https://tests.bitcoin.it/w/api.php?action=feedcontributions&user=Iminer99&feedformat=atomBitcoin Wiki - User contributions [en]2024-03-29T12:14:35ZUser contributionsMediaWiki 1.30.0https://tests.bitcoin.it/w/index.php?title=LocalBitcoins&diff=67568LocalBitcoins2020-05-30T16:42:47Z<p>Iminer99: </p>
<hr />
<div>A site that facilitates P2P Bitcoin sales by allowing users to list their own buy/sell advertisements. It makes it very easy to run your own bitcoin-cash exchange. It also allows online transactions and offers escrow and other security services, as well as a reputation system for buyers/sellers.<br />
<br />
In October 2019, LocalBitcoins implemented mandatory KYC for customers<ref>https://localbitcoins.com/blog/id-verification-update/</ref><br />
<br />
The site boasts exchangers [https://localbitcoins.com/statistics from 246 countries] and 10322 cities.<br />
<br />
==See Also==<br />
<br />
* [[:Category:Exchanges|Exchanges]]<br />
* [[Bitcoin_Map_(Collaborative_map)|Bitcoin Map]]<br />
* [[Bitcoin-otc|Bitcoin OTC]]<br />
<br />
==External Links==<br />
<br />
* [http://localbitcoins.com LocalBitcoins.com] web site<br />
* [http://localbitcoins.com/affiliate LocalBitcoins.com affiliate program]<br />
* [https://localbitcoins.com/api-docs/ LocalBitcoins.com API docs]<br />
<br />
<br />
[[Category:Local]]<br />
[[Category:Directories]]<br />
[[Category:Exchanges]]<br />
[[Category:eWallets]]<br />
[[Category:Block chain browsers]]</div>Iminer99https://tests.bitcoin.it/w/index.php?title=Transaction_surveillance_company&diff=67567Transaction surveillance company2020-05-30T16:39:04Z<p>Iminer99: /* Examples */</p>
<hr />
<div>A '''transaction surveillance company''' is one which attempts to spy on all bitcoin users. Their business model is usually to sell the data to any governments, corporations and individuals willing to pay for their services.<br />
<br />
== Spying technology ==<br />
<br />
There are a number of techniques probably used by transaction surveillance companies:<br />
<br />
* AML/KYC information. Many bitcoin exchanges require users to undergo Anti-Money Laundering and Know-Your-Customer (AML/KYC) checks, which requires users to reveal all kinds of invasive personal information such as their real name, residence, occupation, net worth and income. All this information is usually passed onto the exchange's partner transaction surveillance company, which keeps a database linking the victim's personal information with their bitcoin [[address]]es and [[transaction]]s.<br />
* Blockchain analysis. Bitcoin on-chain [[transaction]]s are visible to all and so can be analyzed. Important techniques are the [[Common-input-ownership heuristic]] and [[address reuse]].<br />
* Wallet synchronization analysis. Bitcoin [[lightweight node|lightweight wallets]] often download their own history and balance by querying a third-party server. Transaction surveillance companies often try to exploit this to learn which [[address]]es and [[transaction]]s belong to certain wallets. The companies have been known to collect [[BIP37 privacy problems|BIP37 filters]] from BIP37-enabled wallets. They almost-certainly also run many [[Electrum]] servers which can spy on any [[Electrum]] wallet that connects to them.<br />
* Transaction broadcasting. Surveillance companies have been known to sybil attack the bitcoin network in order to try to find the source IP addresses of unconfirmed transactions<ref>https://www.reddit.com/r/Bitcoin/comments/2yvy6b/a_regulatory_compliance_service_is_sybil/</ref>.<br />
<br />
See the [[Privacy]] page on this wiki for information about how to protect your privacy.<br />
<br />
== Criticisms ==<br />
<br />
=== Attempt to invade privacy ===<br />
<br />
Financial privacy is an essential criteria for the efficient operation of a free market: if you run a business, you cannot effectively set prices if your suppliers and customers can see all your transactions against your will. You cannot compete effectively if your competition is tracking your sales. Individually your informational leverage is lost in your private dealings if you don't have privacy over your accounts: if you pay your landlord in Bitcoin without enough privacy in place, your landlord will see when you've received a pay raise and can hit you up for more rent.<br />
<br />
Financial privacy is essential for personal safety: if thieves can see your spending, income, and holdings, they can use that information to target and exploit you. Without privacy malicious parties have more ability to steal your identity, snatch your large purchases off your doorstep, or impersonate businesses you transact with towards you... they can tell exactly how much to try to scam you for. [https://github.com/jlopp/physical-bitcoin-attacks Here] is list of real life physical attacks aimed at stealing bitcoins, so these are not just hypothetical concerns.<br />
<br />
Financial privacy is essential for human dignity: no one wants the snotty barista at the coffee shop or their nosy neighbors commenting on their income or spending habits. No one wants their baby-crazy in-laws asking why they're buying contraception (or sex toys). Your employer has no business knowing what church you donate to. Only in a perfectly enlightened discrimination free world where no one has undue authority over anyone else could we retain our dignity and make our lawful transactions freely without self-censorship if we don't have privacy.<br />
<br />
Most importantly, financial privacy isn't incompatible with things like law enforcement or transparency. You can always keep records, be ordered (or volunteer) to provide them to whomever, have judges hold against your interest when you can't produce records (as is the case today). None of this requires _globally_ visible public records.<br />
<br />
Globally visible public records in finance are completely unheard-of. They are undesirable and arguably intolerable. The Bitcoin whitepaper made a promise of how we could get around the visibility of the ledger with pseudonymous addresses, but the ecosystem has broken that promise in a bunch of places and we ought to fix it. Bitcoin could have coded your name or IP address into every transaction. It didn't. The whitepaper even has a section on privacy. Sufficient privacy is an essential prerequisite for a viable digital currency<ref>https://bitcointalk[dot]org/index.php?topic=334316.msg3588908#msg3588908</ref>.<br />
<br />
The right to privacy is recognized as a human right by the US constitution, European Union regulations and the Constitution of India<ref>https://en.wikipedia.org/wiki/Right_to_privacy#Privacy_laws_in_different_countries</ref>.<br />
<br />
=== Attempt to destroy fungibility ===<br />
<br />
Privacy invasions can lead to damaging or destroying bitcoin fungibility. The aim of bitcoin is to be a decentralized digital currency, but if all users are eventually required to consult centralized blacklists before accepting bitcoin then its decentralization will be destroyed<ref>https://bitcointalk[dot]org/index.php?topic=333882.0</ref>.<br />
<br />
Financial privacy is an essential element to fungibility in Bitcoin: if you can meaningfully distinguish one coin from another, then their fungibility is weak. If our fungibility is too weak in practice, then we cannot be decentralized: if someone important announces a list of stolen coins they won't accept coins derived from, you must carefully check coins you accept against that list and return the ones that fail. Everyone gets stuck checking blacklists issued by various authorities because in that world we'd all not like to get stuck with bad coins. This adds friction and transactional costs and makes Bitcoin less valuable as a money.<br />
<br />
=== No mechanism for oversight or appeal ===<br />
There appears to be no recourse for someone affected by false positive identification of exchange-disapproved transaction history. This could result in them wrongly having their coins confiscated. <br />
<br />
=== Jurisidiction ===<br />
Transaction surveillance company market themselves as a tool for finding "bad guys", but its unclear which jurisidiction that applies to. For example, could one day the government of China pressure those companies into marking certain coins as "bad" because they belong to users who disagree with Chinese government policy?<br />
<br />
=== Incentivized to oppose bitcoin updates ===<br />
During the deployment of [[segregated witness]] certain transaction surveillance companies were believed to have spread misinformation about it, because the update enables [[Lightning Network]], which the companies saw as a threat to their business<ref>https://twitter.com/viaj3ro/status/860709760227725312</ref><ref>https://twitter.com/peterktodd/status/860826532650123264</ref>.<br />
<br />
=== Oversold effectiveness ===<br />
<br />
Transaction surveillance companies rely on heuristics or assumptions when analyzing the blockchain. These heuristics are sometimes not true, for example the [[common-input-ownership heuristic]] is broken by [[CoinJoin]]. Even if that heuristic is true, it still requires actually identifying the cluster, which is not always possible.<br />
<br />
Laws surrounding anti-money-laundering typically require businesses to take reasonable efforts to investigate the source of funds. Usually the transaction surveillance company's customers simply want to legally protect themselves, regardless of whether the surveillance actually works. There is a lot of money in this space from governments and other authorities, who usually don't understand the underlying technology and are happy to throw money at several startups who claim to be able to accurately track everything. Whether the activities of transaction surveillance company actually help against money laundering is an open question.<br />
<br />
== Examples ==<br />
<br />
* https://www.walletexplorer.com/ - Free website which mostly uses the [[Common-input-ownership heuristic]] and [[address reuse]] for clustering.<br />
* https://www.chainalysis.com/<br />
* https://www.elliptic.co/<br />
* https://cipherblade.com/<br />
* https://www.neutrino.nu/<br />
* https://www.coinfirm.io<br />
* https://blockchaingroup.io/<br />
* https://ciphertrace.com/<br />
* https://complyadvantage.com/aml-crypto-compliance/<br />
<br />
==References==<br />
<references /><br />
<br />
[[Category:Privacy]]</div>Iminer99https://tests.bitcoin.it/w/index.php?title=GDAX&diff=67566GDAX2020-05-30T16:36:25Z<p>Iminer99: </p>
<hr />
<div>GDAX was a cryptocurrency exchange owned and managed by Coinbase designed for more advanced users, professional traders, and institutions. In 2018, GDAX was rebranded to Coinbase Pro.<br />
<br />
[[Category:Exchanges]]</div>Iminer99https://tests.bitcoin.it/w/index.php?title=Comparison_of_cryptocurrencies&diff=67565Comparison of cryptocurrencies2020-05-29T18:46:27Z<p>Iminer99: </p>
<hr />
