Learning how to protect your bitcoins from theft and loss

snafui
By snafui on Fri, Mar 8, 2013 - 8:27am

I'm a bitcoin newb and not totally sold on it so I've been trying to research the issues important to me and hope others get value from what I share along the way..

I've been looking into the issue of privacy, theft, and backups and it has been fascinating. To get going on the bitcoin scene one needs to convert fiat into bitcoins somehow. The way I chose was to use an online wallet service called coinbase, though there are plenty out there such as mtgox. They take 1% as a transaction fee and link your checking acct to your online wallet (or you send them money orders, etc). Online wallets give you the ease of use of a system like paypal, especially if you are a business owner looking to accept bitcoins as payment on a website (like CM could accept donation for PP via bitcoins if he chose).

From my reading though, it has typically been these online services that have been your major risk. They have been hacked, gone offline, lost large numbers of bitcoins and had to promise to repay, etc. And in the case of online wallets you do not own the private key. If anyone is familiar with PGP, SSH, or any other public/private key encryption, owning the private key is how you verify your identity. If your private key is lost, you lose all ability to claim those bitcoins as yours. They literally disappear from the system as unusable for ever after. To use an online wallet site, you only own your username and password and have to trust the site for your security. 

Online wallets sound scary but I think this is where the strength of bitcoin comes in. You can download the bitcoin program to your local PC/Mac/Whatever which gives you a private, local wallet (and your own private key pair). You can then transfer any wealth you've attained from the online wallet to your local wallet for safe storage.

So, in the scenario I've setup there's an online wallet that acts as probably your primary in/out conduit. It's your exchange between fiat and bitcoins and it's your primary interface for handling transactions with customers if you own a business. But it's inherently untrustworthy, so you transfer the bulk of your accumulated coins to your local wallet for safe keeping. But what if your local computer gets hacked, dies of old age, melts in a fire, or is stolen?

There are many ways to deal with this. The newest version of the bitcoin client has a way to encrypt the data file (wallet.dat) on your computer. This theoretically should prevent someone from just copying your wallet.dat off of your computer and having access to your funds. Now with theft covered you then need to backup that wallet.dat. Keep in mind what you are backing up isn't literally coins, it's private keys that allow you to claim your coins. And in fact the wallet.dat doesn't just have one private key but a hundred or more that belong to you. Here's where things get tricky to understand. As a bitcoinian you don't just have a single private/public key pair (the public key is the address you tell people to send money to when you want to get paid in bitcoins). You probably have a primary key pair, but you can create as many as you want on the fly. It's like having the ability (if you choose to) to give every person you meet a different email address to contact you by but they all come back to you in the end. Like if I meet Bob I can say to Bob my email address is [email protected] and when I meet Jane I can give her [email protected] and when they both email me at those respective addresses it comes into my main account. Your bitcoin wallet contains 100 address to use initially. When you initially back up your wallet.dat, you are backing up 100 key pairs. Every time you hand one out for use, a new one is generated. So here's the tricky part... when you backup your wallet.dat, you are backing up 100 (or more) private keys. So you only need to backup your wallet.dat again when you hand out your 101st key. Another important note is the timing of the backup. You want to backup your wallet as soon as its generated, not when you get your first coins. The amount of coins that belong to you is inconsequential to the wallet.dat, remember the wallet.dat is your claim to the coins in the system. So backing it up immediately upon creation is your safest bet to preserving those 100 intial claims. Also keep in mind you don't use a new address for each transaction (though you may). So my understanding is if you always use your main key for all transactions, you never have to backup your wallet again. I hope I'm correct in that and would love it if someone points out if I'm wrong here.

Now how to back it up. The easiest way is copy your wallet.dat to a usb flash drive and store in a firesafe box or safe deposit box (if you trust those). There are also instructions online for how to literally print your private keys onto paper so you can restore them by hand if needed. Or you can dump your encrypted wallet.dat onto a service like Google Drive or Dropbox if you trust those. Ideally, you'd do at least 2 of these methods. Notice this has all been about backing up your local wallet installed on your home computer. The online service needs none of this, in fact you actually can't back it up in any way. You are entirely trusting that their service is up, safe, untampered with, and your username/password combo still grants you access to login.

