Just like a regular wallet. It holds access to money. A regular wallet might have Bank notes, uncashed checks, credit and debit cards. A BitCoin wallet holds, well BitCoins. If you drop your wallet in say the luggage claim at a large metropolitan airport. Odds of you getting your physical wallet back (let alone intact) is pretty slim. Same goes for your wallet if you put it up in plain sight on the internet. You need to protect your wallet from loss and theft. If it's stolen or lost, you can't call the bank to freeze transactions from your wallet, you can't get a new wallet with your old coins in it. It's just gone. No one is coming to your rescue. So, what types of wallets exist? Well, we have Brain wallets, Paper wallets, Computer based wallets, mobile phone wallets, and cloud wallets. Choices, choices. In subsequent posts in this thread, I'm going to go over each of them individually. Oh, and just like eggs, you shouldn't keep them all in one wallet.
First off, I'm going to tell you which one you don't want. You don't want to use the Brain wallet. A brain wallet one would think would be the most secure as only you would have the pass phrase. Ok, what happens if you get a crack in your melon and forget it, heck, how about getting old and forget it, or even die? The Bitcoins are gone forever. Well, that is as long as your passphrase is truly random and not subject to a dictionary attack. Your phrase needs to be misspelled, contain random characters, upper and lower case numbers, and never appear as sentence/phrase in a published work. Yeah, using the names of your kids in order of their birth, is gonna get cracked. Maybe adding the 3 letter abbreviation of the month and the year plus day may make it, but most individuals make really sucky passwords and pass phrases. Right now, there are hackers with powerful computers attempting to hack the 2^160 possible bitcoin addresses that may be being used as brain wallets. There are tools out there, available for down load, to make it even easier for the hacker with lots of horsepower to attempt to crack them. Remember, they've got nothing but time as there is no way to tell that someone is attempting to crack it. If they get in. Your coins are gone. While this in theory "can" be the most secure way to keep your coin safe, in practice it rarely is because of humans. We aren't random enough. If you are truly interested in a brain wallet, More information available here
The Paper Wallet. Full disclosure, I'm not currently using a paper wallet, I intend to in the future but at this moment, I use an offline computer based wallet that I'll discuss later. A paper wallet is a method for storing bitcoins offline as a physical document or piece of paper that can be stored securely like cash or deeds, titles, stock certificates or anything of value. Paper wallets are created by printing a brand new public address and private key onto paper, and then sending bitcoins from another hot wallet (computer,mobile,cloud wallet) to the printed wallet's public address for safekeeping. If good security practices are followed, paper wallets are one of the safest ways to store Bitcoins. Now the BitCoins are no longer live on the internet. They are on your piece of paper. Protect it from theft and fire or other type of loss. Again, your access to the BitCoin that you transferred to that piece of paper is all up to you. No one out here going to help you recover it, no arbitrator, no stop payments. Several tools exist for producing paper wallets offline: OfflineAddress.com, BitcoinPaperWallet.com, and Bitcoin Address Utility. Care must be taken to securely generate paper wallets since an attacker can steal the present and future balance of a paper wallet if the private key is exposed, transmitted, or generated with insufficient randomness. You should not re-use the address more than once for initially funding the address, and then once when you 'spend' or send your BitCoins to another address. Just for security sake. Unlike computer based wallets, paper wallets are an all or nothing affair. You can not send only some of the BitCoin stored in your paper wallet. If you have 1.5 BTC on it, you have to send the whole 1.5BTC to a single recieving address. Not a problem if the address is one of your own hot wallets, problematic if you are buying something that costs 0.5 BTC, you'll have to trust the recipient of the entire 1.5BTC to send you back the extra 1.0 BTC. BitCoin transactions are irreversible. No charge backs, no cancellations. You send it, it's gone. It's best to send the contents of the paper wallet to your hot wallet where you can send a portion to cover the purchase and then create a new paper wallet and send your remaining 1.0 BTC to it. You should not leave your private key exposed and in the open, It's a QR (quick response code) that can be opened up on a device that can read it and then be used to send YOUR BitCoin out of your paper wallet to somewhere the person that scanned it wishes. It just happened