Options for Securing your Bitcoin wallet
Posted: Tue Apr 19, 2016 4:39 am
Here I want to discuss an overview of various methods to secure your bitcoin savings and the strengths and weaknesses of each approach for storing ones savings in Bitcoin. There is a time and place for using hot wallets, exchanges, tipping services, smartphone apps for daily spending but that is another conversation. We do not need to waste our time discussing extremely dangerous methods of storing ones savings like hot wallets and non-regulated exchanges.
Please offer any criticism and suggestions to build to this list:
Paper Wallets
Strengths:
Secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Practically Free to setup
Weaknesses:
Initially difficult to securely generate with an audited and clean computer
Online Utilities not as secure as offline generators
Insecure against physical theft
Tutorials:
https://en.bitcoin.it/wiki/Paper_wallet
https://www.reddit.com/r/Bitcoin/commen ... ng_secure/
https://bitcointalk.org/index.php?topic=342691.0
http://www.btcguys.us/blog/how-to-creat ... t-tutorial
http://www.coindesk.com/information/pap ... -tutorial/
https://www.armoryguide.com/OfflineWalletSetup.html
Online Utilities to generate Paper wallets-
https://www.bitaddress.org (Code Independently audited=?)
https://www.offlineaddress.com (Code Independently audited=?)
https://bitcoinpaperwallet.com/bitcoinp ... allet.html (Code Independently audited=?)
Offline Utility to generate Paper Wallets
https://github.com/casascius/Bitcoin-Address-Utility (Code Independently audited=?)
Devices:
1) Piper -229 USD
http://cryptographi.com/
2) https://mycelium.com/entropy - 40USd
released , but sold out except for reseller - http://asicminer-shop.de/Mycelium-Entropy
-----------------------------------------------------------------------------------------------------------------------------------
Physical Bitcoins
Strengths:
Secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Weaknesses:
Initially difficult to securely generate keys with an audited and clean computer
Online Utilities not as secure as offline generators
Insecure against physical theft
Much more expensive than paper wallets
Insecure unless you generate and add the private keys yourself
Sources:
1) https://www.casascius.com
In person or bulk only 500 for 0.39 BTC
2) https://www.titanbtc.com/
68 USD - ~2k USD
3) http://www.alitinmint.com/
2.92 BTC per coin
4) http://www.lealana.com/
0.05 to 0.9 BTC per coin
5) https://www.infinitumbitcoins.com/
99 to 399 USD per coin
6) https://denarium.com/
13,70 € to 469,42 € per coin
7) B T C C mint preloaded Titanium Bitcoins (not sold in US)
https://mint.btcc.com/
1.1BTC per coin (Includes virgin 1 BTC)
-----------------------------------------------------------------------------------------------------------------------------------
Offline Computer or device
Strengths:
Somewhat secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Weaknesses:
Initially difficult to securely generate keys with an audited and clean computer
Much more expensive than paper wallets(need a separate computer or device)
Vulnerabilities with possible USB /network infections if device isn't properly secure
Less reliable than physical or paper wallets, so one should backup the wallet on an additional separate key or write down a HD key phrase
Tutorials:
https://bitcointalk.org/index.php?topic=235584.0
http://codinginmysleep.com/cold-storage-part-1/
https://bitcoinarmory.com/tutorials/arm ... e-wallets/
Devices(besides offline computers , notepads, and laptops):
http://www.pi-wallet.com/
124.95 €
CIYAM Safe - https://susestudio.com/a/kp8B3G/ciyam-safe
12-sided dice and a TI-89 Calculator to create a bitcoin address.
