https://en.bitcoin.it/w/api.php?action=feedcontributions&feedformat=atom&user=MikewoodsBitcoin Wiki - User contributions [en]2026-05-02T18:25:16ZUser contributionsMediaWiki 1.43.8https://en.bitcoin.it/w/index.php?title=OfflineAddress&diff=44051OfflineAddress2014-01-26T10:30:17Z<p>Mikewoods: changed links to https</p>
<hr />
<div>[[File:PaperWallets-offlineaddress-com.png|200px|thumb|right|Paper wallets from [[OfflineAddress]] ]]<br />
<br />
[https://www.offlineaddress.com OfflineAddress.com] can be used to generate offline Bitcoin addresses with maximum possible entropy (making them as secure as possible).<br />
Private keys used to generate addresses are constructed from truly random numbers provided from user's mouse movements.<br />
<br />
Generated addresses can be printed and used as paper wallets or for secure offline storage.<br />
<br />
== Motivation and security ==<br />
* Easy to use service capable of providing maximum security for non-technical users.<br />
* Open Source JavaScript implementation which supports HTML5 caching - so that user needs to load the site just once.<br />
* Service is capable of producing private keys with maximum entropy.<br />
* Runs only in user's browser and never sends private keys to the internet.<br />
* Service can be used offline and always warns the user if he's attempting to generate Bitcoin addresses while being connected to the internet.<br />
* Hints how to be even more secure can be found [https://www.offlineaddress.com/?site=about here]<br />
<br />
<br />
==External Links==<br />
<br />
* [https://www.offlineaddress.com OfflineAddress] web site.<br />
* [https://bitcointalk.org/index.php?topic=399452.0;all Forum discussion]<br />
<br />
[[Category:Tools]]</div>Mikewoodshttps://en.bitcoin.it/w/index.php?title=Securing_your_wallet&diff=43804Securing your wallet2014-01-18T20:17:54Z<p>Mikewoods: </p>
<hr />
<div>==Introduction==<br />
<br />
Wallet security can be broken down into two independent goals:<br />
# Protecting your wallet against loss.<br />
# Protecting your wallet against theft.<br />
<br />
In the case that your current wallet hasn't been protected adequately (e.g. put online with a weaker password):<br />
# Making a new secure wallet, using appropriate long-term protection.<br />
<br />
''For a brief overview see also: [[Wallet Security Dos and Don'ts|Wallet Security Dos and Don'ts]]''<br />
<br />
==Paper Wallets==<br />
[[Paper wallet]]s are a fairly simple way to store your bitcoins independent of a computer. When generated securely and stored on paper, or other offline storage media, a paper wallet decreases the chances of your bitcoins being stolen by hackers, or computer viruses.<br />
<br />
With each entry on a paper wallet, you are securing a sequence of secret numbers that is used to prove your right to spend the bitcoins assigned to one of your addresses. This secret number, called a [[private key]], is most commonly written as a sequence of fifty-one alphanumeric characters, beginning with a '5'.<br />
<br />
Some easy-to-use services (like [[BitAddress|BitAddress.org]], [[OfflineAddress|OfflineAddress.com]] or [[BitcoinPaperWallet|BitcoinPaperWallet.com]]) feature a free open-source client-side paper wallet generators written in JavaScript, which can be used offline. Using these generators is relatively safe while disconnected from internet. It's advisable to use those services from [https://en.wikipedia.org/wiki/Live_CD live disc], to ensure that private keys are not compromised by spyware. <br />
<br />
To generate a safer paper wallet, first save the paper wallet generating code to a newly-formatted USB stick. Then "clean-boot" your computer with a bootable CD (such as a Linux Live CD) ''while disconnected from the Internet''. Disconnecting from the Internet guarantees that that the paper wallet generator is truly self-contained and isn't communicating with an online service. Then insert the USB stick and open the wallet generator's HTML file from the web browser. Print your paper wallets or store them on external media (do not save them on the computer), and then shut down the computer. You may need to load an appropriate printer driver in order to print while booted from the live CD.<br />
<br />
A paper wallet includes at least one public bitcoin address and its corresponding private key. You can send bitcoins to the public address and they will be inaccessible until the private key is imported into a wallet. As of version 0.6.0, the bitcoin QT software has a command line feature called "importprivkey" that can load private keys. Online exchanges and wallets such as [[MtGox]], CoinBase and Blockchain.info have features for importing (or "sweeping") private keys as well.<br />
<br />
Remember, spyware and viruses often attempt to monitor your computer activities so that their authors can steal from you. They are interested in passwords to online accounts, and anything of value. Bitcoin wallets and private keys are something of value that have already been targeted by malware. Paper wallets isolate you from much of this risk.<br />
<br />
If your computer is infected with spyware or viruses - even if there are no symptoms, or your antivirus isn't reporting anything - then anything you type, view, or save on your computer, could potentially be stolen by someone remotely controlling your computer. Your private key can then be intercepted while you enter it, so only enter a Bitcoin private key into your computer when your intent is to redeem its value ''immediately''.<br />
<br />
== Hardware wallets ==<br />
[[Hardware wallet]]s are a major effort to provide a good combination of enhanced security and usability.<br />
<br />
So far only [http://www.pi-wallet.com/ Pi Wallet] is operational.<br />
<br />
==Importance of security updates==<br />
<br />
No software is perfect, and from time to time there may be security vulnerabilities found in your Bitcoin client as well.<br />
Be sure you keep your client updated with the latest bug fixes, especially when a new vulnerability is discovered.<br />
We maintain a [[CVEs|list a known vulnerabilities]] on this wiki - you can watch that page to get updates.<br />
Note that you ''don't'' need to be running the latest major client version: some clients, including the popular Bitcoin-Qt, have older versions available with bugfix-only updates.<br />
<br />
==Securing the Bitcoin-QT or bitcoind wallet==<br />
<br />
Bitcoin transactions send Bitcoins to a specific public key. A Bitcoin address is an encoded hash of a public key. In order to use received Bitcoins, you need to have the private key matching the public key you received with. This is sort of like a super long password associated with an account (the account is the public key). Your Bitcoin wallet contains all of the private keys necessary for spending your received transactions. If you delete your wallet without a backup, then you no longer have the authorization information necessary to claim your coins, and the coins associated with those keys are lost forever.<br />
<br />
The wallet contains a pool of queued keys. By default there are 100 keys in the [[key pool]]. The size of the pool is configurable using the "-keypool" command line argument. When you need an address for whatever reason (send, “new address”, generation, etc.), the key is not actually generated freshly, but taken from this pool. A brand new address is generated to fill the pool back to 100. So when a backup is first created, it has all of your old keys plus 100 unused keys. After sending a transaction, it has 99 unused keys. After a total of 100 new-key actions, you will start using keys that are not in your backup. Since the backup does not have the private keys necessary for authorizing spends of these coins, restoring from the old backup will cause you to lose Bitcoins.<br />
<br />
Creating a new address generates a new pair of public and private keys, which are added to your wallet. Each keypair is mostly random numbers, so they cannot be known prior to generation. If you backup your wallet and then create more than 100 new addresses, the keypair associated with the newest addresses will not be in the old wallet because the new keypairs are only known after creating them. Any coins received at these addresses will be lost if you restore from the backup.<br />
<br />
The situation is made somewhat more confusing because the receiving addresses shown in the UI are not the only keys in your wallet. Each Bitcoin generation is given a new public key, and, more importantly, each sent transaction also sends some number of Bitcoins back to yourself at a new key. When sending Bitcoins to anyone, you generate a new keypair for yourself and simultaneously send Bitcoins to your new public key and the actual recipient's public key. This is an anonymity feature – it makes tracking Bitcoin transactions much more difficult.<br />
<br />
So if you create a backup, do more than 100 things that cause a new key to be used, and then restore from the backup, some Bitcoins will be lost. Bitcoin has not deleted any keys (keys are never deleted) – it has created a new key that is not in your old backup and then sent Bitcoins to it.<br />
<br />
== Making a new wallet ==<br />
<br />
If a wallet or an encrypted wallet's password has been compromised, it is wise to create a new wallet and transfer the full balance of bitcoins to addresses contained only in the newly created wallet. Examples of ways a wallet may be compromised are through password re-use, minimal strength passwords, computer hack or virus attack.<br />
<br />
There are a number of ways to create a new wallet with Bitcoin-QT or bitcoind but this is a process that has been tested with bitcoind 0.6.3. We use the copy command to minimize the chance of any data loss but you are warned to make backups of any wallet.dat that holds a balance for you.<br />
<br />
:1. Shut down the Bitcoin program.<br />
:2. Find and make a backup of the "compromised" wallet.dat file and rename it, perhaps adding a short description:<br />