Well, that's about all I know so far about security and backup. I hope this was useful.

5 Comments

Jim H's picture
Jim H
Status: Diamond Member (Offline)
Joined: Jun 8 2009
Posts: 2379
Thank you Snafui

Your computer expertise is very much appreciated.  I had read about online wallets vs locally held (on your own computer) wallets.. .but I had never thought of using both in concert the way you are proposing.. and I think your proposal makes perfect sense;  the online wallet just acting as a buffer with a small inventory of one's Bitcoin for immediate transactions, the local, backed up wallet acting as the more secure store of one's accumulated Bitcoin.  

Please keep the ideas and commentary coming!    

 

snafui's picture
snafui
Status: Member (Offline)
Joined: Jan 17 2013
Posts: 11
tested the restore procedure

Hey there, I just wanted to do a follow up on what I had written about losing your wallet.dat and the restore procedure. The gist of what I wrote was that the wallet.dat does not actually _contain_ bitcoins, it's merely your key to lay claim to the bitcoins marked as yours on the distributed network. This is important because this means you can backup your wallet.dat on Jan 1st, have bitcoins transfered to you on Feb 1st, have computer problems on March 1st which deletes your wallet.dat, restore the wallet.dat from the Jan 1st backup, and you still have all your bitcoins.

I feel uneasy writing about how something should work without confirming it so I performed a test. I backed up my wallet.dat to a USB drive, transfered coins in, wiped out the wallet.dat on my computer, and restored from the backup that was taken before the transfer. My coins were still there, assigned to me as they should be. I hope this has proved useful and if anyone has done the same or has had different results I'd love to hear about it.

Disclaimer: Since writting the original post on this I'm now the proud owner of a single bitcoin. As I said originally I'm not a true believer in the system as a replacement for any sort of financial security or store of wealth but I wanted to put a little cash on the line to do my own experimenting and analysis for the fun of it.

Jim H's picture
Jim H
Status: Diamond Member (Offline)
Joined: Jun 8 2009
Posts: 2379
Cool experiment Snafui

As I understand it, you were essentially trusting that the integrity of the history of your Bitcoin transaction would remain in place out there in the Bitcoin network DNA sequence (aka blockchain)... and it did.  Very cool. 

As well, you may not have checked the price in the last few hours.. but we are trading at $65 right now.  That one Bitcoin will probably be the best performing (on a % basis) investment you have ever made   : )

snafui's picture
snafui
Status: Member (Offline)
Joined: Jan 17 2013
Posts: 11
That's exactly right, the

That's exactly right, the transaction history is distributed and your wallet.dat is just the key to proving you're the recipient of the transaction. I just needed to see it in action to make sure I understood that correctly.

And yeah, that lowly bitcoin has come along way in a very short amount of time. I would have to assume Cyprus fear is driving the recent gains.

mammamia's picture
mammamia
Status: Bronze Member (Offline)
Joined: Nov 9 2011
Posts: 33
How many bitcoins you should have?

Let's make some calculations, there will be 21 million bitcoins, in total.

Now the size of all the transaction are about 1 trillion dollars a day. If this was all happening in bitcoins it meant that each bitcoin would be worth 47600 dollars. This means that if all my money was worth 0, and all my bitcoins was all I had, and we have moved to bitcoins, I now have the equivalent of now having 250000 dollars. Which is good but not excellent.

So I think it might be worth to calculate how much money you want to have in the new economy. Divide that number by 47600, and consider that this is "potentially" the amount of bitcoins you should buy. If you want to remain with the amount of cash you have right now you would have to invest 1/528 of all you have (if each bitcoin is worth 90$).

Then buy it, store it away, and don't use it.
Instead, if you need to use bitcoins, change your money, and spend it right away.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Login or Register to post comments