to a Bloomberg reporter, he lost his xmas present. In the days of smart phones, a QR code is just asking to be scanned. Things you should do with paper wallets. Paper wallets should be made/printed on a computer not connected to the Internet. The private keys of paper wallets should never be saved to a computer hard drive. You should also never scan your paper wallet into your computer or type the private keys or save them in e-mail, except at the moment you are redeeming the balance. The private key of a paper wallet should be kept hidden, for example by folding the paper to hide the private key so that a photograph or photocopy of the wallet will not reveal or replicate the private key. (see link about Bloomberg reporter above) A paper wallet generator should use an appropriate source of random numbers. T his means that the generated addresses aren't predictable. If the addresses come from a predictable or partially-predictable patterns, hackers have tools that can calculate or predict the pattern can steal the balance. Ideally, randomness has to be human provided (i.e. from mouse movements, as in offlineaddress.com). One could also checkout Gibson Research Random password generator. Ok, you've created a paper wallet, you've funded it, and secured it. Now your BTC is safe from the world of hackers, malware, and all manner of baddies. Eventually, you'll want it to come off the paper, and into the real world (ok virtual world, but as a geek, the internet is the real world most of the time). Remember how the reporter above was ripped off? yeah, you are going to use the same method. You'll scan the QR or type in the private key into either an exchange or computer wallet (both to be discussed in later posts), and those BTC will transfer out of hard cold storage into your BTC exchange account or your hot wallet. ONE IMPORTANT NOTE: Double check all addresses that you are sending BTC to. Remember, this is a one way transaction, once you click send, you can't reverse it. Also, you are going to want to ensure that your transaction fee is correct. If you accidentally put the amount of BTC you want to send in your transaction fee field and the transaction fee in the amount you want to send .. well, I'll say thank you right now on behalf of all miners out there. We just got a bonus. And no, you can't have it back. There was a BTC user back in august that sent 20 BTC worth around 2500 dollars and they accidentally entered 200 BTC in the transaction fee field. That was a 25k mistake. Once it goes to the miners, it's most likely gone. We are just keeping the network going. A bone every now and again, we appreciate. BitCoin will teach you lessons the hard way.
The Computer based wallet (a.k.a software wallet). This is a piece of software that runs on your computer that holds your wallet and a copy of the ledger of transactions. Depending on the software you choose to run, you could have the list of all created BitCoin block and every transaction since the beginning of the Bitcoin protocol. The ledger is called the block chain. And it's huge! Currently it's around 16GB. It's only going to get bigger. Depending on your internet connection speed, it could take you days to download the entire block chain. Contrary to popular believe, BitCoin isn't completely anonymous. For instance, we know the addresses of the FBI's wallet where they transferred PirateDreds hot wallet to (there's about 25MM dollars worth of BTC in it). Any transaction that isn't person to person, but rather goes through an exchange or used to make a purchase, with a little digging at the endpoint (brick and mortar store or exchange) an interested party with authority can, get a name and address .. all it takes is a warrant. Granted, it's not easy to get the name, but with a writ, the alphabet boys or law enforcement, can find the sender/receiver. Anyway, this isn't about the legal stuff, that's in a later thread. This is about having a BitCoin wallet on your machine for your very own!! I'm not going to cover each and every one of the available wallets for all of the operating systems out there. There are just too many and I've not got time to test them all out. I'll list a bunch of them, you can do your own due diligence try them out and select what is best for you. There are more out there but, these are the most popular. Bitcoin-Qt Runs on Windows, Ubuntu, Mac This is the standard wallet. When you first download Bitcoin-Qt, it will likely take at least a day as it downloads the entire Bitcoin blockchain onto your computer. Electrum Runs on Windows, Ubuntu, Mac, Android The Electrum wallet is a lighter-weight wallet than Bitcoin-Qt as it doesn’t download the entire blockchain. MultiBit Runs on Windows, Mac, Linux The MultiBit wallet doesn’t download the entire blockchain so it can be working in a matter of minutes. It also provides wallet descriptions to allow you to define wallets with categories such as “savings” and “spending.” Supports several languages. Armory Runs on Windows, Ubuntu, Mac Armory claims to “provide the highest level of security for heavily-invested Bitcoin users…” It has a few super-user features that other clients don’t have, but it also involves a bit of technical know-how to use. I'm going to cover Bitcoin-Qt in this example (it's the one I'm most familar with): It's pretty straight forward, 1. go to Download - Bitcoin 2. select your operating system. 