How to store a large number of bitcoins?

in #bitcoin7 years ago

If there is a need to store a large amount of crypto currency, you can not think of anything better than cold storage. Cold storage involves physical access to the information medium, so as to protect it from any attempts to access via the Internet.

These five methods dramatically reduce the risk of theft:

paper wallets
encrypted paper wallets
Offline signature of transactions (without Internet connection)
fragmented secret keys
multi-signature wallets
hardware wallets
If you use the above methods, you should not worry about hacker attacks. Rather, it should be concerned about the 'classic' robbers, and even those who are well versed in bitkoyn-technologies. Most of the above methods are well suited for long-term and safe storage of large amounts in the crypto currency. Nevertheless, having a large bitcoin-state, consider hiring a personal expert on crypto-security, which could audit the storage methods you are using.

Note: all experiments with the methods listed above should be done ONLY with a small amount of bitcoins available for you. Confidently mastering the proposed techniques, you can operate and larger amounts.

The entire range of proposed methods is available on the site bitaddress.org, which, by the way, for security reasons, you can download and run in offline mode.

After downloading the main page, the site will ask you to move the cursor or drive a random character set into a special field. This increases the degree of randomness in the generation of bit-address. It is very difficult to generate a random sequence of digits by software methods, because a program is always some kind of algorithm, the result of which can be calculated to some extent, which makes it predictable. For applications outside the financial sphere, for example, to generate hands in the card game "kerchief", this is not critical, but to store large sums of money, 'randomness' of high quality is very important.

Paper Wallets
Paper wallet, perhaps, is one of the simplest and most popular methods of cold storage. The creation of such a purse assumes the generation of the bitlock-address and private key in offline mode, and their recording on any medium not accessible from the Internet. For example, you can write a pair of keys on a sheet of paper, which you then put in your own safe or bank cell. At the same time, you can send bitcoins to this address without any problems, where they will be completely safe. When you decide to spend bitcoins from the above address, you will only need to import the secret key into the purse program that you use. After this operation, your storage from the cold will turn into hot.

If you need to spend only a portion of the accumulated, and keep the remainder in a cold store, then after importing the secret key into the hot wallet, you should immediately send the balance to a freshly created cold wallet (your old storage is already on the network, and therefore can be compromised ).

Note: Alternatively, you can spend some of your funds from cold storage using a method called 'transaction signature offline'. We'll talk about it later.

Provided that you keep the secret key in a safe place, the paper storage method is perfectly suitable for storing large amounts of bitocans for any period. However, consider such risks as flood and fire. Also, do not scan, photograph or flaunt the secret key on paper, otherwise your store may be compromised. The security of your bitcoyons is so high as the security of the least reliable method of storing the private key used by you is high. Take into account, for example, that some copiers store each copy of the document in memory. The most secure way to make a duplicate of a paper wallet is a simple handwriting.

Encrypted paper wallets
The encrypted paper wallet method improves the security of the above method. In fact, instead of writing a secret key on a sheet of paper, you record its encrypted version. The only way to decrypt it is knowing the password. This creates an additional barrier to the path of hackers.

To implement this method, you can use hundreds of different encryption schemes. The most common is the encryption of BIP38.

The creation of such a purse consists of two steps:

Go to bitaddress.org and move the mouse cursor around the screen until a sufficient amount of random data is generated.
Select a password and generate a bit-address with a secret key.
Your private key will start with the number 6, instead of the 'regular' five for the standard secret keys.

Note: The passwords used to encrypt data must always be long enough: if they are shorter than 40 characters, they are relatively easy to crack. Based on this, such passwords are also called 'key phrases'.

IMPORTANT: Loss of the key phrase leads to a complete loss of access to your bitcoins.

Thus, the best solution is to record your key phrase and store it separately from the paper purse. As in the case of a conventional paper purse, it is advisable to make copies of encrypted purses to protect against theft, fire or flooding. Additional security measures are never superfluous. If your encrypted wallet is stolen, you will be able to use another copy even before the attacker opens it (if it succeeds).