<div>The cryptocurrency market is explosive which currently serves hundreds of currencies. Almost all of them are obvious scams—including many which purport to have a large market cap. This article aims to list only the most relevant cryptocurrencies in terms of novel technological advancements or strong engineering teams, or due to widespread awareness thereof. Direct, low-level scams should not be listed here.<br />
<br />
{| class="wikitable sortable"<br />
! style="width: 100px;" | Cryptocurrency<br />
! Exchange symbol<br />
! Launched<br />
! Anonymity<br />
! Max supply<br />
! Algorithm<br />
! Proof Type<br />
! Notes<br />
! Website<br />
|-<br />
! {{rh}} | [[File:Bitcoin.png|16px|link=]] [[Bitcoin]]<br />
| BTC<br />
| 2009-01-03<br />
| {{no|Low}}<br />
| style="text-align: right" | ~21,000,000<br />
| SHA256<br />
| PoW<br />
| First blockchain.<br />
| [https://bitcoin.org/ bitcoin.org]<br />
|-<br />
! {{rh}} | [[File:Bitcoin.png|16px|link=]] [[Tonal Bitcoin]]<br />
| TBC<br />
| 2011-01-02<br />
| {{no|Low}}<br />
| style="text-align: right" | ~21,000,000<br />
| SHA256<br />
| PoW<br />
| First on-chain alternative.<br />
| -<br />
|-<br />
! {{rh}} | [[File:Bitcoin_Cash.png|16px|link=]] BCash<br />
| BCH<br />
| 2017-08-01<br />
| {{no|Low}}<br />
| style="text-align: right" | ~21,000,000<br />
| SHA256<br />
| PoW<br />
| BCash is an altcoin based on an old snapshot of Bitcoin's blockchain (2017 Aug 1) with replay protection and an increased block size limit of 8MB. An unusual emergency difficulty adjustment algorithm causes significant periods of hyperinflation. Significant miner centralization; often a very low hashrate. Major proponents deliberately attempt to confuse new users into thinking BCash is actually Bitcoin, especially by using the name "Bitcoin Cash". On 15 November 2018, an airdrop of BCash occurred between two rival factions now called BCash (BCH) and CraigCoin (BSV).<br />
| [https://www.bitcoincash.org/ bitcoincash.org]<br />
|-<br />
! {{rh}} | [[File:Bitcoin.png|16px|link=]] CraigCoin<br />
| BSV<br />
| 2018-11-15<br />
| {{no|Low}}<br />
| style="text-align: right" | ~21,000,000<br />
| SHA256<br />
| PoW<br />
| On 15 November 2018, a hard fork chain split of BCash occurred between two rival factions called BCH and BSV. Mostly based around a cult following of the fraudster Craig Wright who claims to be Satoshi (hence SV = Satoshi's Vision).<br />
| https://bitcoinsv.io/<br />
|-<br />
! {{rh}} | [[File:Namecoin.png|16px|link=]] Namecoin<br />
| NMC<br />
| 2011-04-18<br />
| {{no|Low}}<br />
| style="text-align: right" | ~21,000,000<br />
| SHA256 Merged<br />
| PoW<br />
| First cryptocurrency that implemented Satoshi's BitDNS idea. Essentially the first real altcoin. Still under active development. First merged-mined altcoin.<br />
| [https://namecoin.info/ namecoin.info]<br />
|-<br />
! {{rh}} | [[File:Dash.png|16px|link=]] Dash<br />
| DASH<br />
| 2014-01-18<br />
| {{no|Low}}<br />
| style="text-align: right" | 22,000,000<br />
| X11<br />
| PoW/PoS<br />
| Introduced the X11 algorithm, which is just a composite function of multiple hashing algorithms. Had a significant failure mode in the beginning which equated to a majority premine by a small number of Amazon EC2 customers. This means their Master Node algorithm has been in a failure mode from the beginning.<br />
| [https://dash.org/ dash.org]<br />
|-<br />
! {{rh}} | [[File:Ethereum_Classic-32x32.png|16px|link=]] Ethereum Classic<br />
| ETC<br />
| 2015-08-07<br />
| {{no|Low}}<br />
| style="text-align: right" | Infinite<br />
| Ethash<br />
| PoW<br />
| Majority premine sale. Used to be known as just "Ethereum" and "ETH" until the Ethereum Foundation split off an altcoin using their trademark.<br />
| [http://www.ethereumclassic.org/ ethereumclassic.org]<br />
|-<br />
! {{rh}} | [[File:Ethereum.png|16px|link=]] Ethereum<br />
| ETH<br />
| 2016-07-20<br />
| {{no|Low}}<br />
| style="text-align: right" | Infinite<br />
| Ethash<br />
| PoW<br />
| An altcoin of Ethereum Classic which split from ETC's blockchain in order to refund the Ethereum Foundation's members' money when the DAO was exploited. Regular hardforks to bail out larger losses by e.g. ETH foundation. Source of the ICO bubbles. Multiple client implementations which fail against each other in terms of consensus errors regularly. Requires multiple months of time to sync to eth blockchain. Contract-building tools interpret input incompatibly.<br />
| [https://ethereum.org ethereum.org ]<br />
|-<br />
! {{rh}} | [[File:Litecoin.png|16px|link=]] Litecoin<br />
| LTC<br />
| 2011-10-07<br />
| {{no|Low}}<br />
| style="text-align: right" | ~84,000,000<br />
| Scrypt<br />
| PoW<br />
| Originally meant to be a CPU-friendly "silver" to Bitcoin's "gold", the early SCRYPT parameters, it was discovered later, led directly to GPU, and then ASIC-mining almost from the start.<br />
| [https://litecoin.org/ litecoin.org]<br />
|-<br />
! {{rh}} | [[File:Monero.png|16px|link=]] Monero<br />
| XMR<br />
| 2014-04-18<br />
| style="background: lightyellow;" | Medium<br />
| Infinite (has tail emission)<br />
| [https://github.com/tevador/RandomX RandomX] (formerly [[CryptoNight]])<br />
| PoW<br />
| The most successful implementation derived from the [[CryptoNote]] codedrop. Uses [https://www.ledgerjournal.org/ojs/index.php/ledger/article/view/34 Ring CT] and its own implementation of [[Confidential transactions]], [[ECDH_address|Stealth Addresses]], [[BIP_0156|Dandelion]]++ to enhance user privacy.<br />
| [https://getmonero.org/ getmonero.org]<br />
|-<br />
! {{rh}} | [[File:Zcash-16x16.png|16px|link=]] Zcash<br />
| ZEC<br />
| 2016-10-28<br />
| style="background: lightyellow;" | Medium<br />
| style="text-align: right" | ~21,000,000<br />
| Equihash<br />
| PoW<br />
| First cryptocurrency that implemented the zerocash protocol. Large "Founder's Reward" which is paid out over the first few years of mining to people including Roger Ver.<br />
| [https://z.cash/ z.cash]<br />
|-<br />
! {{rh}} | [[File:Zcoin-800x800.png|16px|link=]] Zcoin<br />
| XZC<br />
| 2016-09-28<br />
| style="background: lightyellow;" | Medium<br />
| style="text-align: right" | ~21,000,000<br />
| Lyra2RE<br />
| PoW<br />
| First cryptocurrency that implemented the zerocoin protocol which also makes it the first useful Zero-knowledge proof based anonymous cryptocurrency. First that implements Merkle Tree Proof of Work (MTP).<br />
| [https://zcoin.io/ zcoin.io]<br />
|-}<br />
<br />
[[Category:Alternative cryptocurrencies]]</div>Iminer99https://tests.bitcoin.it/w/index.php?title=Storing_bitcoins&diff=67564Storing bitcoins2020-05-29T14:42:09Z<p>Iminer99: /* The 5 dollar wrench attack */</p>
<hr />
<div>This page is a discussion of the different ways of storing bitcoins, whether for [[Bitcoin as an investment|investment purposes]] or as a [[Bitcoin as a medium of exchange|medium of exchange]].<br />
<br />
As bitcoin is a digital asset, it can be very un-intuitive to store safely. Historically many people have lost their coins but with proper understanding the risks can be eliminated. If your bitcoins do end up lost or stolen then there's almost certainly nothing that can be done to get them back.<br />
<br />
tl;dr The best way to store bitcoin is to either use a [[hardware wallet]], a [[Multisignature|multisignature wallet]] or a [[Cold storage|cold storage wallet]]. Have your wallet create a [[seed phrase]], write it down on paper and store it in a safe place (or several safe places, as backups). The wallet should be backed by your own [[full node]].<br />
<br />
== Introduction ==<br />
<br />
Storage of bitcoin can be broken down in a few independent goals:<br />
<br />
* Protection against accidental loss<br />
* Verification that the bitcoins are genuine<br />
* Privacy and protection against spying<br />
* Protection against theft<br />
* Easy access for spending or moving bitcoins<br />
<br />
The art and science of storing bitcoins is about keeping your private keys safe, yet remaining easily available to you when you want to make a transaction. It also requires verifying that you received real bitcoins, and stopping an adversary from spying on you.<br />
<br />
[[File:Mnemonic-seed-still-life.jpg|300px|thumb|alt=An example seed phrase written on paper|Example seed phrase on paper.]]<br />
<br />
=== Protection from accidental loss ===<br />
<br />
In the past many people have accidentally lost bitcoins because of failed backups, mistyped letters, forgotten hard drives, corrupted SSD devices, or numerous other slip ups. <br />
<br />
The key to protecting yourself from data loss of any kind is to have redundant backups so that if one is lost or destroyed, you still have others you can use when you need them. All good wallet software asks their users to write down the [[seed phrase|seed recovery phrase]] of the wallet as a backup, so that if your primary wallet is lost or damaged, you can use the seed recovery phrase to restore access to your coins. If you have more than one backup location, they should be in places where various disasters won't affect both of your backups. For example, its much better to store two backups in a home safe and in a safe deposit box (as long as your seed is protected by a passphrase) than to store two backups in your bedroom and one in your garage. <br />
<br />
Also important is regularly verifying that your backup still exists and is in good condition. This can be as simple as ensuring your backups are still where you put them a couple times a year.<br />
<br />
The best practices for backing up a seed is to store the seed using '''pencil and paper''' or '''metal seed phrase backup''' and storing in multiple secure locations. See [[Seed_phrase#Storing_Seed_Phrases_for_the_Long_Term]] for details.<br />
<br />
=== Verification and privacy ===<br />
<br />
Storing a [[seed phrase]] only stores [[Private key|private keys]], but it cannot tell you if or how many bitcoins you have actually received. For that you need wallet software.<br />
<br />
If you received cash banknotes or gold coins as payment, you wouldn't accept them without inspecting them and verifying that they are genuine. The same is true with bitcoin. Wallet software can automatically verify that a payment has been made and when that payment has been completed (by being mined into a number of blocks). The most secure kind of wallet is one which independently verifies ''all'' the rules of bitcoin, known as a [[full node]]. When receiving large volumes, it is essential to use wallet software that connects to a full node you run yourself. If bitcoin is digital gold, then a full node is your own personal digital goldsmith who checks that received bitcoin payments are actually real. [[Lightweight node|Lightweight wallets]] have a number of security downsides because they don't check all of bitcoin's rules, and so should only be used for receiving smaller amounts or when you trust the sender. See the article about [[full node|full nodes]].<br />
<br />
