Here I want to discuss an overview of various methods to secure your bitcoin savings and the strengths and weaknesses of each approach for storing ones savings in Bitcoin. There is a time and place for using hot wallets, exchanges, tipping services, smartphone apps for daily spending but that is another conversation. We do not need to waste our time discussing extremely dangerous methods of storing ones savings like hot wallets and non-regulated exchanges.
Please offer any criticism and suggestions to build to this list:
Paper Wallets
Strengths:Secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment) Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets. Once setup, easy to maintain and re-import. Fairly secure against State and legal theft. Practically Free to setup
Practically Free to setup
Weaknesses:Initially difficult to securely generate with an audited and clean computer
Online Utilities not as secure as offline generators
Insecure against physical theft
Tutorials:https://en.bitcoin.it/wiki/Paper_wallethttps://bitcointalk.org/index.php?topic=342691.0http://www.coindesk.com/information/paper-wallet-tutorial/https://99bitcoins.com/create-99-9-secure-bitcoin-paper-wallet/Online Utilities to generate Paper wallets-
https://www.bitaddress.org (Code Independently audited=?)
https://www.offlineaddress.com (Code Independently audited=?)
https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-wallet.html (Code Independently audited=?)
Offline Utility to generate Paper Wallets
https://github.com/casascius/Bitcoin-Address-Utility (Code Independently audited=?)
Devices:
1) Piper -229 USD
http://cryptographi.com/2)
https://mycelium.com/entropy - 40USd
released , but sold out except for reseller -
http://asicminer-shop.de/Mycelium-EntropyConcerns with paper wallets –
https://np.reddit.com/r/Bitcoin/comments/670zhy/summary_pitfalls_of_paper_wallets/https://np.reddit.com/r/Bitcoin/comments/6ss91w/seriously_how_are_you_all_generating_your_private/dlf4uhr/-----------------------------------------------------------------------------------------------------------------------------------
Physical Bitcoins
Strengths:Secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Weaknesses:Initially difficult to securely generate keys with an audited and clean computer
Online Utilities not as secure as offline generators
Insecure against physical theft
Much more expensive than paper wallets
Insecure unless you generate and add the private keys yourself
Sources:1)
https://www.casascius.com In person or bulk only 500 for 0.39 BTC
2)
https://www.titanbtc.com/68 USD - ~2k USD
3)
http://www.lealana.com/various prices
4)
https://www.infinitumbitcoins.com/179 to 339 USD per coin
5)
https://denarium.com/19.9 € to 2199 € per coin
-----------------------------------------------------------------------------------------------------------------------------------
Offline Computer or device
Strengths:Somewhat secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Weaknesses:Initially difficult to securely generate keys with an audited and clean computer
Much more expensive than paper wallets(need a separate computer or device)
Vulnerabilities with possible USB /network infections if device isn't properly secure
Less reliable than physical or paper wallets, so one should backup the wallet on an additional separate key or write down a HD key phrase
Tutorials:https://bitcointalk.org/index.php?topic=235584.0http://codinginmysleep.com/cold-storage-part-1/https://bitcoinarmory.com/tutorials/armory-advanced-features/offline-wallets/
Devices(besides offline computers , notepads, and laptops):
http://www.pi-wallet.com/124.95 €
CIYAM Safe -
https://susestudio.com/a/kp8B3G/ciyam-safe12-sided dice and a TI-89 Calculator to create a bitcoin address.
