How does someone with a single wallet with 30k coins not feel vulnarable?

[Rampton]

I imagine very very nervous. I can't even imagine owning that many coins and would be pretty paranoid about still having access to them but wouldn't dare boot up the comp to check lol.

[PenAndPaper]

And perhaps 10,000 computers guessing at the private key?

I don't think you can find that many retards in this community....

[Saicere]

https://i.imgur.com/CzyO1yv.jpg

This image is misleading. You don't need to guess the true 256-bit private key that corresponds with the actual wallet. It is sufficient to compute any 256-bit private key whose public key hashes to the 160-bit RIPEMD hash present in the output script. Which is still infeasible, but a 2^160 address space is a completely different ballpark from a 2^256 one.

But before anyone starts worrying about that, if anyone had that kind of hashing power, at the current difficulty it is about 28 decimal orders of magnitude easier to calculate a block for the blockchain than to brute force a single 160-bit hash. In other words, no single address will ever be worth it, by a massive margin.

[spooderman]

How does someone with a single wallet (with all their coins in) not have an address that starts with a fucking 3? That's what I want to know.

multisig is for corporations, board members and other groups.

i dont trust anyone else with my hoard, so why would i give 2 other people the ability to play with my coins behind my back..

as for the vulnerability.. id feel more vulnerable holding a debit card with $18mill and a driving licence in my back pocket.. its easy to forge a driving licence if you have a real one to copy the details and just put the thief's face into the picture area.. then just stroll into a bank...

i feel more secure holding a bitcoin privkey
 

*facepalm*

You don't have to give the other private keys to other people.

You can have 3 private keys, instead of one.

Need two for any transaction to occur...

Keep one in a bank vault, one in a safe in your house, and encrypt the other one, cut it in half and store one half at a friend's place, and one and a parent's or another friend.

That is 100000000000x fucking less risky than just having one private key.

tl;dr multi sig is for EVERYONE that understands the concept of 2 factor authentication.

[InwardContour]

Mathematically it is very unlikely that  any computer will be able to "guess" the private key of the subject address. There is a much higher chance that the computer housing the private key somehow is compromised and signs a TX with the private key

[haploid23]

How does someone with a single wallet with 30k coins not feel vulnarable?

Why don't you ask satoshi? Or mtgox's "stolen" coins? Those amount to much more than 30k btc.

[BTCisthefuture]

I'd be nervous with that kind of money whether it's bitcoin, dollars, or something else.  If you use some common sense and have proper real life security you should be fine.

Like others said, the ability to crack that key is so far fetched right now.

[jc01480]

And perhaps 10,000 computers guessing at the private key?

I don't think you can find that many retards in this community....

You'd be very, very surprised.  The trick is, don't to after the guy everybody knows has a bundle.  Go after the guys talking about the guy with the bundle.  I wonder, if I announced my coins were on a certain sever at a certain IP address, would I get some unwanted suitors?  I may have I test that out in a honeypot.

[phillipsjk]

How does someone with a single wallet (with all their coins in) not have an address that starts with a fucking 3? That's what I want to know.

multisig is for corporations, board members and other groups.

i dont trust anyone else with my hoard, so why would i give 2 other people the ability to play with my coins behind my back..

I hope to upgrade my cold-storage to m of n signatures. I would be the one with access to all 3 keys, but they would be stored in 3 different locations.

[franky1]

*facepalm*

You don't have to give the other private keys to other people.

You can have 3 private keys, instead of one.

Need two for any transaction to occur...

Keep one in a bank vault, one in a safe in your house, and encrypt the other one, cut it in half and store one half at a friend's place, and one and a parent's or another friend.

That is 100000000000x fucking less risky than just having one private key.

tl;dr multi sig is for EVERYONE that understands the concept of 2 factor authentication.

i have my own ways of securing my stash. none of which involve friends or family securing my stuff...

[teukon]

How does someone with a single wallet (with all their coins in) not have an address that starts with a fucking 3? That's what I want to know.

Suppose that a 2-of-3 key storage system is in use.  Label the private key locations as A, B, and C and let p(A), p(B), and p(C) be the respective probabilities that these locations become compromised (within a certain time window related to checking/key-refreshing freqeuncy; compromised meaning either theft or destruction).  Suppose that A is far more secure than B and C, so much so that p(A) > p(B)p(C).  In this case, storing the bitcoins with a single key at A offers greater security.

[jonald_fyookball]

If I wanted to steal these 30k, I would not try to brute-force this address. I would simply try simple and efficient techniques like, say, home-jacking, kidnapping or some other "traditional" techniques. These old-fashioned methods work even on cold storages !

The main threat against one's wallet is a matter of pure common sense.
Did you use an online computer to generated your keys ? Or even worse, a website ?
Where do you store them ? Who knows where they are ?
Are they stored in a way they cannot be altered by the years ?
Even better: does someone KNOW you own these BTC ?

Personally, if I ever had to store such a fortune, I would have generated the private/public keys with an offline computer (without network hardware), wrote it down by hand (or engraved on metal or even stone, whatever...) double-checked, triple-checked, then destroyed the computer used to generate the key and hidden the keys in a safe place. A really safe place. Not my pocket, nor a safe in my house. And I would never, ever talk about it to anyone until I decide to spend it...

This.


