German_American_Bank_vault_lock

Bitcoin Cold Storage In Plain English

In this, the latest edition of my “In Plain English” series, we’ll tackle another subject normally bogged down with technobabble in the simplest terms we can manage.

Today’s topic is that of “cold storage” – the storage of valuables, specifically bitcoins, in such a way that they are significantly harder to steal than normal, though at the admitted cost of delay in access times. There are a number of popular methods for performing such bitcoin storage, but to use most of them you still have to wade knee-deep into cryptography jargon and it seems like you need an advanced degree just to keep your coins safe. Well that’s just not the case and I intend to prove it.


Update: When this article was first written, a very different definition was used for the term “cold storage.” At the time it meant any offline key storage mechanism. Today’s definition has been narrowed to refer specifically to techniques in which some kind of math-capable device stores your keys offline AND signs transactions using those keys. I’ve updated the article a bit to reflect this information, but it IS an old article that was written from an old point of view. There are now affordable pieces of dedicated hardware that do a much better job of securing your funds than the DIY techniques provided.

If you’d like to know more about modern cold storage techniques I encourage you to read my reviews of the Trezor and BtChip’s HW.1, as well as my self-contradicting diatribe on why paper wallets aren’t actually cold storage under the new definition. If you’re feeling really ambitious you can also follow me through a three-part tutorial and create your own cold storage system from a cheap netbook computer. Fair warning: Tutorial is NOT “In Plain English” so my advice to the faint of heart is to just buy a commercially-produced hardware wallet.


 

One of the bigger benefits Bitcoin has is its cash-like nature. People are used to cash, they understand cash much better than most digital payment systems, so let’s make an analogy with cash. Imagine you’re very rich (one of my favorite fantasies). You take a million dollars cash to a bank and deposit it. Would you be surprised at all if you returned to the bank a few months later and were told you’d have to wait a few days to withdraw your million dollars? Probably not. It’s well-understood that your branch probably doesn’t have enough cash on hand to cash out your million and still do business – they don’t feel comfortable holding that kind of money in the same place they hold the smaller amount of cash they transact their daily business with – they have most of their money somewhere much more secure. Even the convenience store on the corner keeps a small amount of cash in the register and the majority of their money in a safe. Cold storage is the Bitcoin version of a safe.

The one tiny bit of terminology you need to understand to fully comprehend the basic concept of cold storage is what techies mean when they refer to systems, databases and other things as “hot” or “cold.” A “hot” system is one that’s live, running, connected. A “cold” system is powered-down, stopped, offline. To this end what we really mean when we say “cold storage” is that we’re storing Bitcoins somewhere that’s not connected to the Bitcoin network or, in most cases, even connected to the internet or even on a computer at all.

There are a multitude of ways to do this, and we’ll explore a few in detail, but it all boils down to the very basic principle that if your data isn’t on a computer that’s connected to internet then someone has to physically gain access to it to compromise it, and it’s way easier to secure things physically than digitally.

So how do you ensure the safety of your coins? Most of the options people list fall (often incorrectly) into one of three categories:

  • Paper Wallets
    Paper wallets are one of the most popular methods for storing bitcoins offline. A program of some kind generates the public and private halves of a Bitcoin address (or several). There are usually handy little barcodes that you can scan with your phone, so you don’t have to type those monstrously long things in by hand when the time comes to use your coins. You print off what you’ve generated and send coins to that address. You’ve just printed your very own paper money and it can be stored securely in exactly the same ways that cash can.

    Update: It is worth noting that there are problems surrounding proper paper wallet use which, since the original publication of this article has led me to no longer categorize them as cold storage. They are safer than most alternatives and so they remain in this article, but technically, they’re not actually cold storage. Also, there’s been an improvement called “BIP38″ that means you can now make paper wallets with encrypted private keys. Should you choose any storage system involving paper wallets, you should absolutely choose to encrypt your private key.

