Bitcoin Forum
November 15, 2024, 03:17:43 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: What's a stolen wallet good for?  (Read 1123 times)
Domchi (OP)
Sr. Member
****
Offline Offline

Activity: 529
Merit: 271


View Profile
July 31, 2011, 08:04:46 PM
 #1

There's one thing I'm curious about, but don't know enough to be able to answer it.

I'm aware what happens if your wallet.dat file gets stolen - someone can spend your bitcoins.

However, what happens if somebody has the old copy of your wallet.dat? That is, what happens if someone gets your wallet.dat which doesn't contain one or more recorded transactions because they happened after the copy was made?

I suppose that he cannot spend the bitcoins which were already spent after the old wallet.dat was created. From what I understand, the bitcoin network takes care of that. If my assumption is correct, does that mean that if someone gets hold of your wallet.dat file, and you're aware of that, it becomes a race - who can transfer the bitcoins first, and whose transaction gets accepted by the network?
molecular
Donator
Legendary
*
Offline Offline

Activity: 2772
Merit: 1019



View Profile
July 31, 2011, 08:05:51 PM
 #2

There's one thing I'm curious about, but don't know enough to be able to answer it.

I'm aware what happens if your wallet.dat file gets stolen - someone can spend your bitcoins.

However, what happens if somebody has the old copy of your wallet.dat? That is, what happens if someone gets your wallet.dat which doesn't contain one or more recorded transactions because they happened after the copy was made?

I suppose that he cannot spend the bitcoins which were already spent after the old wallet.dat was created. From what I understand, the bitcoin network takes care of that. If my assumption is correct, does that mean that if someone gets hold of your wallet.dat file, and you're aware of that, it becomes a race - who can transfer the bitcoins first, and whose transaction gets accepted by the network?

you are correct.

PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0  3F39 FC49 2362 F9B7 0769
burp
Member
**
Offline Offline

Activity: 98
Merit: 10


View Profile
July 31, 2011, 08:18:10 PM
 #3

Though you should use a new wallet for a new address to send the funds to. As far as I understood it bitcoin keeps 100 addresses in advance in the wallet. So if you send your funds to some new address of the same wallet, if will be of course available to the thief too.
Bitportal
Newbie
*
Offline Offline

Activity: 10
Merit: 0


View Profile
July 31, 2011, 08:21:31 PM
 #4

There's one thing I'm curious about, but don't know enough to be able to answer it.

I'm aware what happens if your wallet.dat file gets stolen - someone can spend your bitcoins.

However, what happens if somebody has the old copy of your wallet.dat? That is, what happens if someone gets your wallet.dat which doesn't contain one or more recorded transactions because they happened after the copy was made?

I suppose that he cannot spend the bitcoins which were already spent after the old wallet.dat was created. From what I understand, the bitcoin network takes care of that. If my assumption is correct, does that mean that if someone gets hold of your wallet.dat file, and you're aware of that, it becomes a race - who can transfer the bitcoins first, and whose transaction gets accepted by the network?
Yep, you're correct.
Domchi (OP)
Sr. Member
****
Offline Offline

Activity: 529
Merit: 271


View Profile
July 31, 2011, 09:17:01 PM
 #5

Is the old wallet.dat of any use to attacker then? Will it be updated when all blocks are downloaded, or will any further transaction from it simply fail?

Burp's answer implies that it would be updated...
willphase
Hero Member
*****
Offline Offline

Activity: 767
Merit: 500


View Profile
July 31, 2011, 11:21:18 PM
 #6

Is the old wallet.dat of any use to attacker then? Will it be updated when all blocks are downloaded, or will any further transaction from it simply fail?

Burp's answer implies that it would be updated...

no, once all the coins are transferred from the wallet then any copies of the wallet with only the old private keys (and not the new keys that the coins were transferred to) become useless... unless you had some vanity addresses that you were particularly proud of...

Will

iBitGuy
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
July 31, 2011, 11:23:02 PM
 #7

I have a question regarding this too. If you copy your wallet.dat to say, an sd card, and then delete it from your computer, is a new wallet.dat automatically generated by the bitcoin client so you can try and transfer the coins before the thief does?
willphase
Hero Member
*****
Offline Offline

Activity: 767
Merit: 500


View Profile
July 31, 2011, 11:31:29 PM
 #8

I have a question regarding this too. If you copy your wallet.dat to say, an sd card, and then delete it from your computer, is a new wallet.dat automatically generated by the bitcoin client so you can try and transfer the coins before the thief does?

Yes - the bitcoin client will automatically generate a new wallet if the wallet.dat doesn't exist in the bitcoin directory (%appdata%\bitcoin on Windows, .bitcoin on linux).  As part of generating a new wallet you'll get a new set of receiving addresses, so you can transfer your bitcoins to one of those to secure them.

Will

iBitGuy
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
July 31, 2011, 11:43:50 PM
 #9

^ Thanks! I wasn't sure if it automatically created one or if we needed to do something in order for a new one to be created.
Domchi (OP)
Sr. Member
****
Offline Offline

Activity: 529
Merit: 271


View Profile
July 31, 2011, 11:47:50 PM
 #10

no, once all the coins are transferred from the wallet then any copies of the wallet with only the old private keys (and not the new keys that the coins were transferred to) become useless... unless you had some vanity addresses that you were particularly proud of...

Will

What if not all coins are transferred? Or there is a new payment to one of old private keys?

