How_to_store_bitcoin stjohn_piano Introduction This page describes how you can store Bitcoin securely on paper. Contents - Introduction - Contents - Links - Equipment - Bitcoin software - Working safely with private keys - Creating a private key - Storing private keys - Generating a Bitcoin address - Testing a Bitcoin address - More information Links If you want to know why it is worth considering how to store bitcoin, please see the following page: hyperlink /pages/why_to_buy_and_store_bitcoin Why to buy and store bitcoin If you do not own any bitcoin, and wish to acquire some, please see the following page: hyperlink /pages/how_to_buy_bitcoin How to buy bitcoin Please note that if you store your bitcoin with other people, you now hold human promises instead of mathematical / game-theoretic promises. There are some situations in which this is reasonable. The following page examines this issue in more detail: hyperlink /pages/storing_bitcoin_with_other_people Storing bitcoin with other people Equipment You will need: - Some dice (e.g. 5) - An offline computer - Bitcoin software - Pen and paper - Two sealed waterproof containers Before setting up an offline computer, you can use an online computer to test this entire approach using a small amount of bitcoin. The offline computer must have Python 2.7.x installed. The current code tools have been developed under Python 2.7.13 running on Mac OS X 10.6.8 (Snow Leopard), and should run successfully on other versions of Python 2.7. Please visit the following page to see equipment combinations that Edgecase has successfully used to store bitcoin. hyperlink /pages/equipment_for_storing_bitcoin Equipment for storing bitcoin Edgecase suggests that you use a Raspberry Pi Model B+ as your offline computer. It is small, portable, and does not have built-in WiFi. Edgecase has published a recipe for using the Raspberry Pi Model B+ to store bitcoin. article Recipe_for_storing_bitcoin_on_paper_using_a_Raspberry_Pi edgecase 79 Recipe for storing bitcoin on paper using a Raspberry Pi Bitcoin software Edgecase is a supplier of Bitcoin software. All Edgecase software items are stored as assets of articles published on Edgecase Datafeed. All Edgecase Datafeed articles have been digitally signed and timestamped on the Bitcoin blockchain, forming an unalterable record. Edgecase Datafeed may publish updates but can never alter previously published articles and assets. Edgecase operates a subscription system in order to charge for access to particular articles and digital assets published on Edgecase Datafeed. Please see the following page in order to learn how to subscribe to Edgecase Datafeed. hyperlink /pages/how_to_subscribe_to_edgecase_datafeed How to subscribe to Edgecase Datafeed Please see the following pages to find out how to verify an article or an asset. These recipes will allow you to be certain that items downloaded from Edgecase Datafeed have not been altered since their publication. - hyperlink /pages/how_to_verify_a_datafeed_article How to verify a datafeed article - hyperlink /pages/how_to_verify_an_asset How to verify an asset Working safely with private keys The only thing that matters in Bitcoin is knowledge of private keys, as these grant complete control over any bitcoin in the corresponding Bitcoin addresses. If someone discovers one of your private keys and transfers the corresponding bitcoin to one of their addresses, this transaction will not be reversible. A photograph of a private key is as good as the private key itself (notably, this is not the case with gold). If you store bitcoin yourself, you must take into account the fact that it could be stolen using a camera. Examples: - Your mobile phone could be attacked using a zero-day vulnerability, allowing the integrated camera to be hijacked. - A long-range camera could be used to take a picture of your workplace through a window. A private key must never be stored, however temporarily, on an online computer. Any human or program that can gain access to this computer could discover the private key. For this reason, all cryptographic operations that require the use of a private key (e.g. signing a Bitcoin transaction) should be performed on an offline computer. You may wish to connect a computer to the Internet in order to download and install necessary software, but once you have done so you should never connect it to the Internet again. Ideally, this computer should not have any wireless communication capability (i.e. no WiFi or Bluetooth chip installed). Since it is difficult to be certain that a private key no longer exists on a computer (e.g. in some temporary archival section of the filesystem), any computer used to store a private key, however temporarily, must never be later connected to the Internet. If you no longer wish to keep this computer, you should destroy it. Creating a private key A Bitcoin private key controls the bitcoin that is stored in a particular address. Private keys should be as difficult as possible for an adversary to guess. Example Bitcoin private key (64 hex characters, 32 bytes): a26e15954d2dafcee70eeaaa084eab8a4c1a30b0f71a42be4d8da20123bff121 To learn how to create a private key, please go to the following page: hyperlink /pages/how_to_create_a_bitcoin_private_key How to create a Bitcoin private key Storing private keys You should make backup copies of your private keys, in case any one copy is lost, damaged, or destroyed. Any cryptographic operation that involves private keys should be performed on an offline computer. You should store this offline computer as safely as you store the private keys, and perhaps prepare a duplicate computer in case the first one stops working. Edgecase recommends: - Storing the offline computer in some hidden, secure place. - Writing down the private keys on high-quality paper. - Storing two copies of the private keys together in a sealed waterproof container. Two copies are protection against any damage to one copy. A sealed waterproof container protects the private keys against flood, rain, and damp. - Storing an additional two copies in a second sealed waterproof container and storing this container in a second separate location. This is protection against the risk of fire in the first location. Generating a Bitcoin address Bitcoin is stored in Bitcoin addresses. An address is generated from a private key. You can use the private key you created earlier to generate a Bitcoin address. Example Bitcoin address (34 characters): 1AGygbyEFYduWkkmZbbvirgS9kuBBMLJCP To learn how to generate an address, please go to the following page: hyperlink /pages/how_to_generate_a_bitcoin_address How to generate a Bitcoin address Once you have generated an address, bitcoin can now be transferred into it. Note: No matter how much analysis is performed, it is always possible that there may be an error / bug in the code + hardware stack that generates the Bitcoin address from the private key. If such an error exists, and an address is incorrectly calculated from a private key, and bitcoin is transferred to this address, it will not be possible to retrieve this bitcoin. It will now be controlled by an unknown private key. If you wish to avoid the possibility of this outcome and be certain that you can retrieve bitcoin from a particular address, please read the next section "Testing a Bitcoin address". When you wish to transfer bitcoin out of your address, you must create a transaction that authorises this transfer. Signing a transaction requires the use of private keys, so signatures should only be made on an offline computer. To learn how to create and sign a Bitcoin transaction, please see the following page: hyperlink /pages/how_to_create_and_sign_a_bitcoin_transaction How to create and sign a Bitcoin transaction Testing a Bitcoin address The only way to be certain that bitcoin can be transferred out of an address is to test it. To test an address, move a small amount of bitcoin into and then out of it. Once an address has been tested, a larger amount of bitcoin can now be moved into this address and the owner can be certain that it can be retrieved. Even if the owner later constructs a new transaction that turns out to be invalid, and discovers that the cause was an error in the code + hardware stack used to create and sign a transaction, he/she knows that eventually this error could be fixed and a valid transaction could be created. The owner would only risk a temporary lack of access to the bitcoin stored in this address, not its permanent loss. To learn how to test an address, please go to the following page: hyperlink /pages/how_to_test_a_bitcoin_address How to test a Bitcoin address Once you have tested an address, you can store a large amount of bitcoin on it, and know for certain that you will be able to retrieve it in the future. More information If you are concerned that someone else may accidentally generate a private key that matches one of your private keys, you may be interested in reading this analysis: - Browse to the article article Using_a_transaction_to_validate_a_Bitcoin_address edgecase 66 Using a transaction to validate a Bitcoin address . Go to the Thoughts section. Read the part "What is the chance of two people independently generating the same Bitcoin address?".