bitcoin wallet – Lifeboat News: The Blog https://lifeboat.com/blog Safeguarding Humanity Wed, 28 Aug 2019 07:34:49 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.2 What is a ‘paper wallet?’ Do I need one? https://lifeboat.com/blog/2019/07/what-is-a-paper-wallet-do-i-need-one Tue, 16 Jul 2019 15:48:01 +0000 https://lifeboat.com/blog/?p=93719

This post is structured as a question-&-answer. That’s because it was originally an answer at Quora, a Q&A site at which I am a Bitcoin columnist.

What is a ‘Paper Wallet’

A paper wallet is the ultimate offline wallet. It simply means that the private address to your crypto wallet is printed on paper — either as a string of characters, a QR code, or a series of seed recovery words.

If you destroy any electronic copy of your original wallet (e.g. the private keys that give you access to your wealth), then hiding this piece of paper is very similar to hiding a bar of gold. The only way that someone can steal it or know the amount it represents is to get their eyes and hands on something physical. They would need to know that you tucked it into your mattress or behind a secret panel of your cellar wall.

In my opinion, a paper wallet, though secure, presents a big risk to the owner—even bigger than the potential for a hardware wallet to be hacked. We’ll get to this later.

Example of a Paper Wallet

The image above is a paper wallet printed onto a card [click to enlarge]. There are web sites that will help you print one with a new or existing wallet address. One popular site is BitAddress. [Warning!] After printing and storing the paper wallet in a place that you believe is secure, that you will not forget—and that your family can get to some day in the future)—delete all electronic copies of your original address (i.e. if you did not create a completely new wallet in the process).

More about Paper Wallets

Like other wallets (a software app, or a dedicated hardware device), your wallet contains private keys that access your wealth on the blockchain. But in the case of a paper wallet, it is made private and secure by hiding this slip of paper where no one can ever see it or peek at it online. Think of it as if you are hiding a valuable diamond.

A paper wallet cannot be hacked, unless it is within range of a camera. But the diamond analogy breaks down, because a paper wallet has other risks than hacking…

It can be lost, damaged in a flood or fire or chewed by termites or your dog. More likely, it can be forgotten for years. When your heirs finally discover it under the mattress or taped to the back of a painting, they are unlikely to recognize its purpose and simply throw it out.


Hosted Wallet: Complete Opposite of Paper Wallet

You didn’t ask for the other extreme wallet scenario. But this seems like a good time to discuss it.

When it comes to security –vs- convenience & recovery, an exchange-hosted wallet is at the other end of the spectrum. With this type of wallet, you do not control your private keys. In fact, your crypto isn’t even in a wallet dedicated to you. Instead, it is aggregated with assets of all other clients. You are trusting the exchange to track your stake via a traditional account relationship. When you spend or receive Bitcoin (or other cryptocurrency), the transaction occurs withing the exchange. It is not transmitted directly to a blockchain or Lightning Network.

Advantages of an exchange hosted wallet:

  1. A reputable, hosted exchange (there are very few)‡ implements and follows rigorous backup, security and disaster practices. These safety practices are probably more diligent, standardized and adhered to than whatever you would do with a software, hardware or paper wallet.
  2. A reputable, hosted exchange maintains your account information and instructions in their records and acts on these instructions. As with a traditional bank or broker, they pass wealth to your heirs or executor, if you provide the beneficiaries and instructions in your account profile.

With a personal wallet under your control, it is more likely that your relatives will not know about your wallet, lose it, or fail to distribute assets as you intended. This will change in the future, as multisig becomes standardized and easier for end-users to understand and use. But for now, a traditional custodian has an edge in transmitting wealth from one generation to the next.

Disadvantages of an exchange hosted wallet:

  1. Your money could be completely lost if the exchange does not practice very good security practices, is dishonest or becomes insolvent. (It happened with more than half of the exchanges during the first 5 years after Bitcoin was unveiled!). It is less likely today, but only if you choose your exchange carefully.‡
  2. With Bitcoin and most cryptocurrencies, transactions are never anonymous, nor even very private. That’s a myth. But with an exchange hosted wallet, your wealth and activities are even more exposed to outside scrutiny. That’s because reputable hosts are quick to comply with subpoenas, court orders, tax authorities and even local police investigations. They want to be seen as safe. To project this image, they are proactively compliant with oversight and proposed regulations.
  3. Your money can be frozen or seized by the exchange (for whatever policies they deem appropriate) or from authorities outside the exchange. Often, the reasons make no sense to individual clients affected. This happened to me very recently!
  4. Large computer based servers experience technical glitches—which often coincide with your most urgent need to access funds.

