Wallet Safekeeping - Best Practices

[Cryptofibe]

Hi,

I would like to obtain some clarification on what are the technical best practices to safekeeping wallets. I apologize for my newbieness on this matter, but I am looking for some clear and concise advice on the following:

a. If I understand correctly, our unique wallet data is held in wallet.dat -- this is the most important file that uniquely represents our identifier on the bitcoin network.

This would be my hypothetical question.

Let's pretend that I downloaded a fresh Bitcoin client, extracted my address. Then immediately backed-up my wallet.dat on some type of offline storage for example. Then placed this offline storage in a vault

If I was to send myself payments to this address and in 5 years for example -- I would place wallet.dat back into another Bitcoin wallet, would it catch-up and find all the payments that were ever sent to that wallet?

Essentially, my proposed approach is to instantiate the Bitcoin Client once to have a wallet.dat generated and to obtain the associated address. Delete the wallet.dat for this not to be active on a computer connected to a network. Then store offline (hack-proof), and simply use the address to bank coins.  

Are there any technical risks to this approach? E.g. Major Code changes that would negate such storage methodology?

Thanks in advance.

[voidmain]

If I was to send myself payments to this address and in 5 years for example -- I would place wallet.dat back into another Bitcoin wallet, would it catch-up and find all the payments that were ever sent to that wallet?

Yes, it will catch up.

IMO,
5 years of time, the HDD or USB stick could be corrupted in hardware level. Low probability but could happen.
Preparing 2~3 USB sticks and storing identical wallet.dat file will be safer to keep it long. Also, check both USB's condition once a month, by mounting onto "linux or mac, offline computer" I wouldn't consider windows as a safe computer.

Lastly, if you encrypted wallet file, 5 years could be long enough time to forget your own password. There's no such thing as "reset password". Be very careful not to forget.

[Cryptofibe]

If I was to send myself payments to this address and in 5 years for example -- I would place wallet.dat back into another Bitcoin wallet, would it catch-up and find all the payments that were ever sent to that wallet?

Yes, it will catch up.

IMO,
5 years of time, the HDD or USB stick could be corrupted in hardware level. Low probability but could happen.
Preparing 2~3 USB sticks and storing identical wallet.dat file will be safer to keep it long. Also, check both USB's condition once a month, by mounting onto "linux or mac, offline computer" I wouldn't consider windows as a safe computer.

Lastly, if you encrypted wallet file, 5 years could be long enough time to forget your own password. There's no such thing as "reset password". Be very careful not to forget.

I appreciate the response. This pretty much answers my question. Yes, of course multiple immediate copies on multiple external storage. Perhaps even burning a copy of wallet.dat, a copy in .rar and .zip of the same file over multiple dvd copies would achieve the same purpose.

What about code changes or even "forking" as I have seen with some Alt-Coins. Does that not require some changes to the wallet.dat to remain valid?

[Nancarrow]

You could also use deterministic wallets that generate a bunch of pseudorandom addresses from a random key. This is how electrum does it and I like their approach very much. You can just store a 12-word passphrase in your safe, or even just in your brain if you're careful (but brain+safe+completely separate USB keys somewhere is best).
Of course you have to be careful about how you're going to generate the random key for those. But I find dice work very nicely!

[n00dles0up]

I would backup on multiple different mediums. CD, USB, HDD, old SD cards. As well as store them in various locations like parents house, friends house, in-laws house etc

[voidmain]

If I was to send myself payments to this address and in 5 years for example -- I would place wallet.dat back into another Bitcoin wallet, would it catch-up and find all the payments that were ever sent to that wallet?

Yes, it will catch up.

IMO,
5 years of time, the HDD or USB stick could be corrupted in hardware level. Low probability but could happen.
Preparing 2~3 USB sticks and storing identical wallet.dat file will be safer to keep it long. Also, check both USB's condition once a month, by mounting onto "linux or mac, offline computer" I wouldn't consider windows as a safe computer.