:::wallet.dat -> wallet-compromised.dat<br />
:Depending on your OS, the wallet file will be located at:<br />
:::Windows: %APPDATA%\Bitcoin\<br />
:::Linux: ~/.bitcoin/<br />
:::Mac: ~/Library/Application Support/Bitcoin/<br />
:3. Start the Bitcoin program and it will create a new wallet.dat. You may then encrypt the wallet as desired and make a new backup.<br />
:4. Once you've made a new wallet, you can obtain one or more addresses and copy them into a text editor. After obtaining the new address(es), shut down the Bitcoin program, make a backup of the new wallet.dat file and copy it to a new file named wallet-new.dat.<br />
:5. Copy the wallet-compromised.dat file back to wallet.dat, start the Bitcoin program and transfer your balance to the new address(es) you put in your text editor. Once the balance is back to 0 for your compromised wallet, you may want to wait a couple minutes or for a confirmation or check block explorer to be sure the transactions have been broadcasted. Then you may shut down the Bitcoin program.<br />
:6. Rename wallet.dat to wallet-compromised.dat. <br />
:7. Rename wallet-new.dat to wallet.dat.<br />
<br />
You should now have a new wallet with all the bitcoins from the old wallet.<br />
<br />
==Making a secure workspace==<br />
<br />
If you are using your computer to handle bitcoins, a wallet, Bitcoin-related passwords, or Bitcoin private keys, you must take care that the system is free of malware, viruses, keyloggers, remote access tools, and other tools that may be used to make remote copies of any of the above. In the case that your computer is compromised, the precautions taken below may provide additional protection.<br />
<br />
===Debian-based Linux===<br />
<br />
The first step is to make a [http://www.howtogeek.com/howto/ubuntu/add-a-user-on-ubuntu-server/ new user]. In order for that new user to have an encrypted home directory, you'll first need the encryption utility. Run:<br />
<br />
<code>sudo apt-get install ecryptfs-utils</code><br />
<br />
Now you're ready to create a new user<br />
<br />
<code>sudo adduser --encrypt-home new_user_name</code><br />
<br />
You'll need to come up with a [[#Choosing_A_Strong_Password|secure]] new password for that user.<br />
<br />
When you get to the prompt 'Enter the new value, or press ENTER for the default', just keep hitting ENTER.<br />
<br />
Then switch user to the new user. To get to the new user you can use the switch user icon for your system, which on Ubuntu is in the 'System/Quit' screen, or if there is no switch icon on your system you can log out and log back in as the new user.<br />
<br />
Since the home folder of this user is encrypted, if you're not logged in as that user, data that is saved there can't be browsed, even by a root user. If something goes wrong with your system, and you need to decrypt the new user's files, you'll need its decryption key.<br />
<br />
<code>ecryptfs-unwrap-passphrase</code><br />
<br />
It will ask you for your user's password and give you the decryption key. '''WRITE DOWN OR SAVE THE CODE IT RETURNS''' because you will need it if you ever have to pull your data off while the OS is not working. (You can run it again later if you need to, but run it now so that you can get your data if your Linux install gets botched.)<br />
<br />
The encrypted folder data is not encrypted while it's in memory, and so if it's ever sent to the swap partition it can be stolen from there unless that too is encrypted - be aware that this will mean you cannot use Hibernate anymore, as the bootloader won't be able to restore the hibernation data.<br />
<br />
<code>ecryptfs-setup-swap</code><br />
<br />
Then click on a folder in the new user to display the file browser, then keep going up folders until you see the new user home directory, then right click to bring up the Properties dialog, then click on the Permissions tab, then in the Others section, set the folder access to None.<br />
<br />
For secure browsing, open Firefox, and then go into the Edit menu and click Preferences. Starting from the left, click on the General tab, and in the 'Startup/When Firefox starts' pop up menu, choose 'Show a Blank Page'. Then click on the Content tab, and deselect 'Load images automatically' and deselect 'Enable JavaScript'. Then click on the Privacy tab, and in the 'History/Firefox will' pop up menu, choose 'Never remember history'. Then click on the Security tab, and in the Passwords section, deselect 'Remember passwords for sites' and deselect 'Use a master password'. Then click on the Advanced tab, then click on the Update tab, and then in the 'Automatically check for updates to' section, deselect 'Add-ons' and 'Search Engines'.<br />
<br />
When JavaScript is disabled, the [http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.23/bitcoin-0.3.23-linux.tar.gz/download Linux download page] will not download automatically, so you'll have to click on the 'direct link' part of the "Problems with the download? Please use this 'direct link' or try another mirror." line.<br />
<br />
===Mac===<br />
This solution '''does not scale'''; the amount of needed space can grow beyond the image size.<br />
<br />
===Windows===<br />
<br />
Due to the frequency with which Windows computers are compromised, it is advised to encrypt your wallet or to keep your wallet on an encrypted disk image created by third-party software, such as [http://www.truecrypt.org/ TrueCrypt] (open source) or [http://www.jetico.com/encryption-bestcrypt/ Jetico BestCrypt] (commercial). This also applies to the storage of passwords, private keys and other data that can be used to access any of your Bitcoin balances.<br />
<br />
Assuming that you have installed the Windows Bitcoin client and run it at least once, the process is described below.<br />
<br />
<p><b>To mount the Bitcoin data directory on an encrypted drive</b></p><br />
<ol start=1 type=1><br />
<li>Use the third-party disk image encryption program of your choice to create and mount an encrypted disk image of at least 5GB in size. This procedure stores the entire block chain database with the wallet.dat file so the required size of the encrypted disk image required may grow in the future.</li><br />
<li>Locate the Bitcoin data directory, and copy the directory with all contents to the encrypted drive.<br />
<p>For help finding this directory, see <b>[[Securing_your_wallet#Locating_Bitcoin_s_data_directory|Locating Bitcoin's Data Directory]]</b>.</p></li><br />
<li>Create a Windows shortcut that starts Bitcoin with the <code>-datadir</code> parameter and specifies the encrypted drive and directory.<br />
<p>For example, if you installed Bitcoin in the default directory, mounted your Bitcoin encrypted drive as <code>E:\</code>, and stored your Bitcoin data directory on it as <code>Bitcoin</code>, you would type the following command as the shortcut Target:</p><br />
<blockquote><code>C:\Program Files\Bitcoin\bitcoin.exe -datadir=E:\Bitcoin</code></blockquote></li><br />
<li>Open Bitcoin's settings and configure it <b>NOT</b> to start automatically when you start Windows.<br />
<p>This is to allow you to mount the Bitcoin encrypted disk image before starting Bitcoin.</p></li><br />
<li>Shut down Bitcoin, and then restart it from the new shortcut.</li><br />
</ol><br />
<br />
After doing this, any time you want to use Bitcoin, you must first mount the Bitcoin encrypted disk image using the same drive designation, and then run Bitcoin from the shortcut that you created, so that it can find its data and your wallet.<br />
<br />
<br />
=== General Solutions ===<br />
<br />
Your wallet.dat file is not encrypted by the Bitcoin program by default but the most current release of the Bitcoin client provides a method to encrypt with a passphrase the private keys stored in the wallet. Anyone who can access an unencrypted wallet can easily steal all of your coins. Use one of these encryption programs if there is any chance someone might gain access to your wallet.<br />
* [http://www.7-zip.org/ 7-zip] - Supports strongly-encrypted archives.<br />
* [http://www.axantum.com/axcrypt/ AxCrypt by Axantum]<br />
* [http://lrzip.kolivas.org lrzip] - Compression software for Linux and OSX that supports very high grade password protected encryption<br />
* [http://www.truecrypt.org/ TrueCrypt] - Volume-based on-the-fly encryption (for advanced users)<br />
<br />
There is also a list of [[OpenSourceEncryptionSoftware|open source encryption software.]]<br />
<br />
Decrypting and encrypting the wallet.dat every time you start or quit the Bitcoin client can be ''tedious'' (and outright error-prone). If you want to keep your wallet encrypted (except while you're actually running the Bitcoin client), it's better to relegate the automation to a [http://lorelei.kaverit.org/bitcoin.sh small shell script] that handles the en/decryption and starting up Bitcoin client for you (Linux and OSX). <br />
<br />
There is also a method to print out and encrypt your wallet.dat as a special, scannable code. See details here: [[WalletPaperbackup]]<br />
<br />
==== Password Strength ====<br />
Brute-force password cracking has come a long way. A password including capitals, numbers, and special characters with a length of 8 characters can be trivially solved now (using appropriate hardware). The recommended length is '''at least''' 12 characters long. You can also use a multi-word password and there are techniques to increase the strength of your passwords without sacrificing usability. [http://www.baekdal.com/tips/password-security-usability The Usability of Passwords] <br />
<br />
However, simply using dictionary words is also insecure as it opens you up to a dictionary attack. If you use dictionary words, be sure to include random symbols and numbers in the mix as well.<br />
<br />
If you use keyfiles in addition to a password, it is unlikely that your encrypted file can ever be cracked using brute-force methods, even when even a 12 character password might be too short.<br />
<br />