† Extreme Caution Recommended

BitAddress has an excellent reputation and has never been the focus of suspicion. Their source code is written in a popular script and is short enough to enable scrutiny by many developers and analysts. Additionally, the creation of your wallet and printout can be performed completely offline (no internet connection). You can further enhance safety by performing the wallet creation and printout from a PC that will never be connected to the internet. (Yes! It is that important to use paranoid practices to avoid exposure of your private keys).

Despite the quality reputation and transparency, I do not currently recommend using BitAddress to create a paper wallet.

  1. At the time of publishing, BitAddress has a problem with their web security certificate. This makes it possible for your web traffic to be hijacked by a DNS spoof. (This Blog does not have a security certificate at all, but you are not using it to store or create confidential information).
  2. Unnecessary risk is introduced by merging the process of creating a new wallet with conversion into a physical printout. Look for a tool that is completely off-line and that enables you to create a QR code or seed words for a wallet address that you already own.

Once BitAddress fixes the problem with security, the following process will protect your private keys from interlopers:

  • Go to bitaddress.org
  • Switch the internet off
  • Save the HTML file in a USD device
  • Restart the computer with a bootable Linux Live CD
  • Make sure that you are offline and open the HTML file
  • Follow the rest on bitaddress.org to create a paper wallet

If you download another tool to create a paper wallet, search for one that is open source and vetted by thousands of developers, users and armchair detectives. Choose one that is hosted by SourceForge or GitHub and carefully read user forums and reviews.


‡ Why are their few reputable cryptocurrency exchanges?

Regulations pertaining to cryptocurrency exchanges are not yet uniform, nor even widely understood. Additionally, there is no Federal account insurance for your hosted wallet. (Currently, the market is too volatile and risky for traditional underwriters to step up).

But, a well-capitalized exchange with high-profile investors is likely to adhere to rigorous security practices and unscheduled audits with public transparency. These reputable exchanges also work hard to comply with federal and regional regulators, and they comply with money transmitter practices, such as KYC, AML and RICO.

In my opinion, very few exchanges meet these rigorous standards, especially in this early era—which is often compared to the Wild West. Two very reputable exchanges are Coinbase (San Francisco) and Bitstamp (Founded in Slovenia and incorporated in the UK; Now, they are based in Luxembourg).

These big, reputable services mitigate the risk of hacking and theft by keeping most client assets in a ‘cold storage vault’ (off line and powered down). Your wealth is only attached to the internet when requested and in the quantity that you need. The rest is never exposed. Your online purchase or transaction is made after you have received email and text messages about the status of your coins.


Philip Raymond co-chairs CRYPSA, hosts the Bitcoin Event and is keynote speaker at Cryptocurrency Conferences. He is a top writer at Quora.

]]>
Lack of standards leads to new Bitcoin wallet advice https://lifeboat.com/blog/2019/07/lack-of-standards-leads-to-new-bitcoin-wallet-advice Wed, 10 Jul 2019 17:18:02 +0000 https://lifeboat.com/blog/?p=93404 This update is an adaptation of my recent answer to a Quora reader who was in a panic. She asked:

What can I do after a hard drive crash?
How can I recover my cryptocurrency?

In the past, I would address the immediate problem of course. (My answer is below). But to prepare for the next unfortunate event, I recommended a wallet type based on a user’s unique experience, expertise and comfort zone. I guided the reader to weigh trade-offs of important criteria: Security, portability, convenience, and quick access to assets).

I had believed that some types of wallets were better for some individuals, but that they required a background in cryptography—or at least a discipline for meticulous practices. As CEO of the Cryptocurrency Standards Association, I had also believed that simple, unified, and popular standards would emerge very soon. I figured that this would enable users to practice safe-wallet maintenance in their own homes.

