How would you store >100 Bitcoins?

[bitcoinbitcoin]

Yes, what is unsafe about electrum?
Thanks for the input Justus!

One of the reasons i heard is that it has deterministic wallets with 160 bit seed, vs 256bit seeds in armory.
But armory is switching to 160bit, soon anyway (bip32 i think).
They say that 160bit, is big enough to make seed collisions "impossible" enough.

What other reason is Electrum less secure than armory, for storing/spending 10,000 btc?

Possibly the seed algorithm is less secure? Perhaps there are other technical shortcuts, because electrum was focused on ease of use and not security?

Is it because armory dev is more "trustworthy" than electrum dev?

I know many bitcoiners only trust gavin, and still only use the satoshi client (though fewer nowadays, because armory/electrum have built reputation).

Justus, can u send a link or describe the technical reasons why it is less private? or secure?
And what improvement to electrum do you need, to finally make the switch to electrum?
thanks!

[1714966611]

1714966611

[1714966611]

1714966611

[1714966611]

1714966611

[1714966611]

1714966611

[jbreher]

With Armory, you have a complete copy of the blockchain on your system. With Electrum, you do not. Electrum requires you to trust others to provide a true copy of the blockchain.

Ergo, Armory is more secure than Electrum.

Only you can decide whether the risk/reward is worth it.

My Armory install secures much more bitcoin than does my Electrum install.

[justusranvier]

One of the reasons i heard is that it has deterministic wallets with 160 bit seed, vs 256bit seeds in armory.
But armory is switching to 160bit, soon anyway (bip32 i think).

It's possible to use 256 bit seeds with BIP32, and I'm sure Armory will do that. The only reason Electrum uses smaller seeds is to make their word list shorter.

And what improvement to electrum do you need, to finally make the switch to electrum?
thanks!

The user interface for Electrum is... primitive compared to Armory. I couldn't even begin to list all the things.

[bitcoinbitcoin]

Hasn't electrum SPV been proven safe yet?
I thought the situation was similar to deterministic SEEDs?

Remember, when deterministic seeds first came out, people didn't completely trust the seeding algorithm, but nowadays, almost everyone blindy trusts SEEDS. right?

Won't there be a point where almost everyone trusts SPV?
What technically is needed for that to happen?

[justusranvier]

Hasn't electrum SPV been proven safe yet?

Maybe.

I'm more worried about it being private than I am worried about it being safe.

[zhinkk]

Honestly, please someone tell me how wrong this is: I would create an electrum wallet. Memorize the seed. Repeat it to myself everyday. and ALSO keep it on a piece of paper in two different locations in a safe or so.

I don't think I would record the entire seed in plain text on paper anywhere.  Maybe write down questions that only you and those you trust (heirs) would know the anwsers to, which would make up the seed.

I didn't think about that, sounds like a nice extra layer of security. But make sure the questions are easily answerable with the same answer every single time.

[shawshankinmate37927]

Honestly, please someone tell me how wrong this is: I would create an electrum wallet. Memorize the seed. Repeat it to myself everyday. and ALSO keep it on a piece of paper in two different locations in a safe or so.

I don't think I would record the entire seed in plain text on paper anywhere.  Maybe write down questions that only you and those you trust (heirs) would know the anwsers to, which would make up the seed.

I didn't think about that, sounds like a nice extra layer of security. But make sure the questions are easily answerable with the same answer every single time.

Yeah, you could include the proper format for the answers with the questions.  Something like, "What was the color, year, make, and model of the automobile dad used to keep in the garage? (colorYYYYMakeModel)"  with the correct response being "red1965ChevroletCamaro".

[lyth0s]

Honestly, please someone tell me how wrong this is: I would create an electrum wallet. Memorize the seed. Repeat it to myself everyday. and ALSO keep it on a piece of paper in two different locations in a safe or so.

If you're using it for cold storage just make sure to create the wallet on a live-cd or permanently offline PC. Also keep the the papers safe from other people viewing them. Otherwise that sounds fine.

[Sophokles]

Armory. With airgapped PC for cold storage.

[haploid23]

I just keep mine simple: one hotwallet and one offline cold storage.

I'll never bother to with a bunch of 1btc paper wallets, that's just more to manage, and sometimes transactions are more than 1btc.

[TrailingComet]

Offline paper wallets - spread across 15 to 20 addresses at least
Decentralisation is your friend, use it

[lyth0s]

Offline paper wallets - spread across 15 to 20 addresses at least
Decentralisation is your friend, use it

I could only imagine how difficult it would be to keep track of AND protect 15-20 paper wallets. Do you have a solution for those issues?

[e4xit]

Yes, what is unsafe about electrum?
Thanks for the input Justus!

One of the reasons i heard is that it has deterministic wallets with 160 bit seed, vs 256bit seeds in armory.
But armory is switching to 160bit, soon anyway (bip32 i think).
They say that 160bit, is big enough to make seed collisions "impossible" enough.

What other reason is Electrum less secure than armory, for storing/spending 10,000 btc?

Possibly the seed algorithm is less secure? Perhaps there are other technical shortcuts, because electrum was focused on ease of use and not security?

Is it because armory dev is more "trustworthy" than electrum dev?

I know many bitcoiners only trust gavin, and still only use the satoshi client (though fewer nowadays, because armory/electrum have built reputation).

Justus, can u send a link or describe the technical reasons why it is less private? or secure?
And what improvement to electrum do you need, to finally make the switch to electrum?
thanks!

Ar you able to use offline an offline machine as a signing agent with electrum now?

