Anonymous and Secure Bitcoin Wallet

[newbie9718]

Hi. I’m pretty new to bitcoins and I need some advice. My goal is to create a completely anonymous, reasonably secure bitcoin wallet. My plan is this:

1. Download the html page for bitaddress.org through Tor and transfer it to an encrypted offline computer using a USB stick.
2. Generate paper wallets using that page at the offline computer.
3. Send bitcoins through bitcoinfog to the public addresses of those wallets.
4. When I decide to spend the bitcoins, download Multibit through Tor and configure it to run through Tor. Then transfer the private key of whatever wallet I want to use from the offline computer using a USB stick and import it into Multibit.

To the best of my understanding this will allow me to have a completely anonymous and secure storage of bitcoins, without having to download Armory and the whole chain. So long as no one has physical access to my offline computer, the only bitcoins that I could possibly lose are those in whatever wallet I import into Multibit in the brief window before I send them out.
Does anyone see any problems with this plan or why it might not work?

Two specific questions that I have are:
1. If I generate a bitcoin paper wallet at an offline computer, I don’t need to take it online in any way until I want to withdraw the bitcoins, right? I can just send the bitcoins to the public address and they will be waiting there for me until I import the private key into a bitcoin client?
2. I read that configuring Multibit to work anonymously through Tor is as easy as pointing it to the Tor proxy. Is that true? Any security issues involved?

[DannyHamilton]

My goal is to create a completely anonymous, reasonably secure bitcoin wallet.

That's a very ambitious goal.  Complete anonymity is difficult to accomplish.

To the best of my understanding this will allow me to have a completely anonymous and secure storage of bitcoins,

I'm not convinced that bitcoinfog is beyond the ability of forensic accounting software to link the source bitcoins to the destination address.  Keep in mind also that when you send the bitcoins somewhere in the future, the person/company that you send them to may be able to identify you.  You then have the possibility of one person/company that provided you with bitcoins in the first place knowing something about you, and another person/company that accepted the bitcoins from you knowing something about you.  With some forensic accounting and enough time and computing power, it may be possible to link your initial receiving address to your cold storage address to your eventual "spending" address.

the only bitcoins that I could possibly lose are those in whatever wallet I import into Multibit in the brief window before I send them out.

If you're really worried about that you can use software to generate the rawtransaction on an offline computer and then transmit that rawtransaction from an online computer.

Does anyone see any problems with this plan or why it might not work?

Obviously it is important to keep the paper wallets secure from loss, damage, and theft.

1. If I generate a bitcoin paper wallet at an offline computer, I don’t need to take it online in any way until I want to withdraw the bitcoins, right?

Correct.  You don't even have to take it online to "withdraw" the bitcoins.  You could create and sign a rawtransaction offline and then safely take just the completed transaction online.

I can just send the bitcoins to the public address and they will be waiting there for me until I import the private key into a bitcoin client?

Correct.

2. I read that configuring Multibit to work anonymously through Tor is as easy as pointing it to the Tor proxy. Is that true? Any security issues involved?

I'm no expert in TOR, but it is my understanding that if you are not careful, it is possible to leak your identity.  Some common leaks are javascript, DNS lookups, Adobe Flash, and cookies.

I've never tried running MultiBit through TOR, so I'll leave that question for someone more knowledgeable than me to answer.

[newbie9718]

Thank you for your response! I'm going to repost this topic in general discussion to try and get more input.

[ATC70R]

 http://libertyblitzkrieg.com/2013/11/04/meet-dark-wallet-how-crypto-anarchists-will-store-their-bitcoins/

[adamw]

Hi,

Why do you not use an online Wallet like Blockchain. All you have to do is use VPN + SSH + vicSocks to create the wallet. Then you can just use an exchanger like virwox if you want to load your wallet with anonymous Paysafe Cards. If you receive or send BTC just use 1 or 2 shared wallets to wash your Bitcoins. But most importanly is to always surf anonymous through VPN + SSH + vicsocks. Also cash out can be easily done using certain exchanger and debit cards.

adamW

[Ondoma]

1. Download the html page for bitaddress.org through Tor and transfer it to an encrypted offline computer using a USB stick.
2. Generate paper wallets using that page at the offline computer.
3. Send bitcoins through bitcoinfog to the public addresses of those wallets.
4. When I decide to spend the bitcoins, download Multibit through Tor and configure it to run through Tor. Then transfer the private key of whatever wallet I want to use from the offline computer using a USB stick and import it into Multibit.

Make sure you visit https://bitaddress.org especially if you are using Tor as the exit node would be able to modify the content if you didn't.

You should also check the sha256sum of the html after you download it.

One obvious flaw is that the content of the website may be modified or the crypto or RNG used may be flawed.

The only other potential issue I could see is that you should make sure to use a new MultiBit wallet file for each private key you import as multibit has a very non-anonymous way of handling change, MultiBit seems to re-use change addresses.

[newbie9718]

The only other potential issue I could see is that you should make sure to use a new MultiBit wallet file for each private key you import as multibit has a very non-anonymous way of handling change, MultiBit seems to re-use change addresses.

Could you please elaborate on that? What do you mean by re-use change addresses?