I was wrong. Most crypto wallets have not sufficiently evolved to counter the risks and complexities of everyday scenarios —not even for expert users. The problem isn’t the fault of any one vendor or hosted online service. It is that all of these gadgets, apps and services have not gotten together behind a single set of risk standards to a point where they become simple, standardized and compliant-friendly in the real world.

The lack of comprehensive standards and best practices dealing with total loss of access can bite anyone in the tush. Expertise and experience be d*mned. Today, I recommend only two types of wallets. All others are simply too risky to play a role in any financial portfolio. They set the stage for losing your wealth and health in so many plausible scenarios:

  • If your electronic device is lost, hacked, stolen or run over by a truck
  • If you become incapacitated or die
  • If you forget a secret, or where you stored it
  • If you have no idea what is “multisig” and don’t care to learn strange new practices
  • If an online cloud service or exchange goes dark or mysteriously disappears

Here is my answer to the reader who urgently needs to recover from a disk drive crash. After dealing with that crisis (it’s not at all pretty), I explain what do do in the future…


Question:How can I recover my cryptocurrency after a hard drive crash?

Bear in mind that your digital wallet doesn’t really hold wealth or coins. It holds a private key that lets you access your wealth on the blockchain. The key is like a password, but you cannot choose your own and it is too complex to remember. And so, you need a place to store it. That’s all a wallet really is.

If you stored this key on an electronic device (or in a software app or even on paper), but with no way to recover it—in case the device is lost, broken, hacked or stolen—then you are screwed! Your bitcoin still exists, but access to it has been lost forever.

Let’s be extra clear: If the device cannot be repaired or recovered, there is absolutely nothing you can do except lick your wounds and learn from your experience.

Now, let’s talk about next time…

A beautiful trait of crypto is that you can back up your wallet easily. The elegant and secure way to do this is by creating a list of 11 or more common dictionary words and placing this list where you and 2 or 3 trusted friends can always find it. The ability to generate this list of words is a Bitcoin standard. It greatly reduces the risk of lossbut only if you are aware of the feature, make use of it, and periodically practice asset recovery.*

But, we’re getting ahead of ourselves. Let’s back up, and describe the way to store your keys…

There are only two ways that you should stash cryptocurrency until we reach a day when standards, best practice and multisig escrow are second nature, trivial and understood by everyone.

You can either (1) trust a custodial exchange, or (2) use a hardware wallet. In a nod to smart phones and software apps, I will describe something that they are good for in these safety tips. But your go-to wallet should never be an app.

1. Trust a custodial exchange like Coinbase or Bitstamp

Despite what your Libertarian friends have told you (“It misses the whole point of owning crypto!”, don’t dismiss this option so quickly. A traditional bank/brokerage model offers several benefits which are important to some individuals. We’ll get to those in the bulleted list below.

Choose an exchange that is compliant (fully licensed and follows regulations for all activities). They must be well capitalized by reputable investors and subject to random, outside audit. The two mentioned above belong to this very small class of exchange-wallet services.

The exchange holds your crypto in their own offline vault and gives you access on demand through an account user interface using two-factor authentication. The process can be frustrating, if you lose your smart phone and haven’t prepared or practiced for such an inevitability. That’s because they must be absolutely certain that access is being made by you or someone that you have authorized

Why would anyone want a service to control their assets? There are good reasons:

  • Since their main business is acting as an exchange, broker or market maker, you can quickly shift assets into Fiat or other cryptocurrencies
  • Their meticulous record-keeping aids your own end-of-year tax reporting
  • A real person can help with confusing or unexpected circumstances
  • Just as with a bank or stockbroker, you can designate heirs, a spouse or co-owner, and your anticipated executor or a relative with power of attorney
  • A reputable custodian makes it difficult to accidentally lose access to wealth

But what about security standards? With all of the exchange failures, the lack of an insurance framework, and many that have simply lost or fled with customer assets, can you trust an exchange to implement security in the very best way?

Ultimately, a reputable exchange that practices security drills, subjects itself to outside audits and has investors with lots to loose is more likely than you to implement, update and rigorously practice safe methodology. This may change in the future, as standards and practices become more clear, unified and easier to follow. But for now, the traditional bank model makes sense for a great many users. I have owned Bitcoin for ten years, and I have only switched from Coinbase to method #2, below, in the last month.