http://motherboard.vice.com/read/how-to ... calculator
-----------------------------------------------------------------------------------------------------------------------------------
Hardware wallets
Strengths:
Secure against Malware, viruses, trojans, and keyloggers. (If the hardware has not been tampered with- Audits needed)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Easier to actively make secure transactions, without needing to import private keys
Weaknesses:
Few of these devices has been thoroughly independently audited
More expensive than paper wallets
Less reliable than physical or paper wallets, so one should backup the wallet on an additional separate key or write down a HD key phrase
Comparison of
KeepKey vs Trezor vs Ledger Nano
https://www.youtube.com/watch?v=aOnOBl_MxmQ
Devices:
1) Keep Key
https://www.keepkey.com/
99 usd
Source Code: Open source
https://www.youtube.com/watch?v=bs4N3jtZrEI
2) Trezor
https://www.bitcointrezor.com/
99 USD
Source Code: Open source
3) Bitcoin Card
https://mycelium.com/bitcoincard
In Development
Source Code: unknown
4) Case
http://www.choosecase.com/
199.00 USD
Source Code: Open source
5) ledger wallet
https://www.ledgerwallet.com/
Ledger nano S 58.00 €
nano 29.00 €
HW.1 15 €
unplugged 29 €
Ledger Blue - ETA Mid 2016
Source Code: open
6) BWallet
https://bidingxing.com/bwallet
28.00 USD
Source Code: open source
https://www.reddit.com/r/Bitcoin/commen ... developer/
7) CoolWallet
https://coolbitx.com/coolwallet/index.html
In Development
Source Code: open source
https://99bitcoins.com/bitcoin-coolwallet-review/
8 ) Digital Bitbox
https://digitalbitbox.com/
120 usd
Source Code: open
9) BitLox
http://www.bitlox.com/
BitLox Advanced 199 USD
BitLox Ultimate 299 USD
BitLox Extreme Privacy Set 399 USD
Source Code: Open source apps
10) eWallet
http://www.blackarrowsoftware.com/store/ewallet.html
39 usd
Source Code: open
11) Goochain Citadelle
https://goochain.net/citadelle/
14.50 €
Source Code: ?
12) Open Dime
http://www.opendime.com/
29 usd for 3 on backorder
Unique HW wallet that acts as a fungible and verifiable offline form of currency
-----------------------------------------------------------------------------------------------------------------------------------
Muti-sig Hot wallets and services
Strengths:
Somewhat secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Somewhat Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Easy to setup and maintain
Easier to actively make secure transactions, without needing to import private keys
Added features such as 2FA , online access, and Insurance
Weaknesses:
None of these services have been thoroughly independently audited
Concerns that private keys generated with the service are also stored or captured by companies
Vulnerable to malware, trojans, and keyloggers within the browser (mainly at time of creation)
Vulnerable to privacy concerns
Vulnerable to legal and state theft
Tutorials -
http://sx.dyne.org/multisig.html
https://www.youtube.com/watch?v=zIbUSaZBJgU
https://www.youtube.com/watch?v=ZKRLJGBMqWo
Services:
1) https://greenaddress.it
2-of-2 multisignature with nLockTime (possible temporarily unable to spend funds) / Free
https://bitcointalk.org/index.php?topic=521988.0
2)https://www.bitgo.com/
2 of 3 multisig / Free
3) https://www.coinbase.com/vault
2 of 3 multisig / insured / Free
4) https://www.bitalo.com/why_bitalo
2-of-2 multisignature
-----------------------------------------------------------------------------------------------------------------------------------
Muti-sig Paper/electronic wallets
Strengths:
Secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Practically Free to setup
Secure against physical theft if only one of the private keys is physical and the other 2 are encrypted and stored independently.
Weaknesses:
Initially difficult to securely generate with an audited and clean computer (with exception to entropy)
Online Utilities not as secure as offline generators
Tutorials:
1) Armory
https://www.armoryguide.com/OfflineWalletSetup.html
https://bitcoinarmory.com/tutorials/arm ... e-wallets/
https://bitcoinarmory.com/tutorials/arm ... e-lockbox/
https://bitcoinarmory.com/tutorials/arm ... d-backups/
Devices:
1) https://mycelium.com/entropy - 40USd
released , but sold out except for reseller - http://asicminer-shop.de/Mycelium-Entropy
-----------------------------------------------------------------------------------------------------------------------------------
Brain wallets
Strengths:
Secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Fairly secure against State and legal theft.
Free to setup
Secure against physical theft but not torture
Weaknesses:
Difficult to remember
risk of forgetting private keys
Difficult to re-import
Risk the passphrase isn't secure
Tutorials:
http://www.coindesk.com/how-to-create-a-brain-wallet/
https://bitcointalk.org/index.php?topic=710434.0
Tools:
1) https://brainwallet.github.io/
-----------------------------------------------------------------------------------------------------------------------------------
Manually Creating a Wallet
Strengths:
Secure against Malware, viruses, trojans, and keyloggers.
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Fairly secure against State and legal theft.