3. Install the software as you normally would. 4. after it installs, start the software. 5. And, wait. Seriously I mean wait. Depending on your internet connection, it could take days to download the entire block chain. Or, if you have a really fast connection and have a good pool of other nodes near by that can communicate with you, it might take a couple of hours. Either way, you should be ready to leave your computer on for the duration. You can stop the downloading of the blockchain if you must, but don't just kill the application or just shut off your computer. To prevent having the blockchain on your computer from being corrupted, you will need to use the exit function in the software. If you don't use the exit function, the software will have to rebuild what you've already downloaded and then will continue downloading where it left off. 6. Now, after the blockchain has been downloaded, your software is ready to go! 7. Let's set up some of the software options. click on settings, then options. the following screen will appear The transaction fee is optional at this time, but if you want your transfer processed in the next hour, you'd best put something in there. Us miners don't like to work for free. Currently the 0.0005 amount equates to about 40 cents. It's cheaper than a stamp, cheaper than western union or a bank wire. It's worth it. Without a transfer fee, you'll wind up in a pool that will be processed in the order it was received, and there maybe be thousands a head of you. Miners tend to validate blocks (which include your transaction) every 8-10 minutes. You want to pay the transaction fee. Otherwise, once all the BitCoins have been mined, if there is no transaction fee, no one is going to want to keep the network going without some compensation. If you check the box that states Start Bitcoin on system start up, when you start your computer, it will down load the new blocks in the block chain that were created while your computer was not connected to the network. You may notice your computer being a little slow to react on the internet when you first start up. It's because the software is trying to catch up. If you don't check the box, when you first start up the software, it will start downloading the blockchain, and it could take awhile. Your transactions (the BTC someone has sent to you) may not show up until that part of the block chain has been downloaded and validated on your machine. Ok, you've installed the software, set the options. You need an address for your wallet. Typically the software creates a new one for you when you first install the software. You can find it by clicking on the receive button in the main menu of the software. Each wallet should contain no more than 100 addresses. I don't let a wallet get over 50 before creating a new wallet and transferring all my coin in this wallet to the new wallet. It's a personal preference thing. If you wind up with a wallet with more than 100 addresses, things start getting truncated (yes it's a flaw, but it's one you need to be aware of) and you already know if you aren't in control of a wallet address .. even if you were before the truncation, it's gone. Some of the other wallets above do not have this flaw. You've been forewarned. At this point, you've got a BitCoin client, and a wallet address that people can send BTC to, or you can buy BTC and have it sent to this address, Excellent. this wallet is yours to hold and protect from loss and theft. And you will need to do that.. there are tools in the menu bar of the program to backup and encrypt your wallet, and you can use them. But before you do, you should probably know where your wallet.dat file is. That is the most important thing to you. That's the important file, you can always down load the block chain, reload the Bitcoin-Qt software, but you can not recreate a missing wallet address. On windows, you will need to find the file wallet.dat Your OS may have a search tool, you'll just have to tell it to look in system, hidden and temporary files. the default location of the file is: on window xp it's C:\Documents and Settings\<your logged in username>\Application Data\Bitcoin on vista,windows7 and maybe windows 8 C:\Users\user\AppData\Roaming\Bitcoin On linux it should be in ~/.bitcoin/ if the default install was overridden, to find the file on linux, run the follwing find / -name wallet.dat -print 2>/dev/null and on Mac (i've not tested a mac) a default install is in ~/Library/Application Support/Bitcoin/ The wallet.dat file is the one you want to protect. Let's say someone sent you 100 BTC and