Interesting ways to store your private keys for offline wallets

[TheFootMan]

You would also risk that the doctor would put in the incorrect screw in your arm (you would not be able to put them in yourself)

This is not a problem. Because of my religion, I can only use church certified screws. I'll have my friend, who's a priest in my church bless the screw, and then oversee the screwing as well, to ensure everything's screwed in tightly and properly.

[1713889253]

1713889253

[1713889253]

1713889253

[1713889253]

1713889253

[1713889253]

1713889253

[tzortz]

Split encrypted paper wallets.

[Spendulus]

Split encrypted paper wallets.

take a plasma torch, and cut the letters and numbers forming the key into a 6+ x  30" piece of 1/4" steel.  Triple check that you did it right, and that all the characters are correctly readable.

done.  

then if you want to go further, grind an edge on it, and using big rivets and a hammer, put a handle.

[g27wr]

While the majority of responses were less than helpful, although somewhat entertaining, I've come up with the following solution:

I have two offline wallets that split my BTC between the two. If something happens to one, I don't lose them all.

I have my public addresses as 'watch only' so I can monitor the balances.

I have my private keys stamped into metal that won't melt if the house burned down.

AND I have paper copies in another location, split up so you need both parts to complete the key.

I'm HODLing long term, so I wanted to be safe.

[TheFootMan]

While the majority of responses were less than helpful, although somewhat entertaining, I've come up with the following solution:

I have two offline wallets that split my BTC between the two. If something happens to one, I don't lose them all.

I have my public addresses as 'watch only' so I can monitor the balances.

I have my private keys stamped into metal that won't melt if the house burned down.

AND I have paper copies in another location, split up so you need both parts to complete the key.

I'm HODLing long term, so I wanted to be safe.

An interesting solution could be to PGP-encrypt the private keys, and print them on paper in base64 format,
then send the encrypted private keys to one entity, and send a copy of the private PGP key to another entity, none
of the entities know about each other.

If your house burn down, you contact the holder of the PGP privkey and uses it to decrypt the privkeys. Or even better,
have each of them hold encrypted privkeys and a private PGP key, that only works with the version the other entity has.

Scale up as necessary.

Another way could be to go into the woods and dig it into the ground. If they keys are stored properly, nobody should ever find it.
You could also encrypt the privkeys, and then put the pgp privkey somewhere else. Many possibilities..

[turvarya]

I am wondering where I can stamp something into metal on my own.
Asking a third party to do that for me, doesn't seem like a good idea.

[TheButterZone]

I am wondering where I can stamp something into metal on my own.
Asking a third party to do that for me, doesn't seem like a good idea.

http://sandiego.craigslist.org/csd/tls/4709990946.html

[BeatMo]

Have two PCs at home - one online, the other offline. Always keep your private keys in that offline PC. So do I

[turvarya]

I am wondering where I can stamp something into metal on my own.
Asking a third party to do that for me, doesn't seem like a good idea.

http://sandiego.craigslist.org/csd/tls/4709990946.html

So, I take this and a hammer to stamp it into steel? Sounds like hell of work.
Wouldn't I also need lower-case letters?

[vapourminer]

http://sandiego.craigslist.org/csd/tls/4709990946.html

So, I take this and a hammer to stamp it into steel? Sounds like hell of work.
Wouldn't I also need lower-case letters?

turn the letter sideways for lower case.

[jonald_fyookball]

I am wondering where I can stamp something into metal on my own.
Asking a third party to do that for me, doesn't seem like a good idea.

It can be trustless.  Check out how woodwallet does it. I think they use bip038

[faceplantz]

I am wondering where I can stamp something into metal on my own.
Asking a third party to do that for me, doesn't seem like a good idea.

It can be trustless.  Check out how woodwallet does it. I think they use bip038

New ways might have major flaws in it. I just have to wait until it will be perfect.

[Newar]

It can be trustless.  Check out how woodwallet does it. I think they use bip038

New ways might have major flaws in it. I just have to wait until it will be perfect.

BIP38 has been around for a year. So, yeah...

[luv2drnkbr]

New ways might have major flaws in it. I just have to wait until it will be perfect.

Bip38 ec multiplied two factor keys have been around for years.  You can read about how it works here:

https://github.com/bitcoin/bips/blob/master/bip-0038.mediawiki#Encryption_when_EC_multiply_mode_is_used

In short, it takes advantage of the fact that in elliptic curve math, pubkey1*privkey2 = pubkey3, and privkey1*privkey2 = privkey3.  So you are giving them your pubkey1 with the intermediate code, and they create a new private key and multiply it by your public key to generate a public address, and then they give you their privkey2, which enables you to get privkey3 because you also have privkey1.  Your bip38 password is run through a key derivation algorithm, and eventually also sha256 hashed, which produces a pseudo-private key, which has a corresponding public key, which is used to encrypt the entire payload.

