Deep cold storage solutions for bitcoins ?

[BitcoinLaws]

Hi;

I'm looking for (geek !!) advises to help me, building the best bitcoins's deep cold storage protocol for my clients.  They ask me to be the "deep cold storage vault" trusted man for this.

But before doing so, I want to develop my own protocol, to be sure that it will be just the best for my clients. I believe that the perfect protocol should be a mix of technical AND human methods.

I'm OK with the "human" aspect, but need wise advises for the technical section. Thanks for your help.

Louis Sirois, lawyer
www.bitcoin-law.ca

[grau]

A "trusted man" is already a violation of security. Your customer would be more secure if they would learn about Bitcoin and cater it themselves like art on a pice of paper.

I understand however, that quite a few people want to own Bitcoin but are unwilling to learn and bear a risk they do not understand.

If you were entertaining the idea to store other people's money then (warning shameless plugs ahead)

1. get TREZOR(s)
and/or
2. find a company building you a multi signature wallet.

The TREZOR gives you a secure and simple environment of handling the Bitcoins, but they would be in your sole control. A multi signature wallet would allow you to split responsibility between humans so several people have to consent before money is moved out of the vault. One of them should be ideally the customer.

drop me a PM for further info if interested.

[BitcoinLaws]

Thanks for the advises ! Yes I saw TREZOR and it seems to be a great idea.

I still believe that "human factor" is having its place, since any good technology could be, sooner or later, be hacked by others. THE questioin is of course to choose THE good human.

[etotheipi]

This is precisely what Armory Bitcoin Wallet does.  Armory pioneered the entire cold-storage concept, and wallets that only have to be backed up once.  The two concepts together are extremely powerful: security from others and security from your own mistakes.

It's as good as you can get for a single-signature cold-storage system that is going to be used by non linux-geeks.  You can track your balances, request payments, and verify incoming transactions without compromising the security model.  And you can keep the offline portion of your wallet in a bank vault if you want to (stop by your safe-deposit box to boot the system and get your signature).  You can see more about it here:

https://bitcoinarmory.com/about/using-our-wallet/#offlinewallet

Armory will also be releasing its generic multi-signature interface to expand the security model in any direction you want.  It's quite powerful, but it's not in an official release (though it will be soon).

https://bitcointalk.org/index.php?topic=559776.0

Yes, when that is released, you could store all your coins in a 4-of-5 fund, with each key kept on a separate offline computer in a different bank vault.  We do this already for single-sig, Armory will enable for arbitrary multi-sig, as well!

[Bungeebones]

I will second that message about Armory. I've been using it over a year and have put it to the test. The best thing to say is that once you get to know it you'll be able to sleep again knowing your Bitcoin are safe.

Just a brief testimony:

I had the "Online" portion of Armory on a fairly new laptop with a "watch only" copy of my main holdings. And the video card went out. But because Armory can run on any PC I installed it on another, moved the watch only to it, and now I'll still have access to my Bitcoin while the laptop is off being repaired. Oh yeah, even though it is watch only I did remove the wallet from the laptop :-).

Armory is the best approach that I've seen. The only other thing to add is that I was able to do a lot more with the broken wallet by connecting the hard drive to another PC. I was able to do that because I run Ubuntu (Linux) which usually will run on any machine it is plugged in to while, if it had been on Windows, I don't think I would have been able to plug it in to another machine. That would have meant I was going to have to ship the laptop off to a factory with the Bitcoin in it or buy another hard drive before I did. Linux is a more secure operating system for Bitcoin than Windows IMO.

[NotFuzzyWarm]

<snip>
 The only other thing to add is that I was able to do a lot more with the broken wallet by connecting the hard drive to another PC. I was able to do that because I run Ubuntu (Linux) which usually will run on any machine it is plugged in to while, if it had been on Windows, I don't think I would have been able to plug it in to another machine. That would have meant I was going to have to ship the laptop off to a factory with the Bitcoin in it or buy another hard drive before I did. Linux is a more secure operating system for Bitcoin than Windows IMO.

As long as the drive is not encrypted Win xx would see the drive just fine aside from maybe having to go into Administrative Tools > Computer Management > Storage to get it recognized. Just don't try to boot from it...