  • Brain Wallets
    Brain wallets are a little more complicated. Where the addresses in paper wallets are generated at random, the addresses in brain wallets follow rules. You memorize something long and random, like a random sequence of words: “steady harbor business last barn test instant begun know silver driver naturally closer sum automobile some” would make a decent passphrase, for example. Again some piece of software comes into play and turns your passphrase into one or more Bitcoin addresses in a completely reproducible way. There is something of a standard method for turning passphrases into addresses, but that would bring us knee-deep in jargon again. Via the standard method, our above passphrase would yield a Bitcoin address of “1Jkibvu28YqSiSqdyB9jgcAAJCRWqg2QQL” so we could send some coins to that address and as long as we can remember the passphrase. It’s also incredibly important to have a long and secure passphrase for this method – longer than most can remember, which makes this method somewhat less popular. If someone can guess your password, they can steal your money. This address, for example, was generated from the example passphrase from this comic. Someone used a pop culture reference to create their Bitcoin address and if there were actually funds there, we could all steal them now.

    Update: While proper brain wallets are now fading out of vogue, a similar technique is often used to back up newer deterministic wallets. A “seed” passphrase is used to generate many addresses so you only have to back one thing up to recover all of them, no matter how many you use. Again, though, this is technically offline key storage, not cold storage.

  • Actual Cold Storage / Hardware Wallets
    While the above are often called “cold storage” they’re technically just offline key storage, which means they’re only safe when used properly – and since they’re basically never used properly, this is problematic. Since this article was first written, however, a new option has become available: True cold storage via hardware wallets. You can now simply buy a device that stores its own keys and does its own message signing all without every touching a potentially-compromised computer system. This is now the preferred method and should be used whenever it is an option since it doesn’t require you to know or follow any kind of “best practices” for securing funds. Just use the device and you’re good.

It’s important to note that, under most circumstances, you generate these addresses, use them for storage once and then never use them again. In order to use the funds in a paper wallet, you have to use the account on an online (hot) computer, which lowers the security of whatever account you just used. Under most circumstances, such addresses should be considered to be single-use addresses only. Which way you should go is up to you, but I’ll give you a few tools you can use either way.

First, bitaddress.org is an excellent and accessible tool. Despite looking like a normal web page with multiple tabs, the whole thing is written in such a way that once it’s loaded it never needs internet access again. You can go to the page, completely disconnect your computer from the net and it will still work. You can even save a copy of the page to your hard disk and it’ll still work locally – As a matter of fact, that’s the way the most paranoid among us suggest you do this. Bitaddress.org is also fairly unique in that they offer a huge amount of functionality: they can generate paper wallets one address at a time or in bulk, they do brain wallets too and they even have a special “bulk wallet” function for people who want to accept payments on their web site without actually storing their coins on some scarily-insecure web server.

Users of the popular blockchain.info wallet service can also create a paper wallet through blockchain.info’s “offline” functionality (tutorial here) and as an added bonus, you can keep monitoring the funds in those accounts through the same site (and apps) you monitor your regular balances with. They even have a method for performing transactions with paper wallet addresses that doesn’t “burn” the address – at least not as badly as any other method of spending from such wallets (they prompt you to enter they key and then use it once, never actually storing it).

For brain wallets, I’ll simply mention two more tools: Casascius’ Bitcoin Address Utility and the Bitcoin Address Tool for Android. Full disclosure: I wrote a few bits and pieces of Casascius’ tool and I’m the sole author of the Android app, but they’re both open source and people much smarter than me have looked at their code and found no problems. They also both use the same method as bitaddress.org so the same passphrase will produce the same address in all 3. They all work about the same way: put your passphrase in one box, hit a button, a Bitcoin address comes out the other end.

Update: Pretty much all brain wallets are now defunct, one way or another, and should probably not be used, even the one I wrote. All brain wallet related tools and text should be considered “historical value only.”

So there you have it, a few ways to keep your coins as safe as cash without wading through a pile of techie terms. If you’ve got anything to add or any questions, please post them in the comments and as always I’ll do my best to keep the article up-to-date.

5 tips so far
0.00865771 BTC
(avg tip 0.00173 BTC)

Tip With Bitcoin

1GnnNKbYzqPFrMe2g6F5Whpw54CskLV5k1

Each post has its own unique address, so your tips also tell me what you liked!

  • http://unicornpoo.wordpress.com unicornpoo

    Copying a wallet.dat file to a USB drive (more for redundancy) works too. Encrypt the wallet.dat file via GPG for added security.

    • http://codinginmysleep.com David Perry

      Only if you mean "moving a wallet.dat file created on a completely offline computer to a USB drive" – the idea of cold storage isn't to back up your wallet, it's to create addresses that have never ever been seen by any system that was connected to the internet – to literally create an address for which the only copy of the private key is on one or more pieces of paper that only you possess.