Lastly, if you encrypted wallet file, 5 years could be long enough time to forget your own password. There's no such thing as "reset password". Be very careful not to forget.

I appreciate the response. This pretty much answers my question. Yes, of course multiple immediate copies on multiple external storage. Perhaps even burning a copy of wallet.dat, a copy in .rar and .zip of the same file over multiple dvd copies would achieve the same purpose.

What about code changes or even "forking" as I have seen with some Alt-Coins. Does that not require some changes to the wallet.dat to remain valid?

DVD-R or CD-R would be a good idea because they are cheap and guaranteed read-only.

I strongly believe bitcoin-qt source code contributors would do their best not to compromise old version wallet...
With many years, attackers may find a security hole, then dev team may have to compromise old version wallet file format. This case will be a very big news and dev team would announce proper wallet upgrade guide... I can't imagine more details for now...

If any attacker can hack bitcoin(or blockchain) by completely dominating dev team, so quickly that lots of wallets could be already stolen, that will be the end of bitcoin. Even alt-coins will lose trust that case. That could boost physical precious metal.

[kjj]

It is hard to beat paper for this application.

[antanst]

In five years, the CD's and DVD's you burned may be corrupt. Optical discs' quality isn't what it used to be. Of course, this varies from manufacturer to manufacturer. If you want to digitally store data, the most future-proof way would probably be to use multiple good quality SD cards.

If I was to send myself payments to this address and in 5 years for example -- I would place wallet.dat back into another Bitcoin wallet, would it catch-up and find all the payments that were ever sent to that wallet?

Keeping wallet.dat for long term storage is not a good idea. Although you will be able to extract your private keys even if the wallet.dat format changes in the future, it would be better to generate your private keys using vanitygen or bitaddress.org software (offline!) and store them into paper.

[light888]

Or you can tatoo your private key on your private parts 

[kjj]

In five years, the CD's and DVD's you burned may be corrupt. Optical discs' quality isn't what it used to be. Of course, this varies from manufacturer to manufacturer. If you want to digitally store data, the most future-proof way would probably be to use multiple good quality SD cards.

All types of flash memory are a bad idea for long term storage.  They discharge over time.

[antanst]

In five years, the CD's and DVD's you burned may be corrupt. Optical discs' quality isn't what it used to be. Of course, this varies from manufacturer to manufacturer. If you want to digitally store data, the most future-proof way would probably be to use multiple good quality SD cards.

All types of flash memory are a bad idea for long term storage.  They discharge over time.

Indeed. But they discharge extremely slowly. I can't think of a more reliable way to digitally store data.

[oscarg]

Heres my take....

Use Armory, create your wallet(s) etc,
https://bitcoinarmory.com/

Then do a "paper backup" of it.
The backups are "Deterministic" meaning they only have to be backed up once and will always work.

Purchase some some piece(s)/ingots/whatever of stainless steel ....
Something about the size of a credit card would be ideal... but depends how small you can engrave the numbers..
I would recommend getting the best quality steel possible, as you want it to last and cheap steel may have impurities..

These Stainless Steel Dog Tags  $5 each - but possibly a bit small
http://www.ebay.com/itm/Mens-Stainless-Steel-Flat-Blank-Military-Dog-Tag-Pendant-Ball-Chain-Necklace-/121101538317?pt=Fashion_Jewelry&hash=item1c3236d40d

Or maybe a piece of Stainless Steel plumbing like this  $54.95 for 4 of them
http://www.ebay.com/itm/Lot-of-4-NW-KF-50-Blank-Flange-Blind-Flange-Cap-Vacuum-Fitting-Stainless-Steel/271326364659?_trksid=p2047675.m1982&_trkparms=aid%3D333005%26algo%3DRIC.FIT%26ao%3D1%26asc%3D177%26meid%3D3698187346659690298%26pid%3D100009%26prg%3D1088%26rk%3D1%26rkt%3D5%26sd%3D331092260391%26

And then buy something like a set of these (Steel Alphabetic punch set) $18
http://www.ebay.com.au/itm/like/230881776683?lpid=87
It appears the paper backups only use the 26 alphabetic characters, but I have not confirmed that...
 