2. Take control of your private keys

A hardware wallet, like the Trezor Model T (left) or Nano Ledger is the safest way to keep your private keys. A hardware wallet offers enhanced security, privacy, control. But it surrenders the advantages of a custodial relationship listed in the bullets above.

Upon configuring the wallet, you can generate a list of 11 or more seed words.* These allow you to completely recreate the wallet in a worst case scenario. Give this list to several scrupulous and indisputably trusted friends.

Some wallet vendors offer to engrave the seed words into steel so that it is likely to survive your house burning down or being run over by a snow plow. (Even better, some will send you a slab of steel and a set of hard metal slugs for each letter of the alphabet. This enables you to bang the words into metal yourself. No one except two or three trusted friends should ever have access to these words).

I prefer to hand-write the seed words, scan it, and then allow two trusted relatives (preferably younger) to encrypt the image and hide it with their preferred stenographic technique. Is this a complex process? Does it require periodic drills to ensure that the seed words can be found and that they still work. Yes, and Yes. Choosing to forgo a custodial relationship adds some cost and complexity to wallet maintenance & safety. With evolving standards and practices, this will change. But, we’re not there yet.

Think of the seed words as your master password to everything that is dear to you.if they become lost, forgotten or stolen, you will lose much more than your wealth. You will lose your child’s education, your marriage, retirement and health.

What about wallets on a computer or phone?

You would never pack all of your life savings, your stocks, bonds and home equity into your billfold before leaving for the grocery store. Likewise, there are no reasonable arguments for walking around with private keys to your wealth on a phone or tablet. These devices are constantly exposed to hazards, both physical and virtual. The same applies to a desktop PC. Even if you adhere to a scrupulous backup protocol, a software wallet exposes you to increased risk of loss, theft, and hacker attacks, especially social engineering cons.

If you need to make purchases or other transactions as you travel, carry an off-line hardware wallet or access keys from a mini-cloud wallet (hosted or your own). It contains a very small fraction of your wealth—the most you would need for impulse spending on a typical day. Anything more should never be attached to the internet.

Earlier, I promised to say something nice about software app wallets…

Sometimes, an app wallet can be very useful. Here is an example that helped me. It doesn’t change my recommendation to avoid them. It simply means that they may offer a specific function that you can still make use of when needed…

Assisting with the BCH / BSV Fork

On November 18, 2018, anyone holding Bitcoin Cash was theoretically entitled to an equivalent amount of Bitcoin Cash SV (it stands for “Satoshi Vision”). Although BSV had some highly visible supporters—notably Craig Steven Wright, who claimed to be the developer behind the pseudonym—it was not clear that it would generate sufficient interest to carry value and sustain a mining ecosystem of its own.

At the time, my BCH was stashed at Coinbase, and that exchange warned clients that they may not support the fork at all. That is, they might not create new online wallets and award users with BSV.

And so, I moved sent my BCH to a hardware wallet. At the time, I was just beginning to experiment with the new Trezor Model T.

But shortly after the fork, I learned that the Trezor didn’t support BSV. I wondered if there was still a way for me to fork my Bitcoin Cash? Since BSV has no replay protection, there were lots of doubts about the process for individual users to claim their new tokens.

I didn’t have time to deal with the issue for months. During that time, it became clear that the effort would be worthwhile. BSV was not as valuable as BCH, but it was still valued at hundreds of dollars per coin. Ignoring a future windfall makes no sense at all. Even Coinbase eventually announced a plan to give BSV to customers who kept their BCH with them. (This didn’t help me. My BCH was already in a Trezor wallet!).

It turns out that the solution was a bit tricky. It only works if the user has never received additional Bitcoin Cash into the wallet with pre-fork coins, if the later incoming BCH had already been forked. If even one post-fork BCH was sent to the wallet address, the entire BCH balance would be ineligible for forking—ever! And then, there is the replay problem. There was no formal protocol for achieving this. Oy!

Several application wallets found a clever work-around. I chose the Edge wallet (available on Android), because the process appears to be easy—and it was. All a user needs to do is (1) create a BCH wallet on their Android phone, and (2) send pre-fork BCH from a non-polluted wallet, like my Trezor. The sending wallet cannot be at an exchange service, like Coinbase, because these services aggregate user funds both at their facility and when they transmit to the blockchain.