Your wallet software will also need to learn the history and balance of its wallet. For a lightweight wallet this usually involves querying a third-party server which leads to a privacy problem as that server can spy on you by seeing your entire balance, all your transactions and usually linking it with your IP address. Using a full node avoids this problem because the software connects directly to the bitcoin p2p network and downloads the entire [[blockchain]], so any adversary will find it much harder to obtain information. See also: [[Anonymity]]<br />
<br />
So for verification and privacy, a good storage solution should be backed by a [[full node]] under your own control for use when receiving payments. The full node wallet on an online computer can be a watch-only wallet. This means that it can detect transaction involving addresses belonging to the user and can display transaction information about them, but still does not have the ability to actually spend the bitcoins.<br />
<br />
=== Protection from theft ===<br />
<br />
Possession of bitcoins comes from your ability to keep the private keys under your exclusive control. In bitcoin, keys are money. Any malware or hackers who learn what your private keys are can create a valid bitcoin transaction sending your coins to themselves, stealing your bitcoins. The average person's computer is usually vulnerable to malware, so that must be taken into account when deciding on storage solutions. <br />
<br />
Anybody else who discovers a wallet's [[seed phrase]] can steal all the bitcoins if the seed isn't also protected by a secret passphrase. Even when using a passphrase, a seed should be kept safe and secret like jewels or cash. For example, no part of a seed should ever be typed into any website, and no one should store a seed on an internet-connected computer unless they are an advanced user who has researched what they're doing.<br />
<br />
[[Seed phrase]]s can store any amount of bitcoins. It doesn't seem secure to possibly have enough money to purchase the entire building just sitting on a sheet of paper without any protection. For this reason many wallets make it possible to encrypt a seed phrase with a passphrase. See [[Seed phrase#Two-Factor_Seed_Phrases]]<br />
<br />
=== Easy access ===<br />
<br />
Some users may not need to actually move their bitcoins very often, especially if they [[Bitcoin as an investment|own bitcoin as an investment]]. Other users will want to be able to quickly and easily move their coins. A solution for storing bitcoins should take into account how convenient it is to spend from depending on the user's needs.<br />
<br />
=== Summary ===<br />
<br />
In summary: bitcoin wallets should be backed up by writing down their [[seed phrase]], this phrase must be kept safe and secret, and when sending or receiving transactions the wallet software should obtain information about the bitcoin network from your own [[full node]].<br />
<br />
== Types of wallets ==<br />
<br />
=== Hardware wallets ===<br />
<br />
''Main article: [[Hardware wallet]]''<br />
<br />
[[Hardware wallet]]s are special purpose security-hardened devices for storing Bitcoins on a peripheral that is trusted to generate wallet keys and sign transactions.<br />
<br />
A [[hardware wallet]] holds the seed in its internal storage and is typically designed to be resistant to both physical and digital attacks. The device signs the transactions internally and only transmits the signed transactions to the computer, never communicating any secret data to the devices it connects to. The separation of the private keys from the vulnerable environment allows the user to spend bitcoins without running any risk even when using an untrustworthy computer. Hardware wallets are relatively user-friendly and are one of the best ways to store bitcoins.<br />
<br />
Some downsides are that hardware wallets are recognizable physical objects which could be discovered and which give away that you probably own bitcoins. This is worth considering when for example crossing borders. They also cost more than software wallets. Still, physical access to a hardware wallet does not mean that the keys are easily compromised, even though it does make it easier to compromise the hardware wallet. The groups that have created the most popular hardware wallets have gone to great lengths to harden the devices to physical threats and, though not impossible, only technically skilled people with specialized equipment have been able to get access to the private keys without the owner's consent. However, physically-powerful people such as armed border guards upon seeing the hardware wallet could force you to type in the PIN number to unlock the device and steal the bitcoins.<br />
<br />
=== Multisignature wallets ===<br />
<br />
''Main article: [[Multisignature]]''<br />
<br />
A multisignature wallet is one where multiple private keys are required to move the bitcoins instead of a single key. Such a wallet can be used for requiring agreement among multiple people to spend, can eliminate a single point of failure, and can be used as form of backup, among other applications.<br />
<br />
These private keys can be spread across multiple machines in various locations with the rationale that malware and hackers are unlikely to infect all of them. The multisig wallet can be of the m-of-n type where any m private keys out of a possible n are required to move the money. For example a 2-of-3 multisig wallet might have your private keys spread across a desktop, laptop, and smartphone, any two of which are required to move the money, but the compromise or total loss of any one key does not result in loss of money, even if that key has no backups.<br />
<br />
Multisignature wallets have the advantage of being cheaper than hardware wallets since they are implemented in software and can be downloaded for free, and can be nearly as convenient since all keys are online and the wallet user interfaces are typically easy to use. <br />
<br />
Hardware and multisignature wallets can be combined by having a multisignature wallet with the private keys held on hardware wallets; after all a single hardware wallet is still a single point of failure. Cold storage and multisignature can also be combined, by having the multisignature wallet with the private keys held in cold storage to avoid them being kept online.<br />
<br />
=== Cold storage wallets ===<br />
<br />
''Main article: [[Cold storage]]''<br />
<br />
A cold wallet generates and stores private wallet keys offline on a clean, newly-installed [https://en.wikipedia.org/wiki/Air_gap_(networking) air-gapped] computer. Payments are received online with a watch-only wallet. Unsigned transactions are generated online, transferred offline for signing, and the signed transaction is transferred online to be broadcast to the Bitcoin network.<br />
<br />
This allows funds to be managed offline in [[Cold storage]]. Used correctly a cold wallet is protected against online threats, such as viruses and hackers. Cold wallets are similar to hardware wallets, except that a general purpose computing device is used instead of a special purpose peripheral. The downside is that the transferring of transactions to and fro can be fiddly and unweilding, and less practical for carrying around like a hardware wallet.<br />
<br />
=== Hot wallets ===<br />
<br />
''Main article: [[Hot wallet]]''<br />
<br />
A hot wallet refers to keeping single-signature wallets with private keys kept on an online computer or mobile phone. Most bitcoin wallet software out there is a hot wallet. The bitcoins are easy to spend but are maximally vulnerable to malware or hackers. Hot wallets may be appropriate for small amounts and day-to-day spending.<br />
<br />
A user might have a ''spending account'' hot wallet for day-to-day convenient spending with the majority of their funds on a ''savings account'' which is stored with much more security (cold storage / hardware wallet / multisignature).<br />
<br />
== Bad wallet ideas ==<br />
<br />
=== Custodial wallets ===<br />
<br />
Custodial wallets are where an exchange, broker or other third party holds your bitcoins in trust.<br />
<br />
The number one rule to storing bitcoin is this: if you don’t hold the private keys, you don’t actually own the assets. There are many historical examples of loss due to custodial wallets: Bitcoinica, Silk Road, Bitfloor, [[Collapse of Mt. Gox|MTGOX]], Sheep Marketplace, BTC-e, Bitstamp, Bitfinex, Bithumb, Cryptsy, Bter, Mintpal and many more<ref>https://bitcointalk.org/index.php?topic=576337</ref><br />
<br />
==== "Isn't it just like keeping your money in a bank?" ====<br />
<br />
''The following is a quote of waxwing on reddit<ref>https://www.reddit.com/r/Bitcoin/comments/5py495/brian_armstrong_controlling_your_own_wealth_as_a/dcve9xx/?context=3</ref>:''<br />
<br />
:There are trade offs with everything, but trusting Coinbase with your Bitcoin is ''not'' the same as trusting a bank with your dollars:<br />
<br />
:Suppose 5 people are needed to access the funds, within Coinbase, e.g. the CEO, the tech lead engineer and 3 other senior employees. Suppose one day they wake up and decide to be evil and move all the Bitcoin to some private account of theirs, and perhaps make up a story in the press about how they've been "hacked". You have a serious problem, as you might find there is a protracted legal battle (see MtGox), but you can't actually retrieve the funds unless in some way the company is re-stocked with Bitcoin, or perhaps an equivalent in fiat.<br />
<br />
:If on the other hand you controlled the funds with a majority of keys in a multisig i.e. you own both of the two needed keys of a 2-of-3 multisig, then it would always effectively be your bitcoin, even though the third key may belong to a trusted third party custodian. But this also comes with the responsibility that if you get hacked, you lose all your funds. That is why it's prudent, in a 2-of-3 multisig where you have the two needed keys, to have them in separate systems/locations. If one of them fails, you can go to the custodian to supply the third key and transfer your funds again to safety. But the custodian alone, cannot touch your funds just by virtue of having the third key.<br />
<br />
:Now, if your bank gets hacked similarly - 5 key operatives in the bank decide to swipe your money and pretend it was external hackers - SWIFT transfers are made to accounts in Russia and China. Here it will always ultimately be at the discretion of legal agencies whether you "actually" still have the money that is stolen. Because dollars are not real, they can be created at a whim<ref>https://en.wikipedia.org/wiki/Fractional-reserve_banking</ref>, and while reversing international transfers is not ''quite'' so simple, very often that reversal can be achieved (e.g. recent SWIFT hack at bangladesh<ref>https://www.wired.com/2016/05/insane-81m-bangladesh-bank-heist-heres-know/</ref><ref>https://en.wikipedia.org/wiki/Bangladesh_Bank_robbery</ref> bank; $1 billion stolen, all but $80 million "recovered" (just means wire transfers reversed)). Added to that consider that fiat money is insured, so even when transfers can't be reversed, the money can be "recovered". If too many banks get hacked all at once the Federal Reserve and the government together can make up some "fund" that magically reassigns balances any time they like, with sufficient political will (that's essentially what was happening in 2008 TARP etc).<br />
