Securing your Bitcoins against death, amnesia or prison.

[beckspace]

How to secure save Bitcoins and pass them to beloved ones after death, amnesia, imprisonment etc.

1) Use truecrypt to encrypt your wallet.dat (strong passphrase) Or use the new version (0.4).

2) Make several copiesand leave or send a copy to your geek friend / dad / son / grandson / attorney / wife etc. Keep in mind that they will not have the passphrase so you're secure.

3) Set up a scheduler sender of emails to send a PGP encrypted email with the passphrase and instructions to open the file. (1 year from now I think it's good).

All this without printing wallet private keys in paper, without using safe boxes or vaults, without worrying about my passphrase in plain text out of my sight.

The person which you'll send a future PGP encrypted email has to understand, of course,  the PGP system to communicate. Teach the person you want to leave your Bitcoin how to communicate using PGP.

Your passphrase will be encrypted in the schedule email, so no third party will be able to read it.


You'll have to remember to always reschedule the email, otherwise the people you choose will receive the informations. If this happen you'll have to hope that they warn you and you can make all over again.

Another scenario would be the 3rd party reschedule email provider somehow gets the private key of your trusted party and decrypt the message. Perhaps you set up a one-use PGP yourself to your trusted party and give them in plain text, in an envelope, so when the message arrives they don't even have to remember the private key to open it.


PS: I know that this strategy helps "hoarding". Well, I think that for Bitcoins to succeed, besides help each other with ideas, people has to have confidence in the system so they can buy or mine Bitcoins and leave in their will. I hope that secure strategies of proper hoarding helps the community and the economy. We are old people too.

Critics and comments appreciated. Thanks.

[1713935316]

1713935316

[1713935316]

1713935316

[1713935316]

1713935316

[jago25_98]

Perhaps instead of PGP you could divide the key into (2?) parts, sending the mail to 2 different people. People are more honest when there's another person there. Send these mails to a second group in case one of the original pair loses their email (i.e they were one of those idiots who used a non portable email from their ISP). Alternatively perhaps it could be written into a Will and sent out by mail on death.

Also, do we know of more reliable email scheduling? This thing might have to survive for hundreds of years.

I think it's got to be very useful for protection from extortion too if it can be designed so even us ourselves don't have access. For example putting half of the key out of reach to us somehow?

[casascius]

Here is a "for dummies" product I plan to introduce soon.

I am working on a non-denominated gold-plated bearer bar that looks expensive but isn't.  On it is a hologram with embedded private key.  The bar comes with 0 BTC and the hologram explicitly says "zero BTC" on it.  But there's an address on it and a space where you can put (engrave, or sticker) your own denomination.

Someone who wants to save BTC can send their BTC to the bar and stick it in their safe.

The whole point of the bar is that it looks valuable.  Someone's heirs will treat it as such, and will probably store it or look for a way to sell it to somebody, exactly as if it were gold.  On the other hand, a flash drive in an envelope with a bunch of instructions about "TrueCrypt" and "PGP" will, in my opinion, probably get disregarded as not worth the trouble by most non-technical people (your mileage may vary - everyone's family is different).

On the other hand, while you are still alive, it's cool and novel to have a safe full of bitcoins - that looks like a safe full of gold bullion.

[zillagod]

Here is a "for dummies" product I plan to introduce soon.

I am working on a non-denominated gold-plated bearer bar that looks expensive but isn't.  On it is a hologram with embedded private key.  The bar comes with 0 BTC and the hologram explicitly says "zero BTC" on it.  But there's an address on it and a space where you can put (engrave, or sticker) your own denomination.

Someone who wants to save BTC can send their BTC to the bar and stick it in their safe.

The whole point of the bar is that it looks valuable.  Someone's heirs will treat it as such, and will probably store it or look for a way to sell it to somebody, exactly as if it were gold.  On the other hand, a flash drive in an envelope with a bunch of instructions about "TrueCrypt" and "PGP" will, in my opinion, probably get disregarded as not worth the trouble by most non-technical people (your mileage may vary - everyone's family is different).

On the other hand, while you are still alive, it's cool and novel to have a safe full of bitcoins - that looks like a safe full of gold bullion.

I would buy this.

[beckspace]

Send these mails to a second group in case one of the original pair loses their email

I liked the idea of 2 groups of people.