Assume that any encrypted files you store online (eg. Gmail, Dropbox) will be stored somewhere forever and can never be erased.<br />
<br />
===== Choosing A Strong Password =====<br />
Make sure you pick at least one character in each group:<br /><br />
<br />
Lowercase: abcdefghijklmnopqrstuvwxyz<br />
Uppercase: ABCDEFGHIJKLMNOPQRSTUVWXYZ<br />
Number: 1234567890<br />
Symbol: `~!@#$%^&*()-_=+\|[{]};:'",<.>/? (space)<br />
<br />
<9 char = unsuitable for use<br />
09 char = insecure<br />
10 char = low security<br />
11 char = medium security<br />
12 char = good security (good enough for your wallet)<br />
13 char = very good, enough for anything.<br />
<br />
You might want to read [http://security.stackexchange.com/questions/662/what-is-your-way-to-create-good-passwords-that-can-actually-be-remembered What is your way to create good passwords that can actually be remembered?] and [http://security.stackexchange.com/questions/6095/xkcd-936-short-complex-password-or-long-dictionary-passphrase XKCD #936: Short complex password, or long dictionary passphrase?]<br />
<br />
== Backing up your wallet ==<br />
See [[Backingup_your_wallet|Backing up your wallet]].<br />
<br />
==Erasing Plain-text Wallets==<br />
<br />
In most operating systems, including Windows, Linux, and Mac OS X, simply deleting a wallet.dat file will ''not'' generally destroy it. It is likely that advanced tools can still be used to recover the wallet.dat file, even after it has been deleted.<br />
<br />
The Linux '''shred''' command can be used to overwrite the wallet file with random data prior to deleting; this particular copy of the file will then be practically impossible to recover. Using shred (and similar tools on Windows) however does not guarantee that still other copies don't exist somewhere hidden on your HD. That will depend on your system configuration and what packages you have installed. Some system restore and backup tools, for instance, create periodic snapshots of your filesystem, duplicating your wallet.dat.<br />
<br />
In Mac OS, the equivalent of '''shred''' is '''srm''' (introduced in Leopard). Using the Finder to remove files, clicking "Secure Empty Trash" in the Finder menu will shred the contents of the trash can. As with any OS this doesn't guarantee that there are not other copies elsewhere on your system.<br />
<br />
For Windows, the built-in command ''cipher /W'' will shred all previously-deleted files. [http://www.cylog.org/utilities/cybershredder.jsp CyberShredder] can securely deleted individual files.<br />
<br />
==Online and Mobile Wallets==<br />
<br />
Thus far, this article has been discussing the security of a wallet file for Bitcoin-QT or bitcoind that is under your sole control. Additional wallets applications and services have become available that offer other features and more convenience but not without introducing additional risk. When storing bitcoins with an [[eWallet]] such as Instawallet or Easywallet, you are essentially storing your private keys or wallet with that provider. <br />
<br />
Online wallets have a number of pros and cons to consider. For example, you can access your wallet on any computer in the world, but depending on the service, your bitcoins may be lost if the service is compromised. <br />
<br />
Mobile wallet applications are available for Android devices that allow you to send bitcoins by QR code or NFC, but this opens up the possibility of loss if mobile device is compromised. It may be possible to encrypt and backup the wallet or private keys on a mobile device but it is not advisable to store a large amount of bitcoins there without doing your own research and testing.<br />
<br />
==See Also==<br />
<br />
* [[Data directory]]<br />
* [[How to import private keys]]<br />
* [http://startbitcoin.com/how-to-create-a-secure-bitcoin-wallet/ Secure Bitcoin Wallet Tutorial]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [http://arimaa.com/bitcoin/ Bitcoin Gateway - A Peer-to-peer Bitcoin Vault and Payment Network]<br />
* [http://blog.cyplo.net/2012/04/01/bitcoin-wallet-recovery-photorec/ Find lost wallet eg. after disk format, using Photorec]<br />
<br />
[[Category:Security]]<br />
<br />
[[de:Sichere deine Geldbörse]]<br />
[[ru:Bitcoin и безопасность]]<br />
[[es:Cómo asegurar su monedero]]<br />
[[zh-cn:保护你的钱包]]</div>Mikewoodshttps://en.bitcoin.it/w/index.php?title=Paper_wallet&diff=43799Paper wallet2014-01-18T07:24:28Z<p>Mikewoods: </p>
<hr />
<div>A '''paper wallet''' is a mechanism for storing bitcoins offline as a physical document that can be secured like cash or anything else of real-world value. Paper wallets are generally created by printing a brand new public address and private key onto paper, and then sending bitcoins from a "live" wallet to the printed wallet's public address for safekeeping. If good security practices are followed, paper wallets are one of the safest ways to to store Bitcoins. <br />
<br />
__TOC__<br />
<br />
==Producing safe paper wallets==<br />
<br />
[[File:PaperWallets-offlineaddress-com.png|200px|thumb|right|Paper wallets from [[OfflineAddress|OfflineAddress.com]] ]]<br />
[[File:BitcoinPaperWallet-sample.jpg|thumb|right|300px|Wallet with private key secured beneath folds (BitcoinPaperWallet.com)]]<br />
A Bitcoin [[private key]] can be represented in several formats. For paper wallets typically used format is Wallet Import Format (WIF), since keys represented that way are very short (51 characters) and thus easy to re-enter when importing or "sweeping" the wallet for withdrawal.<br />
<br />
Several tools exist for producing paper wallets, including [[BitAddress|BitAddress.org]], [[OfflineAddress|OfflineAddress.com]], [[BitcoinPaperWallet|BitcoinPaperWallet.com]], [[vanitygen]], [[SafePaperWallet|SafePaperWallet.com]], and [[Bitcoin Address Utility]]. <br />
<br />
Care must be taken to securely generate paper wallets since an attacker can steal the present ''and future'' balance of a paper wallet if the private key is exposed, transmitted, or generated with [http://www.offlineaddress.com/?site=about#security-risk insufficient entropy].<br />
<br />
Some services feature a free open-source client-side paper wallet generators written in JavaScript, which can be used offline. Using these generators is relatively safe while disconnected from internet. It's advisable to use those services from [https://en.wikipedia.org/wiki/Live_CD live disc], to ensure that private keys are not compromised by spyware. <br />
<br />
'''Recommendations:'''<br />
* Paper wallets should be produced on a computer not connected to the Internet.<br />
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your paper wallet. Also consider that antivirus software cannot completely rule out the possibility of malware. However, using bootable [https://en.wikipedia.org/wiki/Live_CD live disc] prevents malware from running.<br />
* The private keys of paper wallets should never be saved to a computer hard drive. You should also never scan your paper wallet into your computer or type the private keys or save them in e-mail, except at the moment you are redeeming the balance.<br />
* If possible, the private key of a paper wallet should be kept hidden, for example by folding the paper to hide the private key so that a photograph or photocopy of the wallet will not reveal or replicate the private key.<br />
* A web-based paper wallet generator should be written so that all of the generation happens on your computer, not the web server. After you load the paper wallet generating website in your web browser, you should disconnect from the Internet, and observe that the paper wallet generator continues to function. Afterward, you should close your browser before reconnecting to the Internet.<br />
* A paper wallet generator should use an appropriate source of random numbers (entropy). This means that the generated addresses aren't predictable. If the addresses come from a predictable or partially-predictable patterns like pseudorandom numbers <ref>[https://en.wikipedia.org/wiki/Pseudorandomness#Cryptography Pseudorandomness] '' is not enough for strong cryptography''</ref>, someone else who can predict the pattern can steal the balance. Ideally, randomness has to be human provided (i.e. from mouse movements, as in [[OfflineAddress|offlineaddress.com]]). This rules out any "web-based" generator unless you can be sure that both your browser and the JavaScript code are taking advantage of the strongest cryptographic routines available.<ref>[http://www.w3.org/TR/WebCryptoAPI/ w3.org] ''WebCryptoAPI''</ref><br />
<br />
<br />
===Operating System Cache Security===<br />
<br />
The problem with printing out secure documents—even if your computer is 100% virus/trojan free—is that your printer driver and/or operating system may be keeping copies of the documents you print in a "spool" or print queue. If a hacker or virus gets into your computer and knows to look for these cache files, then they can get your private keys and sweep your paper wallets. Precautions to mitigate this type of attack include:<br />
<br />
* Enabling encryption of your entire filesystem so that cache files cannot be 'undeleted'.<br />
<br />
* Setting up a symbolic link from your OS spool directory (e.g. /private/var/spool/cups/cache/ on OS X) to a removable media volume (e.g. a SD card) and disconnecting it when not in use.<br />
<br />
* Using a live-boot CD instead of a regular hard drive OS install. This way when you reboot your computer, all cache files are deleted from memory and no jobs are ever written to disk.<ref>[https://bitcoinpaperwallet.com/#security BitcoinPaperWallet.com] ''Security Tips''</ref><br />
<br />
===Printer Security===<br />
<br />
Some advanced printers have internal storage (even hard drives) that preserve copies of printouts. This is a risk if someone gets access to your printer, or if you dispose of your printer. There is also the possibility that a smart enough printer can be hacked. (Consider [http://en.wikipedia.org/wiki/Stuxnet StuxNet] which was able to rewrite the firmware of non-computer devices indirectly connected to the Internet) If this concerns you, use a "dumb" printer, and never let your printer have access to the Internet or to an Internet-connected computer.<br />