<br />
:So far no insurance company has ever paid out on a Bitcoin company's claim. Worth considering also.<br />
<br />
:You might say, since it's risky both ways, why not trust Coinbase? Aren't they more competent in security than me?<br />
<br />
:Almost certainly, but this argument has two massive holes in it: (1) because they ''concentrate'' funds they are a massive target for hackers, while you are not - at all. (2) they are a ''trusted third party'' so the situation is strictly worse - not only do you have to trust their security skills, but you also have to trust them not to steal (modulo multisig, as mentioned above) (edited to add: as well as literal stealing, there is things like political confiscation, don't forget).<br />
<br />
=== Web wallets ===<br />
<br />
Web wallets have all the downsides of custodial wallets (no direct possession, private keys are held by a third party) along with all the downsides of hot wallets (exposed private keys), as well as all the downsides of lightweight wallets (not verifying bitcoin's rules, someone could send you a billion bitcoins and under certain conditions the dumb web wallet would happily accept it)<br />
<br />
Someone who needs the easy access of a web wallet should download a lightweight wallet like [[Electrum]].<br />
<br />
Main article: [[Browser-based wallet]]<br />
<br />
=== Paper wallets ===<br />
<br />
So-called [[paper wallets]] are an obsolete and unsafe method of storing bitcoin which should not be recommended to beginners. They simply store a single private/public keypair on paper. They promote [[address reuse]] and require unwieldy and complicated live OS system boots to be safe, they risk theft by printers, and typically rely on [[Javascript cryptography]].<br />
<br />
Paper wallets also do not provide any method of displaying to the user when money has arrived. There's no practical way to use a [[full node]] wallet. Users are typically driven to use third-party blockchain explorers which can lie to them and spy on them.<br />
<br />
A much better way to accomplish what paper wallets do is to use [[seed phrase]]s instead.<br />
<br />
Main article: [[Paper wallets]]<br />
<br />
=== Cloud storage ===<br />
<br />
This means storing your encrypted (or not) wallet file on a cloud storage solution such as Dropbox, or emailing them to yourself on gmail. This very similar to trusting a custodial wallet service, and is not recommended for the same reasons<ref>https://www.reddit.com/r/Bitcoin/comments/8i6via/28_btc_stolen_10_btc_reward_please_help/</ref>. You might say you use encryption for two-factor authentication, but uploading the wallet to the cloud reduces this to one-factor. Furthermore, there are a variety of ways in which 2FA can be compromised, in particular SMS-based 2FA, such as via a SIM-Swap.<br />
<br />
=== Removable media ===<br />
<br />
This refers to storing wallet files on removable media like SSD or hard drives.<br />
<br />
Refer to the warnings from these two links:<br />
<br />
* https://www.reddit.com/r/Bitcoin/comments/6nj0eb/reminder_beware_of_data_rot_always_make_paper/<br />
* https://tedjonesweb.blogspot.co.uk/2017/08/do-not-use-flash-memory-ssd-drives.html<br />
<br />
Those articles recommend using GPG for encryption or a printer, instead a better solution is [[seed phrase]]s.<br />
<br />
=== "Physical" Bitcoins === <br />
<br />
Physical Coins and other mechanism with a pre-manufactured key or seed are not a good way to store bitcoins because they keys are already potentially compromised by whoever created the key. You should not consider bitcoin yours if its stored on a key created by someone else. It only becomes yours when you transfer the bitcoin to a key that you own and exclusively control.<br />
<br />
== Other ideas ==<br />
<br />
=== Time-locked wallets ===<br />
<br />
An interesting unconventional solution. The idea is to use [[Timelock|time-lock contracts]] to create a wallet which cannot be spent from until a certain date. One possible use-case might be by a gambling addict who locks up money for paying bills for a month, after a month has passed and their time-lock wallet is opened they use that money for paying bills instead of gambling. This is the equivalent proposal towards compulsive shoppers to freeze their credit card in a block of ice, so when they feel the urge to immediately buy something they see on the TV, they will need to wait for the block to melt until they can retrieve the credit card to be able to place the order. This hopefully gives them the time to cool off, and reconsider an otherwise meaningless purchase.<br />
<br />
Time lock wallets don't exist yet except for simple [https://coinb.in/#newTimeLocked javascript pages] which rely on [[Javascript cryptography]] and are therefore not safe.<br />
<br />
=== Consulting ===<br />
<br />
If you intend to store a very large amount of bitcoins, for example in a business, you should consider paying for security consulting.<br />
<br />
== The 5 dollar wrench attack ==<br />
<br />
[[File:Security.png|400px|none|alt=xkcd comic on the 5 dollar wrench attack.]]<br />
<br />
It's sometimes said that all this security is worthless because the $5 wrench attack can be used.<br />
<br />
There are multiple ways that can be utilized to beat this attack: by hiding, by defending yourself, by not letting others know your Bitcoin wealth or holdings, or by implementing security procedures which would prevent you from being able to surrender funds in such an attack, thereby reducing the appeal for an attacker to perform such an attack in the first place.<br />
<br />
Stored bitcoins are not secured by [[seed phrase]]s, [[hardware wallet]]s, [[multisignature]], passwords, hash functions or anything like that; they are secured by ''people''.<br />
<br />
Technology is never the root of system security. Technology is a tool to help people secure what they value. Security requires people to act. A server cannot be secured by a firewall if there is no lock on the door to the server room, and a lock cannot secure the server room without a guard to monitor the door, and a guard cannot secure the door without risk of personal harm.<ref>[https://github.com/libbitcoin/libbitcoin/wiki/Risk-Sharing-Principle Libbitcoin wiki Risk Sharing Principle]</ref>.<br />
<br />
Bitcoin is no different. The technology discussed on this page is only a tool to tip the scales in the defender's favour. Following from this principle, the way to beat the $5 wrench attack is to bear arms. Either your own, or employ guards, or use a safety deposit box, or rely on the police forces and army; or whatever may be appropriate and proportionate in your situation. If someone physically overpowers you then no technology on Earth can save your bitcoins. You can't be your own bank without bank-level security.<br />
<br />
See Also: [https://twitter.com/i/moments/942083114385281024 Guns + Bitcoin Hardware Wallets]<br />
<br />
== Further reading ==<br />
<br />
* [https://github.com/BlockchainCommons/SmartCustodyWhitePapers/blob/master/%23SmartCustody-_Simple_Self-Custody_Cold_Storage_Scenario.md SmartCustody: Simple Self-Custody Cold Storage Scenario]<br />
<br />
* https://bitzuma.com/posts/a-gentle-introduction-to-bitcoin-cold-storage/<br />
<br />
* https://medium.com/@lopp/thoughts-on-secure-storage-of-bitcoins-and-other-crypto-assets-210cadabb53d<br />
<br />
* https://medium.com/@michaelflaxman/how-should-i-store-my-bitcoin-43874ac208e4<br />
<br />
* Two-factor authentication on custodial wallets doesn't work as well as you might think https://medium.com/@CodyBrown/how-to-lose-8k-worth-of-bitcoin-in-15-minutes-with-verizon-and-coinbase-com-ba75fb8d0bac<br />
<br />
* This is why you shouldn’t use texts for two-factor authentication https://www.theverge.com/2017/9/18/16328172/sms-two-factor-authentication-hack-password-bitcoin Hacking 2FA based on SMS is easy.<br />
<br />
* [[Backup and Storage Methods]]<br />
<br />
==References==<br />
<references /><br />
<br />
[[Category:Security]]</div>Iminer99https://tests.bitcoin.it/w/index.php?title=Storing_bitcoins&diff=67563Storing bitcoins2020-05-29T14:37:02Z<p>Iminer99: /* Cloud storage */</p>
<hr />
<div>This page is a discussion of the different ways of storing bitcoins, whether for [[Bitcoin as an investment|investment purposes]] or as a [[Bitcoin as a medium of exchange|medium of exchange]].<br />
<br />
As bitcoin is a digital asset, it can be very un-intuitive to store safely. Historically many people have lost their coins but with proper understanding the risks can be eliminated. If your bitcoins do end up lost or stolen then there's almost certainly nothing that can be done to get them back.<br />
<br />
tl;dr The best way to store bitcoin is to either use a [[hardware wallet]], a [[Multisignature|multisignature wallet]] or a [[Cold storage|cold storage wallet]]. Have your wallet create a [[seed phrase]], write it down on paper and store it in a safe place (or several safe places, as backups). The wallet should be backed by your own [[full node]].<br />
<br />
== Introduction ==<br />
<br />
Storage of bitcoin can be broken down in a few independent goals:<br />
<br />
* Protection against accidental loss<br />
* Verification that the bitcoins are genuine<br />
* Privacy and protection against spying<br />
* Protection against theft<br />
* Easy access for spending or moving bitcoins<br />
<br />
The art and science of storing bitcoins is about keeping your private keys safe, yet remaining easily available to you when you want to make a transaction. It also requires verifying that you received real bitcoins, and stopping an adversary from spying on you.<br />
<br />
[[File:Mnemonic-seed-still-life.jpg|300px|thumb|alt=An example seed phrase written on paper|Example seed phrase on paper.]]<br />
<br />
=== Protection from accidental loss ===<br />
<br />
In the past many people have accidentally lost bitcoins because of failed backups, mistyped letters, forgotten hard drives, corrupted SSD devices, or numerous other slip ups. <br />
<br />
The key to protecting yourself from data loss of any kind is to have redundant backups so that if one is lost or destroyed, you still have others you can use when you need them. All good wallet software asks their users to write down the [[seed phrase|seed recovery phrase]] of the wallet as a backup, so that if your primary wallet is lost or damaged, you can use the seed recovery phrase to restore access to your coins. If you have more than one backup location, they should be in places where various disasters won't affect both of your backups. For example, its much better to store two backups in a home safe and in a safe deposit box (as long as your seed is protected by a passphrase) than to store two backups in your bedroom and one in your garage. <br />
<br />
Also important is regularly verifying that your backup still exists and is in good condition. This can be as simple as ensuring your backups are still where you put them a couple times a year.<br />