Sometimes free to setup
Weaknesses:
Time consuming
Difficult to securely generate
Insecure against physical theft once written down
Tutorials:
https://en.bitcoin.it/wiki/Technical_ba ... _addresses
Please offer any criticism and suggestions to build to this list:
Paper Wallets
Strengths:
Secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Practically Free to setup
Weaknesses:
Initially difficult to securely generate with an audited and clean computer
Online Utilities not as secure as offline generators
Insecure against physical theft
Tutorials:
https://en.bitcoin.it/wiki/Paper_wallet
https://www.reddit.com/r/Bitcoin/commen ... ng_secure/
https://bitcointalk.org/index.php?topic=342691.0
http://www.btcguys.us/blog/how-to-creat ... t-tutorial
http://www.coindesk.com/information/pap ... -tutorial/
https://www.armoryguide.com/OfflineWalletSetup.html
Online Utilities to generate Paper wallets-
https://www.bitaddress.org (Code Independently audited=?)
https://www.offlineaddress.com (Code Independently audited=?)
https://bitcoinpaperwallet.com/bitcoinp ... allet.html (Code Independently audited=?)
Offline Utility to generate Paper Wallets
https://github.com/casascius/Bitcoin-Address-Utility (Code Independently audited=?)
Devices:
1) Piper -229 USD
http://cryptographi.com/
2) https://mycelium.com/entropy - 40USd
released , but sold out except for reseller - http://asicminer-shop.de/Mycelium-Entropy
-----------------------------------------------------------------------------------------------------------------------------------
Physical Bitcoins
Strengths:
Secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Weaknesses:
Initially difficult to securely generate keys with an audited and clean computer
Online Utilities not as secure as offline generators
Insecure against physical theft
Much more expensive than paper wallets
Insecure unless you generate and add the private keys yourself
Sources:
1) https://www.casascius.com
In person or bulk only 500 for 0.39 BTC
2) https://www.titanbtc.com/
68 USD - ~2k USD
3) http://www.alitinmint.com/
2.92 BTC per coin
4) http://www.lealana.com/
0.05 to 0.9 BTC per coin
5) https://www.infinitumbitcoins.com/
99 to 399 USD per coin
6) https://denarium.com/
13,70 € to 469,42 € per coin
7) B T C C mint preloaded Titanium Bitcoins (not sold in US)
https://mint.btcc.com/
1.1BTC per coin (Includes virgin 1 BTC)
-----------------------------------------------------------------------------------------------------------------------------------
Offline Computer or device
Strengths:
Somewhat secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Weaknesses:
Initially difficult to securely generate keys with an audited and clean computer
Much more expensive than paper wallets(need a separate computer or device)
Vulnerabilities with possible USB /network infections if device isn't properly secure
Less reliable than physical or paper wallets, so one should backup the wallet on an additional separate key or write down a HD key phrase
Tutorials:
https://bitcointalk.org/index.php?topic=235584.0
http://codinginmysleep.com/cold-storage-part-1/
https://bitcoinarmory.com/tutorials/arm ... e-wallets/
Devices(besides offline computers , notepads, and laptops):
http://www.pi-wallet.com/
124.95 €
CIYAM Safe - https://susestudio.com/a/kp8B3G/ciyam-safe
12-sided dice and a TI-89 Calculator to create a bitcoin address.
http://motherboard.vice.com/read/how-to ... calculator
-----------------------------------------------------------------------------------------------------------------------------------
Hardware wallets
Strengths:
Secure against Malware, viruses, trojans, and keyloggers. (If the hardware has not been tampered with- Audits needed)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Easier to actively make secure transactions, without needing to import private keys
Weaknesses:
Few of these devices has been thoroughly independently audited
More expensive than paper wallets
Less reliable than physical or paper wallets, so one should backup the wallet on an additional separate key or write down a HD key phrase
Comparison of
KeepKey vs Trezor vs Ledger Nano
https://www.youtube.com/watch?v=aOnOBl_MxmQ
Devices:
1) Keep Key
https://www.keepkey.com/
99 usd
Source Code: Open source
https://www.youtube.com/watch?v=bs4N3jtZrEI
2) Trezor
https://www.bitcointrezor.com/
99 USD
Source Code: Open source
3) Bitcoin Card
https://mycelium.com/bitcoincard
In Development
Source Code: unknown
4) Case
http://www.choosecase.com/
199.00 USD
Source Code: Open source
5) ledger wallet
https://www.ledgerwallet.com/
Ledger nano S 58.00 €
nano 29.00 €
HW.1 15 €
unplugged 29 €
Ledger Blue - ETA Mid 2016
Source Code: open
6) BWallet
https://bidingxing.com/bwallet
28.00 USD
Source Code: open source
https://www.reddit.com/r/Bitcoin/commen ... developer/
7) CoolWallet
https://coolbitx.com/coolwallet/index.html
In Development
Source Code: open source
https://99bitcoins.com/bitcoin-coolwallet-review/
8 ) Digital Bitbox
https://digitalbitbox.com/
120 usd
Source Code: open
9) BitLox
http://www.bitlox.com/
BitLox Advanced 199 USD
BitLox Ultimate 299 USD
BitLox Extreme Privacy Set 399 USD
Source Code: Open source apps
10) eWallet
http://www.blackarrowsoftware.com/store/ewallet.html
39 usd
Source Code: open
11) Goochain Citadelle
https://goochain.net/citadelle/
14.50 €
Source Code: ?