And spend an hour bashing the backup numbers onto the steel plate/ingot/whatever with a hammer.

Put them in a safe, in the attic, carve a small slot in the top of a door it can slide into,
or even nail them to the underside of your house.

Why Stainless Steel, rather than Titanium/gold/copper/brass/bronze etc etc?

Stainless steel does not rust or tarnish much and has a very high melting point (1500c/2750f)
so its very likely to survive a house fire.
Also its cheap, although that is not really important..

It will outlast anything else I can think of... It will probably outlive you and your money troubles

[etotheipi]

Heres my take....

Use Armory, create your wallet(s) etc,
https://bitcoinarmory.com/

Then do a "paper backup" of it.
The backups are "Deterministic" meaning they only have to be backed up once and will always work.
...

IMPORTANT: Make sure you can remember the password, and that you KNOW you will remember it in 20 years,
if you are unsure, then carve at least a hint into the ingot as well.

Armory paper backups are explicitly unencrypted.  The vast majority of people using the paper backups is because they forgot their wallet password.  If you need physical security, use Armory's "fragmented backup" feature to create multiple pieces and store them separately. 

[oscarg]

@etotheipi
Ah right. Thanks.
Ill edit.
Love the product BTW

Was I correct that the paper backups only use the 26 character alphabet?

For me this a the perfect use for a paper backup.

P.S.
Anyone with Euler in their avatar is OK by Me

[bitpop]

I think it only backs up 100 addresses still
Unless you use armory, your backup must be refreshed. This fact is kinda hidden

[oscarg]

I think it only backs up 100 addresses still
Unless you use armory, your backup must be refreshed. This fact is kinda hidden

Thats interesting. Where did you see that?
That would seem to be an important point to nail down.
With the multiple change addresses etc it would seem 100 addresses could be exceeded quite quickly on a busy wallet.

Agree re Armory, there are too many variables with anything else.

[bitpop]

I think it only backs up 100 addresses still
Unless you use armory, your backup must be refreshed. This fact is kinda hidden

Thats interesting. Where did you see that?
That would seem to be an important point to nail down.
With the multiple change addresses etc it would seem 100 addresses could be exceeded quite quickly on a busy wallet.

Agree re Armory, there are too many variables with anything else.

Yeah it's not really a promoted fact but fatal

https://en.bitcoin.it/wiki/Securing_your_wallet#Securing_the_Bitcoin-QT_or_bitcoind_wallet

[CryptKeeper]

All types of flash memory are a bad idea for long term storage.  They discharge over time.

Discharged sd cards? Never heard about it!

SD cards are the safest digital storage, much more reliable than CDs or DVDs. But better create an additional paper wallet from your private key, then you're completely covered.

[bitpop]

All types of flash memory are a bad idea for long term storage.  They discharge over time.

Discharged sd cards? Never heard about it!

SD cards are the safest digital storage, much more reliable than CDs or DVDs. But better create an additional paper wallet from your private key, then you're completely covered.

They need power every once in a while

Get these http://www.newegg.com/Product/Product.aspx?Item=N82E16800995117

[CryptKeeper]

All types of flash memory are a bad idea for long term storage.  They discharge over time.

Discharged sd cards? Never heard about it!

SD cards are the safest digital storage, much more reliable than CDs or DVDs. But better create an additional paper wallet from your private key, then you're completely covered.

They need power every once in a while

Get these http://www.newegg.com/Product/Product.aspx?Item=N82E16800995117

You're right about the sd cards, only last a few years... did'nt know that! 

M-Disks are great or you could take this: http://www.sandisk.com/products/usb/memory-vault/