<br />
The best practices for backing up a seed is to store the seed using '''pencil and paper''' or '''metal seed phrase backup''' and storing in multiple secure locations. See [[Seed_phrase#Storing_Seed_Phrases_for_the_Long_Term]] for details.<br />
<br />
=== Verification and privacy ===<br />
<br />
Storing a [[seed phrase]] only stores [[Private key|private keys]], but it cannot tell you if or how many bitcoins you have actually received. For that you need wallet software.<br />
<br />
If you received cash banknotes or gold coins as payment, you wouldn't accept them without inspecting them and verifying that they are genuine. The same is true with bitcoin. Wallet software can automatically verify that a payment has been made and when that payment has been completed (by being mined into a number of blocks). The most secure kind of wallet is one which independently verifies ''all'' the rules of bitcoin, known as a [[full node]]. When receiving large volumes, it is essential to use wallet software that connects to a full node you run yourself. If bitcoin is digital gold, then a full node is your own personal digital goldsmith who checks that received bitcoin payments are actually real. [[Lightweight node|Lightweight wallets]] have a number of security downsides because they don't check all of bitcoin's rules, and so should only be used for receiving smaller amounts or when you trust the sender. See the article about [[full node|full nodes]].<br />
<br />
Your wallet software will also need to learn the history and balance of its wallet. For a lightweight wallet this usually involves querying a third-party server which leads to a privacy problem as that server can spy on you by seeing your entire balance, all your transactions and usually linking it with your IP address. Using a full node avoids this problem because the software connects directly to the bitcoin p2p network and downloads the entire [[blockchain]], so any adversary will find it much harder to obtain information. See also: [[Anonymity]]<br />
<br />
So for verification and privacy, a good storage solution should be backed by a [[full node]] under your own control for use when receiving payments. The full node wallet on an online computer can be a watch-only wallet. This means that it can detect transaction involving addresses belonging to the user and can display transaction information about them, but still does not have the ability to actually spend the bitcoins.<br />
<br />
=== Protection from theft ===<br />
<br />
Possession of bitcoins comes from your ability to keep the private keys under your exclusive control. In bitcoin, keys are money. Any malware or hackers who learn what your private keys are can create a valid bitcoin transaction sending your coins to themselves, stealing your bitcoins. The average person's computer is usually vulnerable to malware, so that must be taken into account when deciding on storage solutions. <br />
<br />
Anybody else who discovers a wallet's [[seed phrase]] can steal all the bitcoins if the seed isn't also protected by a secret passphrase. Even when using a passphrase, a seed should be kept safe and secret like jewels or cash. For example, no part of a seed should ever be typed into any website, and no one should store a seed on an internet-connected computer unless they are an advanced user who has researched what they're doing.<br />
<br />
[[Seed phrase]]s can store any amount of bitcoins. It doesn't seem secure to possibly have enough money to purchase the entire building just sitting on a sheet of paper without any protection. For this reason many wallets make it possible to encrypt a seed phrase with a passphrase. See [[Seed phrase#Two-Factor_Seed_Phrases]]<br />
<br />
=== Easy access ===<br />
<br />
Some users may not need to actually move their bitcoins very often, especially if they [[Bitcoin as an investment|own bitcoin as an investment]]. Other users will want to be able to quickly and easily move their coins. A solution for storing bitcoins should take into account how convenient it is to spend from depending on the user's needs.<br />
<br />
=== Summary ===<br />
<br />
In summary: bitcoin wallets should be backed up by writing down their [[seed phrase]], this phrase must be kept safe and secret, and when sending or receiving transactions the wallet software should obtain information about the bitcoin network from your own [[full node]].<br />
<br />
== Types of wallets ==<br />
<br />
=== Hardware wallets ===<br />
<br />
''Main article: [[Hardware wallet]]''<br />
<br />
[[Hardware wallet]]s are special purpose security-hardened devices for storing Bitcoins on a peripheral that is trusted to generate wallet keys and sign transactions.<br />
<br />
A [[hardware wallet]] holds the seed in its internal storage and is typically designed to be resistant to both physical and digital attacks. The device signs the transactions internally and only transmits the signed transactions to the computer, never communicating any secret data to the devices it connects to. The separation of the private keys from the vulnerable environment allows the user to spend bitcoins without running any risk even when using an untrustworthy computer. Hardware wallets are relatively user-friendly and are one of the best ways to store bitcoins.<br />
<br />
Some downsides are that hardware wallets are recognizable physical objects which could be discovered and which give away that you probably own bitcoins. This is worth considering when for example crossing borders. They also cost more than software wallets. Still, physical access to a hardware wallet does not mean that the keys are easily compromised, even though it does make it easier to compromise the hardware wallet. The groups that have created the most popular hardware wallets have gone to great lengths to harden the devices to physical threats and, though not impossible, only technically skilled people with specialized equipment have been able to get access to the private keys without the owner's consent. However, physically-powerful people such as armed border guards upon seeing the hardware wallet could force you to type in the PIN number to unlock the device and steal the bitcoins.<br />
<br />
=== Multisignature wallets ===<br />
<br />
''Main article: [[Multisignature]]''<br />
<br />
A multisignature wallet is one where multiple private keys are required to move the bitcoins instead of a single key. Such a wallet can be used for requiring agreement among multiple people to spend, can eliminate a single point of failure, and can be used as form of backup, among other applications.<br />
<br />
These private keys can be spread across multiple machines in various locations with the rationale that malware and hackers are unlikely to infect all of them. The multisig wallet can be of the m-of-n type where any m private keys out of a possible n are required to move the money. For example a 2-of-3 multisig wallet might have your private keys spread across a desktop, laptop, and smartphone, any two of which are required to move the money, but the compromise or total loss of any one key does not result in loss of money, even if that key has no backups.<br />
<br />
Multisignature wallets have the advantage of being cheaper than hardware wallets since they are implemented in software and can be downloaded for free, and can be nearly as convenient since all keys are online and the wallet user interfaces are typically easy to use. <br />
<br />
Hardware and multisignature wallets can be combined by having a multisignature wallet with the private keys held on hardware wallets; after all a single hardware wallet is still a single point of failure. Cold storage and multisignature can also be combined, by having the multisignature wallet with the private keys held in cold storage to avoid them being kept online.<br />
<br />
=== Cold storage wallets ===<br />
<br />
''Main article: [[Cold storage]]''<br />
<br />
A cold wallet generates and stores private wallet keys offline on a clean, newly-installed [https://en.wikipedia.org/wiki/Air_gap_(networking) air-gapped] computer. Payments are received online with a watch-only wallet. Unsigned transactions are generated online, transferred offline for signing, and the signed transaction is transferred online to be broadcast to the Bitcoin network.<br />
<br />
This allows funds to be managed offline in [[Cold storage]]. Used correctly a cold wallet is protected against online threats, such as viruses and hackers. Cold wallets are similar to hardware wallets, except that a general purpose computing device is used instead of a special purpose peripheral. The downside is that the transferring of transactions to and fro can be fiddly and unweilding, and less practical for carrying around like a hardware wallet.<br />
<br />
=== Hot wallets ===<br />
<br />
''Main article: [[Hot wallet]]''<br />
<br />
A hot wallet refers to keeping single-signature wallets with private keys kept on an online computer or mobile phone. Most bitcoin wallet software out there is a hot wallet. The bitcoins are easy to spend but are maximally vulnerable to malware or hackers. Hot wallets may be appropriate for small amounts and day-to-day spending.<br />
<br />
A user might have a ''spending account'' hot wallet for day-to-day convenient spending with the majority of their funds on a ''savings account'' which is stored with much more security (cold storage / hardware wallet / multisignature).<br />
<br />
== Bad wallet ideas ==<br />
<br />
=== Custodial wallets ===<br />
<br />
Custodial wallets are where an exchange, broker or other third party holds your bitcoins in trust.<br />
<br />
The number one rule to storing bitcoin is this: if you don’t hold the private keys, you don’t actually own the assets. There are many historical examples of loss due to custodial wallets: Bitcoinica, Silk Road, Bitfloor, [[Collapse of Mt. Gox|MTGOX]], Sheep Marketplace, BTC-e, Bitstamp, Bitfinex, Bithumb, Cryptsy, Bter, Mintpal and many more<ref>https://bitcointalk.org/index.php?topic=576337</ref><br />
<br />
==== "Isn't it just like keeping your money in a bank?" ====<br />
<br />
''The following is a quote of waxwing on reddit<ref>https://www.reddit.com/r/Bitcoin/comments/5py495/brian_armstrong_controlling_your_own_wealth_as_a/dcve9xx/?context=3</ref>:''<br />
<br />
:There are trade offs with everything, but trusting Coinbase with your Bitcoin is ''not'' the same as trusting a bank with your dollars:<br />
<br />
:Suppose 5 people are needed to access the funds, within Coinbase, e.g. the CEO, the tech lead engineer and 3 other senior employees. Suppose one day they wake up and decide to be evil and move all the Bitcoin to some private account of theirs, and perhaps make up a story in the press about how they've been "hacked". You have a serious problem, as you might find there is a protracted legal battle (see MtGox), but you can't actually retrieve the funds unless in some way the company is re-stocked with Bitcoin, or perhaps an equivalent in fiat.<br />
