Inca
Posts: 5
Joined: Sat Sep 19, 2015 9:43 am

Best method for securing online private keys?

Sat Sep 19, 2015 10:09 am

The answer of course is not to do so.

In reality a lot of services need to store and generate private keys temporarily.

What strategies do the more technically minded think are best to keep these secure from an attacker?

PocketRocketsCasino
Posts: 5
Joined: Sat Sep 19, 2015 11:26 am

Donate BTC of your choice to 162dcXBagBdEC5UX3wM4ZDKy5Tv4eyFyMQ

Contact: Website Facebook Twitter

Re: Best method for securing online private keys?

Sat Sep 19, 2015 11:49 am

It's best to not have private keys online at all.

If you use a wallet like Armory, https://bitcoinarmory.com/, you can create your wallets offline (an old laptop with wifi disabled is a good choice).

Then create a watching only wallet (no private keys) that you have on a different machine with internet access.
You can view your balance and incoming transactions using this wallet.

To spend the funds you create a transaction using the watching only wallet and then sign it using the offline wallet. Finally you broadcast the transaction using the watching only wallet.

That might sound like a lot of hassle but it's actually quite easy and there are video tutorials on the Armory website.
Once you have done it a few times you will be able to do it pretty fast.

User avatar
magma
Site Admin
Site Admin
Posts: 53
Joined: Thu Sep 10, 2015 6:57 am

Donate BTC of your choice to 1Magmaqvxx7LpUTYGWw8RNPEJXBQ6iSLVX

Contact: Website

Re: Best method for securing online private keys?

Sat Sep 19, 2015 5:13 pm

I think that we will have plenty of web based feature rich wallets in the future, but they will use multisig and not have the full set off keys in their possession, or use hardware wallets to sign the transactions. A wallet is just a graphical representation of a subset of the blockchain. You don't really need the private keys directly as long as transactions can be signed somewhere.
Magma Hindenburg - Bitcoin wallet developer

Inca
Posts: 5
Joined: Sat Sep 19, 2015 9:43 am

Re: Best method for securing online private keys?

Mon Sep 21, 2015 12:02 am

Well I meant specifically for services which are forced to temporarily hold funds, say between a buyer and a seller in an online marketplace..

ERt1F2Wvyr
Nickel Bitcoiner
Nickel Bitcoiner
Posts: 10
Joined: Sat Sep 26, 2015 3:30 pm

Re: Best method for securing online private keys?

Sat Sep 26, 2015 4:11 pm

Well I meant specifically for services which are forced to temporarily hold funds, say between a buyer and a seller in an online marketplace..
The use of multisig - https://en.bitcoin.it/wiki/Multisignature - with an independent third party escrow sounds like the best option for what your saying.

User avatar
LiteCoinGuy
Gold Bitcoiner
Gold Bitcoiner
Posts: 2505
Joined: Mon Sep 21, 2015 9:00 am

Donate BTC of your choice to 1Dbo5TtxG9cWoyw49GM8vbD7HgQhr1KVi6

Re: Best method for securing online private keys?

Sat Sep 26, 2015 9:27 pm

you can find all hardware wallets here:

beginners-help/overview-bitcoin-hardwar ... -t200.html
********************************************
More informations about Bitcoin and scaling BTC on

bitcoin.org/en/

https://bitcoincore.org/en/2015/12/23/c ... reases-faq

&
reddit.com/r/Bitcoin/

User avatar
btc
Global Moderator
Global Moderator
Posts: 166
Joined: Tue Sep 22, 2015 3:00 am
Location: satoshi's comet
Contact: Website

Re: Best method for securing online private keys?

Sun Sep 27, 2015 7:45 am

of course you cannot!

User avatar
BitcoinNewsMagazine
Nickel Bitcoiner
Nickel Bitcoiner
Posts: 217
Joined: Thu Sep 24, 2015 5:03 pm
Contact: Website Facebook Twitter

Re: Best method for securing online private keys?

Sun Sep 27, 2015 11:57 pm

It's best to not have private keys online at all.

If you use a wallet like Armory, https://bitcoinarmory.com/, you can create your wallets offline (an old laptop with wifi disabled is a good choice).

Then create a watching only wallet (no private keys) that you have on a different machine with internet access.
You can view your balance and incoming transactions using this wallet.

To spend the funds you create a transaction using the watching only wallet and then sign it using the offline wallet. Finally you broadcast the transaction using the watching only wallet.

That might sound like a lot of hassle but it's actually quite easy and there are video tutorials on the Armory website.
Once you have done it a few times you will be able to do it pretty fast.
Armory is a great wallet but their cold storage procedure looks ancient compared to the ease of Trezor and is no longer convenient. Hopefully Armory will add Trezor support before too long. I quit using Armory and moved my bitcoin to a wallet that works with Trezor.

Return to “Development & Technical Discussion”

Who is online

Users browsing this forum: No registered users and 4 guests