      • http://unicornpoo.wordpress.com unicornpoo

        Ah. It clicks now. Thanks for the puzzle piece.

  • http://unicornpoo.wordpress.com unicornpoo

    Copying a wallet.dat file to a USB drive (more for redundancy) works too. Encrypt the wallet.dat file via GPG for added security.

    • http://codinginmysleep.com David Perry

      Only if you mean "moving a wallet.dat file created on a completely offline computer to a USB drive" – the idea of cold storage isn't to back up your wallet, it's to create addresses that have never ever been seen by any system that was connected to the internet – to literally create an address for which the only copy of the private key is on one or more pieces of paper that only you possess.

      • http://unicornpoo.wordpress.com unicornpoo

        Ah. It clicks now. Thanks for the puzzle piece.

  • mafaesto

    I am confused, is the idea to send your current bitcoin wallet ballence to these "cold storage" bitaddresses? If so how to you re-obtain the amount? Are we to remember or write down the amount when printed out so we do not forget? I apologize I am very new to bitcoins in general and only recently started.

    • DoleBob

      You can always check the amount in a bitcoin address via the blockchain, but to spend the cold-storage coins you'll have to retrieve them and typically use a QR reader on your piece of paper to spend it. Typically you'd resend the remaining balance to a NEW cold-storage address as mentioned in the article.

      Also if you have large sums you'd split the sum into smaller sums over more addresses so that you're only ever potentially exposing a smaller value to a connected system.

      • http://codinginmysleep.com David Perry

        Exactly correct. It's a tradeoff of security vs. time-to-access. It takes more time and effort to spend coins from paper wallets but they're also WAY more secure, so they make for a very effective savings account.

        • mafaesto

          I think what I'm also a little confused about is, how you send your bitcoins to cold storage if it is offline. Isn't it required to be online to send it? I feel like I'm making it overly complicated but, it is unclear to me lol.

          • Adrian

            You never actually have the coins in your wallet they are on the net. Your private key gives you ownership of them. When you make a paper wallet anyone can "deposit" to the public key at any time, but only the person with access to the printed private key can use the coins.

          • Otoh

            yep, you do have to be online to send coins to the offline cold storage, this may be for coins that you earn or coins that other's send to you (then they're the one's online), or for mined coins – then it's a few at a time etc – basically keep what you need to use & are comfortable with not in cold storage & when you wish to remove some to greater & longer term security just send them to your cold storage.

  • mafaesto

    I am confused, is the idea to send your current bitcoin wallet ballence to these "cold storage" bitaddresses? If so how to you re-obtain the amount? Are we to remember or write down the amount when printed out so we do not forget? I apologize I am very new to bitcoins in general and only recently started.

    • DoleBob

      You can always check the amount in a bitcoin address via the blockchain, but to spend the cold-storage coins you'll have to retrieve them and typically use a QR reader on your piece of paper to spend it. Typically you'd resend the remaining balance to a NEW cold-storage address as mentioned in the article.

      Also if you have large sums you'd split the sum into smaller sums over more addresses so that you're only ever potentially exposing a smaller value to a connected system.

      • http://codinginmysleep.com David Perry

        Exactly correct. It's a tradeoff of security vs. time-to-access. It takes more time and effort to spend coins from paper wallets but they're also WAY more secure, so they make for a very effective savings account.

        • mafaesto

          I think what I'm also a little confused about is, how you send your bitcoins to cold storage if it is offline. Isn't it required to be online to send it? I feel like I'm making it overly complicated but, it is unclear to me lol.

          • Adrian

            You never actually have the coins in your wallet they are on the net. Your private key gives you ownership of them. When you make a paper wallet anyone can "deposit" to the public key at any time, but only the person with access to the printed private key can use the coins.

          • Otoh

            yep, you do have to be online to send coins to the offline cold storage, this may be for coins that you earn or coins that other's send to you (then they're the one's online), or for mined coins – then it's a few at a time etc – basically keep what you need to use & are comfortable with not in cold storage & when you wish to remove some to greater & longer term security just send them to your cold storage.