<br />
:If on the other hand you controlled the funds with a majority of keys in a multisig i.e. you own both of the two needed keys of a 2-of-3 multisig, then it would always effectively be your bitcoin, even though the third key may belong to a trusted third party custodian. But this also comes with the responsibility that if you get hacked, you lose all your funds. That is why it's prudent, in a 2-of-3 multisig where you have the two needed keys, to have them in separate systems/locations. If one of them fails, you can go to the custodian to supply the third key and transfer your funds again to safety. But the custodian alone, cannot touch your funds just by virtue of having the third key.<br />
<br />
:Now, if your bank gets hacked similarly - 5 key operatives in the bank decide to swipe your money and pretend it was external hackers - SWIFT transfers are made to accounts in Russia and China. Here it will always ultimately be at the discretion of legal agencies whether you "actually" still have the money that is stolen. Because dollars are not real, they can be created at a whim<ref>https://en.wikipedia.org/wiki/Fractional-reserve_banking</ref>, and while reversing international transfers is not ''quite'' so simple, very often that reversal can be achieved (e.g. recent SWIFT hack at bangladesh<ref>https://www.wired.com/2016/05/insane-81m-bangladesh-bank-heist-heres-know/</ref><ref>https://en.wikipedia.org/wiki/Bangladesh_Bank_robbery</ref> bank; $1 billion stolen, all but $80 million "recovered" (just means wire transfers reversed)). Added to that consider that fiat money is insured, so even when transfers can't be reversed, the money can be "recovered". If too many banks get hacked all at once the Federal Reserve and the government together can make up some "fund" that magically reassigns balances any time they like, with sufficient political will (that's essentially what was happening in 2008 TARP etc).<br />
<br />
:So far no insurance company has ever paid out on a Bitcoin company's claim. Worth considering also.<br />
<br />
:You might say, since it's risky both ways, why not trust Coinbase? Aren't they more competent in security than me?<br />
<br />
:Almost certainly, but this argument has two massive holes in it: (1) because they ''concentrate'' funds they are a massive target for hackers, while you are not - at all. (2) they are a ''trusted third party'' so the situation is strictly worse - not only do you have to trust their security skills, but you also have to trust them not to steal (modulo multisig, as mentioned above) (edited to add: as well as literal stealing, there is things like political confiscation, don't forget).<br />
<br />
=== Web wallets ===<br />
<br />
Web wallets have all the downsides of custodial wallets (no direct possession, private keys are held by a third party) along with all the downsides of hot wallets (exposed private keys), as well as all the downsides of lightweight wallets (not verifying bitcoin's rules, someone could send you a billion bitcoins and under certain conditions the dumb web wallet would happily accept it)<br />
<br />
Someone who needs the easy access of a web wallet should download a lightweight wallet like [[Electrum]].<br />
<br />
Main article: [[Browser-based wallet]]<br />
<br />
=== Paper wallets ===<br />
<br />
So-called [[paper wallets]] are an obsolete and unsafe method of storing bitcoin which should not be recommended to beginners. They simply store a single private/public keypair on paper. They promote [[address reuse]] and require unwieldy and complicated live OS system boots to be safe, they risk theft by printers, and typically rely on [[Javascript cryptography]].<br />
<br />
Paper wallets also do not provide any method of displaying to the user when money has arrived. There's no practical way to use a [[full node]] wallet. Users are typically driven to use third-party blockchain explorers which can lie to them and spy on them.<br />
<br />
A much better way to accomplish what paper wallets do is to use [[seed phrase]]s instead.<br />
<br />
Main article: [[Paper wallets]]<br />
<br />
=== Cloud storage ===<br />
<br />
This means storing your encrypted (or not) wallet file on a cloud storage solution such as Dropbox, or emailing them to yourself on gmail. This very similar to trusting a custodial wallet service, and is not recommended for the same reasons<ref>https://www.reddit.com/r/Bitcoin/comments/8i6via/28_btc_stolen_10_btc_reward_please_help/</ref>. You might say you use encryption for two-factor authentication, but uploading the wallet to the cloud reduces this to one-factor. Furthermore, there are a variety of ways in which 2FA can be compromised, in particular SMS-based 2FA, such as via a SIM-Swap.<br />
<br />
=== Removable media ===<br />
<br />
This refers to storing wallet files on removable media like SSD or hard drives.<br />
<br />
Refer to the warnings from these two links:<br />
<br />
* https://www.reddit.com/r/Bitcoin/comments/6nj0eb/reminder_beware_of_data_rot_always_make_paper/<br />
* https://tedjonesweb.blogspot.co.uk/2017/08/do-not-use-flash-memory-ssd-drives.html<br />
<br />
Those articles recommend using GPG for encryption or a printer, instead a better solution is [[seed phrase]]s.<br />
<br />
=== "Physical" Bitcoins === <br />
<br />
Physical Coins and other mechanism with a pre-manufactured key or seed are not a good way to store bitcoins because they keys are already potentially compromised by whoever created the key. You should not consider bitcoin yours if its stored on a key created by someone else. It only becomes yours when you transfer the bitcoin to a key that you own and exclusively control.<br />
<br />
== Other ideas ==<br />
<br />
=== Time-locked wallets ===<br />
<br />
An interesting unconventional solution. The idea is to use [[Timelock|time-lock contracts]] to create a wallet which cannot be spent from until a certain date. One possible use-case might be by a gambling addict who locks up money for paying bills for a month, after a month has passed and their time-lock wallet is opened they use that money for paying bills instead of gambling. This is the equivalent proposal towards compulsive shoppers to freeze their credit card in a block of ice, so when they feel the urge to immediately buy something they see on the TV, they will need to wait for the block to melt until they can retrieve the credit card to be able to place the order. This hopefully gives them the time to cool off, and reconsider an otherwise meaningless purchase.<br />
<br />
Time lock wallets don't exist yet except for simple [https://coinb.in/#newTimeLocked javascript pages] which rely on [[Javascript cryptography]] and are therefore not safe.<br />
<br />
=== Consulting ===<br />
<br />
If you intend to store a very large amount of bitcoins, for example in a business, you should consider paying for security consulting.<br />
<br />
== The 5 dollar wrench attack ==<br />
<br />
[[File:Security.png|400px|none|alt=xkcd comic on the 5 dollar wrench attack.]]<br />
<br />
It's sometimes said that all this security is worthless because the $5 wrench attack can be used.<br />
<br />
There are two ways to beat this attack: by hiding or by defending yourself.<br />
<br />
Stored bitcoins are not secured by [[seed phrase]]s, [[hardware wallet]]s, [[multisignature]], passwords, hash functions or anything like that; they are secured by ''people''.<br />
<br />
Technology is never the root of system security. Technology is a tool to help people secure what they value. Security requires people to act. A server cannot be secured by a firewall if there is no lock on the door to the server room, and a lock cannot secure the server room without a guard to monitor the door, and a guard cannot secure the door without risk of personal harm.<ref>[https://github.com/libbitcoin/libbitcoin/wiki/Risk-Sharing-Principle Libbitcoin wiki Risk Sharing Principle]</ref>.<br />
<br />
Bitcoin is no different. The technology discussed on this page is only a tool to tip the scales in the defender's favour. Following from this principle, the way to beat the $5 wrench attack is to bear arms. Either your own, or employ guards, or use a safety deposit box, or rely on the police forces and army; or whatever may be appropriate and proportionate in your situation. If someone physically overpowers you then no technology on Earth can save your bitcoins. You can't be your own bank without bank-level security.<br />
<br />
See Also: [https://twitter.com/i/moments/942083114385281024 Guns + Bitcoin Hardware Wallets]<br />
<br />
== Further reading ==<br />
<br />
* [https://github.com/BlockchainCommons/SmartCustodyWhitePapers/blob/master/%23SmartCustody-_Simple_Self-Custody_Cold_Storage_Scenario.md SmartCustody: Simple Self-Custody Cold Storage Scenario]<br />
<br />
* https://bitzuma.com/posts/a-gentle-introduction-to-bitcoin-cold-storage/<br />
<br />
* https://medium.com/@lopp/thoughts-on-secure-storage-of-bitcoins-and-other-crypto-assets-210cadabb53d<br />
<br />
* https://medium.com/@michaelflaxman/how-should-i-store-my-bitcoin-43874ac208e4<br />
<br />
* Two-factor authentication on custodial wallets doesn't work as well as you might think https://medium.com/@CodyBrown/how-to-lose-8k-worth-of-bitcoin-in-15-minutes-with-verizon-and-coinbase-com-ba75fb8d0bac<br />
<br />
* This is why you shouldn’t use texts for two-factor authentication https://www.theverge.com/2017/9/18/16328172/sms-two-factor-authentication-hack-password-bitcoin Hacking 2FA based on SMS is easy.<br />
<br />
* [[Backup and Storage Methods]]<br />
<br />
==References==<br />
<references /><br />
<br />
[[Category:Security]]</div>Iminer99https://tests.bitcoin.it/w/index.php?title=Storing_bitcoins&diff=67562Storing bitcoins2020-05-29T14:31:49Z<p>Iminer99: /* "Physical" Bitcoins */</p>
<hr />
<div>This page is a discussion of the different ways of storing bitcoins, whether for [[Bitcoin as an investment|investment purposes]] or as a [[Bitcoin as a medium of exchange|medium of exchange]].<br />
<br />
As bitcoin is a digital asset, it can be very un-intuitive to store safely. Historically many people have lost their coins but with proper understanding the risks can be eliminated. If your bitcoins do end up lost or stolen then there's almost certainly nothing that can be done to get them back.<br />
<br />
tl;dr The best way to store bitcoin is to either use a [[hardware wallet]], a [[Multisignature|multisignature wallet]] or a [[Cold storage|cold storage wallet]]. Have your wallet create a [[seed phrase]], write it down on paper and store it in a safe place (or several safe places, as backups). The wallet should be backed by your own [[full node]].<br />
<br />
== Introduction ==<br />
<br />
Storage of bitcoin can be broken down in a few independent goals:<br />
<br />
* Protection against accidental loss<br />
* Verification that the bitcoins are genuine<br />
* Privacy and protection against spying<br />
* Protection against theft<br />
* Easy access for spending or moving bitcoins<br />
<br />
