I was shocked when I saw you say this several months ago. This part goes way over my head. I do have an older laptop that I setup as my node and managed to sync it up nicely with the entire blockchain. For some reason, it seems designed around being a wallet, which I could never understand, because my feeling is why on earth would I have a computer that is connected to the internet store all my coins. I figured any file that holds the keys could easily be stolen or hacked. Then I thought what do I do for backup? I guess I need to keep a copy of the DAT files somewhere else, but now of course this digital copy of the file I also have to keep super safe. Clearly I know nothing about this, but it just seems like a hardware wallet that keeps the keys offline and is easily backed up with a seed phrase in a non-digital form is miles ahead in terms of simplicity and security. Also, I'm not doing any crypto transactions. The idea is just to store some bitcoin and accumulate. But when the time comes, I want to make sure that my privacy is maintained as much as possible, and that I don't worry about hardware wallets being potentially blocked via some court order on their nodes.
When I first started on Bitcoin, I saw post that was confusing to me and I think it's also confusing to others who are just starting out The Bitcoin wallets do not contain any bitcoins at all Bitcoin wallets are software to manage your private/public keys (pairs), what you call the *.DAT files Bitcoin wallets allow you to transfer bitcoins to another address by using a corresponding private key to an address that "contains" bitcoins and sign the transaction and broadcast to the p2p Bitcoin network to the nearest nodes and that propagates throughout the whole network Most Bitcoin wallets have some nice features like advanced coin controls that allow you to pick inputs. This is particularly useful given the current Tornado dust attack on popular .eth addresses. With a Bitcoin wallet, you can simply send that dust coin to a burn address or never use it as an input Another feature of a Bitcoin wallet is to utilize RBF, replace by fee, batch transactions, utilize automated generation of change-addresses and other features I mention all of those things but did you know you can generate a private key by tossing a coin 256 times or using a pair of dice? Private keys are all you need, because you can work backwards and get your public key using the private key but the reverse is not true Some people or organization many years ago lost thousands of Bitcoin by writing some custom made scripts, using the private key for test transaction small btc amount, but did not handle the change address, ended up sending the bulk of the btc's as block reward to the to the Bitcoin mining pool that solved the block Those were the days when the price of btc was low enough, I think the mining pool were able to convince most of the miners to return the btc's, lol. It's been a while I may be misremembering but I think you can still google it ----------- All the bitcoins (btc's) are on the blockchain as ledger entries. Even the million bitcoins that belong to Satoshi ----------- Hot wallet vs cold wallet vs hardware wallet Cold wallet simply means the private keys are not connected to the internet and hardware wallet is simply a specialized computer that is not running Windoze and cannot get a virus That's why I said if you dedicate an old laptop/computer, install Bitcoin core, put a long password (make sure you test that the password is good), disconnect from the internet, put it in a faraday cage if you wish When you fire up the Bitcoin core software, you can generate 100 public addresses (the private keys won't be visible to you unless you explicitly issue the command), copy those public addresses to a text file send some test btc's to them Backup the *.DAT file(s), put in encrypted volume, encrypt the volume again, encrypt it again, you can encrypt it as many times as you wish, you can generate hidden volumes using some sophisticated encryption software. There you go, you have a cold wallet 100 addresses that are never connected to the internet ------------- Many bitcoins have been lost because the owners secured the private keys too much to the point they can never be recovered
Actually, I'm happy to say most of what you mention I did already know, especially the part about there being no bitcoins on the hardware wallet! LOL.... But as you describe the issue of backing up DAT files, encrypting them, etc, don't you think this introduces multiple points of failure? If you're going to disconnect the computer from the internet, then you're not running your own node, which is the whole damn point. You want any transactions to go through your own node after all. And here is the other problem. The computer with your DAT file is a much bigger thing to hide than a hardware wallet. I imagine more can even go wrong with it than a much simpler device. Now if the hardware part is lost, stolen or damaged, you need to recover it. With the hardware wallet, you just need your seed phrase. But is this DAT file also capable or storing a seed phrase? In other words, do I really need the DAT file or will the wallet from Bitcoin Core also produce a seed phrase? Because if I need the actual DAT file, well, its much harder storing a copy of a digital file as backup than it is a seed phrase since this can be stored non-digitally. Lets face it, more bitcoins are lost not from theft, but from people actually overcomplicating some step. It therefore appears to me that the absolute best solution is a hardware wallet that integrates with your own node. You keep this computer running 24/7 so that it also helps support the network, but also so that any transaction you need to do goes through your own node. Now you have so much more privacy and literally no point of reliance on someone else. It actually shocked me when I found out that in order to use a hardware wallet, you need to go through the node of the manufacturer. I therefore do not consider this very decentralized and I can easily imagine authorities in Europe raiding their offices one day for reasons of national security. Am I wrong about the possibility of this?