  • Pingback: Bitcoin Cold Storage In Plain English | Bitcoin News Bits - CoinBits.com()

  • Pingback: Bitcoin Cold Storage In Plain English | Bitcoin News Bits - CoinBits.com()

  • Bob

    Im confused… I tried to make a cold storage and ended up with frostbite on both my hands :(

  • Bob

    Im confused… I tried to make a cold storage and ended up with frostbite on both my hands :(

  • Nunya Bidnez

    Re: "There is something of a standard method for turning passphrases into addresses," – where can I learn more about this 'somewhat standard' algorithm?

    I've not yet created a brain wallet, as I am unsure the existing passphrase-to-key converters (e.g. bitaddress.org) will be around in a quarter-century. Knowing the algorithm would eliminate this barrier.

    • http://codinginmysleep.com David Perry

      Almost all of them just use sha256(passphrase) to generate a private key, the private key is of course used to generate the public key as normal and everything else is Bitcoin-as-usual.

  • Nunya Bidnez

    Re: "There is something of a standard method for turning passphrases into addresses," – where can I learn more about this 'somewhat standard' algorithm?

    I've not yet created a brain wallet, as I am unsure the existing passphrase-to-key converters (e.g. bitaddress.org) will be around in a quarter-century. Knowing the algorithm would eliminate this barrier.

    • http://codinginmysleep.com David Perry

      Almost all of them just use sha256(passphrase) to generate a private key, the private key is of course used to generate the public key as normal and everything else is Bitcoin-as-usual.

  • Robert

    whats your opinion on generating private keys offline, encrypting them, then storing the encrypted keys in some random place online?

    • http://codinginmysleep.com David Perry

      I'd say that you haven't really gone anywhere since now instead of worrying about your Bitcoin private key you're worried about the private key you used to encrypt it. There's still a key you have to keep track of and it still has to be a strong one, otherwise you've decreased the overall security of the system. Since the kind of keys/passwords the average person is capable of reliably remembering are not particularly strong, it's unlikely that this is a good idea.

      • Donald

        I still do not understand where to start and what to do first? Need help.

  • Robert

    whats your opinion on generating private keys offline, encrypting them, then storing the encrypted keys in some random place online?

    • http://codinginmysleep.com David Perry

      I'd say that you haven't really gone anywhere since now instead of worrying about your Bitcoin private key you're worried about the private key you used to encrypt it. There's still a key you have to keep track of and it still has to be a strong one, otherwise you've decreased the overall security of the system. Since the kind of keys/passwords the average person is capable of reliably remembering are not particularly strong, it's unlikely that this is a good idea.

      • Donald

        I still do not understand where to start and what to do first? Need help.

  • Axa

    Why no mention of the two bitcoin wallets Armory and Electrum that support cold storage?

    Both wallets allow your private keys to be kept on an offline computer.

    • http://codinginmysleep.com David Perry

      Beacuse this article was written over a year ago and neither of those were really options at the time ;-)

      In all honesty, though, it's because the specific applications supporting cold storage will change over the years but the idea itself is probably a bit more future-proof. I probably shouldn't even have mentioned the applications I did – Brain wallets are highly out of fashion now and Casascius' physical bitcoins had their security broken at Defcon 21.

      I personally do use an offline electrum system for my own cold storage and I'm even helping a friend set one up for himself tomorrow morning.

      All that said, I do think some of these older (but quite popular) articles could use some brushing up. Maybe as soon as I've ensure my buddy's coins don't get stolen I'll have to come back here and re-read my older work.

  • Axa

    Why no mention of the two bitcoin wallets Armory and Electrum that support cold storage?

    Both wallets allow your private keys to be kept on an offline computer.

    • http://codinginmysleep.com David Perry

      Beacuse this article was written over a year ago and neither of those were really options at the time ;-)

      In all honesty, though, it's because the specific applications supporting cold storage will change over the years but the idea itself is probably a bit more future-proof. I probably shouldn't even have mentioned the applications I did – Brain wallets are highly out of fashion now and Casascius' physical bitcoins had their security broken at Defcon 21.

      I personally do use an offline electrum system for my own cold storage and I'm even helping a friend set one up for himself tomorrow morning.

      All that said, I do think some of these older (but quite popular) articles could use some brushing up. Maybe as soon as I've ensure my buddy's coins don't get stolen I'll have to come back here and re-read my older work.