The art and science of storing bitcoins is about keeping your private keys safe, yet remaining easily available to you when you want to make a transaction. It also requires verifying that you received real bitcoins, and stopping an adversary from spying on you.<br />
<br />
[[File:Mnemonic-seed-still-life.jpg|300px|thumb|alt=An example seed phrase written on paper|Example seed phrase on paper.]]<br />
<br />
=== Protection from accidental loss ===<br />
<br />
In the past many people have accidentally lost bitcoins because of failed backups, mistyped letters, forgotten hard drives, corrupted SSD devices, or numerous other slip ups. <br />
<br />
The key to protecting yourself from data loss of any kind is to have redundant backups so that if one is lost or destroyed, you still have others you can use when you need them. All good wallet software asks their users to write down the [[seed phrase|seed recovery phrase]] of the wallet as a backup, so that if your primary wallet is lost or damaged, you can use the seed recovery phrase to restore access to your coins. If you have more than one backup location, they should be in places where various disasters won't affect both of your backups. For example, its much better to store two backups in a home safe and in a safe deposit box (as long as your seed is protected by a passphrase) than to store two backups in your bedroom and one in your garage. <br />
<br />
Also important is regularly verifying that your backup still exists and is in good condition. This can be as simple as ensuring your backups are still where you put them a couple times a year.<br />
<br />
The best practices for backing up a seed is to store the seed using '''pencil and paper''' or '''metal seed phrase backup''' and storing in multiple secure locations. See [[Seed_phrase#Storing_Seed_Phrases_for_the_Long_Term]] for details.<br />
<br />
=== Verification and privacy ===<br />
<br />
Storing a [[seed phrase]] only stores [[Private key|private keys]], but it cannot tell you if or how many bitcoins you have actually received. For that you need wallet software.<br />
<br />
If you received cash banknotes or gold coins as payment, you wouldn't accept them without inspecting them and verifying that they are genuine. The same is true with bitcoin. Wallet software can automatically verify that a payment has been made and when that payment has been completed (by being mined into a number of blocks). The most secure kind of wallet is one which independently verifies ''all'' the rules of bitcoin, known as a [[full node]]. When receiving large volumes, it is essential to use wallet software that connects to a full node you run yourself. If bitcoin is digital gold, then a full node is your own personal digital goldsmith who checks that received bitcoin payments are actually real. [[Lightweight node|Lightweight wallets]] have a number of security downsides because they don't check all of bitcoin's rules, and so should only be used for receiving smaller amounts or when you trust the sender. See the article about [[full node|full nodes]].<br />
<br />
Your wallet software will also need to learn the history and balance of its wallet. For a lightweight wallet this usually involves querying a third-party server which leads to a privacy problem as that server can spy on you by seeing your entire balance, all your transactions and usually linking it with your IP address. Using a full node avoids this problem because the software connects directly to the bitcoin p2p network and downloads the entire [[blockchain]], so any adversary will find it much harder to obtain information. See also: [[Anonymity]]<br />
<br />
So for verification and privacy, a good storage solution should be backed by a [[full node]] under your own control for use when receiving payments. The full node wallet on an online computer can be a watch-only wallet. This means that it can detect transaction involving addresses belonging to the user and can display transaction information about them, but still does not have the ability to actually spend the bitcoins.<br />
<br />
=== Protection from theft ===<br />
<br />
Possession of bitcoins comes from your ability to keep the private keys under your exclusive control. In bitcoin, keys are money. Any malware or hackers who learn what your private keys are can create a valid bitcoin transaction sending your coins to themselves, stealing your bitcoins. The average person's computer is usually vulnerable to malware, so that must be taken into account when deciding on storage solutions. <br />
<br />
Anybody else who discovers a wallet's [[seed phrase]] can steal all the bitcoins if the seed isn't also protected by a secret passphrase. Even when using a passphrase, a seed should be kept safe and secret like jewels or cash. For example, no part of a seed should ever be typed into any website, and no one should store a seed on an internet-connected computer unless they are an advanced user who has researched what they're doing.<br />
<br />
[[Seed phrase]]s can store any amount of bitcoins. It doesn't seem secure to possibly have enough money to purchase the entire building just sitting on a sheet of paper without any protection. For this reason many wallets make it possible to encrypt a seed phrase with a passphrase. See [[Seed phrase#Two-Factor_Seed_Phrases]]<br />
<br />
=== Easy access ===<br />
<br />
Some users may not need to actually move their bitcoins very often, especially if they [[Bitcoin as an investment|own bitcoin as an investment]]. Other users will want to be able to quickly and easily move their coins. A solution for storing bitcoins should take into account how convenient it is to spend from depending on the user's needs.<br />
<br />
=== Summary ===<br />
<br />
In summary: bitcoin wallets should be backed up by writing down their [[seed phrase]], this phrase must be kept safe and secret, and when sending or receiving transactions the wallet software should obtain information about the bitcoin network from your own [[full node]].<br />
<br />
== Types of wallets ==<br />
<br />
=== Hardware wallets ===<br />
<br />
''Main article: [[Hardware wallet]]''<br />
<br />
[[Hardware wallet]]s are special purpose security-hardened devices for storing Bitcoins on a peripheral that is trusted to generate wallet keys and sign transactions.<br />
<br />
A [[hardware wallet]] holds the seed in its internal storage and is typically designed to be resistant to both physical and digital attacks. The device signs the transactions internally and only transmits the signed transactions to the computer, never communicating any secret data to the devices it connects to. The separation of the private keys from the vulnerable environment allows the user to spend bitcoins without running any risk even when using an untrustworthy computer. Hardware wallets are relatively user-friendly and are one of the best ways to store bitcoins.<br />
<br />
Some downsides are that hardware wallets are recognizable physical objects which could be discovered and which give away that you probably own bitcoins. This is worth considering when for example crossing borders. They also cost more than software wallets. Still, physical access to a hardware wallet does not mean that the keys are easily compromised, even though it does make it easier to compromise the hardware wallet. The groups that have created the most popular hardware wallets have gone to great lengths to harden the devices to physical threats and, though not impossible, only technically skilled people with specialized equipment have been able to get access to the private keys without the owner's consent. However, physically-powerful people such as armed border guards upon seeing the hardware wallet could force you to type in the PIN number to unlock the device and steal the bitcoins.<br />
<br />
=== Multisignature wallets ===<br />
<br />
''Main article: [[Multisignature]]''<br />
<br />
A multisignature wallet is one where multiple private keys are required to move the bitcoins instead of a single key. Such a wallet can be used for requiring agreement among multiple people to spend, can eliminate a single point of failure, and can be used as form of backup, among other applications.<br />
<br />
These private keys can be spread across multiple machines in various locations with the rationale that malware and hackers are unlikely to infect all of them. The multisig wallet can be of the m-of-n type where any m private keys out of a possible n are required to move the money. For example a 2-of-3 multisig wallet might have your private keys spread across a desktop, laptop, and smartphone, any two of which are required to move the money, but the compromise or total loss of any one key does not result in loss of money, even if that key has no backups.<br />
<br />
Multisignature wallets have the advantage of being cheaper than hardware wallets since they are implemented in software and can be downloaded for free, and can be nearly as convenient since all keys are online and the wallet user interfaces are typically easy to use. <br />
<br />
Hardware and multisignature wallets can be combined by having a multisignature wallet with the private keys held on hardware wallets; after all a single hardware wallet is still a single point of failure. Cold storage and multisignature can also be combined, by having the multisignature wallet with the private keys held in cold storage to avoid them being kept online.<br />
<br />
=== Cold storage wallets ===<br />
<br />
''Main article: [[Cold storage]]''<br />
<br />
A cold wallet generates and stores private wallet keys offline on a clean, newly-installed [https://en.wikipedia.org/wiki/Air_gap_(networking) air-gapped] computer. Payments are received online with a watch-only wallet. Unsigned transactions are generated online, transferred offline for signing, and the signed transaction is transferred online to be broadcast to the Bitcoin network.<br />
<br />
This allows funds to be managed offline in [[Cold storage]]. Used correctly a cold wallet is protected against online threats, such as viruses and hackers. Cold wallets are similar to hardware wallets, except that a general purpose computing device is used instead of a special purpose peripheral. The downside is that the transferring of transactions to and fro can be fiddly and unweilding, and less practical for carrying around like a hardware wallet.<br />
<br />
=== Hot wallets ===<br />
<br />
''Main article: [[Hot wallet]]''<br />
<br />
A hot wallet refers to keeping single-signature wallets with private keys kept on an online computer or mobile phone. Most bitcoin wallet software out there is a hot wallet. The bitcoins are easy to spend but are maximally vulnerable to malware or hackers. Hot wallets may be appropriate for small amounts and day-to-day spending.<br />
<br />
A user might have a ''spending account'' hot wallet for day-to-day convenient spending with the majority of their funds on a ''savings account'' which is stored with much more security (cold storage / hardware wallet / multisignature).<br />
<br />
== Bad wallet ideas ==<br />