<br />
==Redeeming Keys and Withdrawing Funds==<br />
<br />
Paper wallets are very different from "live" wallets such as the Bitcoin-QT client in that it is not possible to transfer (withdraw) a ''portion'' of a paper wallet's bitcoin balance. The only way to withdraw funds from a paper wallet is to import or "sweep" the ''entire'' balance of the paper wallet to a new address, typically a live wallet or online exchange. Once the transfer has been confirmed, ''the paper wallet should no longer be used''.<ref>[http://www.reddit.com/r/Bitcoin/comments/1c9xr7/psa_using_paper_wallets_understanding_change/ reddit.com] ''Using Paper Wallets and Understanding Change''</ref><br />
<br />
There are various methods for copying the private key data from a paper wallet to other wallets.<br />
bitcoind supports an "importprivkey" RPC method for this purpose.<br />
Bitcoin-Qt's debug console can also be used in a similar way (see also [[how to import private keys v7+]]).<br />
[[BlockChain.info]] and [[Armory]] can also import them directly into wallets.<br />
[[MtGox|Mt. Gox]] provides the ability to Add Funds using a private key:<br />
the exchange will then create a "sweep" transaction that spends any amount for that paper wallet address so that the amount is added to your account with them; it will also sweep to your account any bitcoins received to that address in the future as well.<br />
<br />
==References==<br />
<references /><br />
<br />
==See Also==<br />
<br />
* [[Private key]]<br />
<br />
* [[Securing_your_wallet#Paper_Wallets]]<br />
<br />
* [[How to import private keys]]<br />
<br />
* [https://blockchain.info/wallet/paper-tutorial Blockchain.info tutorial] on how to generate a paper wallet.<br />
<br />
[[Category:Security]]<br />
<br />
[[es:Monedero de papel]]</div>Mikewoodshttps://en.bitcoin.it/w/index.php?title=Paper_wallet&diff=43798Paper wallet2014-01-18T07:13:47Z<p>Mikewoods: </p>
<hr />
<div>A '''paper wallet''' is a mechanism for storing bitcoins offline as a physical document that can be secured like cash or anything else of real-world value. Paper wallets are generally created by printing a brand new public address and private key onto paper, and then sending bitcoins from a "live" wallet to the printed wallet's public address for safekeeping. If good security practices are followed, paper wallets are one of the safest ways to to store Bitcoins. <br />
<br />
__TOC__<br />
<br />
==Producing safe paper wallets==<br />
<br />
[[File:PaperWallets-offlineaddress-com.png|200px|thumb|right|Paper wallets from [[OfflineAddress|OfflineAddress.com]] ]]<br />
[[File:BitcoinPaperWallet-sample.jpg|thumb|right|300px|Wallet with private key secured beneath folds (BitcoinPaperWallet.com)]]<br />
A Bitcoin [[private key]] can be represented in several formats. For paper wallets typically used format is Wallet Import Format (WIF), since keys represented that way are very short (51 characters) and thus easy to re-enter when importing or "sweeping" the wallet for withdrawal.<br />
<br />
Several tools exist for producing paper wallets, including [[BitAddress|BitAddress.org]], [[OfflineAddress|OfflineAddress.org]], [[BitcoinPaperWallet|BitcoinPaperWallet.com]], [[vanitygen]], [[SafePaperWallet|SafePaperWallet.com]], and [[Bitcoin Address Utility]]. <br />
<br />
Care must be taken to securely generate paper wallets since an attacker can steal the present ''and future'' balance of a paper wallet if the private key is exposed, transmitted, or generated with [http://www.offlineaddress.com/?site=about#security-risk insufficient entropy].<br />
<br />
Some services feature a free open-source client-side paper wallet generators written in JavaScript, which can be used offline. Using these generators is relatively safe while disconnected from internet. It's advisable to use those services from [https://en.wikipedia.org/wiki/Live_CD live disc], to ensure that private keys are not compromised by spyware. <br />
<br />
'''Recommendations:'''<br />
* Paper wallets should be produced on a computer not connected to the Internet.<br />
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your paper wallet. Also consider that antivirus software cannot completely rule out the possibility of malware. However, using bootable [https://en.wikipedia.org/wiki/Live_CD live disc] prevents malware from running.<br />
* The private keys of paper wallets should never be saved to a computer hard drive. You should also never scan your paper wallet into your computer or type the private keys or save them in e-mail, except at the moment you are redeeming the balance.<br />
* If possible, the private key of a paper wallet should be kept hidden, for example by folding the paper to hide the private key so that a photograph or photocopy of the wallet will not reveal or replicate the private key.<br />
* A web-based paper wallet generator should be written so that all of the generation happens on your computer, not the web server. After you load the paper wallet generating website in your web browser, you should disconnect from the Internet, and observe that the paper wallet generator continues to function. Afterward, you should close your browser before reconnecting to the Internet.<br />
* A paper wallet generator should use an appropriate source of random numbers (entropy). This means that the generated addresses aren't predictable. If the addresses come from a predictable or partially-predictable patterns like pseudorandom numbers <ref>[https://en.wikipedia.org/wiki/Pseudorandomness#Cryptography Pseudorandomness] '' is not enough for strong cryptography''</ref>, someone else who can predict the pattern can steal the balance. Ideally, randomness has to be human provided (i.e. from mouse movements, as in [[OfflineAddress|offlineaddress.com]]). This rules out any "web-based" generator unless you can be sure that both your browser and the JavaScript code are taking advantage of the strongest cryptographic routines available.<ref>[http://www.w3.org/TR/WebCryptoAPI/ w3.org] ''WebCryptoAPI''</ref><br />
<br />
<br />
===Operating System Cache Security===<br />
<br />
The problem with printing out secure documents—even if your computer is 100% virus/trojan free—is that your printer driver and/or operating system may be keeping copies of the documents you print in a "spool" or print queue. If a hacker or virus gets into your computer and knows to look for these cache files, then they can get your private keys and sweep your paper wallets. Precautions to mitigate this type of attack include:<br />
<br />
* Enabling encryption of your entire filesystem so that cache files cannot be 'undeleted'.<br />
<br />
* Setting up a symbolic link from your OS spool directory (e.g. /private/var/spool/cups/cache/ on OS X) to a removable media volume (e.g. a SD card) and disconnecting it when not in use.<br />
<br />
* Using a live-boot CD instead of a regular hard drive OS install. This way when you reboot your computer, all cache files are deleted from memory and no jobs are ever written to disk.<ref>[https://bitcoinpaperwallet.com/#security BitcoinPaperWallet.com] ''Security Tips''</ref><br />
<br />
===Printer Security===<br />
<br />
Some advanced printers have internal storage (even hard drives) that preserve copies of printouts. This is a risk if someone gets access to your printer, or if you dispose of your printer. There is also the possibility that a smart enough printer can be hacked. (Consider [http://en.wikipedia.org/wiki/Stuxnet StuxNet] which was able to rewrite the firmware of non-computer devices indirectly connected to the Internet) If this concerns you, use a "dumb" printer, and never let your printer have access to the Internet or to an Internet-connected computer.<br />
<br />
==Redeeming Keys and Withdrawing Funds==<br />
<br />
Paper wallets are very different from "live" wallets such as the Bitcoin-QT client in that it is not possible to transfer (withdraw) a ''portion'' of a paper wallet's bitcoin balance. The only way to withdraw funds from a paper wallet is to import or "sweep" the ''entire'' balance of the paper wallet to a new address, typically a live wallet or online exchange. Once the transfer has been confirmed, ''the paper wallet should no longer be used''.<ref>[http://www.reddit.com/r/Bitcoin/comments/1c9xr7/psa_using_paper_wallets_understanding_change/ reddit.com] ''Using Paper Wallets and Understanding Change''</ref><br />
<br />
There are various methods for copying the private key data from a paper wallet to other wallets.<br />
bitcoind supports an "importprivkey" RPC method for this purpose.<br />
Bitcoin-Qt's debug console can also be used in a similar way (see also [[how to import private keys v7+]]).<br />
[[BlockChain.info]] and [[Armory]] can also import them directly into wallets.<br />
[[MtGox|Mt. Gox]] provides the ability to Add Funds using a private key:<br />
the exchange will then create a "sweep" transaction that spends any amount for that paper wallet address so that the amount is added to your account with them; it will also sweep to your account any bitcoins received to that address in the future as well.<br />
<br />
==References==<br />
<references /><br />
<br />
==See Also==<br />
<br />
* [[Private key]]<br />
<br />
* [[Securing_your_wallet#Paper_Wallets]]<br />
<br />
* [[How to import private keys]]<br />
<br />
* [https://blockchain.info/wallet/paper-tutorial Blockchain.info tutorial] on how to generate a paper wallet.<br />
<br />
[[Category:Security]]<br />
<br />
[[es:Monedero de papel]]</div>Mikewoodshttps://en.bitcoin.it/w/index.php?title=OfflineAddress&diff=43791OfflineAddress2014-01-18T06:11:41Z<p>Mikewoods: </p>
<hr />
<div>[[File:PaperWallets-offlineaddress-com.png|200px|thumb|right|Paper wallets from [[OfflineAddress]] ]]<br />
<br />
