0

So, I want to create a cold storage bitcoin address to store incoming BTCs from donations and payments (I'm a freelance developer so I'm getting used being payed with BTC). Since this address has to be spread among lots of different people, I can't change it so frequently, it's like my gpg public key, it would be a pain to change this address.

This means that I need a way to spend the BTCs stored on my paper wallet in a safe but fast way. The most obvious solution is using the Blockchain.info app, scanning the private key when required (I do not care about privacy in that case, I know I can be traced and such, but I'm ok that change goes back to the same paper wallet).

My question is, how much should I be worried about my private key being compromised by scanning it with my phone? Are there any known reports about this happening? Are there same safe ROMs that could prevent this?

If this is a serious concern, how can I spend the BTCs on my paper wallet in a same way whitout changing the public address everytime?

    1

    The Blockchain.info Android Wallet app is open-source and has been heavily peer-reviewed by the community. Your private key is stored on the device once scanned, but it is encrypted with a password so even if you lose your phone they won't be able to access the key.

    As for the using safe ROMs, Android is a very secure sandboxed virtual machine that has been rarely compromised. The encryption of your keys is based on powerful and heavily tested Java libraries which run on an open-source platform called Dalvik, which is based on the Java Virtual Machine (JVM).

    In other words, you really couldn't ask for a more secure environment.

      0

      If it's a large amount of money, you could consider keeping a cold wallet and a hot wallet. This is what exchanges do, and Mt.Gox tried to do but failed spectacularly at.

      So your paper wallet will be your cold wallet. You will need a computer which is virus-free and not connected to the Internet very often (e.g. take an old computer which you never use, wipe the hard drive, install Linux on it, and don't use it for anything other than running a Bitcoin wallet). Keep a hot wallet on your phone, which you use to pay people. When it runs out of funds, go to that computer, send money from your cold wallet to your hot wallet, and turn the computer off. (Technically, there is an even more secure way to do it. The computer will remain forever offline, even when creating the transaction. The idea is to form the transaction on another computer, sign it using your private key stored on the cold computer, and then broadcast the transaction it using the other computer. However, this is a bit annoying to do and I wouldn't worry about it unless you were operating a Bitcoin service dealing with thousands of customers' bitcoins.)

        Your Answer

        By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

        Not the answer you're looking for? Browse other questions tagged or ask your own question.