Because if the old version of wallet.dat cannot "catch up", then stolen wallet.dat is not such a big problem; if you manage to make new transaction before the thief does, you might as well continue to use it. And the wallet is not stolen by copying, but by the first successful transaction the thief makes.
bitprotection
Member
**
Offline Offline

Activity: 103
Merit: 10



View Profile
July 31, 2011, 11:49:39 PM
 #11

There's one thing I'm curious about, but don't know enough to be able to answer it.

I'm aware what happens if your wallet.dat file gets stolen - someone can spend your bitcoins.

However, what happens if somebody has the old copy of your wallet.dat? That is, what happens if someone gets your wallet.dat which doesn't contain one or more recorded transactions because they happened after the copy was made?

I suppose that he cannot spend the bitcoins which were already spent after the old wallet.dat was created. From what I understand, the bitcoin network takes care of that. If my assumption is correct, does that mean that if someone gets hold of your wallet.dat file, and you're aware of that, it becomes a race - who can transfer the bitcoins first, and whose transaction gets accepted by the network?

Yes, this is correct. It is the same if you were to erase your wallet and I have a copy of it and give it back to you everything is fine.

Working on protecting the community!
Maged
Legendary
*
Offline Offline

Activity: 1204
Merit: 1015


View Profile
July 31, 2011, 11:55:53 PM
 #12

Is the old wallet.dat of any use to attacker then? Will it be updated when all blocks are downloaded, or will any further transaction from it simply fail?

Burp's answer implies that it would be updated...
The wallet is updated when it detects new transactions (as in ones that it hasn't seen) to one of the addresses that the wallet has the private key for. By default, the client keeps 100 extra keys, so if you transfer all of the coins from the stolen wallet into a "new" address in the same wallet, the thief will still have access to them. That's why we recommend generating a completely new wallet if you suspect that your's was stolen.

willphase
Hero Member
*****
Offline Offline

Activity: 767
Merit: 500


View Profile
July 31, 2011, 11:56:17 PM
 #13

no, once all the coins are transferred from the wallet then any copies of the wallet with only the old private keys (and not the new keys that the coins were transferred to) become useless... unless you had some vanity addresses that you were particularly proud of...

Will

What if not all coins are transferred? Or there is a new payment to one of old private keys?

Because if the old version of wallet.dat cannot "catch up", then stolen wallet.dat is not such a big problem; if you manage to make new transaction before the thief does, you might as well continue to use it. And the wallet is not stolen by copying, but by the first successful transaction the thief makes.

if there are any coins left sent to addresses that match matching private keys in the stolen wallet, then these will continue to be stealable.

Your best bet is to send the complete balance of the stolen wallet to a newly created address in a new wallet as soon as you know the wallet is compromised.

However, remember that any transactions that are sent to the old wallet (e.g. you had a donation address in your forum signature, you forgot to update it, and people sent you a donation for being so helpful on the forum) would continue to be open to being stolen.  But then if you saw transactions to the old wallet in blockexplorer (or e.g using my app... smooth sales pitch!) then you could just transfer these out as long as you transferred them before the thief did...

In theory, a more intelligent bitcoin client could do this automatically - i.e. it could automatically recycle of your coins through new keys every week/month, meaning that anyone with a copy of your wallet (or they found your old USB stick) wouldn't be able to do anything with it.  This would be analogous to PGP subkeys in many respects.  It would mean issues for people sending you coins on your old addresses though, since they are likely to use old addresses.  I would imagine this would be of more use to a high volume wallet such as an exchange or an online store, which typically has short lifetimes on generated public key hashes anyway.

Will

Domchi (OP)
Sr. Member
****
Offline Offline

Activity: 529
Merit: 271


View Profile
August 01, 2011, 07:39:55 AM
 #14

Thanks, that makes sense.

To summarize, there is hope to recover bitcoins for those who have their wallet.dat stolen if they still have a copy, but you still have to take care that neither your wallet.dat or your old backups are stolen.
willphase
Hero Member
*****
Offline Offline

Activity: 767
Merit: 500


View Profile
August 02, 2011, 08:29:44 PM
 #15

Is the following a good practice?  Does it make sense?  Is anything redundant?  Where are we as a people?

1: After I've done enough mining to make some BTC, I payout to a wallet ('mining') that I have moved into the 'datadir' from a safe, secure place.

2: I then send 'mining' balance to a separate wallet ('savings') generated by the Bitcoin client beforehand, and kept far away in a concrete box under The Greenbrier.

3: I shut down the client and replace 'mining' with 'savings' in the 'datadir'.

4: I restart the client and let it update blocks and transactions.

5: I shut down the client and move 'savings' back to its microbe-free vita-chamber deep within Cheyenne Mountain.

6: I restart the client and create a shiny new 'mining' wallet, and then move it back to a safe, secure place.

7: I shred any old 'mining' wallets and update my mining site to deposit to the new 'mining' wallet.

8: Repeat steps 1-7 every payout, and maybe refresh the 'savings' wallet every so often.

Both wallets are protected by four HIV-positive, three-legged homeless pitbulls. (Actually, they reside on a TrueCrypted USB drive.)

Neither wallet ever stays on my hard drive longer than the time it takes to TCB.

Any thoughts?

You don't need to have a wallet online ( in fact, the wallet.dat doesn't even need to physically exist ) for payments to a public key hash to succeed and be included in the block chain.  I suppose what I'm saying is that once you have enough bitcoins in your 'cash' wallet to cope for buying stuff e.g. Meze Grill lunches, then you can safely pay yout bitcoins from your mining pool into a 'savings' wallet that doesn't ever have to be mounted.  If you ever need more cash in your 'cash' wallet then just pay from your pool to there.  If you totally run out, then dig up/create your savings wallet and transfer some bitcoins to your 'cash' wallet.

Will

Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!