I read my reply to you again and realized why you thought that I thought this. When I said " my feeling is why on earth would I have a computer that is connected to the internet store all my coins" I didn't mean that I thought the coins were literally in that file. But of course its my bad because I know its how I wrote it. I only meant why would I have a file that has the keys to those coins stored on a computer that is connected to the internet. The hardware wallets I think are very clever in that the key never leaves the device. This solution therefore seemed so much safer to me than a DAT file sitting there for the world to potentially see.
I'd appreciate your thoughts on paper wallets. You could make copies that could be stored off site. (Safety deposit box). No internet connections.
Crypjitsu mentioned something that I included on my last post Use an old computer, install Windows from scratch, don't ever connect to the internet, not even for the updates, in fact if there are any network cards or bluetooh or anything like that, disable them or rip them apart Download the Bitcoin Core installation file using a different computer and put on a USB flash and install on the computer above. Fire up the Bitcoin Core software and generate the 1000 Bitcoin addresses and copy them to a text file Encrypt the *.DAT file. Copy the encrypted *.DAT file to several USB flash drives. Go to you best friend from high school and give him one to store for you. Go to the long lost cousin give one to store for you. Mail one to a relative far away, and tell the relative to store for you Don't put one in a safety deposit box. That's the first place a government adversary will go to confiscate it and torture you to decrypt it ------- Anyway, I'm being facetious with the above but there's bits and pieces there to give you ideas ------ Or you could just install Linux Ubuntu Mate (DE) and enjoy a beautiful GUI and install Bitcoin Core. It's safe. No virus. and all. As far as backing up the *.DAT file, refer to beginning of my post and get ideas That hardware wallet pass phrase 12 words backup you value so much is a weaker security than a properly handled backup *.DAT file(s) that is secured by a long password If you encrypt the *.DAT file, it's even more secure. You can look at securing it with a certificate file. Then encrypt that security file with a long password Just make sure you test your backup and restore process. This goes with your hardware wallet passphrase backup. There's stories of passphrase not working when needed A backup that has never been tested with a restore process is no backup at all
Bitcoin Core software allows you to have multiple *.DAT files. The ones that have bitcoins, remove from the computer. Leave the ones with no BTC's or very little amount Edit: No passphrase backup 12 words with Bitcoin Core, but it has the option to encrypt the *.DAT file with a very long password, over 50 characters if you wish, just make sure you test it Remove the *.DAT file from the computer and put it back when you're ready to transact/send out btc's or to check if the btc's are going to those addresses. Remove again when you don't need it
The solution I know, which is basic & works, is android phone, with no bloatware, no carrier connection. Load your core wallet on there, you can even use Metamask, keep it in a safe place. You only load it on a secured connection and transfer funds to proxy wallets, never do actual DeFi directly on it. And you can have a clone back up, as well as a back up battery. Throw it in a safe. Google Pixel was recommended but I would never trust Google. You can also plug the phone into a PC and run it from there via Gnosis Safe. If you want to be super safe, you can manually load your wallet each time from your seed, which you keep safe somewhere. Most hacking actually happens via social engineering, not some brute force super hacker attack on a specific target. And really, if some highly skilled individual or group really wants to hack you to steal your coins, they will. Just a question of cost and you making yourself a target.