Here I want to discuss an overview of various methods to secure your bitcoin savings and the strengths and weaknesses of each approach for storing ones savings in Bitcoin. There is a time and place for using hot wallets, exchanges, tipping services, smartphone apps for daily spending but that is another conversation. We do not need to waste our time discussing extremely dangerous methods of storing ones savings like hot wallets and non-regulated exchanges.
Please offer any criticism and suggestions to build to this list:
Paper Wallets
Strengths:Secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Practically Free to setup
Weaknesses:Initially difficult to securely generate with an audited and clean computer
Online Utilities not as secure as offline generators
Insecure against physical theft
Tutorials:https://en.bitcoin.it/wiki/Paper_wallethttps://www.reddit.com/r/Bitcoin/comments/1ucn47/a_thorough_stepbystep_guide_to_creating_secure/https://bitcointalk.org/index.php?topic=342691.0http://www.btcguys.us/blog/how-to-create-bitcoin-paper-wallet-tutorialhttp://www.coindesk.com/information/paper-wallet-tutorial/https://www.armoryguide.com/OfflineWalletSetup.htmlOnline Utilities to generate Paper wallets-
https://www.bitaddress.org (Code Independently audited=?)
https://www.offlineaddress.com (Code Independently audited=?)
https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-wallet.html (Code Independently audited=?)
Offline Utility to generate Paper Wallets
https://github.com/casascius/Bitcoin-Address-Utility (Code Independently audited=?)
Devices:
1) Piper -229 USD
http://cryptographi.com/2)
https://mycelium.com/entropy - 40USd
expected released in Dec 2014, delayed till Feb 2015
-----------------------------------------------------------------------------------------------------------------------------------
Physical Bitcoins
Strengths:Secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Weaknesses:Initially difficult to securely generate keys with an audited and clean computer
Online Utilities not as secure as offline generators
Insecure against physical theft
Much more expensive than paper wallets
Insecure unless you generate and add the private keys yourself
Sources:1)
https://www.casascius.com In person or bulk only 500 for 0.39 BTC
2)
https://www.titanbtc.com/68 USD - ~2k USD
3)
https://www.cryptmint.com/
42 USD per Coin
Site is down as of 1/29/15
4)
https://ravenbit.com/shop/17 to 52.92USD per coin depending upon quantity
5)
http://www.lealana.com/0.05 to 0.9 BTC per coin
6)
http://www.alitinmint.com/2.92 BTC per coin
-----------------------------------------------------------------------------------------------------------------------------------
Offline Computer or device
Strengths:Somewhat secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Weaknesses:Initially difficult to securely generate keys with an audited and clean computer
Much more expensive than paper wallets(need a separate computer or device)
Vulnerabilities with possible USB /network infections if device isn't properly secure
Less reliable than physical or paper wallets, so one should backup the wallet on an additional separate key or write down a HD key phrase
Tutorials:https://bitcointalk.org/index.php?topic=235584.0http://codinginmysleep.com/cold-storage-part-1/
Devices(besides offline computers , notepads, and laptops):
http://www.hardbit.cn/http://www.pi-wallet.com/CIYAM Safe -
https://susestudio.com/a/kp8B3G/ciyam-safe-----------------------------------------------------------------------------------------------------------------------------------
Hardware wallets
Strengths:Secure against Malware, viruses, trojans, and keyloggers. (If the hardware has not been tampered with- Audits needed)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Easier to actively make secure transactions, without needing to import private keys
Weaknesses:None of these devices has been
thoroughly independently audited
More expensive than paper wallets
Less reliable than physical or paper wallets, so one should backup the wallet on an additional separate key or write down a HD key phrase
Devices:
1)
https://www.hardwarewallet.com/15 €
2)
https://www.bitcointrezor.com/No longer open source as of v1.3.0 and switched to restrictive Microsoft Reference Source License
119 USD
3)
https://mycelium.com/bitcoincardFinal Stages of Development
4)
http://www.choosecase.com/In Development
5)
https://www.ledgerwallet.com/29.00 €
6) BWallet
https://bidingxing.com/ http://www.coincola.com/products28.00 USD
-----------------------------------------------------------------------------------------------------------------------------------
Muti-sig Hot wallets and services
Strengths:Somewhat secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Somewhat Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Easy to setup and maintain
Easier to actively make secure transactions, without needing to import private keys
Added features such as 2FA , online access, and Insurance
Weaknesses:None of these services have been
thoroughly independently audited
Concerns that private keys generated with the service are also stored or captured by companies
Vulnerable to malware, trojans, and keyloggers within the browser (mainly at time of creation)
Vulnerable to privacy concerns
Vulnerable to legal and state theft
Services:
1)
https://greenaddress.it 2-of-2 multisignature with nLockTime (possible temporarily unable to spend funds) / Free
2)https://www.bitgo.com/
2 of 3 multisig / Free
3)
https://www.coinbase.com/vault2 of 3 multisig / insured / Free
4)
https://www.bitalo.com/why_bitalo 2-of-2 multisignature
-----------------------------------------------------------------------------------------------------------------------------------
Muti-sig Paper/electronic wallets
Strengths:Secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Practically Free to setup
Secure against physical theft if only one of the private keys is physical and the other 2 are encrypted and stored independently.
Weaknesses:Initially difficult to securely generate with an audited and clean computer (with exception to entropy)
Online Utilities not as secure as offline generators
Tutorials:
1) Armory
https://www.armoryguide.com/OfflineWalletSetup.html
Devices:
1)
https://mycelium.com/entropy - 40USd
expected released in Dec 2014, delayed till Feb 2015
-----------------------------------------------------------------------------------------------------------------------------------
Brain wallets
Strengths:Secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Fairly secure against State and legal theft.
Free to setup
Secure against physical theft but not torture
Weaknesses:Difficult to remember
risk of forgetting private keys
Difficult to re-import
Risk the passphrase isn't secure
Tutorials:
http://www.coindesk.com/how-to-create-a-brain-wallet/https://bitcointalk.org/index.php?topic=710434.0
Tools:
1)
https://brainwallet.github.io/Good thread. You say "Insecure against physical theft" for the paper wallet, but you can secure it pretty well against physical threat if you encrypt it and store it safely in a bank safe or two on a form that resists to moisture or heat.