be very difficult for the client to work out whether you could spend them and hence it would not be able to determine your balance.

so that's why, in my understanding lightweight clients based on balance sheets can't check transactions validity for themselves.
The idea of balance sheets has changed somewhat over time as I understood more about how the scripting functioned. In order to implement a full client while throwing away the most unecessary information, the balance sheet client has to keep all the relevant details of all the unspent transactions. When spent, they are forgotten. It also has to remember a certain number of past blocks.

If balance sheets were implemented then it would no longer make sense to have a fee based on transaction size. Instead the fee would be related to how much new information needed to be stored compared to how much could now be forgotten. It raises the prospect of people getting paid the fees to make the transaction!

Also, for clients using balance sheets the transaction rate would be limited by network bandwidth rather than the block size limits. One might imagine that miners using balance sheets might have a competitive advantage over traditional miners.
Bitcoin peers wishing to use the lower fee structure of balance-sheet based miners might neglect to forward their transactions to traditional miners. This might fracture the network somewhat but the issue is complicated and I will make a separate post about it.


ByteCoin
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!