Lost bitcoin because of the security update

[refikt]

I know that after a security update, all our coins were sent to a new address. I see that a notice is posted here, warning users to take new backups.  https://bitcointalk.org/index.php?topic=271846.0

I didn't know this and didn't take any backup after this update. But I had a backup prior to update and thought I was safe.

So after I lost my phones data, I restored my keys from backup and I saw that all coins are gone by an internal transaction. I guess this is expected. I don't have any other backup. Does this mean I lost all my bitcoins? Isn't there a way to restore them by my old key?

I would appreciate even a negative answer to have some closure. It hit me really hard.
There is a topic here which I couldn't get a clear answer. https://bitcointalk.org/index.php?topic=294971

[Andreas Schildbach]

I'm afraid this sounds like your coins are not spendable any more. Unless you somehow pull your "rotate keys" from the device. The app does quite a lot of internal backups of the keys, so if you're skilled in data recovery you might have a chance.

[refikt]

Thanks for showing a way. My phone was not opening up and I recovered it from a previous rom backup. Thats when I lost the keys.
Can you lead me a bit more? For example where does the app take the regular internal backups in terms of file path?

[Andreas Schildbach]

The files used are documented here:

http://bitcoin-wallet.googlecode.com/git/wallet/README

How does this ROM backup work? Does it do a factory reset? Does it overwrite your app-private storage sector by sector or does it maybe just unlink the files? That's information you need to know for data recovery.

[Mike Hearn]

IMO the app needs to be a lot more aggressive about making backups automatically (to the cloud) and reminding users to make manual backups whenever a key is added. There's no hint at all currently that adding an address means you need to make a new backup.

refikt, I hate to ask, but how much did you lose?

[Andreas Schildbach]

Auto-backup to the cloud needs to be enabled by the user, because she needs to encrypt her wallet first. But yes, at the same time we can ask for permission to upload (and probably set that checkmark by default).

There already is a hint at the bottom of the screen. Its there when you freshly install the app, vanishes of you (pretend to) make a backup and re-appear if you create a key (or the app automatically creates a key). All you need to do is actually read that hint and tap on it.

Shameless plug: issue 404 is currently blocking wallet encryption and - building on that - automatic backup to cloud.

[Mike Hearn]

Oh OK, I didn't realise that the hint re-appeared if a key is created. Then that should be OK.

I actually disagree about the requirement to encrypt before backup. I think a wallet should be uploaded by default. It shouldn't be possible to ever lose money by failing to make a backup, even if you only load a tiny amount of money in and don't care about it at the start. Maybe a year later you remember what you did and want to get the money back ... but too late.

Key rotation can be used when a password is set to invalidate the prior unencrypted cloud backups.

[Mike Hearn]

Thinking about it more, maybe the hint is too subtle. If a wallet was previously backed up, adding a key should probably automatically trigger the backup action immediately. There aren't any cases where you add a key and don't want to keep it safe, if you already made at least one backup.