[http://www.offlineaddress.com OfflineAddress.com] can be used to generate offline Bitcoin addresses with maximum possible entropy (making them as secure as possible).<br />
Private keys used to generate addresses are constructed from truly random numbers provided from user's mouse movements.<br />
<br />
Generated addresses can be printed and used as paper wallets or for secure offline storage.<br />
<br />
== Motivation and security ==<br />
* Easy to use service capable of providing maximum security for non-technical users.<br />
* Open Source JavaScript implementation which supports HTML5 caching - so that user needs to load the site just once.<br />
* Service is capable of producing private keys with maximum entropy.<br />
* Runs only in user's browser and never sends private keys to the internet.<br />
* Service can be used offline and always warns the user if he's attempting to generate Bitcoin addresses while being connected to the internet.<br />
* Hints how to be even more secure can be found [http://www.offlineaddress.com/?site=about here]<br />
<br />
<br />
==External Links==<br />
<br />
* [http://www.offlineaddress.com OfflineAddress] web site.<br />
* [https://bitcointalk.org/index.php?topic=399452.0;all Forum discussion]<br />
<br />
[[Category:Tools]]</div>Mikewoodshttps://en.bitcoin.it/w/index.php?title=File:PaperWallets-offlineaddress-com.png&diff=43788File:PaperWallets-offlineaddress-com.png2014-01-18T05:56:10Z<p>Mikewoods: Paper Wallets that can be generated on OfflineAddress.com</p>
<hr />
<div>== Summary ==<br />
Paper Wallets that can be generated on OfflineAddress.com<br />
== Licensing ==<br />
{{self|Cc-zero}}</div>Mikewoodshttps://en.bitcoin.it/w/index.php?title=How_to_set_up_a_secure_offline_savings_wallet&diff=43778How to set up a secure offline savings wallet2014-01-17T20:22:58Z<p>Mikewoods: /* Notes */ directed non-technical users to generate paper wallets.</p>
<hr />
<div>== Why set up an offline savings wallet? ==<br />
<br />
Modern operating systems are getting more and more complex. The flip side of all this complexity is that they generally have a large [http://en.wikipedia.org/wiki/Attack_surface attack surface] and constantly leak information without the user’s knowledge or consent. No matter how many precautions you take, your [[wallet]]s will never be 100% safe on a computer that is connected to the internet.<br />
<br />
Because bitcoins are stored directly on your computer and because they are real money, the motivation for sophisticated and targeted attacks against your system is higher than in the pre-bitcoin era, when only large organizations normally had to worry about such attacks. <br />
<br />
This guide will instruct you on how to create an offline wallet, a wallet that never even touches the internet in its plaintext form. Another term for this is [[cold storage]]. This security measure is also referred to as being an air gap. For all practical purposes, this wallet is safe from all online threats, such as viruses and hackers. It is however still exposed to offline threats, such as [http://en.wikipedia.org/wiki/Hardware_keylogger hardware keyloggers], extortion, or people looking over your shoulder. A best practice is to keep the majority of your bitcoins in the offline wallet and only to use the online wallet for everyday expenses/earnings.<br />
<br />
The below procedure may seem tedious, but remember that security almost always comes at the cost of convenience. When you deposit money at a bank, you let them worry about security. Bitcoins, however, are stored on '''your''' computer and that means '''you''' are fully responsible for securing them. The bitcoin ecosystem is still very young and unfortunately no user friendly tools for creating highly secure wallets have been developed yet (though some members of the Bitcoin community are [http://forum.bitcoin.org/?topic=7357.0 working hard at this]).<br />
<br />
== How to deposit funds ==<br />
<br />
# Set up a [http://www.wuala.com/en/bitcoin Wuala] account, or other cloud backup service of your choice.<br />
# Create a strong and unique password offline (manually). This password should be at least 20 characters long; it should contain numbers, upper and lower case letters, and symbols. It should be as random as possible, ie it should look something like this: Zr%8qL03&cvwS9@05AatdP71. Never use this password elsewhere. <br />
# '''Do not forget this password'''. Recite it several times a day. It is easy to overestimate your ability to remember a password several months in the future. To be on the safe side, write it down and store the piece of paper in a safety deposit box.<br />
# Download [http://www.bitcoin.org/ Bitcoin Linux binary] and save it on a USB drive.<br />
# Shut down your computer, and boot [http://www.ubuntu.com/ Ubuntu] (or Linux distribution of you choice) from a [http://www.ubuntu.com/download/ubuntu/download liveCD]. This will not affect your current operating system. <br />
# '''Disconnect machine from the internet'''. Unplug any network cables and disable wireless. Verify that wireless is disabled in the icon on the upper right corner (Ubuntu). Double check that machine is disconnected by opening the web browser.<br />
# Run bitcoin while disconnected to the internet. The client will show 0 connections and 0 blocks, but it will still generate a wallet.dat file and a bitcoin address. <br />
# Encrypt your wallet using the strong and unique password from step 2 above. (Bitcoin Client > Settings > Encrypt wallet)<br />
# Copy wallet.dat (found in hidden folder .bitcoin in your home directory) to USB drive.<br />
# Save bitcoin address to a text file and copy it to USB drive.<br />
# Shut down system and turn off computer. Before switching your computer on again, remove all power sources for about 1 minute. Physically remove battery from laptop.<br />
# Backup encrypted wallet.dat file in several places: <br />
#*Send it to your 5 best friends by email attachment and ask them to save it for you.<br />
#*Save it on your Wuala account created in step 1.<br />
#*Save it on several USB drives and CDs and store them in different geographic locations.<br />
#Send bitcoins to the address saved on the USB drive. Double check in the [[Bitcoin Block Explorer|block explorer]] that they have been sent.<br />
<br />
==How to retrieve funds ==<br />
<br />
#Boot from Ubuntu liveCD, as in step 5 above. <br />
#Insert USB drive.<br />
#Run bitcoin client and close it again.<br />
#Replace wallet.dat in ~/.bitcoin directory with wallet.dat from USB drive.<br />
#Connect to the internet.<br />
#Restart bitcoin client.<br />
#Wait for blocks to download (optional).<br />
#Send bitcoins.<br />
<br />
==Notes==<br />
<br />
*This procedure is only secure if you perform steps 1-13 in this '''exact order'''.<br />
<br />
*If your non-technical user that can't perform steps above, try using services like [[BitAddress]] or [[OfflineAddress]] to generate paper wallets (read below).<br />
<br />
*Perform one or two trial runs of the above procedure with a few bitcents, and make sure that you know how to successfully retrieve them, before making a bulk transfer.<br />
<br />
*Every time you retrieve bitcoins from your savings wallet, create a fresh savings wallet by repeating the above procedure, and send all your remaining savings balance there.<br />
<br />
*There is more than one way to do it. Similar procedures have been suggested on the forums [http://forum.bitcoin.org/index.php?topic=17240.0 here] and [http://forum.bitcoin.org/?topic=5194.0 here].<br />
<br />
*Beware that even savings wallets have limited lifetimes. New, backwards incompatible versions of bitcoin might come out in future, [http://en.wikipedia.org/wiki/Advanced_Encryption_Standard AES] might be broken, [http://en.wikipedia.org/wiki/Bit_rot bit rot] might destroy your wallets, etc. Update to fresh savings wallets every couple of years, or as needed.<br />
<br />
* See [[How to import private keys]] for an alternative way of retrieve your coins.<br />
<br />
==Alternatives ==<br />
<br />
[[Paper wallet|'''Paper wallets''']] can also be used to create offline bitcoin savings accounts. While paper wallets are much easier to generate, they are not generally encrypted which means you cannot guard against accidental loss by distributing copies to online services and friends. Instead, paper wallets must be kept safe like jewels or cash. Looking forward, support for [[BIP 0038|BIP-38]] encryption is growing fast and it is expected that paper wallet generators will soon include options for generating ''encrypted paper wallets'' that can be duplicated and widely distributed for safekeeping. <br />
<br />
==See Also==<br />
<br />
* [[Cold storage]]<br />
* [http://codinginmysleep.com/bitcoin-cold-storage-in-plain-english Bitcoin Cold Storage In Plain English] by David Perry<br />
<br />
[[Category:Instructional]]<br />
[[Category:Security]]</div>Mikewoodshttps://en.bitcoin.it/w/index.php?title=Cold_storage&diff=43777Cold storage2014-01-17T19:11:51Z<p>Mikewoods: /* See also */</p>
<hr />
<div>'''Cold storage''' in the context of Bitcoin refers to keeping a reserve of Bitcoins offline.<br />
<br />
For example, a Bitcoin exchange typically offers an instant withdrawal feature, and might be a steward over hundreds of thousands of Bitcoins. To minimize the possibility that an intruder could steal the entire reserve in a security breach, the operator of the website follows a best practice by keeping the majority of the reserve in ''cold storage'', or in other words, not present on the web server or any other computer. The only amount kept on the server is the amount needed to cover anticipated withdrawals.<br />
<br />
Methods of cold storage include keeping bitcoins:<br />
* On a USB drive or other data storage medium in a safe place (e.g. safety deposit box, safe)<br />
* On a [[paper wallet]]<br />
* On a bearer item such as a [[physical bitcoin]].<br />
* Online, but on encrypted media where the encryption key is offline.<br />
