What could cause an offline wallet.dat file to become worthless?

[canton]

What conditions would have to take place for a well-secured wallet.dat file to lose its meaning/integrity?

Scenario:

1) I transfer 100 BTC to a brand new wallet.dat which I've kept safe from snooping etc.
2) I burn the wallet.dat to CDR and stick it in a safety deposit box, and delete the original.
3) 10 years later, BTC still have value, so I download the latest bitcoin client and the current 2 terabyte or whatever blockchain file and try to load up my wallet.dat file

Will I still necessarily have my 100 BTC? If not, why not?

E.g. what if during the 10 year interim, a government brought 100,000 GPUs online and spoofed the blockchain into oblivion and the Bitcoin community had to come up with a new protocol? Any reason to believe that a pre-spoof-event wallet.dat file would still be legible/valid with whatever new protocol is brought online as a response to interference / quantum computing / cryptographic developments?

Apologies if this is a newbie question, but I couldn't find my answer searching this forum.

[1714839386]

1714839386

[1714839386]

1714839386

[1714839386]

1714839386

[1714839386]

1714839386

[1714839386]

1714839386

[1714839386]

1714839386

[jackjack]

• A government brought 100,000 (?) GPUs online and started mining his hidden blockchain before your transaction
• sha256 & ripemd160 being broken
• Doomsday

[joulesbeef]

yes the 100btc will still be there.

well that cdr would probably be toast, especially if you wrote onit with a sharpy and didn't buy achival cds.
Doesnt matter what the gov does, it could erase some of your transaction history but the coins would still be there.

Any reason to believe that a pre-spoof-event wallet.dat file would still be legible/valid with whatever new protocol is brought online as a response to interference / quantum computing / cryptographic developments?

Not sure if this is answerable. I guess I can say for sure, the answer is maybe.

you miught want to look over known weaknesses

[Callius]

CDs aren't made for long term storage, over 10 years the dye which indicates whats 1 or a 0 could bleed.

[FreeMoney]

yes the 100btc will still be there.

well that cdr would probably be toast, especially if you wrote onit with a sharpy and didn't buy achival cds.
Doesnt matter what the gov does, it could erase some of your transaction history but the coins would still be there.
 

If the government started mining from a block before the one containing his tx and that new chain keeps the lead and doesn't rerecord his tx the coins will not be there.

[Stephen Gornick]

sha256 & ripemd160 being broken

Though this would't likely be something that happens overnight.  At a minimum, checking in on things annually would probably be recommended.

Not just should the wallet be archived but kept also should be a bootable o/s installation to be able to read that wallet.dat as well.  It wouldn't be surprising that the client ten years from now might not even use the database engine (BDB) that today's client uses.

This was briefly discussed here:
 - http://bitcointalk.org/?topic=2348.0

[spruce]

Why trust the optical storage medium like that? Send the money to a paper bitcoin wallet. Paper lasts much longer, even regular paper let alone archival paper. For better security hand-code the private key with an unbreakable one-time code (see link in my sig).

[makomk]

Some government trying to spoof the blockchain into oblivion using masses of GPUs shouldn't cause your old bitcoins to become invalid unless it wipes out all bitcoins in existence. There are already periodic blockchain lock-ins that fix the block chain prior to that point in stone; if we need to change over to a new protocol whoever designs it could just lock-in the entire classic Bitcoin blockchain up to that point and build from there. Alternatively they could choose to start over from scratch, in which case all Bitcoins will be affected.

The only things that could cause a Bitcoin wallet that's been successfully stored for a long time to be invalid without invalidating all Bitcoins are a serious break in either elliptic curve crypto or SHA-256, or a deliberate consensus to invalidate them on the part of other Bitcoin users and mining pools. For example, if transaction volume gets too high mining pools and other full nodes might decide that storing the full blockchain is too expensive and throw away the older parts, either destroying older Bitcoins that have been sitting idle or making them increasingly hard to spend.

[canton]

For example, if transaction volume gets too high mining pools and other full nodes might decide that storing the full blockchain is too expensive and throw away the older parts, either destroying older Bitcoins that have been sitting idle or making them increasingly hard to spend.

First of all, thanks for everyone's replies. Although I wasn't really aiming for a discussion re: the survivability of various media, I hadn't considered hardcopy (paper) wallets before. Neat!

Anyway, Makomk, thanks for your insights. One followup question re: what happens if mining pools start ditching the oldest parts of the blockchain:

If I take a wallet out of storage from time to time and send its entire amount of BTC to a new wallet, am I correct in assuming these coins are essentially re-minted as "new" coins that appear later in the blockchain, circumventing this potential problem?

[Pieter Wuille]

If *anyone* forks off an older part of the block chain, to erase your precious transactions, the whole bitcoin community will notice. Many things can happens surrounding the block chain and the bitcoin's value, but it won't go unnoticed. Furthermore, even if that would happen, and allowed to pass, your own transaction that credited your offline address isn't necessarily invalid.

[kjj]

Anyway, Makomk, thanks for your insights. One followup question re: what happens if mining pools start ditching the oldest parts of the blockchain:

If I take a wallet out of storage from time to time and send its entire amount of BTC to a new wallet, am I correct in assuming these coins are essentially re-minted as "new" coins that appear later in the blockchain, circumventing this potential problem?

Your questions seem to come from a misunderstanding of the way this all works.  Don't feel bad, it is a big system and hard to get your head around.

There are no coins.

A transaction redeems one or more previous transactions, and has one or more outputs.  Redeemed transactions are redeemed as a whole, never in parts.  If the redeemed transactions have more value than the combined value of the outputs, the difference is a mining fee.

There is a safe way to discard old transactions, and that is to delete transactions that were redeemed more than X blocks in the past, where X is large enough that you feel confident that the chain can't be reverted that deeply.  Recent reports suggest that around 75% of old transactions could be pruned in this way.

If that isn't good enough, and some miners want to discard old transactions that haven't been redeemed yet, those miners will see transactions that attempt to redeem them as invalid and won't include them in new blocks.  This practice is unlikely to become dominant though, because they will be missing out on potential fees when those transactions are eventually redeemed, so other miners will have even more inventive to keep them.  Actually, I doubt that even a single miner will ever do unsafe pruning for that reason.

And yes, if you send your balance to a new wallet, the new wallet will have a newly created and verified transaction.  In that sense, the "coins" will be new.  In the other sense, either the coins still don't exist, or they are just as old as before.