* Seed words are recovery magic for a wallet that has been lost, stolen or destroyed.

The algorithm that maps a complex private key into an ordered list of English words is Bitcoin standard #BIP39 (it stands for Bitcoin Improvement Standard). The emergence of this standard reduces user risk greatly for compliant wallets. In the event of catastrophic loss, theft of destruction, it enables a user to recreate a wallet on their choice of competing platforms: gadgets, software apps, and even some hosted wallets.

If you opt for a hardware wallet that is owned and secured by you (as opposed to trusting an exchange as custodian of your crypto assets, just like a traditional bank), then make sure that your wallet offers BIP39 seed word recovery. Ignoring this safety standard puts you back at high-risk, and invalidates everything that this article conveys!


Philip Raymond co-chairs CRYPSA, hosts the Bitcoin Event and is keynote speaker at Cryptocurrency Conferences. He is a top writer at Quora.

]]>
Best Bitcoin wallet: Hardware or hosted? https://lifeboat.com/blog/2018/12/best-bitcoin-wallet-hardware-or-hosted Wed, 12 Dec 2018 02:27:16 +0000 https://lifeboat.com/blog/?p=85717 I have included the original question, to better distinguish products and terms. All bitcoin wallets are all digital—even a paper wallet, whether a character string or a QR code. Conversely, an exchange may use “physical” wallets to host client assets, individual application wallets, or they may simply keep records of client assets that are stored, collectively, in their own master wallet. To complicate matters, Bitcoin is never really “stored” by you or an exchange service. It is stored on a public blockchain, where assets and transaction history can be traced through time by anyone. Therefore, all forms of user access are “digital”. What the reader really wants to know is “Which form of access control is better?  — custodial or personal?” Type 1: Custodial Wallets are Managed by a Trusted Party They hold your assets. You view a statement balance—just like a bank account.

The reader uses the term “digital wallet” to mean a hosted wallet in which a trusted 3rd party holds the private keys, or aggregates the assets of many customers and tracks their individual ownership in their own accounting system, like a traditional bank or broker. In this case, the 3rd party is trusted to maintain security, privacy, and constant, robust user access.

It is possible that the reader may have used the term “digital wallet” to additionally refer to PC and smartphone applications, such as Bitcoin Core, Armory or Electrum. But, these are really personal and private wallets — because they are created and configured by the owner, and only the owner has the private keys. And so, we classify device wallet applications as “personal/private” along with hardware or paper wallets. Type 2: Personal Wallets are Private —but with privacy comes risk!

Wallets are personal if the private keys are generated and stored by the user, either on paper, in their PC or smart phone, on a thumbdrive, in a hardware wallet, or even uploaded to cloud storage. As long as the asset owner holds the keys and securely encrypted any uploaded file that contains the keys, the assets are accessible only with his consent.