With my Armory setup I have a cheap netbook setup as an offline machine (wifi disabled in BIOS) which I then wiped and installed Ubuntu and Armory on. This machine is required to sign transactions I make on the online Armory machine. This way I think it is pretty unlikely (especially if yo uare not spending but only storing bitcoins) that coins can be lost due to online hack of any sort...

Of course you still need to backup your encrypted wallet file along with paper seed/chaincode but this can be done safely using m-of-n backup.

Bitcoins could still be lost through physical intimidation I guess... Can electrum offer similar? If it can that would be interesting...

[phillipsjk]

I don't think I would record the entire seed in plain text on paper anywhere.  Maybe write down questions that only you and those you trust (heirs) would know the anwsers to, which would make up the seed.

I disagree: you are much more likely to loose your funds if you try "encrypting" your only back-ups.

If you are worried about somebody reading the back-ups, use M of N keys in geographically separate locations; hopefully stored in a tamper-evident manner.

Yeah, you could include the proper format for the answers with the questions.  Something like, "What was the color, year, make, and model of the automobile dad used to keep in the garage? (colorYYYYMakeModel)"  with the correct response being "red1965ChevroletCamaro".

That sounds dangerously like a brain wallet. Do not use with funds you can reasonably secure with an actual randomly generated passphrase/seed.

The example has like (5+6+7+7=25) bits of entropy.
Disclaimer: that comic considers only web-server-limited online attacks. For brain wallets: if it is published, it is a poor passwordphrase.

[gtraah]

Here is a very simple and secure way No encryption.

Simply download bitaddress.org as its a java applet it will work offline... Or just log into while online, then Log off the network and internet and generate an address and Take a screen shot and then take this into Paint.

With paint Carefully cut the QR code Down the middle and separate making two halves, make sure it works by joining them back together in paint again - What I do is put 2 small points at the halfway point which helps me join them up again (make sure the points are away from the QR code so your not interfering with the pattern, anyway once you join them back up, scan to see if the private key comes up. If Yes GREAT... Now separate Half the characters making sure your not missing any... Once done Put them together and test. If it works Great.. You now have exactly 2 halves of a QR code and 2 halves of a matching Private key

Now save each half to a seperate file JPG..... and place each half on a USB Stick - EG;  1/2 QR + 1/2 Key = 1 USB & 1/2 QR + 1/2 Key = 1 USB  =2 USB sticks

Also Print these 2 halves on your home printer so it comes out of 2 A4 papers. Clear the printer job history. Test again by putting the 2 papers together and scan with your phone. Test the KEY . All good GREAT.

Now One half of the paper camouflage it with some writing scribbles , Notes, Phone numbers. And place it in a bible or any book in a book shelf with many other books around. Hide the matching USB Stick some where equally as good. As for the other half USB + 1/2 paper. Place in a safe. or somewhere HIDDEN.

If you are going to dig into this address every now and then , well for ease of use. Keep a complete copy of the QR code so its easy to scan , put this somewhere camouflaged , be creative!

I have done something but as above I also have a qr code hidden somewhere and camouflaged this QR code allows me to scan with Mycellium if I ever want to pull out some coins. Soon as I scan, I send some coins to one of my other addresses and then delete the Key again. (Mycellium is great for this) I also have my cold storage as a view ONLY address in Myellium, so whenever I scan the Priv Key it automatically adds it to the [view only] address making it a Send/Receive address, This is when I quickly send funds to my other address and then delete the key again (Back to view mode)  

[jonald_fyookball]

Honestly, please someone tell me how wrong this is: I would create an electrum wallet. Memorize the seed. Repeat it to myself everyday. and ALSO keep it on a piece of paper in two different locations in a safe or so.

I wouldnt keep it in paper in different locations -- thats more opportunities for it to get stolen.

Keep just one back up, hidden and encrypted somewhere. 

[jonald_fyookball]

Yes, what is unsafe about electrum?
Thanks for the input Justus!

One of the reasons i heard is that it has deterministic wallets with 160 bit seed, vs 256bit seeds in armory.
But armory is switching to 160bit, soon anyway (bip32 i think).
They say that 160bit, is big enough to make seed collisions "impossible" enough.

What other reason is Electrum less secure than armory, for storing/spending 10,000 btc?

Possibly the seed algorithm is less secure? Perhaps there are other technical shortcuts, because electrum was focused on ease of use and not security?

Is it because armory dev is more "trustworthy" than electrum dev?

I know many bitcoiners only trust gavin, and still only use the satoshi client (though fewer nowadays, because armory/electrum have built reputation).

Justus, can u send a link or describe the technical reasons why it is less private? or secure?
And what improvement to electrum do you need, to finally make the switch to electrum?
thanks!

Ar you able to use offline an offline machine as a signing agent with electrum now?

With my Armory setup I have a cheap netbook setup as an offline machine (wifi disabled in BIOS) which I then wiped and installed Ubuntu and Armory on. This machine is required to sign transactions I make on the online Armory machine. This way I think it is pretty unlikely (especially if yo uare not spending but only storing bitcoins) that coins can be lost due to online hack of any sort...

Of course you still need to backup your encrypted wallet file along with paper seed/chaincode but this can be done safely using m-of-n backup.

Bitcoins could still be lost through physical intimidation I guess... Can electrum offer similar? If it can that would be interesting...

Yes you can sign offline transactions with electrum

[justusranvier]

Here is a very simple and secure way

Do you know what any of those words mean?

So many people have lost bitcoins because they tried to roll their own overly-complex cold storage.

[keithers]

Armory.

Ive actually never used Armory. It downloads whole blockchain right?

[justusranvier]

It downloads whole blockchain right?

It talks to bitcoind, which does download the entire blockchain.