Someone who wants to save BTC can send their BTC to the bar and stick it in their safe.

The whole point of the bar is that it looks valuable.  Someone's heirs will treat it as such, and will probably store it or look for a way to sell it to somebody, exactly as if it were gold.

I'm trying to eliminate the need for a vault (for several reasons). And I'd like to release access to the Bitcoins after death/amnesia/prison. Not before.

On the other hand, a flash drive in an envelope with a bunch of instructions about "TrueCrypt" and "PGP" will, in my opinion, probably get disregarded as not worth the trouble by most non-technical people (your mileage may vary - everyone's family is different).

If Bitcoins are valuable, it's worth to follow the instructions.

[beckspace]

I think it's got to be very useful for protection from extortion too if it can be designed so even us ourselves don't have access. For example putting half of the key out of reach to us somehow?

Yes, you can always reschedule an encrypted email for yourself with the private keys, saving and protecting a part of your Bitcoins for the future. It's like a true savings account. Great outcome!

But this only works if you, after send the future message, can't access the contents anymore. (Perhaps only change the date of arrival, just for later, not earlier.) And you can set each date change a limit, like 5-10 years later max. So nobody (attacker) can force you to set the date for, like, 100 years and make you lose your coins.


You can set more than one future email provider, just in case. And set the time you want to be protected (even from you).

If you change your mind, you'll have to turn off the automatic rescheduler and wait for the message at the last chosen date.

[maaku]

casascius, it would be nice if you would custom make them to a specified denomination (while keeping the write-in field in case more coins are added), or at least get rid of the zero value. That way someone won't mistake it as a novelty item.

[casascius]

casascius, it would be nice if you would custom make them to a specified denomination (while keeping the write-in field in case more coins are added), or at least get rid of the zero value. That way someone won't mistake it as a novelty item.

I will have a 100 BTC denomination available as well, with the 100 BTC amount on the hologram and also factory stamped into the bar, but I will insist on shipping that one pre-loaded, and then having the shipment tracked/secured/insured/registered.  If it has a casascius hologram (other than one that says zero BTC), it needs to unconditionally contain the BTC as claimed.  The zero BTC version is for those who would rather load their own, which yes, makes it more of a novelty item.  Which version you get depends on what worries you more: how the bar looks, or whether it will get lost with your BTC on its way.  At least I can say this: the "zero BTC" notation will be relatively small.

Actually, it will say zero, but it will really go out with 0.01 BTC so that the firstbits of the bar's partially visible address gets staked in advance.

[beckspace]

It's interesting to be able to set up a wallet that even yourself don't have access for a certain period of time, with limited/no trust in 3rd parties or biometric access.

Since attackers would know of the existence of this procedure, it will lessen the probability of an extortion. They will have to hold you hostage for enough period to raise suspicion, raising the complexity and success of the attack:


http://xkcd.com/538/


"I remember one of my ethics in computer science classes, we had a "guest speaker" from campus security, did consulting with the cops, etc. One smart ass in class was going on about how his hard drive and email and everything was all encrypted and how he was safe. The speaker takes a piece of paper, tears up a strip and rolls it into a little tube, colors the end red with a dry erase marker and tosses it to the student. The student goes, "what's this?" The speaker says, "your childs pinky finger. what's your passwords?" The student kinda turned white." rmarchildon
http://www.reddit.com/r/programming/comments/7ph6m/rubberhose_cryptanalysis_russian_name/c070ykh


Also, biometric dual-factor authentication would not be the preferable choice:

"They stripped Mr Kumaran naked and left him by the side of the road - but not before cutting off the end of his index finger with a machete."
http://news.bbc.co.uk/2/hi/asia-pacific/4396831.stm

Possible solution:
Set up an encrypted message for you some time in the future (who can make us this service/feature? exchanges? online banks? more than one would be preferable), erase it locally, and the 3rd party will ensure that you don't have access to the contents before the date set. you just have rights to reschedule it, for later (with a limit time). Keep in mind: you have the password to decrypt the message, but you don't have the message.

That way not even you have access to your money, but you decide for how long.

[jago25_98]

So, how do we actually make this happen? That is, we can register somewhere and time send an email to the future but if we ourselves have that knowledge, we can also cancel the sending.