<br />
=== Custodial wallets ===<br />
<br />
Custodial wallets are where an exchange, broker or other third party holds your bitcoins in trust.<br />
<br />
The number one rule to storing bitcoin is this: if you don’t hold the private keys, you don’t actually own the assets. There are many historical examples of loss due to custodial wallets: Bitcoinica, Silk Road, Bitfloor, [[Collapse of Mt. Gox|MTGOX]], Sheep Marketplace, BTC-e, Bitstamp, Bitfinex, Bithumb, Cryptsy, Bter, Mintpal and many more<ref>https://bitcointalk.org/index.php?topic=576337</ref><br />
<br />
==== "Isn't it just like keeping your money in a bank?" ====<br />
<br />
''The following is a quote of waxwing on reddit<ref>https://www.reddit.com/r/Bitcoin/comments/5py495/brian_armstrong_controlling_your_own_wealth_as_a/dcve9xx/?context=3</ref>:''<br />
<br />
:There are trade offs with everything, but trusting Coinbase with your Bitcoin is ''not'' the same as trusting a bank with your dollars:<br />
<br />
:Suppose 5 people are needed to access the funds, within Coinbase, e.g. the CEO, the tech lead engineer and 3 other senior employees. Suppose one day they wake up and decide to be evil and move all the Bitcoin to some private account of theirs, and perhaps make up a story in the press about how they've been "hacked". You have a serious problem, as you might find there is a protracted legal battle (see MtGox), but you can't actually retrieve the funds unless in some way the company is re-stocked with Bitcoin, or perhaps an equivalent in fiat.<br />
<br />
:If on the other hand you controlled the funds with a majority of keys in a multisig i.e. you own both of the two needed keys of a 2-of-3 multisig, then it would always effectively be your bitcoin, even though the third key may belong to a trusted third party custodian. But this also comes with the responsibility that if you get hacked, you lose all your funds. That is why it's prudent, in a 2-of-3 multisig where you have the two needed keys, to have them in separate systems/locations. If one of them fails, you can go to the custodian to supply the third key and transfer your funds again to safety. But the custodian alone, cannot touch your funds just by virtue of having the third key.<br />
<br />
:Now, if your bank gets hacked similarly - 5 key operatives in the bank decide to swipe your money and pretend it was external hackers - SWIFT transfers are made to accounts in Russia and China. Here it will always ultimately be at the discretion of legal agencies whether you "actually" still have the money that is stolen. Because dollars are not real, they can be created at a whim<ref>https://en.wikipedia.org/wiki/Fractional-reserve_banking</ref>, and while reversing international transfers is not ''quite'' so simple, very often that reversal can be achieved (e.g. recent SWIFT hack at bangladesh<ref>https://www.wired.com/2016/05/insane-81m-bangladesh-bank-heist-heres-know/</ref><ref>https://en.wikipedia.org/wiki/Bangladesh_Bank_robbery</ref> bank; $1 billion stolen, all but $80 million "recovered" (just means wire transfers reversed)). Added to that consider that fiat money is insured, so even when transfers can't be reversed, the money can be "recovered". If too many banks get hacked all at once the Federal Reserve and the government together can make up some "fund" that magically reassigns balances any time they like, with sufficient political will (that's essentially what was happening in 2008 TARP etc).<br />
<br />
:So far no insurance company has ever paid out on a Bitcoin company's claim. Worth considering also.<br />
<br />
:You might say, since it's risky both ways, why not trust Coinbase? Aren't they more competent in security than me?<br />
<br />
:Almost certainly, but this argument has two massive holes in it: (1) because they ''concentrate'' funds they are a massive target for hackers, while you are not - at all. (2) they are a ''trusted third party'' so the situation is strictly worse - not only do you have to trust their security skills, but you also have to trust them not to steal (modulo multisig, as mentioned above) (edited to add: as well as literal stealing, there is things like political confiscation, don't forget).<br />
<br />
=== Web wallets ===<br />
<br />
Web wallets have all the downsides of custodial wallets (no direct possession, private keys are held by a third party) along with all the downsides of hot wallets (exposed private keys), as well as all the downsides of lightweight wallets (not verifying bitcoin's rules, someone could send you a billion bitcoins and under certain conditions the dumb web wallet would happily accept it)<br />
<br />
Someone who needs the easy access of a web wallet should download a lightweight wallet like [[Electrum]].<br />
<br />
Main article: [[Browser-based wallet]]<br />
<br />
=== Paper wallets ===<br />
<br />
So-called [[paper wallets]] are an obsolete and unsafe method of storing bitcoin which should not be recommended to beginners. They simply store a single private/public keypair on paper. They promote [[address reuse]] and require unwieldy and complicated live OS system boots to be safe, they risk theft by printers, and typically rely on [[Javascript cryptography]].<br />
<br />
Paper wallets also do not provide any method of displaying to the user when money has arrived. There's no practical way to use a [[full node]] wallet. Users are typically driven to use third-party blockchain explorers which can lie to them and spy on them.<br />
<br />
A much better way to accomplish what paper wallets do is to use [[seed phrase]]s instead.<br />
<br />
Main article: [[Paper wallets]]<br />
<br />
=== Cloud storage ===<br />
<br />
This means storing your encrypted (or not) wallet file on a cloud storage solution such as Dropbox, or emailing them to yourself on gmail. This very similar to trusting a custodial wallet service, and is not recommended for the same reasons<ref>https://www.reddit.com/r/Bitcoin/comments/8i6via/28_btc_stolen_10_btc_reward_please_help/</ref>. You might say you use encryption for two-factor authentication, but uploading the wallet to the cloud reduces this to one-factor.<br />
<br />
=== Removable media ===<br />
<br />
This refers to storing wallet files on removable media like SSD or hard drives.<br />
<br />
Refer to the warnings from these two links:<br />
<br />
* https://www.reddit.com/r/Bitcoin/comments/6nj0eb/reminder_beware_of_data_rot_always_make_paper/<br />
* https://tedjonesweb.blogspot.co.uk/2017/08/do-not-use-flash-memory-ssd-drives.html<br />
<br />
Those articles recommend using GPG for encryption or a printer, instead a better solution is [[seed phrase]]s.<br />
<br />
=== "Physical" Bitcoins === <br />
<br />
Physical Coins and other mechanism with a pre-manufactured key or seed are not a good way to store bitcoins because they keys are already potentially compromised by whoever created the key. You should not consider bitcoin yours if its stored on a key created by someone else. It only becomes yours when you transfer the bitcoin to a key that you own and exclusively control.<br />
<br />
== Other ideas ==<br />
<br />
=== Time-locked wallets ===<br />
<br />
An interesting unconventional solution. The idea is to use [[Timelock|time-lock contracts]] to create a wallet which cannot be spent from until a certain date. One possible use-case might be by a gambling addict who locks up money for paying bills for a month, after a month has passed and their time-lock wallet is opened they use that money for paying bills instead of gambling. This is the equivalent proposal towards compulsive shoppers to freeze their credit card in a block of ice, so when they feel the urge to immediately buy something they see on the TV, they will need to wait for the block to melt until they can retrieve the credit card to be able to place the order. This hopefully gives them the time to cool off, and reconsider an otherwise meaningless purchase.<br />
<br />
Time lock wallets don't exist yet except for simple [https://coinb.in/#newTimeLocked javascript pages] which rely on [[Javascript cryptography]] and are therefore not safe.<br />
<br />
=== Consulting ===<br />
<br />
If you intend to store a very large amount of bitcoins, for example in a business, you should consider paying for security consulting.<br />
<br />
== The 5 dollar wrench attack ==<br />
<br />
[[File:Security.png|400px|none|alt=xkcd comic on the 5 dollar wrench attack.]]<br />
<br />
It's sometimes said that all this security is worthless because the $5 wrench attack can be used.<br />
<br />
There are two ways to beat this attack: by hiding or by defending yourself.<br />
<br />
Stored bitcoins are not secured by [[seed phrase]]s, [[hardware wallet]]s, [[multisignature]], passwords, hash functions or anything like that; they are secured by ''people''.<br />
<br />
Technology is never the root of system security. Technology is a tool to help people secure what they value. Security requires people to act. A server cannot be secured by a firewall if there is no lock on the door to the server room, and a lock cannot secure the server room without a guard to monitor the door, and a guard cannot secure the door without risk of personal harm.<ref>[https://github.com/libbitcoin/libbitcoin/wiki/Risk-Sharing-Principle Libbitcoin wiki Risk Sharing Principle]</ref>.<br />
<br />
Bitcoin is no different. The technology discussed on this page is only a tool to tip the scales in the defender's favour. Following from this principle, the way to beat the $5 wrench attack is to bear arms. Either your own, or employ guards, or use a safety deposit box, or rely on the police forces and army; or whatever may be appropriate and proportionate in your situation. If someone physically overpowers you then no technology on Earth can save your bitcoins. You can't be your own bank without bank-level security.<br />
<br />
See Also: [https://twitter.com/i/moments/942083114385281024 Guns + Bitcoin Hardware Wallets]<br />
<br />
== Further reading ==<br />
<br />
* [https://github.com/BlockchainCommons/SmartCustodyWhitePapers/blob/master/%23SmartCustody-_Simple_Self-Custody_Cold_Storage_Scenario.md SmartCustody: Simple Self-Custody Cold Storage Scenario]<br />
<br />
* https://bitzuma.com/posts/a-gentle-introduction-to-bitcoin-cold-storage/<br />
<br />
* https://medium.com/@lopp/thoughts-on-secure-storage-of-bitcoins-and-other-crypto-assets-210cadabb53d<br />
<br />
* https://medium.com/@michaelflaxman/how-should-i-store-my-bitcoin-43874ac208e4<br />
<br />
* Two-factor authentication on custodial wallets doesn't work as well as you might think https://medium.com/@CodyBrown/how-to-lose-8k-worth-of-bitcoin-in-15-minutes-with-verizon-and-coinbase-com-ba75fb8d0bac<br />
<br />
* This is why you shouldn’t use texts for two-factor authentication https://www.theverge.com/2017/9/18/16328172/sms-two-factor-authentication-hack-password-bitcoin Hacking 2FA based on SMS is easy.<br />
<br />
* [[Backup and Storage Methods]]<br />
<br />
==References==<br />
<references /><br />
<br />
[[Category:Security]]</div>Iminer99