SgtSpike (OP)
Legendary
 Offline
Activity: 1400
Merit: 1005
|
 |
May 12, 2011, 03:10:14 AM |
|
I know that many of you wouldn't trust a company to store your wallet information in any shape or form. But, I would like to ask that those of you who WOULD be interested, tell me what features/requirements you would like to see in such a service.
For example:
- REQUIRE files to be pre-encrypted on the client end by some 4096-bit standard encryption process. Would need to be easy and accessible to even the most noobish of computer users
- After verification that the wallet file is encrypted, accept it as an upload
- Further encrypt the file on the server end.
- Hash filenames, and insert 50,000+ fake wallets with hashed file names as well. (would this help though?)
- REQUIRE strong passwords to access accounts/wallets
- If requested prior to wallet upload, can add in optional proof of ownership, to where a person would have to talk to the company directly to retrieve their wallet.
- Storage facility with server(s) would be under lock and key at all times.
- Daily physical offsite backup of all data, also under lock and key.
- Complete drive and server redundancies (RAID5 on two separate servers storing the same information)
I wouldn't trust any online host to do this, so I would do it all myself. That's why I am talking about specifics with hardware setups, etc.
Thoughts? Bad idea/good idea? Any security features to add/remove?
|
|
|
|
|
|
|
|
"There should not be any signed int. If you've found a signed int
somewhere, please tell me (within the next 25 years please) and I'll
change it to unsigned int." -- Satoshi
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
Enochian
|
|
May 12, 2011, 07:29:27 AM |
|
I know that many of you wouldn't trust a company to store your wallet information in any shape or form.
If the wallet is encrypted, then the security of where it is stored is immaterial. You don't need to both encrypt it, and then store it in Fort Knox. I gpg encrypted my wallet with a password, and stuck a copy in the file area of a Yahoo Group I own. I also printed out the private key and address for each wallet key on a sheet of paper, and hid the paper somewhere in my residence. Since bitcoin generates 100 keys in advance of use, if push comes to shove, I can get my coins back, even months from now, should some disaster befall my computer hard drive. Beyond that, I'm not particularly worried about my bitcoins getting blackholed due to some unforseen circumstance. I doubt there is any market for extreme offsite wallet storage. |
|
|
|
|
SgtSpike (OP)
Legendary
Offline
Activity: 1400
Merit: 1005
|
|
May 12, 2011, 07:47:33 AM |
|
I know that many of you wouldn't trust a company to store your wallet information in any shape or form.
If the wallet is encrypted, then the security of where it is stored is immaterial. You don't need to both encrypt it, and then store it in Fort Knox. I gpg encrypted my wallet with a password, and stuck a copy in the file area of a Yahoo Group I own. I also printed out the private key and address for each wallet key on a sheet of paper, and hid the paper somewhere in my residence. Since bitcoin generates 100 keys in advance of use, if push comes to shove, I can get my coins back, even months from now, should some disaster befall my computer hard drive. Beyond that, I'm not particularly worried about my bitcoins getting blackholed due to some unforseen circumstance. I doubt there is any market for extreme offsite wallet storage. So the encryption you use is 100% unbreakable? I thought all encryption could be broken, given enough time... Oh well then, if that's the case, you're probably right - there wouldn't be much market for this! |
|
|
|
|
|
vuce
|
|
May 12, 2011, 07:50:51 AM |
|
I know that many of you wouldn't trust a company to store your wallet information in any shape or form.
If the wallet is encrypted, then the security of where it is stored is immaterial. You don't need to both encrypt it, and then store it in Fort Knox. I gpg encrypted my wallet with a password, and stuck a copy in the file area of a Yahoo Group I own. I also printed out the private key and address for each wallet key on a sheet of paper, and hid the paper somewhere in my residence. Since bitcoin generates 100 keys in advance of use, if push comes to shove, I can get my coins back, even months from now, should some disaster befall my computer hard drive. Beyond that, I'm not particularly worried about my bitcoins getting blackholed due to some unforseen circumstance. I doubt there is any market for extreme offsite wallet storage. So the encryption you use is 100% unbreakable? I thought all encryption could be broken, given enough time... Oh well then, if that's the case, you're probably right - there wouldn't be much market for this! almost every encryption is breakable, but if the expected time to break it is 10^6 years who cares  |
|
|
|
|
dirtflower
Newbie
Offline
Activity: 8
Merit: 0
|
|
May 12, 2011, 07:56:49 AM |
|
I also printed out the private key and address for each wallet key on a sheet of paper, and hid the paper somewhere in my residence. Since bitcoin generates 100 keys in advance of use, if push comes to shove, I can get my coins back, even months from now, should some disaster befall my computer hard drive.