So how do we make the command without allowing ourselves to undo it? hmm...

[beckspace]

You'll have just the rights to reschedule.

The system (3rd party) cannot give you access to cancel (it will erase your possibility of rescue), or view the message before the chosen date (maybe only the header/subject). This will protect you from a quick extortion.

For proper security, 2 or more of these providers are necessary (in case of one became compromised, shut down etc.) It's a slightly modified schedule mail system, after all.

[Andrew Bitcoiner]

Here is a "for dummies" product I plan to introduce soon.

I am working on a non-denominated gold-plated bearer bar that looks expensive but isn't.  On it is a hologram with embedded private key.  The bar comes with 0 BTC and the hologram explicitly says "zero BTC" on it.  But there's an address on it and a space where you can put (engrave, or sticker) your own denomination.

Someone who wants to save BTC can send their BTC to the bar and stick it in their safe.

The whole point of the bar is that it looks valuable.  Someone's heirs will treat it as such, and will probably store it or look for a way to sell it to somebody, exactly as if it were gold.  On the other hand, a flash drive in an envelope with a bunch of instructions about "TrueCrypt" and "PGP" will, in my opinion, probably get disregarded as not worth the trouble by most non-technical people (your mileage may vary - everyone's family is different).

On the other hand, while you are still alive, it's cool and novel to have a safe full of bitcoins - that looks like a safe full of gold bullion.

Very nice!  I know a customer of yours very impressed with your physical coins.

[TTBit]

Suggestion: Use Shamirs Secret Sharing Scheme (http://point-at-infinity.org/ssss/)

send it out to 15 people and require 7 to get together to make the code work. Give one to a co-worker, mom, college friend, lawyer, stock broker, waitress at favorite restaurant, the aunt you never visit, etc. If you die unexpectedly, they can assemble 7 of those 15 together to crack your code. These people would never get together otherwise.

[willphase]

Alternative just using bitcoin tech:

1.  create a transaction that sends your bitcoins from this address to your relative/uncle/family bitcoin address with an nLockTime set to one year in the future.

2.  give the signed transaction to your family

3.  In one year, your family can insert the transaction into the blockchain and it will get accepted.  If you decide that you are still alive/not in prison in one year, simply move the bitcoins from your current address(es) to a new address, and the transaction you gave to your family will not be accepted due to double spend protection.

Will

[Otoh]

I set up a strategy to secure save Bitcoins and pass them to beloved ones after death, amnesia, imprisonment etc.

1) Use truecrypt to encrypt your wallet.dat (strong passphrase, hidden volume, keyfiles etc.) Or use the new version (0.4).

2) Make several copies (including the cloud) and leave or send a copy to your geek friend / dad / son / grandson / attorney / wife etc. Keep in mind that they will not have the passphrase so you're secure.

3) Set up a BoomerangMail (or another kind of schedule sender of emails) to send a PGP encrypted email with the passphrase and instructions to open the file. (1 year from now I think it's good).

http://www.boomerangmail.com/

That's it.

...

Critics and comments appreciated. Thanks.

1K8aRWpf7vXrjRZShuAhyrvH4AvSXgZ1gy

Did you mean: http://www.boomeranggmail.com/  

[BkkCoins]

Alternative just using bitcoin tech:

1.  create a transaction that sends your bitcoins from this address to your relative/uncle/family bitcoin address with an nLockTime set to one year in the future.

2.  give the signed transaction to your family

3.  In one year, your family can insert the transaction into the blockchain and it will get accepted.  If you decide that you are still alive/not in prison in one year, simply move the bitcoins from your current address(es) to a new address, and the transaction you gave to your family will not be accepted due to double spend protection.

Will

This is cool. I didn't know about that. But it doesn't seem very workable with the current client.

The Bitcoin client really needs an "Advanced" tab with some of these special things including import key, import trx, etc. It has several advanced functions available that are lost to most users even if they are capable of using them.

BTW I've used Shamir's Secret (wikipedia link) before and it's a pretty viable way of distributing information requiring multiple people to co-ordinate access. You could share the password between your probate lawyer and several relevant family members, and even send one part via delayed email to ensure time release as well.

[willphase]

Yes it would be great to have a way to export and import signed transactions, and potentially a 'transaction builder' UI.

Will