Offline Signature of Transactions
The offline transaction signing method is an entry-level security solution that is suitable for bit-businesses or serious users who regularly face processing large amounts of bit-bones. This method requires two computers and is much more advanced than the simple use of paper wallets. A hot wallet is installed on one computer. Here we will not transfer secret keys. When you create a transaction, the wallet will ask you to perform an additional authorization step using the second computer on which your secret keys will be located and which will not be connected to the Internet. The second computer also needs to have a wallet with a digital transaction signature function, where you copy the created transaction. There, you create a file containing a transaction signed with a digital method, which you then copy again to the computer connected to the Internet:

Storing-large-amount-of-BTC

A computer connected to the Internet never comes into contact with secret keys. Signing a transaction offline is similar to a scheme where you have a financial administrator who does not have the authority to sign checks that is signed by another trusted person or you personally. Although this method is highly secure and can be used to store large volumes of crypto currency, making a large number of daily transactions can be quite burdensome. One of the potential risks here is the loss of secret keys on an offline computer, and therefore, you must have their copies. Another risk is the possibility of compromising your secret keys in case of theft or confiscation of an offline computer.

Advantage of the method of signing transactions offline is that there is no need to transform your cold store into hot storage. The bulk of your savings will always be in cold storage, even if you spend from this address.

You can use the functionality of the Electrum purse for signing transactions offline. Another of the highly recommended wallets for implementing the above method is the Armory Bitcoin Client, the source code of which is open, and it was developed on the principles of maximum security. Armory offers many advanced security features. If you are serious about the safe storage of bitcoins, and also an advanced bitcoyer, you should thoroughly study this software.

Fragmented secret keys and multi-signature addresses
Fragmented secret keys and multi-signature addresses mean fragmentation of the information necessary for bitcoins, and storing it in disparate geographical locations. Both of these methods are distinguished by very high levels of safety. Large-scale bitocon-business (bitcoin-exchange, hedge funds, retailers, etc.) should use them. Let's analyze both of these methods in more detail:

Fragmented secret keys
coinsetter-multisig-bitcoin-icon-1024x382 Using a cryptic trick known as 'secret sharing', the secret bitcoin key is divided into many fragments. To restore the key, you need a certain number of them (m-necessary parts from n-existing ones). For example, a secret key can be
is fragmented into 5 fragments, but for a complete restoration of the key you need 3 fragments of 5. None of the parts yourself contains any significant information about the key as a whole. This strategy is very useful for highly secure storage of bitcoins, as participating companies can store each fragment in a separate safe place. If one of the fragments is damaged or compromised, the storage is still safe. In addition, other fragments can be used to move bitocans to a new address. For practical implementation of this method, several different cryptographic protocols are used. The most popular is Shamir's scheme, the initial implementation of which can be easily found on the Internet.

Addresses with multi-signatures
Using an address with a multi-signature or multiple secret keys, instead of using one secret key divided into many parts, also provides a high level of security for bit-storage. Bitcoins are stored on an address that requires more than one key to sign transactions. Companies can assign an existing (cumulative) number of keys, as well as the required amount for signing a transaction. For example, the company has assigned three existing keys, setting two keys for signing the transaction. For safe storage, businesses can also distribute these keys to different people, thus distributing the powers, depriving individual authority over the funds to any person. For example, bitkoyn-bank can decide that no employee (be it even a CEO or a president) has the right to dispose of customer funds alone. Each employee of the bank can have its own secret key for a specific address. Alone, none of the employees has the authority to move funds. To authorize a transaction, you need to sign a specific number of employees. The key difference between a lot of secret keys and a lot of fragments of one secret key is that in the first case a particular person will never have full control over the means, while in the case of a fragmented key such control will be. Using addresses with a multi-signature is an extremely safe and responsible way to manage large amounts of bitcoins.

Sort:  

This is a useful introduction to cryptocurrency storage. Safe, yet accessible, storage is still a real trouble spot for bitcoin.