Sunday, March 21, 2021

Storing between 10 and 20 BTC. Am I at risk with my methods?

So, this is a throwaway for obvious reasons. I'm going to give enough detail for hopefully a good conversation and an accurate assessment of the situation but I won't be taking screenshots or photos to supply proof. Believe me or don't but I would just really like to get the opinion of a lot of smart people who know more than I do about this topic. (I'm no slouch, but I know I don't know everything.) In advance, thank you for anything you can contribute.

I currently hold between 10 and 20 BTC in a wallet.dat file attached to Bitcoin Core 0.21.0.

The software is installed on a top of the line enterprise grade laptop. It is a brand new machine that was sealed in the box. It has Windows 10 on it and was NEVER used for anything else. Windows has been updated as have all the drivers, BIOS, etc. No plugins have been installed in the browser. (Edge Chromium.) The SSD in this laptop is encrypted using a complex password that has never been used anywhere else. Also, I am the only person who has ever touched this laptop (since it left the factory of course) and this laptop was chosen randomly from a stack of around 50 identical machines. There is no way that anyone knew I'd ever be using it for this purpose. This laptop has not been compromised.

The laptop is stored in a large safe inside a locked and hardened room that is monitored for entry by a dedicated security system and there are cameras in the room. Nobody can get into this room without me knowing.

The WiFi network that this laptop connects to is dedicated to just this laptop. Device isolation is enabled, meaning that even though no other devices are on this network, even if there were, the router doesn't allow them to communicate with each other. Internet access is the only thing permitted for this network. The password for the WiFi network is complex and hasn't ever been used anywhere for anything else.

The wallet.dat file is encrypted using Bitcoin Core's standard password method. The password is quite long, complex and hasn't been used anywhere else for anything ever. I'm not, at least for the purposes of this discussion, overly concerned with the risk of losing that password and losing access to the wallet.dat file. Let's assume that the password is adequately backed up and that instructions have been left with a lawyer in the event of my untimely demise. (And that the lawyer can be trusted, etc.)

The wallet.dat file is a newer HD version and several backups of it have been taken both before and after the BTC was associated with it. BTC has been received by multiple addresses in the wallet.dat file. (Between 5 and 10 receiving addresses.)

I have taken another brand new identical laptop and have installed Windows fresh along with Bitcoin Core. I've taken the backup of the wallet.dat and have successfully restored it to the second machine. I also performed a test transaction by initiating a send, entering the password for the wallet and then aborting once the final confirmation window showed. (Only shows after a successful password has been entered.) Everything worked fine. (I have since secure erased the SSD in the second laptop BTW.)

If my house burns to the ground, I have the wallet.dat and passwords backed up sufficiently that I can recover. (I do not have the passwords digitally recorded anywhere.) One thing I have not done is extract my private keys from my wallet.dat file.

Ok. Here are the million dollar questions:

  • What could go wrong with my methods?

  • How could someone attack me outside of a $5 wrench attack?

  • How could I screw it up so monumentally that I lose my BTC?

  • Is there a benefit to getting a hardware wallet like a Trezor? What, really, is the difference? (I don't care about the cost of the laptop or comparing the cost of the laptop to a Trezor.)

  • Should I be extracting the keys from my wallet.dat file and storing them safely somewhere in addition to keeping the file backed up securely? What is the benefit if so? (Obviously an offline method would be used.)

  • Is there anything I'm doing that is a significant risk that can be mitigated by some suggestions you might have?

Thanks for reading and for anything you can contribute. See you all on the moon!


No comments:

Post a Comment