Wallet Question

[kenstu22]

I'm trying to get my ignorant, noob head around how to create a cold wallet.

There seem to be more than one ways to skin this cat--and there are still things I don't understand--I am just wondering if the recipe I came up with below will do the trick.  Even if it is not the most efficient, since I understand it--if it would be very secure--I'd like to stay with this method--if someone knowledgeable approves.

I don't do many transactions--basically want to keep my funds very safe.

I downloaded Electrum (for Win 7)

Installed it (though it is an APP and not a program--which I don't really understand--but I can see that to get if off the computer you have to find it buried in a User file and delete it--as opposed to uninstalling it)

I got it set up backed up seed words and bar code thing to paper.  Later I will compress/encrypt everything using WinRAR and back that up to the cloud and an external hard drive.

I transferred $.1 BTC from my on line Blockchaine wallet.

I waited until it was confirmed.

I backed up the wallet.

I found wallet.dat file in a USER file by typing %appdat% into the windows search.  I moved that to my desktop, along with the Electrum app  and the file containing the backup seed information.

I compressed and encrypted all that using WinRAR and backed it up to the cloud and an external drive.

I deleted everything Electrum related from my computer, especially the DAT file.


The next time I want to do a transaction I will download the compressed encrypted files to my desktop--run the app, restore the wallet, do the transaction and repeat everything I described above.

IS this a  safe reliable method?

Also, what can  use to operate in a similar way for Litecoin.

Thanks much in advance.

BTW to DannyHamilton who replied to my last question--I just now saw your private reply--I was to ignorant to know to look in my private message area for your response--thought it would come to my email.  Thanks so much for your help.

[1714766831]

1714766831

[drwho88888]

I suggest using blockchain.info much more safe.

[piotr_n]

Are you sure that wallet.dat you found is the actual Electrum wallet?
I don't know Electrum, but wallet.dat in %appdat% seems more like a satoshi's wallet.
So maybe you backed up a wrong wallet.

Just try to recover (spend) it on a different PC - than you will see if your backup actually worked.
That's the best way.

[e4xit]

--Disclaimer -- I am not an expert, I have only learned what I write below through my own experience, please correct me on anything if I am wrong

Firstly, make sure on your blockchain.info account you enable 2 factor authentication of some sort, any sort. Right, now that your bitcoins should be pretty safe in the mean time, you can begin to make a cold storage wallet system which suits you...

I would recommend using a setup like this personally, but perhaps this will not suit you or not be economical for the number of BTC you hold... I think it is pretty much as safe as it gets right now (someone please correct me if I'm wrong).

I personally dont like your idea that much, as it includes having the private keys on an online computer, whcih means that they can, theoretically, be stolen when you use them to spend(send BTC), even if this is unlikely, the possibility remains. However, when you have them zipped and encrypted, they will obviously be safe from prying eyes, and it is good that you have a decent (cloud) backup of such a safe file.


I would try to keep your private keys away from any networks, using one of the two methods below:

My first question would be, are you planning on spending using this cold wallet, or just making it to store bitcoins for the foreseeable future? If you want to spend, then ideally, I would say, you will want a second computer (or perhaps a Trezor when these types of devices are released), lots of people use old or cheap netbooks for this purpose, which can be had for not much $$$. If you only want to store bitcoins, with no (intention) of spending them, then perhaps a paper wallet will be more suitable for your needs, if you would like not to spend any $$$ on this solution.

There are three main parts to a bitcoin transaction (tx); 1 - creating the tx, 2 - signing the tx (using the private keys of an address which owns BTC) and 3 - broadcasting the tx to the network.

The advantage of the netbook method is that step #1 (the tx is created) happens on (any) online machine, your normal day-to-day computer for example - this machine could be compromised with keyloggers and trojans in this case, then, step #2 happens on your secure, permanently offline 2nd computer (netbook/rasberry pi etc) which is known not to be compromised, step #3 then happens again on the online computer.
This has the advantage of ensuring that your private keys never touch a networked computer, and so cannot be stolen; theoretically you could lose bitcoins if a virus altered the tx as you created it during step 1, and you did not check the inputs and outputs before signing and broadcasting to the network, but such an exploit is not yet seen and easily avoided with minimal manual checking.

Obviously, for this method, you need two machines, which may or may not be a possibility for you...?

To create a paper wallet, it is possible to visit BitAddress and then to in your internet browser to go file, and then "save page as" and save it as a full HTML file. you can then run the scripts from that page while you are offline; turn off all wifi/network connections, to try to make your comp as safe as possible, and then reopen the saved version of the page, and generate desired number of paper wallets.
These can then be printed and stored in a fireproof safe somewhere safe (or safety deposit box) if you think necessary, or else the page printed to PDF or screenshotted, then zipped and encrypted as you are doing with the electrum wallet backup now, and put into the cloud.
This quick guide will show you how to import private keys and spend the funds on the paper wallet, if you dont know how...

Sorry for such a long rant, I just ran away with myself, and I never really answered your question fully so I will try now; I am not a computer security expert,but I dont like how your private keys are potentially visible to online attackers as you spend BTC. Apart from that it seems sound.

Make sure to test any method you use with small amounts of BTC (as you are doing) and practice "losing" your wallet file and restoreing from backup, to really check it work, before you send all your funds there.

Let me know if you want any help with the netbook method/installing ubuntu/armory etc

[monbux]

I would recommend you use blockchain.info or inputs.io both very trusted, and online.