But even still, I wouldn't put all the 30k in one wallet. I'd divide it up fairly small, just in case I were to lose a private key or something. That would make for a bad day. 

Separate wallets with separate points of failure linearly increase the
chances the some funds will be stolen, but
exponentially decrease the chances that ALL funds will be stolen.

[Este Nuno]

How does quantum computing change the game at all? I know Satoshi was aware of the potential of quantum computing and had mentioned it once or twice. Anyone know much about how it will affect bitcoin?

[jonald_fyookball]

How does quantum computing change the game at all? I know Satoshi was aware of the potential of quantum computing and had mentioned it once or twice. Anyone know much about how it will affect bitcoin?

Quantum computers are decades away from making any impact.  Bitcoin could be upgraded
to post-quantum cryptography in the future if necessary.

[DeathAndTaxes]

How does someone with a single wallet (with all their coins in) not have an address that starts with a fucking 3? That's what I want to know.

Suppose that a 2-of-3 key storage system is in use.  Label the private key locations as A, B, and C and let p(A), p(B), and p(C) be the respective probabilities that these locations become compromised (within a certain time window related to checking/key-refreshing freqeuncy; compromised meaning either theft or destruction).  Suppose that A is far more secure than B and C, so much so that p(A) > p(B)p(C).  In this case, storing the bitcoins with a single key at A offers greater security.

Well you can encrypted (BIP32) each of the multisig keys for added security.  For example I keep one of my multisig keys in a safety deposit box.  Sure it could be compromised but the probability that the box with be compromised AND the passphrase brute forced is remote.  The redundant systems are always a good idea.   Your house may be very secure.  You may even have a $50,000 safe protecting your cold storage private key but disasters do happen.  The loss of the key in a single key system would be catastrophic.  Lost funds are just as gone as stolen funds.

For the OP, if all you are worried about is the loss of a single key you can accomplish secure m-of-n redundancy without using on blockchain multisig.  Shamir's Secret Sharing is an algorithm which allows you to break a secret (i.e. a private key) into n pieces such that you need m of them to reconstruct the original secret.  The m and n can be decided at the time the shared secret is created and can be adapted to a number of needs.  Another secure but less flexible option is just to XOR multiple "subkeys" together to produce the full key.  It is deceptively simple but due to the nature of XOR even if an attacker has all the subkeys but one the security of the full key hasn't be reduced at all.

The tools for multisig are still a little rough and they were a lot more rough in the past.   Due to the limited support for multisig it is possible that some of those high value "single keys" while being encumbered by a single bitcoin private key are stored anywhere as a single complete key.  I used SSS over multisig but I switched recently to P2SH multisig because the tools had adapted enough that I felt comfortable using it.

[Beliathon]

Think about it. 30,000 coins. A public key that everyone knows about now. And perhaps 10,000 computers guessing at the private key? I'd feel vulnerable.

that is all

10,000 computers and still billions(or if not, then millions) of years away before they may hit a key.

Billions was correct.

[Este Nuno]

How does quantum computing change the game at all? I know Satoshi was aware of the potential of quantum computing and had mentioned it once or twice. Anyone know much about how it will affect bitcoin?

Quantum computers are decades away from making any impact.  Bitcoin could be upgraded
to post-quantum cryptography in the future if necessary.

Are there any articles or anything about the topic? It sounds interesting. I don't really know what the theories are regarding how they could potentially break SHA256. It sounds interesting though.

And also are there already people theorizing on a post-quantum cryptography?

[teukon]

Suppose that a 2-of-3 key storage system is in use.  Label the private key locations as A, B, and C and let p(A), p(B), and p(C) be the respective probabilities that these locations become compromised (within a certain time window related to checking/key-refreshing freqeuncy; compromised meaning either theft or destruction).  Suppose that A is far more secure than B and C, so much so that p(A) > p(B)p(C).  In this case, storing the bitcoins with a single key at A offers greater security.

Well you can encrypted (BIP32) each of the multisig keys. 

For example I keep one of my multisig keys in a safety deposit box.  Sure it could be compromised but the probability that the box with be compromised AND the passphrase brute forced is remote.

Yes, a practical enhancement, even under the simplifying assumption that the passphrase is stored at A.  My argument was only that 2-of-3 encryption is not necessarily more secure than vanilla encryption.  One needs assumptions about the relative security (and independence) of the three locations to make this deduction.

It seems unlikely to me that a person would have one location so much more secure than any others that my argument will apply.  A prisoner may qualify, who's mind may be far more secure against searches than anything external to their body.  I imagine that most people with 30k bitcoins will have access to a range of highly secure locations.

[Junkbarman]

This thread just gave me a great idea for a movie. 

[jonald_fyookball]

How does quantum computing change the game at all? I know Satoshi was aware of the potential of quantum computing and had mentioned it once or twice. Anyone know much about how it will affect bitcoin?

Quantum computers are decades away from making any impact.  Bitcoin could be upgraded
to post-quantum cryptography in the future if necessary.

Are there any articles or anything about the topic? It sounds interesting. I don't really know what the theories are regarding how they could potentially break SHA256. It sounds interesting though.

And also are there already people theorizing on a post-quantum cryptography?

wikipedia is your friend (sometimes)
http://en.wikipedia.org/wiki/Quantum_computer