http://motherboard.vice.com/read/how-to-make-a-bitcoin-address-with-a-ti-89-calculator-----------------------------------------------------------------------------------------------------------------------------------
Hardware wallets
Strengths:Secure against Malware, viruses, trojans, and keyloggers. (If the hardware has not been tampered with- Audits needed)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Easier to actively make secure transactions, without needing to import private keys
Weaknesses:Few of these devices has been
thoroughly independently audited
More expensive than paper wallets
Less reliable than physical or paper wallets, so one should backup the wallet on an additional separate key or write down a HD key phrase
Comparison of
KeepKey vs Trezor vs Ledger Nano
https://www.youtube.com/watch?v=aOnOBl_MxmQ
Devices:
1) Trezor
https://www.bitcointrezor.com/Original 99 USD
TREZOR model T - preorder 139 € - 149 €
Source Code: Open source
https://www.youtube.com/watch?v=pT1j_kbZBEo2) ledger wallet
https://www.ledgerwallet.com/Ledger nano S 58.00 €
nano 49 usd (will not have future firmware upgrade support soon)
HW.1 23 usd (will not have future firmware upgrade support soon)
Ledger Blue - 229 €
Source Code: open
https://www.youtube.com/watch?v=YI1OntWB7wc3) Keep Key
https://www.keepkey.com/129 usd
Source Code: Open source
https://www.youtube.com/watch?v=bs4N3jtZrEI4) Digital Bitbox
https://digitalbitbox.com/54 €
Source Code: open
https://www.youtube.com/watch?v=VBfgG-WXzhc5) Open Dime
http://www.opendime.com/29 usd for 3
Unique HW wallet that acts as a fungible and verifiable offline form of currency
https://www.youtube.com/watch?v=1LrKLsZYGjQhttps://www.youtube.com/watch?v=QqkKtJSPvlU-----------------------------------------------------------------------------------------------------------------------------------
Muti-sig Hot wallets and services
Strengths:Somewhat secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Somewhat Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Easy to setup and maintain
Easier to actively make secure transactions, without needing to import private keys
Added features such as 2FA , online access, and Insurance
Weaknesses:None of these services have been
thoroughly independently audited
Concerns that private keys generated with the service are also stored or captured by companies
Vulnerable to malware, trojans, and keyloggers within the browser (mainly at time of creation)
Vulnerable to privacy concerns
Vulnerable to legal and state theft
Tutorials -
http://sx.dyne.org/multisig.htmlhttps://www.youtube.com/watch?v=zIbUSaZBJgUhttps://www.youtube.com/watch?v=ZKRLJGBMqWo
Services:
1)
https://greenaddress.it 2-of-2 or 2 of 3 multisignature with nLockTime (possible temporarily unable to spend funds) / Free
https://bitcointalk.org/index.php?topic=521988.02)https://www.bitgo.com/
2 of 3 multisig / Free
3)
https://www.coinbase.com/vault2 of 3 multisig / insured / Free
4)
https://www.bitalo.com/why_bitalo 2-of-2 multisignature
-----------------------------------------------------------------------------------------------------------------------------------
Muti-sig Paper/electronic wallets
Strengths:Secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Practically Free to setup
Secure against physical theft if only one of the private keys is physical and the other 2 are encrypted and stored independently.
Weaknesses:Initially difficult to securely generate with an audited and clean computer (with exception to entropy)
Online Utilities not as secure as offline generators
Tutorials:
1) Armory
https://www.armoryguide.com/OfflineWalletSetup.htmlhttps://bitcoinarmory.com/tutorials/armory-advanced-features/offline-wallets/https://bitcoinarmory.com/tutorials/armory-advanced-features/lockbox/create-lockbox/https://bitcoinarmory.com/tutorials/armory-advanced-features/fragmented-backups/
Devices:
1)
https://mycelium.com/entropy - 40USd
released , but sold out except for reseller -
http://asicminer-shop.de/Mycelium-Entropy-----------------------------------------------------------------------------------------------------------------------------------
Brain wallets
Strengths:Secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Fairly secure against State and legal theft.
Free to setup
Secure against physical theft but not torture
Weaknesses:Difficult to remember
risk of forgetting private keys
Difficult to re-import
Risk the passphrase isn't secure
Tutorials:
http://www.coindesk.com/how-to-create-a-brain-wallet/https://bitcointalk.org/index.php?topic=710434.0
Tools:
1)
https://brainwallet.github.io/-----------------------------------------------------------------------------------------------------------------------------------
Manually Creating a Wallet
Strengths:Secure against Malware, viruses, trojans, and keyloggers.
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Fairly secure against State and legal theft.
Sometimes free to setup
Weaknesses:Time consuming
Difficult to securely generate
Insecure against physical theft once written down
Tutorials:
https://en.bitcoin.it/wiki/Technical_background_of_Bitcoin_addresses