Bitcoin Forum
January 24, 2018, 05:23:20 AM *
News: Electrum users must upgrade to 3.0.5 if they haven't already. More info.
   Home   Help Search Donate Login Register  
Pages: [1]
Author Topic: Securing wallet.dat  (Read 716 times)
Offline Offline

Activity: 5

View Profile
January 14, 2012, 09:37:10 PM

Hi there,

my idea is to create a Linux VM, move my wallet.dat to it - and then make it read only.

The Bitcoin folder is in a volatile file system.

Would that work?

Would I create (too much) additional network traffic since all my blkxyz.dat files are created from scratch every time I boot up my VM ?

Would that be unfair on all the other Bitcoin users that permanently store those blk.dat files ?

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Hero Member
Offline Offline

Posts: 1516771400

View Profile Personal Message (Offline)

Reply with quote  #2

Report to moderator
Full Member
Offline Offline

Activity: 210

View Profile
January 14, 2012, 09:51:20 PM

That makes no sense.

Why would you go to such drastic measures when you can encrypt your wallet with a passphrase using the bitcoin client?
Choose a decent passphrase and you're good to go.
Just please make sure your machine stays malware-free, ok?

Remember that if your main machine gets infected, a VM running inside it might not protect you.
A VM can be used with great success to contain a threat, not to keep a threat already present in the parent machine outside.

There is no gain in keeping the block chain on a volatile FS and re-downloading it all the time.
Keep the block chain on the persistent FS and limit your worries to the wallet file.

Also, why make the wallet file read-only??
The client will want to write changes to your wallet with every transaction you make and "read" is the only privilege the malware really needs.

If built-in AES encryption doesn't seem enough, you could always use TrueCrypt and mount your Serpent-Twofish-AES-encrypted wallet using the command line.
Alternatively, you could keep the wallet on a LUKS-encrypted volume. This way you can have multiple keys and revoke them if necessary.
Or, use the good-old gpg for securing the wallet further.
There are countless possibilities.
Full Member
Offline Offline

Activity: 203

Gir: I'm gonna sing the Doom Song now..

View Profile
January 15, 2012, 09:03:01 PM

Anybody who can copy or read your wallet.dat can transfer all your money to any bitcoin address he wants.
Therefore you should use the wallet encryption feature include in the standard bitcoin client.

Programming tutorials, Tools, Games & Humor
My Vircurex referral code for persistant 0.05% trade discount: 750-33267 or use
Pages: [1]
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!