* Use a offline Bitcoin [[Hardware wallet]] (So far only [http://www.pi-wallet.com/products/pi-wallet Pi-Wallet] is operational.)<br />
<br />
'''Deep cold storage''' refers to keeping a reserve of Bitcoins offline, using a method that makes retrieving coins from storage significantly more difficult than sending them there. This could be done for safety's sake, such as to prevent theft or robbery.<br />
<br />
Because Bitcoins can be sent to a wallet by anyone knowing the wallet address, it is trivial to put a wallet in cold storage but to keep a copy of the addresses needed to send funds to it.<br />
<br />
A simple example of deep cold storage is opening a safety deposit box and putting a USB stick containing an encrypted wallet file in it. The public (sending) addresses can be used any time to send additional bitcoins to the wallet, but spending the bitcoins would require physical access to the box (in addition to knowledge of the encryption password).<br />
<br />
Deep cold storage would typically be used for holding large amounts of bitcoins, or for a trustee holding bitcoins on behalf of others. In such a case, additional precautions should be taken beyond a simple example of a single safety deposit box.<br />
* The box could be accessed by bank or maintenance personnel, so the contents of the box alone should not be sufficient to access the wallet.<br />
* The box could be stolen or destroyed in a disaster, or the media could become unreadable, so the box should not contain the only copy of the wallet.<br />
* The trustee could die or become incapacitated. If access to the wallet or knowledge of its location is lost, or encryption passwords are lost, the bitcoins are gone forever. Provisions should be made so that the box can be accessed by someone else as appropriate, including any encryption passwords.<br />
<br />
== See also ==<br />
* [[How to import private keys]]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [http://codinginmysleep.com/bitcoin-cold-storage-in-plain-english Bitcoin Cold Storage In Plain English] by David Perry<br />
* [https://blockchain.info/wallet/paper-tutorial Paper Wallet Tutorial] blockchain.info<br />
* [http://www.offlineaddress.com/?site=about#security-risk Security of private key] offlineaddress.com<br />
[[Category:Introduction]]<br />
[[Category:Security]]</div>Mikewoodshttps://en.bitcoin.it/w/index.php?title=OfflineAddress&diff=43775OfflineAddress2014-01-17T09:55:19Z<p>Mikewoods: </p>
<hr />
<div>[http://www.offlineaddress.com OfflineAddress.com] can be used to generate offline Bitcoin addresses with maximum possible entropy (making them as secure as possible).<br />
Private keys used to generate addresses are constructed from truly random numbers provided from user's mouse movements.<br />
<br />
Generated addresses can be printed and used as paper wallets or for secure offline storage.<br />
<br />
== Motivation and security ==<br />
* Easy to use service capable of providing maximum security for non-technical users.<br />
* Open Source JavaScript implementation which supports HTML5 caching - so that user needs to load the site just once.<br />
* Service is capable of producing private keys with maximum entropy.<br />
* Runs only in user's browser and never sends private keys to the internet.<br />
* Service can be used offline and always warns the user if he's attempting to generate Bitcoin addresses while being connected to the internet.<br />
* Hints how to be even more secure can be found [http://www.offlineaddress.com/?site=about here]<br />
<br />
<br />
==External Links==<br />
<br />
* [http://www.offlineaddress.com OfflineAddress] web site.<br />
* [https://bitcointalk.org/index.php?topic=399452.0;all Forum discussion]<br />
<br />
[[Category:Tools]]</div>Mikewoodshttps://en.bitcoin.it/w/index.php?title=OfflineAddress&diff=43774OfflineAddress2014-01-17T09:03:37Z<p>Mikewoods: </p>
<hr />
<div>[http://www.offlineaddress.com OfflineAddress.com] can be used to generate offline Bitcoin addresses with maximum possible entropy (making them as secure as possible).<br />
Private keys used to generate addresses are constructed from truly random numbers provided from user's mouse movements.<br />
<br />
Generated addresses can be printed and used as paper wallets or for secure offline storage.<br />
<br />
== Motivation and security ==<br />
* Easy to use service capable of providing maximum security for non-technical users.<br />
* Open Source JavaScript implementation which supports HTML5 caching - so that user needs to load the site just once.<br />
* Service is capable of producing private keys with maximum entropy.<br />
* Runs purely in user's browser and never sends private keys to the internet.<br />
* Service can be used offline and always warns the user if he's attempting to generate Bitcoin addresses while being connected to the internet.<br />
* Hints how to be even more secure can be found [http://www.offlineaddress.com/?site=about here]<br />
<br />
<br />
==External Links==<br />
<br />
* [http://www.offlineaddress.com OfflineAddress] web site.<br />
* [https://bitcointalk.org/index.php?topic=399452.0;all Forum discussion]<br />
<br />
[[Category:Tools]]</div>Mikewoodshttps://en.bitcoin.it/w/index.php?title=Securing_your_wallet&diff=43773Securing your wallet2014-01-17T09:01:49Z<p>Mikewoods: /* Paper Wallets */</p>
<hr />
<div>==Introduction==<br />
<br />
Wallet security can be broken down into two independent goals:<br />
# Protecting your wallet against loss.<br />
# Protecting your wallet against theft.<br />
<br />
In the case that your current wallet hasn't been protected adequately (e.g. put online with a weaker password):<br />
# Making a new secure wallet, using appropriate long-term protection.<br />
<br />
''For a brief overview see also: [[Wallet Security Dos and Don'ts|Wallet Security Dos and Don'ts]]''<br />
<br />
==Paper Wallets==<br />
[[Paper wallet]]s are a fairly simple way to store your bitcoins independent of a computer. When generated securely and stored on paper, or other offline storage media, a paper wallet decreases the chances of your bitcoins being stolen by hackers, or computer viruses.<br />
<br />
With each entry on a paper wallet, you are securing a sequence of secret numbers that is used to prove your right to spend the bitcoins assigned to one of your addresses. This secret number, called a [[private key]], is most commonly written as a sequence of fifty-one alphanumeric characters, beginning with a '5'.<br />
<br />
One way you can create a paper wallet is by visiting the [[BitAddress|BitAddress.org]], [[OfflineAddress|OfflineAddress.com]] or [[BitcoinPaperWallet|BitcoinPaperWallet.com]] websites. These websites feature a free client-side paper wallet generator written in JavaScript. The HTML for these generators can be downloaded from GitHub and used on an offline computer. Using these generators online by directly connecting to their websites is relatively safe for storing smaller amounts of bitcoin, but extra precautions should be taken to ensure that keys are not compromised by spyware that may be monitoring browser activity. Blockchain.info offers a [https://blockchain.info/wallet/paper-tutorial tutorial on how to generate a paper wallet] with an online component so you can check your balance easily.<br />
<br />
To generate a safer paper wallet, first save the paper wallet generating code to a newly-formatted USB stick. Then "clean-boot" your computer with a bootable CD (such as a Linux Live CD) ''while disconnected from the Internet''. Disconnecting from the Internet guarantees that that the paper wallet generator is truly self-contained and isn't communicating with an online service. Then insert the USB stick and open the wallet generator's HTML file from the web browser. Print your paper wallets or store them on external media (do not save them on the computer), and then shut down the computer. You may need to load an appropriate printer driver in order to print while booted from the live CD.<br />
<br />
A paper wallet includes at least one public bitcoin address and its corresponding private key. You can send bitcoins to the public address and they will be inaccessible until the private key is imported into a wallet. As of version 0.6.0, the bitcoin QT software has a command line feature called "importprivkey" that can load private keys. Online exchanges and wallets such as [[MtGox]], CoinBase and Blockchain.info have features for importing (or "sweeping") private keys as well.<br />
<br />
Remember, spyware and viruses often attempt to monitor your computer activities so that their authors can steal from you. They are interested in passwords to online accounts, and anything of value. Bitcoin wallets and private keys are something of value that have already been targeted by malware. Paper wallets isolate you from much of this risk.<br />
<br />
If your computer is infected with spyware or viruses - even if there are no symptoms, or your antivirus isn't reporting anything - then anything you type, view, or save on your computer, could potentially be stolen by someone remotely controlling your computer. Your private key can then be intercepted while you enter it, so only enter a Bitcoin private key into your computer when your intent is to redeem its value ''immediately''.<br />
<br />
== Hardware wallets ==<br />
[[Hardware wallet]]s are a major effort to provide a good combination of enhanced security and usability.<br />
<br />
So far only [http://www.pi-wallet.com/ Pi Wallet] is operational.<br />
<br />
==Importance of security updates==<br />
<br />
No software is perfect, and from time to time there may be security vulnerabilities found in your Bitcoin client as well.<br />
Be sure you keep your client updated with the latest bug fixes, especially when a new vulnerability is discovered.<br />
We maintain a [[CVEs|list a known vulnerabilities]] on this wiki - you can watch that page to get updates.<br />
Note that you ''don't'' need to be running the latest major client version: some clients, including the popular Bitcoin-Qt, have older versions available with bugfix-only updates.<br />
