There are a lot of threads on how to better secure the wallet, but there doesn't appear to be a consolidated thread about the possible scenarios users should be paying attention to. Or maybe I was searching the wrong way
So I'm putting together a list and hopefully it will serve as a starting point for people to chip in to create a list that any bitcoin user, developer or site owners offering Bitcoin payments etc could keep in mind when using, developing or offering bitcoin related service?Personal SituationsUn-encrypted Wallet Theft
While encrypted wallet is planned for release, this is currently still a concern. This situation implies that an unauthorized person manages to get a copy of the wallet.dat and can therefore manipulate the bitcoins in the wallet.
Situations this can occur
- Trojan/Wallet stealer infected computer
- Unsafe backup to an unencrypted storage such as a USB drive or emailing to oneself.
- Use wallet encryption, use encrypted media for offline storage.
- Do not use unverifiable software
- Run regular virus scan. This may not catch the newest trojans but usually heuristics detection should catch suspicious activity. However, this doesn't stop a user from marking a new wallet program as safe without knowing it's not.Encrypted Wallet Theft
Similar to unencrypted wallet theft, however as wallet is encrypted, the thief would not be able to use the wallet. However, for the same reason the theft can occur, the encryption may be useless. See next.Theft of password
User may have encrypted their wallet. But the same mechanism allowing the wallet theft renders the encryption useless.
- Trojan/Wallet stealer also key logs so the password was already captured.
- Third party wallet encryption software is actually a stealer
- Shoulder Surfer noting down the password and have easy physical access to the backup or computer.
- As with normal password entry, never do it with somebody looking over your shoulder.
- Scanning system regularly is helpful but not guaranteed to defeat all possible trojans/rootkits/etc
- Software which uses onscreen keyboard may help reduce the effectiveness of keyloggers.Theft of Private Key
A trojan on the user system could steal the private key from memory while bitcoind is running.
- No end user solution available, needs to rely on underlying OS to isolate memory from applications
Fundamentally, if the user's system contains a trojan, security methods are effectively nullified regardless of encryption. The use of a USB bootable OS to update/operate the wallet may be the only way around this, but this implies the standalone OS is trustable. Storage Failure
The media that the wallet is stored on, is lost. E.g. dead HDD, dead or lost thumb-drive.
- Keep multiple copies. However, this is in itself be a security risk as the channels by which the wallet can be stolen increases. Encryption can mitigate the consequences but see above for possible negation of the encryption. Also does not help recovering newer coins if the backup does not contain the newer addresses. This issue may be negated by the development of deterministic wallets but may also open up issues of surveillance/tracking.Physical Attacks
This covers situations where the user is physically attacked/targeted in order to gain access to his Bitcoins. This can be government action such as sending agents to seize your assets, or just your friendly neighbourhood drug addict discovering that he can buy drugs with Bitcoins and decides he could make you give them up using a violence.
- None as at this point, may even worsen situation for user since this can lead to coercion cryptanalysis i.e. torture to extract the password. Furthermore, even if the user has given up the password, the uncertainty due to use of plausible deniable encryption may lead to continued torture in the belief that the user may have other bitcoin wallets encrypted or hidden.Online/eWallet Related LostService Shutdown
Online service shuts down or run away, effectively losing the eWallet.
- Do not use an eWallet but this may not be practical or conveninent
- Store minimum amounts in eWallet, again depending on your usage, this may not be convenient or practical
- Require online service provider to send you a backup copy of your wallet. However, depending on how their eWallet is implemented, this may not be possible or they may not be willing to do so. In addition, this transfers the risk factor back to those listed in "Personal Situations"Service Hack
Online service is hacked, e.g. MtGox or MybitCoin so coins are actually transferred away.
- Similar to service shutdown, but having a backup wallet is useless in this case because the thief may have sent the coins already by the time its discovered.Service Fraud
The service is ran by fraudulent admins who had planned from day one to steal everything once worthwhile.
- None except not using the service. But it's difficult to tell who is intending to defraud since the best fraudster would do their best to come across as trustworthy since day 1 to ensure maximum incoming usage and minimize suspicions.Online password theft
Similar to password theft in "Personal Situations" but measures indicated for offline security are not practical since the passwords has to be sent in order for the online service to be used.
- Ensure the service runs on SSL to avoid MITM (man in the middle, see below) theft
- Use of multi-factor authentication such as Yubi-keys (see MITM below) or SMS verification.
Fundamentally, not using an eWallet is the only safeguard against online bitcoin theft. However, it may not be convenient or practical for some usage scenarios. Man in the middle
Man in the middle refers to somebody inserting themselves into the communications chain and therefore can see and possible edit information being sent/received. E.g. a trojan may set itself up as a transparent proxy on the user's system and therefore can alter outgoing transactions such as changing the recipient address to their own.
- As with other situations, the first step is ensuring the system is clean. However, Depending on where the man in the middle is interception traffic, there may not be effective solutions. E.g. if your network (at company level, or even local ISP level) admin is fraudulent, he can set up monitoring for activity on the bitcoin port. So ensuring your system is clean does not defeat him listening on.
- Require SSL connection to online bitcoin service provider. This is the standard way to defeat MITM attacks as outlined in the previous point. However, if the site uses self-signed cert, it may be possible to trick an user into accepting the usual warning of a uncertified cert but one that belongs to the MITM instead of the the site itself.Wrong Addresses
Sending bitcoin to the wrong address.
- Double check recipient address before sending. No use if due to successful MITM attack.
- Mitigate losses from large transactions by sending test transactions but may incur transaction fee. Verify against the blockchain that the actual accepted transaction goes to the correct address before sending remaining amount. Might be too tedious for average user.