So the guy who makes the key for you can decrypt the encrypted key, but he still can't get the private key, since your privkey1 is part of the key derivation from your password before everything is sha256'd to get the shared secret between you two.

So only you, with the correct password, can recreate the correct privkey1, and then also decrypt the payload, and then use privkey1 with the now decrypted privkey2 to get the actual relevant key, privkey3.

Additionally, the key derivation function is scrypt, with some additional random bytes that you create.  Because it's scrypt, it's really slow to brute force, and because you add in random bytes, rainbow tables won't work.  The actual bip38 encrypted payload in a bip38 ec multiplied address is those random bytes, privkey2 from the guy who generated the key, and a checksum hash of pubkey3 to verify that everything was decrypted properly.  That gives you all the information you need to be able to, along with the correct password, derive and decrypt everything and generate privkey3, which is the private key for the address that "belongs" to the bip38 encrypted key.  (And then you can verify that everything worked with the checksum hash.  If the hash doesn't match, the password entered was incorrect.)

[runam0k]

You can effectively hide a private key in plain sight by applying an easy to remember rule to it.

For example, take your private key and invert the case of all characters following the 8th character.  Very easy to remember, very easy to do (e.g. in Word or with pen and paper by hand), impossible for anyone to guess (unless you somehow publicise or hint at your method).

Personally, I prefer to have multiple digial copies of my offline Electrum wallet's 12 word mnemonic code.

Split the mnemonic code into 2 or 3 groups of words, and hide them in different places.  Emails, files, photos, wherever.  So long as you know how to find them, you can hide multiple copies virtually anywhere e.g. your PC, your NAS, different email accounts, Dropbox, etc.

No one is going to find the 6 words of your mnemonic code hidden in a 200 page PDF stored in your Dropbox and OneDrive account, let alone the other 6 words hidden elsewhere.  Crucially, however, you will know where to look, you will know where the other 6 words are and you will be able to rebuild your wallet pretty much anywhere in the world.  It is also reasonably easy to explain to a loved one how to rebuild the wallet, should the worst happen.

Physical backups are great, of course, but there are always stories of safes being stolen from homes, for example, damaged paper wallets, or failed hard drives or USB thumbsticks.

[Q7]

If i write a random combination of numbers and separate them into several pieces would the guy that finds out know that it is the bitcoin private key. Probably he might think that it is for some online banking password. But just to keep it safe. I even write down several parts of the code and keep it at my other in law house in case something happens to mine 

[Spendulus]

http://sandiego.craigslist.org/csd/tls/4709990946.html

So, I take this and a hammer to stamp it into steel? Sounds like hell of work.
Wouldn't I also need lower-case letters?

turn the letter sideways for lower case.

This makes tags for really harsh environments like pipelines, so it should do for permanent code storage including cases like fire and flooding.  Not sure if they do lower case but if not just put a slash in front of the char that is going to be lower case.

I'm going to get one and try it out.

http://www.amazon.com/DYMO-Tapewriter-Metal-Embosser-101105/dp/B000FD7Z7I/ref=sr_1_3?ie=UTF8&qid=1413480605&sr=8-3&keywords=tape+embosser

http://www.amazon.com/DYMO-Non-Adhesive-Stainless-Embossing-Cassette/dp/B000O78D94/ref=pd_sim_op_1?ie=UTF8&refRID=0S9RH5Z6WBSQ2RMV22PY

[santaClause]

Have two PCs at home - one online, the other offline. Always keep your private keys in that offline PC. So do I

This is probably the best way to keep your private keys safe for cold storage. It is also, by far the simplest way. You will need to somehow create your private key (on an offline computer), so you might as well keep the keys there.

I do admit that there are a large number of very creative ways of storing your cold/offline private keys however you should really remember "KISS" - Keep It Simple Stupid

[Spendulus]

I am wondering where I can stamp something into metal on my own.
Asking a third party to do that for me, doesn't seem like a good idea.

It can be trustless.  Check out how woodwallet does it. I think they use bip038

I have a fairly strong opinion that if you have an encrypted wallet, there is zero need for any additional layer of encryption.

Similarly, if you have a single private key, you encrypt it once, but to do this you can't trust other peoples' algorithms and "help."