Creating a secure Wallet
When it comes to crypto wallets, there are two different types: Hot wallets and cold wallets. Hot wallets (also called "hosted wallets" are generated kept online, while cold wallets (also called "cold storage") are generated and kept offline. This section is about cold wallets only.
Every BitCoin account consists of a public key and a private key. The public key is your BitCoin addess or BitCoin account. Those are just three different things for the same thing, namely the combination of digits and letters that is needed in order to send BitCoins to that account. Every crypto currency has its own encription system. One can't for example send LiteCoins to a BitCoin account / address. This would be like sending a wire transfer to a bank using the wrong currency. The bank may rectify this error for an extra fee. In Cryptoland this is an invalid transaction and it simply will not happen.
Lets once again use our classic example account with the number 1JCe8z4jJVNXSjohjM4i9Hh813dLCNx2Sy on blockchain.info:
Anyone can see how much is on the account, how many transactions were made and at what time. One can also send BitCoins to this account, but that's about it. One can't do anything else if you only have the public key.
As you can imagine, there are millions who would like to access this account, but all one can do is to guess who the owner might be.
The very first problem any government would face is having to find out who owns it. It is virtually impossible to trace the person if you only have the BitCoin address. That can happen if the owner has publicized it, for example in order to collect donations or payments, and the payer or his ex reported him. But if there is no such coincidence playing it's part in the game, there is no way to find the owner based on the BitCoin address. It can be anyone's, anywhere.
Hence, what governments do is to come from the other side. Through the back door: They grab the providers and force them to disclose the names of the customers. They then get all the BitCoin addresses associated to each customer, and since anyone can look up every transaction ever made, all the government has left to do is to go through all addresses and count. This is very complicated, though, because there is a very high chance that the provider that hosts those services is registered outside of that particular government's jurisdiction, and that it is more valuable to the service provider to protect its customer's privacy than to disclose sensitive information to the government of some Banana Republic whose jurisdiction ends at its border thousands of nautical miles away. The providers usually ignore government requests of that kind. They are based where they are for a reason after all.
That is mostly a good thing, but it can also backfire, because like the governments, the user also can't do much if the provider decides to declare bankruptcy and/or to run away with all the money. Everyone remembers the Mt. Gox case, a few years ago.
In order to access the account, the private key is needed - inconditionally. No private key, no access. Period. The private key is the only way to access your BitCoins. The only way. If the private key is lost or stolen, so are your Bitcoins, and there is absolutely no way on earth to recover them - unless the private key is recovered. The provider won't disclose the private key. And even if, that key was seen by someone else and, hence, is no longer secure.
In case of a hosted wallet the provider usually holds the private key of their customers' accounts. This is convenient and generally there is nothing to worry about. However, it is not the safest way of keeping cryptocurrencies safe, because somebody else has the private key.
For anybody who is holding cryptocurrencies that exceed the amount that one needs for experiments, it is imperative to have full control over one's own private key at all times.
The provider usually won't disclose the private key if asked for. That's for security reasons, because they can't really verify if you are who you say you are. And even if, that private key would already be compromised, since somebody else already had access to it.
The private key must be kept in total and utter secrecy from the very beginning. If there is the slightest doubt to believe that there is a chance that any other person has peeked at that key, a new one should be generated forthwith. Regardless, if the provider would hand over the key or not, a new wallet would have to be created anyway, which is why there is no point in asking the provider for the private key. Generating a new one is simple and necessary in order to create a real secure wallet. Here are some easy steps to creating a secure wallet:
Creating a new Wallet offline
It is extremely important to create the new wallet offline in order to prevent spy or malware that might be on the computer to access the net and disclose any information. During the creation of the wallet nothing should be able to leak into the cyberspace. If one of the following tools is going to be used directly from the website, then the internet connection should be cut after the page is loaded. That means WiFi off, adapter off, router off, ethernet cable out.
BitcoinPaperWallet is cetrainly one of the best sturctured and easy to use site around for creating paper wallets. If one is willing to read through it and watch the instructional videos, there's not much than could go wrong. In addition the site also offers paper wallets with a protective hollogram for the private key and other good stuff. For this particular procedure of creating a secure wallet, none of it is needed, though. On BitcoinPaperWallet you can create offlin wallets for the following cryptocurrencies:
- BitCoin (BTC)
- LiteCoin (LTC)
- DogeCoin (DOGE)
The procedure is the same for all currencies: One can think of a very long phrase and type it in using deliberate misspellings and special characters or just move the mouse to add some randomness. When the 100% are reached a public and a private key will be produced on the screen. Whether one chooses to print it out, take a picture of it with an analog camera, write it down using a pencil and a paper and then stash it soewhere secret, or whether you just memorize it and then burn it, that's up to each one to decide. A brain wallet is called brain wallet because it represents the highest possible level of security. Important is to make sure nobody else must see it, and the owner must not lose it.