So, which wallet class is better for securing cryptocurrency access credentials? Custodial or Personal? Which of these models best fits your needs?
  • A custodial wallet is like a bank a statement. Your assets are maintained by an exchange, rather than tucked into your mattress. The wallet and keys are not under your control, but the process that governs backup and security is rigorous & standardized. Availability to your heirs is governed by documents and laws.
—OR—
  • A personal wallet is completely controlled by you. The private keys must be stored where you will always find them (in your head, a lock box or an encrypted file that is distributed to family in a way that they will always be able to unlock it!). Ensuring future availability, swift transactions or passing wealth after death requires careful attention to tools, process and a secret.
A crypto purist or Libertarian might insist on taking full control of the assets. That is, storing them locally and with only the owner having the private keys. This is analogous to storing bars of gold in a safe and then burying the safe in a deep, covered hole in your yard—and in a spot that only you can find. Even if your children can find the safe after you die, it is equipped with explosives that will completely obliterate the gold, if it is unearthed without the correct password. I am privacy zealot. And yet, to the dismay of some followers, I believe that—for most cryptocoin owners—a hosted, custodial wallet is better than taking possession of a hardware wallet, paper wallet or digital wallet (anything that the user personally stores in a PC, phone, on paper or in a personally encrypted cloud account). To explain, I shall call out [1] a critical requirement, and [2] the deciding factor in determining this advice applies to you. 1. Critical Requirement The host must have impeccable credentials, a solid and ongoing regimen of security reviews and unscheduled audits — and they must be sufficiently capitalized by large, respected organizations, such that widely recognized individuals and organizations are at substantial risk if anything were to go wrong. Trust among strangers is easily scammed. So let me be clear. Regarding the investors, board, executives and security auditors of a custodial wallet service, both their reputations must be at risk as well as their worldwide assets across other business areas. Coinbase in San Francisco is such an exchange and hosting service. Currently, there are only two others that meet this extreme level of vetting. If Fidelity Investments enters the market as a crypto-hosting service, they would likely meet this bar. 2. Deciding Factor There are few individuals for whom direct and private ownership makes sense. In fact, until this month, it did not make sense for me. I am only now configuring my first hardware wallet. I still trust Coinbase to host and control most of my assets. The reasons boil down to security, forgetfulness, errors, legacy ownership and instant access. The ONLY factor that is arguably better with personal custody & control is privacy. Due to a lack of education, standards, and definitive best practices, this option makes sense for fewer than 5% of Bitcoin owners. Take me, for example… I have been involved with Bitcoin since the first years of its existence, and have been a Bitcoin educator since shortly after Satoshi’s original bombshell. Today, I am a keynote presenter at blockchain and cryptocurrency conferences. I teach blockchain seminars, design courseware for colleges, and am co-chair of the Cryptocurrency Standards Association and partner in Blockchain Research Council. Yet, I am only now configuring my first hardware wallet. I still trust Coinbase to host and control most of my cryptocurrency. How do I know if I am a candidate for full / private control? Using an exchange hosted wallet service is best for most individuals. But, for some, it makes sense to maintain private, local control of blockchain assets. If all criteria in the bulleted list below applies to you, then local and private ownership might make sense. But if you fail even one criteria, then WAIT! Wait until multisig becomes uniform and ubiquitous — and wait until a larger fraction of society is comfortable with the concept and practice of managing private keys. These are gradually becoming new norms. But, it will take a few more years for the world to become comfortable with an unfamiliar concept: personal control of a decentralized asset. You are a candidate for using a personal wallet if you plan to control and secure your own private keys, and if you meet all conditions listed below. The technical criteria will not be requisite in the future—but they are necessary today, because the market currently lacks simple, standardized, widespread tools and uniform practices for safely securing, accessing and passing on these credentials to your heirs. Do all of these criteria apply to you?
  • You have a comprehensive understanding of cryptography, including the principals of RSA public-key crypto.
  • You have practiced multisig decryption for at least a year. For now, you will need to roll-your-own multisig, to ensure that your heirs or executor can access your wealth in the event of death, forgetfulness or incapacitation.
  • You have experience and a clear, documented and standardized plan for separately encrypting and distributing your private keys.
  • You understand how to implement a hard fork and have the time to do it after any hard fork split.
  • You have an exceptional need for privacy or anonymity, and you feel that a custodian is more likely to “sing” in the event of an audit or court order.
  • You have a rehearsal plan for testing your multisig recovery and a willing group of trusted friends (most of them younger than you) who can combine their keys to access your wealth.
  • After ensuring that encrypted wallet works, is completely secure and is accessible to your heirs, you have replicated it in a sufficient number of places, that you are certain that your heirs will find it after you die, even if it is 90 years in the future.It must not only survive your lifetime, but the knowledge of where to look and *IF* to look, must be certain, even if your home burns down, your cloud accounts have been deleted and/or Google, Amazon, Microsoft & Apple are no longer in business.
If all conditions apply to you (and only if they apply), then you may be among the 5% of enthusiasts for whom a personal hardware wallet makes sense. At some time in the next few years, it will make sense for a far greater fraction of cryptocurrency holders, rather than just the most disciplined and knowledgeable Geek-enthusiasts.

Philip Raymond co-chairs CRYPSA, hosts the Bitcoin Event and is keynote speaker at Cryptocurrency Conferences. He advises The Disruption Experience in Singapore, sits on the New Money Systems board of Lifeboat Foundation and is a top writer at Quora. Book a presentation or consulting engagement.

]]>