<br />
==Securing the Bitcoin-QT or bitcoind wallet==<br />
<br />
Bitcoin transactions send Bitcoins to a specific public key. A Bitcoin address is an encoded hash of a public key. In order to use received Bitcoins, you need to have the private key matching the public key you received with. This is sort of like a super long password associated with an account (the account is the public key). Your Bitcoin wallet contains all of the private keys necessary for spending your received transactions. If you delete your wallet without a backup, then you no longer have the authorization information necessary to claim your coins, and the coins associated with those keys are lost forever.<br />
<br />
The wallet contains a pool of queued keys. By default there are 100 keys in the [[key pool]]. The size of the pool is configurable using the "-keypool" command line argument. When you need an address for whatever reason (send, “new address”, generation, etc.), the key is not actually generated freshly, but taken from this pool. A brand new address is generated to fill the pool back to 100. So when a backup is first created, it has all of your old keys plus 100 unused keys. After sending a transaction, it has 99 unused keys. After a total of 100 new-key actions, you will start using keys that are not in your backup. Since the backup does not have the private keys necessary for authorizing spends of these coins, restoring from the old backup will cause you to lose Bitcoins.<br />
<br />
Creating a new address generates a new pair of public and private keys, which are added to your wallet. Each keypair is mostly random numbers, so they cannot be known prior to generation. If you backup your wallet and then create more than 100 new addresses, the keypair associated with the newest addresses will not be in the old wallet because the new keypairs are only known after creating them. Any coins received at these addresses will be lost if you restore from the backup.<br />
<br />
The situation is made somewhat more confusing because the receiving addresses shown in the UI are not the only keys in your wallet. Each Bitcoin generation is given a new public key, and, more importantly, each sent transaction also sends some number of Bitcoins back to yourself at a new key. When sending Bitcoins to anyone, you generate a new keypair for yourself and simultaneously send Bitcoins to your new public key and the actual recipient's public key. This is an anonymity feature – it makes tracking Bitcoin transactions much more difficult.<br />
<br />
So if you create a backup, do more than 100 things that cause a new key to be used, and then restore from the backup, some Bitcoins will be lost. Bitcoin has not deleted any keys (keys are never deleted) – it has created a new key that is not in your old backup and then sent Bitcoins to it.<br />
<br />
== Making a new wallet ==<br />
<br />
If a wallet or an encrypted wallet's password has been compromised, it is wise to create a new wallet and transfer the full balance of bitcoins to addresses contained only in the newly created wallet. Examples of ways a wallet may be compromised are through password re-use, minimal strength passwords, computer hack or virus attack.<br />
<br />
There are a number of ways to create a new wallet with Bitcoin-QT or bitcoind but this is a process that has been tested with bitcoind 0.6.3. We use the copy command to minimize the chance of any data loss but you are warned to make backups of any wallet.dat that holds a balance for you.<br />
<br />
:1. Shut down the Bitcoin program.<br />
:2. Find and make a backup of the "compromised" wallet.dat file and rename it, perhaps adding a short description:<br />
:::wallet.dat -> wallet-compromised.dat<br />
:Depending on your OS, the wallet file will be located at:<br />
:::Windows: %APPDATA%\Bitcoin\<br />
:::Linux: ~/.bitcoin/<br />
:::Mac: ~/Library/Application Support/Bitcoin/<br />
:3. Start the Bitcoin program and it will create a new wallet.dat. You may then encrypt the wallet as desired and make a new backup.<br />
:4. Once you've made a new wallet, you can obtain one or more addresses and copy them into a text editor. After obtaining the new address(es), shut down the Bitcoin program, make a backup of the new wallet.dat file and copy it to a new file named wallet-new.dat.<br />
:5. Copy the wallet-compromised.dat file back to wallet.dat, start the Bitcoin program and transfer your balance to the new address(es) you put in your text editor. Once the balance is back to 0 for your compromised wallet, you may want to wait a couple minutes or for a confirmation or check block explorer to be sure the transactions have been broadcasted. Then you may shut down the Bitcoin program.<br />
:6. Rename wallet.dat to wallet-compromised.dat. <br />
:7. Rename wallet-new.dat to wallet.dat.<br />
<br />
You should now have a new wallet with all the bitcoins from the old wallet.<br />
<br />
==Making a secure workspace==<br />
<br />
If you are using your computer to handle bitcoins, a wallet, Bitcoin-related passwords, or Bitcoin private keys, you must take care that the system is free of malware, viruses, keyloggers, remote access tools, and other tools that may be used to make remote copies of any of the above. In the case that your computer is compromised, the precautions taken below may provide additional protection.<br />
<br />
===Debian-based Linux===<br />
<br />
The first step is to make a [http://www.howtogeek.com/howto/ubuntu/add-a-user-on-ubuntu-server/ new user]. In order for that new user to have an encrypted home directory, you'll first need the encryption utility. Run:<br />
<br />
<code>sudo apt-get install ecryptfs-utils</code><br />
<br />
Now you're ready to create a new user<br />
<br />
<code>sudo adduser --encrypt-home new_user_name</code><br />
<br />
You'll need to come up with a [[#Choosing_A_Strong_Password|secure]] new password for that user.<br />
<br />
When you get to the prompt 'Enter the new value, or press ENTER for the default', just keep hitting ENTER.<br />
<br />
Then switch user to the new user. To get to the new user you can use the switch user icon for your system, which on Ubuntu is in the 'System/Quit' screen, or if there is no switch icon on your system you can log out and log back in as the new user.<br />
<br />
Since the home folder of this user is encrypted, if you're not logged in as that user, data that is saved there can't be browsed, even by a root user. If something goes wrong with your system, and you need to decrypt the new user's files, you'll need its decryption key.<br />
<br />
<code>ecryptfs-unwrap-passphrase</code><br />
<br />
It will ask you for your user's password and give you the decryption key. '''WRITE DOWN OR SAVE THE CODE IT RETURNS''' because you will need it if you ever have to pull your data off while the OS is not working. (You can run it again later if you need to, but run it now so that you can get your data if your Linux install gets botched.)<br />
<br />
The encrypted folder data is not encrypted while it's in memory, and so if it's ever sent to the swap partition it can be stolen from there unless that too is encrypted - be aware that this will mean you cannot use Hibernate anymore, as the bootloader won't be able to restore the hibernation data.<br />
<br />
<code>ecryptfs-setup-swap</code><br />
<br />
Then click on a folder in the new user to display the file browser, then keep going up folders until you see the new user home directory, then right click to bring up the Properties dialog, then click on the Permissions tab, then in the Others section, set the folder access to None.<br />
<br />
For secure browsing, open Firefox, and then go into the Edit menu and click Preferences. Starting from the left, click on the General tab, and in the 'Startup/When Firefox starts' pop up menu, choose 'Show a Blank Page'. Then click on the Content tab, and deselect 'Load images automatically' and deselect 'Enable JavaScript'. Then click on the Privacy tab, and in the 'History/Firefox will' pop up menu, choose 'Never remember history'. Then click on the Security tab, and in the Passwords section, deselect 'Remember passwords for sites' and deselect 'Use a master password'. Then click on the Advanced tab, then click on the Update tab, and then in the 'Automatically check for updates to' section, deselect 'Add-ons' and 'Search Engines'.<br />
<br />
When JavaScript is disabled, the [http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.23/bitcoin-0.3.23-linux.tar.gz/download Linux download page] will not download automatically, so you'll have to click on the 'direct link' part of the "Problems with the download? Please use this 'direct link' or try another mirror." line.<br />
<br />
===Mac===<br />
This solution '''does not scale'''; the amount of needed space can grow beyond the image size.<br />
<br />
===Windows===<br />
<br />
Due to the frequency with which Windows computers are compromised, it is advised to encrypt your wallet or to keep your wallet on an encrypted disk image created by third-party software, such as [http://www.truecrypt.org/ TrueCrypt] (open source) or [http://www.jetico.com/encryption-bestcrypt/ Jetico BestCrypt] (commercial). This also applies to the storage of passwords, private keys and other data that can be used to access any of your Bitcoin balances.<br />
<br />
Assuming that you have installed the Windows Bitcoin client and run it at least once, the process is described below.<br />
<br />
<p><b>To mount the Bitcoin data directory on an encrypted drive</b></p><br />
<ol start=1 type=1><br />
<li>Use the third-party disk image encryption program of your choice to create and mount an encrypted disk image of at least 5GB in size. This procedure stores the entire block chain database with the wallet.dat file so the required size of the encrypted disk image required may grow in the future.</li><br />
<li>Locate the Bitcoin data directory, and copy the directory with all contents to the encrypted drive.<br />