12) Open Dime
http://www.opendime.com/
29 usd for 3 on backorder
Unique HW wallet that acts as a fungible and verifiable offline form of currency
-----------------------------------------------------------------------------------------------------------------------------------
Muti-sig Hot wallets and services
Strengths:
Somewhat secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Somewhat Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Easy to setup and maintain
Easier to actively make secure transactions, without needing to import private keys
Added features such as 2FA , online access, and Insurance
Weaknesses:
None of these services have been thoroughly independently audited
Concerns that private keys generated with the service are also stored or captured by companies
Vulnerable to malware, trojans, and keyloggers within the browser (mainly at time of creation)
Vulnerable to privacy concerns
Vulnerable to legal and state theft
Tutorials -
http://sx.dyne.org/multisig.html
https://www.youtube.com/watch?v=zIbUSaZBJgU
https://www.youtube.com/watch?v=ZKRLJGBMqWo
Services:
1) https://greenaddress.it
2-of-2 multisignature with nLockTime (possible temporarily unable to spend funds) / Free
https://bitcointalk.org/index.php?topic=521988.0
2)https://www.bitgo.com/
2 of 3 multisig / Free
3) https://www.coinbase.com/vault
2 of 3 multisig / insured / Free
4) https://www.bitalo.com/why_bitalo
2-of-2 multisignature
-----------------------------------------------------------------------------------------------------------------------------------
Muti-sig Paper/electronic wallets
Strengths:
Secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Once setup, easy to maintain and re-import.
Fairly secure against State and legal theft.
Practically Free to setup
Secure against physical theft if only one of the private keys is physical and the other 2 are encrypted and stored independently.
Weaknesses:
Initially difficult to securely generate with an audited and clean computer (with exception to entropy)
Online Utilities not as secure as offline generators
Tutorials:
1) Armory
https://www.armoryguide.com/OfflineWalletSetup.html
https://bitcoinarmory.com/tutorials/arm ... e-wallets/
https://bitcoinarmory.com/tutorials/arm ... e-lockbox/
https://bitcoinarmory.com/tutorials/arm ... d-backups/
Devices:
1) https://mycelium.com/entropy - 40USd
released , but sold out except for reseller - http://asicminer-shop.de/Mycelium-Entropy
-----------------------------------------------------------------------------------------------------------------------------------
Brain wallets
Strengths:
Secure against Malware, viruses, trojans, and keyloggers. (As long as keys are generated with secure equipment)
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Fairly secure against State and legal theft.
Free to setup
Secure against physical theft but not torture
Weaknesses:
Difficult to remember
risk of forgetting private keys
Difficult to re-import
Risk the passphrase isn't secure
Tutorials:
http://www.coindesk.com/how-to-create-a-brain-wallet/
https://bitcointalk.org/index.php?topic=710434.0
Tools:
1) https://brainwallet.github.io/
-----------------------------------------------------------------------------------------------------------------------------------
Manually Creating a Wallet
Strengths:
Secure against Malware, viruses, trojans, and keyloggers.
Secure against online theft initiated by hackers or unscrupulous employees and owners of online wallets.
Fairly secure against State and legal theft.
Sometimes free to setup
Weaknesses:
Time consuming
Difficult to securely generate
Insecure against physical theft once written down
Tutorials:
https://en.bitcoin.it/wiki/Technical_ba ... _addresses