[size=5]NOTE: Please check my post further into this thread.[/size]
Ok, this is kind of embarrassing considering how far I am into Peercoin, but I need to know how to safely move my coins and secure them off-line. Since around March or April I’ve amassed quite a large amount of Peercoins, but they’re all still sitting in my btc-e trading account. I know how to get my money in and buy the coins, but I don’t know how to get them out. The reason why they’re still in my trading account is because between my job, my personal life and all the work I do on this forum, I honestly haven’t had the time to figure everything out about moving them off-line. With all the recent thefts of Bitcoins and exchanges getting hacked, I’m getting really nervous about leaving them in there. I want to make sure they’re safe so nobody can get to them but me.
I’m sure it’s simple to setup a wallet and transfer, but I’m concerned about getting a virus and having it steal my coins or some crazy shit that I don’t understand yet. I don’t want them on my computer and connected to the internet. I want to store them somewhere separate like a flash drive, somewhere nobody can get to them but me. If I understand correctly, the actual coins themselves are never transferred anywhere right? Is it just my wallet and key that I’m securing?
Can somebody explain this to me or link me to somewhere that explains it all in great detail? I just don’t feel safe the way things are going with these thefts.
ok here is a good bitcoin guide, https://blockchain.info/wallet/paper-tutorial have a play with that and bitcoins see if u can get it setup. Then you should be able to get all your private key info from your peercoin client on your home PC to make an address and know its private key.
Sorry at work atm so can’t go into too much detail but I could have a look later if you are still in need.
You can also install the PPC-qt client onto a USB drive and then keep that in a safe place. Or you can install the wallet onto your PC but then just backup your ‘wallet.dat’ file (with a password) onto a couple of USB drives and keep in them in separate locations (this is what I do).
You can do a backup of the wallet through the QT client.
Paper wallets are obviously the most resistant to computer viruses, etc but remember that paper does burn / get stolen as well so make sure you keep your paper somewhere safe (like in a fire proof safe) – I also recommend keeping your flash drives in a safe if you can or at least in separate physical locations.
If you’re really paranoid then you can use something like BitLocker or TrueCrypt on the USB drive with your wallet backup/files on it to add another layer of encryption.
Thanks a lot. If anyone else has any other guides please post them. I’ll probably have time tomorrow to figure this out. If I have any problems or questions then I’ll post them here.
Probably goes without saying but general internet safety goes a long way too. NEVER go to a website you aren’t familiar with, download software you aren’t familiar with, and regular malware/virus scans. Always log out of sites when you’re done using them.
I’ve a separate old computer for this
installed Ubuntu Linux on it
made a normal account for every currency I own
installed bitcoin-qt or multibit, ppcoin-qt or whatever in the dedicated account
created as many crypto addresses as needed
encrypted the wallet
save the wallet password several times on some paper or other media
transfered a fraction of the currency into the cold wallet
withdrawed this fraction from the cold wallet
made a backup of the wallet file on different USB sticks from at least two different manufacturers
transfered all currencies into the wallets, perhaps distributed over different addresses
distributed the USB sticks to my relatives, preferably in another city
distributed the paper with the password on it to other relatives, preferably in different cities, perhaps in a sealed envelope
You should be concerned about getting virus. If do get them, potentially none of the paper wallet or cold storage methods mentioned above will be safe because they all involves using passphrase or saving private keys which could be intercepted by viruses. If a hacker get your passphrase or private keys before you take your storage off-line, there are situations when your coins can still be moved to other addresses no matter you move your wallet off line or not.
So it is important that you move your coins to paper wallet or move off-line on a clean, secure computer. Many use an dedicated computer or , even cheaper, a computer booted from a clean linux CD to do that.
It’s just using a different Operating System only for your wallet. It doesn’t matter wether it is on a dedicated patition or in a vm. Both is realtively secure. Better is a dedicated PC like whifmoi descriped. You should not connect this PC to the internet if you do not mint via PoS or need to send coins.
