Misplaced storage device with bitcoin Qt wallet.dat on it

[Altoidnerd]

In bitcoin Qt, I saved wallet.dat to a storage device which I cannot locate right now.  Nobody has taken my bitcoins, and I'm not even sure I have really lost the drive for good - the fact is, I don't know where it is right now.  My computer still works fine, the bitcoins are sitting in my wallet and I can transfer them out as I please.  

So what should I do now to ensure that IF somebody did find this copy of wallet.dat that they could not compromise me in the future?  

Edit:  I suspect I should transfer the coins out of the wallet and back in again.  Would that do the trick?

[DannyHamilton]

In bitcoin Qt, I saved wallet.dat to a storage device which I cannot locate right now.  Nobody has taken my bitcoins, and I'm not even sure I have really lost the drive for good - the fact is, I don't know where it is right now.  My computer still works fine, the bitcoins are sitting in my wallet and I can transfer them out as I please.  

So what should I do now to ensure that IF somebody did find this copy of wallet.dat that they could not compromise me in the future?  

Is the wallet.dat on the storage device protected with a strong pawwphrase?  If not, I'd advise starting a new wallet.  Suggestions on how to do so at the end of this post.

Edit:  I suspect I should transfer the coins out of the wallet and back in again.  Would that do the trick?

No, it would not.  If someone has access to your storage device and if the wallet.dat that is stored there is not protected by a strong passphrase, then they can gain access to any private key currently associated with any address in the wallet at the time it was backed up as well as the next 100 addresses that are ever used with that wallet.dat.  It would be safer to start a new wallet.dat and transfer all coins out of the current wallet into the new one.  You'll also want to let people know not to re-use any bitcoin address you've given them in the past for sending you bitcoins, since those addresses could potentially be compromised.


There may be other ways to do it, there may even be better ways to do it, but if I was going to start a new wallet.dat here's what I would do:

• Quit bitcoin-qt and wait for it to completely shut down.
• Make a copy of the current wallet.dat to wallet.bad
• List the contents of the bitcoin data directory to make sure that there is BOTH a wallet.dat AND a wallet.bad and that they are the same size
• Delete the wallet.dat

• Start up bitcoin-qt
• Bitcoin-qt will create a brand new empty wallet.dat with a new address, make a copy of that new address
• Create a backup of this new wallet.dat in a safe place (USB drive perhaps?)
• Quit bitcoin-qt and wait for it to completely shut down.
• Make a copy of the new wallet.dat to wallet.good
• List the contents of the bitcoin data directory to make sure that there is a wallet.dat AND a wallet.bad AND a wallet.good, and that the wallet.dat and wallet.good are the same size (and different size than wallet.bad)
• Delete the wallet.dat
• Copy wallet.bad to wallet.dat

• Start up bitcoin-qt
• Bitcoin-Qt will open your "bad" wallet.dat back up and you should once again see all your old addresses and bitcoin balance
• Send the entire balance to the new address that you copied from the new wallet.dat
• Wait until the transaction has at least 1 confirmation
• Quit bitcoin-qt and wait for it to completely shut down
• Delete wallet.dat
• Copy wallet.good to wallet.dat

• Start up bitcoin-qt
• Bitcoin-Qt will open your new "good" wallet.dat with the new address.  You should see your bitcoin balance

[b!z]

If the wallet.dat on the storage device has a weak passphrase or no passphrase, then you should use a different wallet. You can send all of your BTC to a new address that is not on the storage device.

[Altoidnerd]

Thanks.

Danny:  Could the process be simplified if I told you I have other wallets to hold my BTC in in the mean time?  e.g. send the BTC to external, non-qT wallet, nuke qT wallet, make qT give me a new wallet, transfer to new wallet?

Or is all the .bad .good action for me to ensure that a new wallet was created? 

[DannyHamilton]

Thanks.

Danny:  Could the process be simplified if I told you I have other wallets to hold my BTC in in the mean time?  e.g. send the BTC to external, non-qT wallet, nuke qT wallet, make qT give me a new wallet, transfer to new wallet?

Or is all the .bad .good action for me to ensure that a new wallet was created? 

The .bad action is to provide you a way to access any bitcoins that someone sends you if they accidentally re-use an address you gave them in the past.

This creates a copy of the wallet that you know is unsafe (which is why we've named it "bad"), but that you can temporarily load up if someone says, "Oh man, I know you said to use that new address that you gave me, but I accidentally sent the 150 bitcoins to that old address that you said wasn't good anymore."

If you have other wallets that can temporarily old the BTC while you are creating the new Bitcoin-Qt wallet, then you can simplify the steps to the following:

• Send your entire balance from Bitcoin-Qt to some other temporary holding wallet.
• Wait for at least one confirmation on the transaction
• Quit bitcoin-qt and wait for it to completely shut down.
• Change the name of wallet.dat in the Bitcoin data directory to wallet.bad (or perhaps wallet.20130929)
• Start up bitcoin-qt
• Bitcoin-qt will create a brand new empty wallet.dat with a new address
• Create a backup of this new wallet.dat in a safe place (USB drive perhaps?)
• Send the bitcoins back to Bitcoin-Qt using this new receiving address from this new Bitcoin-Qt

[Altoidnerd]

Alright thanks!  I'll do exactly this.

I had wallet.dat saved to an SD card that I kept in my laptop but now cannot find.  The struggle I think is to keep the backup safe but at the same time keep it updated.

[DannyHamilton]

Alright thanks!  I'll do exactly this.

I had wallet.dat saved to an SD card that I kept in my laptop but now cannot find.  The struggle I think is to keep the backup safe but at the same time keep it updated.

Unless you are doing a significantly large number of transactions per day, you probably only need to backup the wallet.dat once a month or so.  You can reduce that frequency further by setting the keypool size in bitcoin.conf.

About how many transactions do you SEND (not receive, just send) per month?

About how many times per month do you click the "New Address" button?

[Altoidnerd]

Only a handful of times, to both questions.  I think my desire to update the backup arose from a misconception that my backup of the wallet would be tied somehow to the wallet balance.

[DannyHamilton]

With the default settings of Bitcoin-Qt I generally backup when the sum of the transactions I send AND new addresses I create is approximately 25 since the last backup.  Then I keep copies of the 3 most recent backups.  This way if any one backup is damaged, lost, corrupted, or otherwise unusable, I've still got 2 other backups that are capable of accessing ALL of the bitcoins in my wallet.

The backup contains the ability to access every bitcoin stored at any address currently in use in the wallet as well as any of the next 100 addresses that the wallet uses in the future.  The wallet uses a new address (that it keeps hidden from you, but still needs to be counted since it is being used) every time you SEND a transaction.  It also uses a new address every time you click the "New Address" button.

[Altoidnerd]

Thanks very much, I appreciate it.  That all makes perfect sense.  I'm excited to start a fresh wallet anyway, with foresight, knowing all of this information.

I am having a slight technical difficulty completing the steps.

I'm using windows 7 64 bit.  What directory is wallet.dat in?  I can't find it in the directory c:\program files (x86)\Bitcoin\src  here's a screen shot of windows searching the directory http://imgur.com/u6737sA

[Altoidnerd]

I found the answer here--> https://en.bitcoin.it/wiki/Securing_your_wallet#Locating_Bitcoin_s_data_directory

Thanks for all your help!