Hello all,
I guess I'm not the first one outlining the following ideas. But I couldn't find exactly what I mean, so feel free to link me to existing threads or tell me why this was not implemented.
In all those "help me, a trojan/hacker stole my coins"-threads people suggest storing the savings wallet on an offline computer and connect it "just" if they need to send coins. It should be very easy to avoid going online for sending coins: just create the transaction on the offline computer, export the transaction to a file, import it on your online computer and send it out.
Most of the code for im- and export already exists [1], there just needs to be a user-friendly way of doing it.
I suggest adding the following features to bitcoin to enable a safe offline workflow:
a.) A function to export bitcoin addresses to a file and a function to import those addresses as "sending" addresses. (Optional - for convenience and to avoid typos)
b.) A function to export and import the keychain. (Optional, you can also copy the files manually for now).
c.) An option to create a transaction and save it to a file. (Necessary)
d.) A config file option like "offline=1". If set, the client would not try to connect to peers; creating a transaction would automatically open a "safe file" dialog, etc.
The suggested workflow:
i.) Setup a computer which will never be online with a fully encrypted operating system.
ii.) Create a new wallet.
iii.) Name a few addresses and export them to a file.
iv.) Import the addresses to the address book of the online computer.
v.) Send coins to these addresses whenever you like.
vi.) if you want to check your balance on the offline computer copy the blockchain to it.
vii.) if you need to send coins from the offline computer, create a transaction, save it to file and copy.
So, your private keys will never ever have to touch a computer which is online. IMHO this would be a big win for security. Of course you will have encrypted backups of your wallet.dat on USB sticks or CDRs or even printed out. If [2] ever gets implemented you have an almost perfectly secure and convenient system that let's you sleep well. The only attack vector I can think of is if someone breaks into your home while your offline computer is running. Or if you use an infected USB-stick to copy data and have autorun enabled (which Windows 7 doesn't do anymore by default, i think). There are countermeasures against all these attacks that can be collected on the wiki...
Please comment!
(I hope this will be implemented before I have accumulated 10 bitcoins
)
[1]
https://github.com/bitcoin/bitcoin/pull/220[2]
https://github.com/bitcoin/bitcoin/issues/286