<p>For help finding this directory, see <b>[[Securing_your_wallet#Locating_Bitcoin_s_data_directory|Locating Bitcoin's Data Directory]]</b>.</p></li><br />
<li>Create a Windows shortcut that starts Bitcoin with the <code>-datadir</code> parameter and specifies the encrypted drive and directory.<br />
<p>For example, if you installed Bitcoin in the default directory, mounted your Bitcoin encrypted drive as <code>E:\</code>, and stored your Bitcoin data directory on it as <code>Bitcoin</code>, you would type the following command as the shortcut Target:</p><br />
<blockquote><code>C:\Program Files\Bitcoin\bitcoin.exe -datadir=E:\Bitcoin</code></blockquote></li><br />
<li>Open Bitcoin's settings and configure it <b>NOT</b> to start automatically when you start Windows.<br />
<p>This is to allow you to mount the Bitcoin encrypted disk image before starting Bitcoin.</p></li><br />
<li>Shut down Bitcoin, and then restart it from the new shortcut.</li><br />
</ol><br />
<br />
After doing this, any time you want to use Bitcoin, you must first mount the Bitcoin encrypted disk image using the same drive designation, and then run Bitcoin from the shortcut that you created, so that it can find its data and your wallet.<br />
<br />
<br />
=== General Solutions ===<br />
<br />
Your wallet.dat file is not encrypted by the Bitcoin program by default but the most current release of the Bitcoin client provides a method to encrypt with a passphrase the private keys stored in the wallet. Anyone who can access an unencrypted wallet can easily steal all of your coins. Use one of these encryption programs if there is any chance someone might gain access to your wallet.<br />
* [http://www.7-zip.org/ 7-zip] - Supports strongly-encrypted archives.<br />
* [http://www.axantum.com/axcrypt/ AxCrypt by Axantum]<br />
* [http://lrzip.kolivas.org lrzip] - Compression software for Linux and OSX that supports very high grade password protected encryption<br />
* [http://www.truecrypt.org/ TrueCrypt] - Volume-based on-the-fly encryption (for advanced users)<br />
<br />
There is also a list of [[OpenSourceEncryptionSoftware|open source encryption software.]]<br />
<br />
Decrypting and encrypting the wallet.dat every time you start or quit the Bitcoin client can be ''tedious'' (and outright error-prone). If you want to keep your wallet encrypted (except while you're actually running the Bitcoin client), it's better to relegate the automation to a [http://lorelei.kaverit.org/bitcoin.sh small shell script] that handles the en/decryption and starting up Bitcoin client for you (Linux and OSX). <br />
<br />
There is also a method to print out and encrypt your wallet.dat as a special, scannable code. See details here: [[WalletPaperbackup]]<br />
<br />
==== Password Strength ====<br />
Brute-force password cracking has come a long way. A password including capitals, numbers, and special characters with a length of 8 characters can be trivially solved now (using appropriate hardware). The recommended length is '''at least''' 12 characters long. You can also use a multi-word password and there are techniques to increase the strength of your passwords without sacrificing usability. [http://www.baekdal.com/tips/password-security-usability The Usability of Passwords] <br />
<br />
However, simply using dictionary words is also insecure as it opens you up to a dictionary attack. If you use dictionary words, be sure to include random symbols and numbers in the mix as well.<br />
<br />
If you use keyfiles in addition to a password, it is unlikely that your encrypted file can ever be cracked using brute-force methods, even when even a 12 character password might be too short.<br />
<br />
Assume that any encrypted files you store online (eg. Gmail, Dropbox) will be stored somewhere forever and can never be erased.<br />
<br />
===== Choosing A Strong Password =====<br />
Make sure you pick at least one character in each group:<br /><br />
<br />
Lowercase: abcdefghijklmnopqrstuvwxyz<br />
Uppercase: ABCDEFGHIJKLMNOPQRSTUVWXYZ<br />
Number: 1234567890<br />
Symbol: `~!@#$%^&*()-_=+\|[{]};:'",<.>/? (space)<br />
<br />
<9 char = unsuitable for use<br />
09 char = insecure<br />
10 char = low security<br />
11 char = medium security<br />
12 char = good security (good enough for your wallet)<br />
13 char = very good, enough for anything.<br />
<br />
You might want to read [http://security.stackexchange.com/questions/662/what-is-your-way-to-create-good-passwords-that-can-actually-be-remembered What is your way to create good passwords that can actually be remembered?] and [http://security.stackexchange.com/questions/6095/xkcd-936-short-complex-password-or-long-dictionary-passphrase XKCD #936: Short complex password, or long dictionary passphrase?]<br />
<br />
== Backing up your wallet ==<br />
See [[Backingup_your_wallet|Backing up your wallet]].<br />
<br />
==Erasing Plain-text Wallets==<br />
<br />
In most operating systems, including Windows, Linux, and Mac OS X, simply deleting a wallet.dat file will ''not'' generally destroy it. It is likely that advanced tools can still be used to recover the wallet.dat file, even after it has been deleted.<br />
<br />
The Linux '''shred''' command can be used to overwrite the wallet file with random data prior to deleting; this particular copy of the file will then be practically impossible to recover. Using shred (and similar tools on Windows) however does not guarantee that still other copies don't exist somewhere hidden on your HD. That will depend on your system configuration and what packages you have installed. Some system restore and backup tools, for instance, create periodic snapshots of your filesystem, duplicating your wallet.dat.<br />
<br />
In Mac OS, the equivalent of '''shred''' is '''srm''' (introduced in Leopard). Using the Finder to remove files, clicking "Secure Empty Trash" in the Finder menu will shred the contents of the trash can. As with any OS this doesn't guarantee that there are not other copies elsewhere on your system.<br />
<br />
For Windows, the built-in command ''cipher /W'' will shred all previously-deleted files. [http://www.cylog.org/utilities/cybershredder.jsp CyberShredder] can securely deleted individual files.<br />
<br />
==Online and Mobile Wallets==<br />
<br />
Thus far, this article has been discussing the security of a wallet file for Bitcoin-QT or bitcoind that is under your sole control. Additional wallets applications and services have become available that offer other features and more convenience but not without introducing additional risk. When storing bitcoins with an [[eWallet]] such as Instawallet or Easywallet, you are essentially storing your private keys or wallet with that provider. <br />
<br />
Online wallets have a number of pros and cons to consider. For example, you can access your wallet on any computer in the world, but depending on the service, your bitcoins may be lost if the service is compromised. <br />
<br />
Mobile wallet applications are available for Android devices that allow you to send bitcoins by QR code or NFC, but this opens up the possibility of loss if mobile device is compromised. It may be possible to encrypt and backup the wallet or private keys on a mobile device but it is not advisable to store a large amount of bitcoins there without doing your own research and testing.<br />
<br />
==See Also==<br />
<br />
* [[Data directory]]<br />
* [[How to import private keys]]<br />
* [http://startbitcoin.com/how-to-create-a-secure-bitcoin-wallet/ Secure Bitcoin Wallet Tutorial]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [http://arimaa.com/bitcoin/ Bitcoin Gateway - A Peer-to-peer Bitcoin Vault and Payment Network]<br />
* [http://blog.cyplo.net/2012/04/01/bitcoin-wallet-recovery-photorec/ Find lost wallet eg. after disk format, using Photorec]<br />
<br />
[[Category:Security]]<br />
<br />
[[de:Sichere deine Geldbörse]]<br />
[[ru:Bitcoin и безопасность]]<br />
[[es:Cómo asegurar su monedero]]<br />
[[zh-cn:保护你的钱包]]</div>Mikewoodshttps://en.bitcoin.it/w/index.php?title=OfflineAddress&diff=43772OfflineAddress2014-01-17T08:51:02Z<p>Mikewoods: Created page with "[http://www.offlineaddress.com OfflineAddress.com] can be used to generate offline Bitcoin addresses with maximum possible entropy (making them as secure as possible). Private..."</p>
<hr />
<div>[http://www.offlineaddress.com OfflineAddress.com] can be used to generate offline Bitcoin addresses with maximum possible entropy (making them as secure as possible).<br />
Private keys used to generate addresses are constructed from truly random numbers provided from user's mouse movements.<br />
<br />
Generated addresses can be printed and used as paper wallets or for secure offline storage.<br />
<br />
== Motivation and security ==<br />
* Easy to use service capable of providing maximum security for non-technical users.<br />
* Open Source JavaScript implementation which supports HTML5 caching - so that user needs to load the site just once.<br />
* Service is capable of producing private keys with maximum entropy.<br />
* Runs purely in user's browser and never sends private keys to the internet.<br />
* Service can be used offline and always warns the user if he's attempting to generate Bitcoin addresses while being connected to the internet.<br />
<br />
==External Links==<br />
<br />
* [http://www.offlineaddress.com OfflineAddress] web site.<br />
* [https://bitcointalk.org/index.php?topic=399452.0;all Forum discussion]<br />
<br />
[[Category:Tools]]</div>Mikewoodshttps://en.bitcoin.it/w/index.php?title=User_talk:Mikewoods&diff=43771User talk:Mikewoods2014-01-17T08:14:47Z<p>Mikewoods: Created page with "I'm author of OfflineAddress.com (see this discussion: https://bitcointalk.org/index.php?topic=399452.0;all). Feel free to email me at mikewoodsmax_gmail_com"</p>
<hr />
<div>I'm author of OfflineAddress.com (see this discussion: https://bitcointalk.org/index.php?topic=399452.0;all).<br />
Feel free to email me at mikewoodsmax_gmail_com</div>Mikewoods