you wanted to take it offline (cold wallet) and archive it until you want to retire, you will need shut off the software, rename the file, encrypt it, archive it in many places to prevent single event loss, IE computer dies, fire, tornado. you get the idea. Anyway. If you shut off your Bitcoin client software that we downloaded via the exit function, you can now play with the wallet.dat file. you can rename the wallet.dat file to something like btcdeepstorage.arch you can now encrypt that file with something like TruCrypt now save that highly encrypted file on : a different hard drive. a usb drive a flash drive you are going to put in your safety deposit box and what the heck, upload it to Mega for storage and maybe dropbox too. the directory will no longer have a wallet.dat file in it, the next time you start your bitcoin client it will create a brand new wallet.dat file for you use for your day to day BTC transactions while your 100 BTC nest egg is safely off line. I actually don't suggest you put all your BTC in one wallet, you should actually spread it out among a few (or many) wallets containing smaller amounts, transferring money across multiple wallets. spreading out your fat BTC wallet across multiple smaller wallets. 1. Create a backup of your current wallet. 2. While Bitcoin-QT is NOT running, remove your wallet from the Bitcoin-QT folder. 3. Start Bitcoin-QT and create a new wallet. 4. Copy a receiving address from the new wallet to somewhere. 5. Close Bitcoin-QT and move the new wallet to the USB stick. 6. Restore your Wallet backup, and start Bitcoin-QT 7. Send the amount to be you want in the new wallet on the USB stick to the receiving address you saved before. remember to protect your wallet.dat files like they were money .. because they are. You should get familiar with what ever wallet software you choose. Ensure you are comfortable with it before ever having anyone send BTC to you or purchasing it at an exchange and sending it to your wallet. If you lose the wallet.dat (and the private keys it contains) .. all your BTC belong to the void. Or some lucky software program in the year 2525.
The Hardware wallet (think USB flash drive with LCD display showing how many BTC are on it). There are a few companies that are working on developing hardware wallets where one can store their BTC. At the moment though, they are mostly in the design, prototype and protoHYPE stage. Once they hit production, I'll buy one and report back. So for now, we won't cover it.
And Web Wallets (and mobile phone wallets too) As you guessed it, they are located on the web. Web wallets have a few aspects that you should be aware of. Being that they are on the internet, they are live and ready to use .. and ready to be hacked. These are prime targets. If you decide to use a web wallet, you would be wise to use 2 factor authentication and not leave much in the wallet, only what you intend to use. They do offer one distinct advantage of brain, paper and software wallets. They live on the internet. So, if the US decides to make Bitcoin illegal, so what, let them check your computer, documents and thumb drive. They aren't going to find them, they are already 'Offshore' I've got a webwallet with CoinBase but not using it. Probably won't be putting anything into it for quite some time as I'm (as stated in previous posts) a offline wallet kind of guy. A lot of BitCoiners that i know use CoinBase as their primary wallet as it's security (so far) has shown to be top notch. Along with BlockChain, these are the two most well know and trusted. But also being the biggest, they are targets. Just remember, that BTC you put in the cloud, is subject to being coveted by any number of people and or governments. You will need to do your own due dilligence in determining what web wallet is right for you. BlockChain My Wallet - Be Your Own Bank - Blockchain.info Coinbase Coinbase - Your Hosted Bitcoin Wallet Coinjar CoinJar Coinpunk Coinpunk - Free Hosted Bitcoin Wallets Blockchain, coinjar and coinpunk also offer wallets for mobile phones. I'm not a smart phone user, don't plan on being one anytime soon (if ever) so I've got no insight into the. Personally, If you use them for conducting commerce, you are awesome. Lots of small businesses are adopting the acceptance of Bitcoin, and this is how you would pay your bill/charge buy using the smartphone apps. Just not Apple anymore because they for some stupid reason, decided to block BlockChain and their app from being used on their product. I'm thinking that they just gave away their market share to other device manufacturers. But overall, Webwallets are typically considered hot wallets because they are online and ready to be used in commerce and exchange at anytime. Where as a cold wallet, depending on the application on your computer, or access to your paperwallet private key, may take hours or in the case of those using the full ledger in BitCoin-qt .. days to get their wallets ready to make a purchase/exchange.