It’s just using a different Operating System only for your wallet. It doesn’t matter wether it is on a dedicated patition or in a vm. Both is realtively secure. Better is a dedicated PC like whifmoi descriped. You should not connect this PC to the internet if you do not mint via PoS or need to send coins.
Definitely Linux is better then windows.[/quote]
I see. I don’t have another computer and I’ve never used a VM before.
That’s not a problem. As long as you are able to install a operating system (preferable Linux, but Windows is also working) you will not have any problems. Just install a VM-hypervisor and install the operating system or import a preinstalled (that´s a risk) vm.
I suggest using Virtualbox since it is open source.
Remember, nothing is really secure. Be careful. Don’t do anything else in this vm. Harden it. Keep it updated. Use AntiVirus products when u use windows (which - again - I do not suggest to use). Encrypt you wallet. You may also use TrueCrypt to get an additional layer of encryption.
I would not invest that much effort for 100 PPC (at current price). But when you have a significant amount, you should invest the time to secure your wallet as good as possible.
It’s just using a different Operating System only for your wallet. It doesn’t matter wether it is on a dedicated patition or in a vm. Both is realtively secure. Better is a dedicated PC like whifmoi descriped. You should not connect this PC to the internet if you do not mint via PoS or need to send coins.
Definitely Linux is better then windows.[/quote]
I see. I don’t have another computer and I’ve never used a VM before.[/quote]
If working with a VM your host system must be at least as clean as your VM. Keep in mind that an infected host system could do memory scans into the VM memory.
I do not agree with you here, I think a VM only for the wallet is definitely more secure then running the wallet directly on a (potentialy) infected system. However, as I wrote above: I agree that it is by far more secure to use a dedicated PC.
The question is always, how much you are willing to invest and how much you need to get an adequate secure environment. When you have a significant amount of (PP)coins to secure, it is worth it to invest a lot of time (and money) to secure it. But when you only have 100 or 1000 PPC it´s not worth to run a dedicated PC and/or to invest days in hardening that machine.
[quote=“MUTO, post:16, topic:728”]I do not agree with you here, I think a VM only for the wallet is definitely more secure then running the wallet directly on a (potentialy) infected system. However, as I wrote above: I agree that it is by far more secure to use a dedicated PC.
The question is always, how much you are willing to invest and how much you need to get an adequate secure environment. When you have a significant amount of (PP)coins to secure, it is worth it to invest a lot of time (and money) to secure it. But when you only have 100 or 1000 PPC it´s not worth to run a dedicated PC and/or to invest days in hardening that machine.[/quote]
You are right, but Sentinelrv told “I’ve amassed quite a large amount of Peercoins”. And if you can asure your host system is clean, there is no problem with a VM.
This is one area where PPC is still weak, IMO. Yes, you can do a cold wallet setup (either an encrypted wallet on offline media such as USB key, a paper wallet, or both). However, with BTC I just started using Armory’s offline wallet feature. Really nice!
I must be missing something, but I’ve read Armory’s overview a few times and something keeps jumping out at me…
Their “OFFLINE” wallet requires an installer, on a computer that has to synch OVER THE INTERNET with their service. That description appears to be crafted to make it sound like it’s safe, when in reality, it’s the farthest thing from it. If you trust Armory, great, but unless you’re putting a cold storage wallet on an air-gapped system, via a completely secured transfer mechanism (ie. you manually transcribed every single line of code in your wallet file from your “live” machine to your air-gapped one), there’s no way to per 100% sure you aren’t bring something along that isn’t going to attempt to phone home.
This is an opportunity though, for Peercoin to solve a problem that Bitcoin and other monetary units have, which is to say, their wallets are incredibly complex to use. I’m technical, and given enough time, I can figure out my systems and how they work – but I’ll be honest, my initial introduction to digital wallets has been less than stellar, because a lot of it IS NOT transparent ([sub]I’m looking at you, Proof of Stake and how you are enabled in PPCoin-QT[/sub]).
if we want to expand to reach the majority of those on the planet, it’s an imperative that we make wallets easier to use, understand and protect.