noob here - How do you find your private key and address for each wallet key? I was looking at the wallet.dat and it is binary? Also if you had to restore to a new computer from the print out how would you do that? |
|
|
|
|
SgtSpike (OP)
Legendary
Offline
Activity: 1400
Merit: 1005
|
|
May 12, 2011, 08:00:05 AM |
|
I know that many of you wouldn't trust a company to store your wallet information in any shape or form.
If the wallet is encrypted, then the security of where it is stored is immaterial. You don't need to both encrypt it, and then store it in Fort Knox. I gpg encrypted my wallet with a password, and stuck a copy in the file area of a Yahoo Group I own. I also printed out the private key and address for each wallet key on a sheet of paper, and hid the paper somewhere in my residence. Since bitcoin generates 100 keys in advance of use, if push comes to shove, I can get my coins back, even months from now, should some disaster befall my computer hard drive. Beyond that, I'm not particularly worried about my bitcoins getting blackholed due to some unforseen circumstance. I doubt there is any market for extreme offsite wallet storage. So the encryption you use is 100% unbreakable? I thought all encryption could be broken, given enough time... Oh well then, if that's the case, you're probably right - there wouldn't be much market for this! almost every encryption is breakable, but if the expected time to break it is 10^6 years who cares Good point.  |
|
|
|
|
|
vuce
|
|
May 12, 2011, 08:04:45 AM |
|
I also printed out the private key and address for each wallet key on a sheet of paper, and hid the paper somewhere in my residence. Since bitcoin generates 100 keys in advance of use, if push comes to shove, I can get my coins back, even months from now, should some disaster befall my computer hard drive.
noob here - How do you find your private key and address for each wallet key? I was looking at the wallet.dat and it is binary? Also if you had to restore to a new computer from the print out how would you do that? afaik wallet.dat is in fact a berkeley db file. |
|
|
|
|
|
Enochian
|
|
May 12, 2011, 01:30:29 PM |
|
noob here - How do you find your private key and address for each wallet key? I was looking at the wallet.dat and it is binary? Also if you had to restore to a new computer from the print out how would you do that?
There's a wallet dumping feature in Gavin's Bitcointools. You'll need to make a small edit to print the entire private key record in hex. The private key is 32 bytes at the beginning of the PRIKEY records, after some fixed bytes that are the same for every record. The public key is an 04 byte followed by a big endian coordinate pair produced by Elliptic Curve Point Multiplication of the private key by G, the generator. The address is the base58 encode of the checksummed RIPEMD160 SHA256 of the public key with a zero prepended. Checksums are the first four bytes of a double SHA256 of the record being checksummed. The public key is also the last 65 bytes of the private key record, which is a nice check you haven't made a mistake. If I needed to make a new wallet, I'd probably hack something together in Python. |
|
|
|
|
LanceRushing
Newbie
Offline
Activity: 6
Merit: 0
|
|
May 12, 2011, 06:04:32 PM |
|
Look at the details on how lastpass handles storage of the user's password database.
They are supposedly near a million users, all who trust a browser plugin to encrypt and upload all of their stuff.
I don't think the majority of the current bitcoin users will need (or want) to use a wallet storage option, but the rest of the world would.
-Lance
|
|
|
|
|
|
compro01
|
|
May 12, 2011, 11:15:57 PM |
|
simple & secure method for wallet backup cd ~/.bitcoin && mcrypt -a serpent wallet.dat && curl --upload-file "wallet.nc" http://ftp://ftp.walletbackup.com --user username:password enter passphrase : *************** So the encryption you use is 100% unbreakable? I thought all encryption could be broken, given enough time...
technically yes (a brute force attack will always work, given enough time), but for the purposes of modern encryption algorithms (AES, Serpent, etc.), "enough time", barring massive undiscovered weaknesses in the algorithm or an incredible leap in computing power, is longer than the expected lifespan of the universe. |
|
|
|
|
|