BitAddress.org is also a wallet generator, and a wallet generator only. Only BitCoin wallets can be created here, but this engine is what BitcoinPaperWallet.com is powered by.
Create an offline Wallet on BitcoinPaperWallet
Exactly the same procedure for creating a BitCoin Paper Wallet is applied to create a Paper Wallet for other crypto currencies. To create a DashCoin Wallet, the script can be found on the site PaperDash.org.
Create an offline Wallet on PaperDash.org
The procedure of creating a wallet on EtherWallet is similar to the procedure described above, just that a password has to be created at the beginning. This password will be needed later.
When the "Generate Wallet" button is clicked, a Keystore / UTC file is generated, which should be saved somewhere other than the computer, for example on a memory stick. This file is the encrypted private key, and an additional security measure. If the private key is lost, it can be restored with this file and the password that was generated at the start of the procedure. Again: In order to access the wallet you will need either the file and the password or the private key.
Clicking on "I understand. Continue." leads to the next step that reveals the unencrypted private key. Without copying the public key to the clipboard, print it, write it down three times one below the other to avoid transposed digits and calligraphic errors, and then store it on a safe place - or memorize ist to obtain a true 'brain wallet'.
Now it's time to "Save your Address" will open a site on which to choose how to reveal the public key. Whether you want to use the private key or the file and the password is up to you. I recommend using the file and the password instead of typing in the long private key. File and password are just quicker.
Click "Unlock Wallet" to reveal your public key. This is your wallet address payments are sent to.
Create an offline Wallet at MyEtherWallet
Bitcoin Paper Wallet Generator ⇩ Download ⇩
For those who want to leave nothing to chance, there is also the option to download the code generator from GitHub.
It doesn't have to be installed or extracted. It runs from the archive. All that is needed is a browser. For instance the tool could be downloaded onto a memory stick or burned to a CD, which then could be used to generate the wallet using a computer with some archeological value that has never accessed the internet, or if, then at a time where Netscape Navigator was widely used. Not sure the wallet generator would work on Netscape, though. The procedure on how to generate the wallet is described in BitcoinPaperWallet. It is the same engine, except that instead of running it from the browser, it runs locally.
Walletgenerator for many other Cypto Currencies
Access WalletGenerator.net to create wallets for BitCoin, Bitcoin Cash, BitCoin Dark, BlackCoin, Dash, DeepOnion, Deutsche eMark, DigiByte, DogeCoin, DogeCoin Dark, FeatherCoin, FedoraCoin, FlorinCoin, GridCoin Research, LiteCoin, NameCoin, OmniCoin, PinkCoin, PotCoin, PrimeCoin, SysCoin, Unobtanium, V-Cash, VertCoin, ViaCoin and many others. The same procedure applies to this generator.
Create an offline Wallet on WalletGenerator.net
To learn more about creating paper wallets for any crypto currency, just access the donation page and click on the title of the currency you want to generate a paper wallet for. This will take you to the the site that generates paper wallets for the respective currency.
Example: If you want to generate a paper Wallet for Monero, then just click on where it says "Monero" and the site moneroaddress.org will open in a separate tab.
Securing of the newly created Wallet
With a normal wallet, it is okay even to publicize the public key, which is why it is called "public key". But since this newly created wallet is a secure wallet, it is good practice to keep both keys absolutely secret. That is because the less people even know of its existence, the more secure it is. The wallet is the more secure, the less people know it exists.
The regime must not be able to trace this public key back to you, otherwise it could use so called "enhanced interrogation methods" in order to
extort extract the private key from you.
This newly created wallet is not registered with any provider or any exchange or any other second party, and that means that there is no way that any authority can connect the dots from the provider to the person to the BitCoin address. Simply because there are no dots to connect.
The interface between Fiatland and Cryptoland is always a provider. The provider is where those two worlds touch each other. Think of it as a portal. A provider provides services in both worlds. It consists of a private property which is tangible somewhere on Earth at the mercy of some government, and it has one or more owners. The henchmen of Fiatland can actualy touch them, shut them down, seize property - which is why private property was invented in the first place - and even force them to hand over the private keys to each account and that way seize the assets on those accounts.
Stay clear off the portals unless you're using them.
The point of having a secure wallet is to avoid finding oneself in such a situation. Important wallets must not be left at the portal, just because it is convenient. We must only use the portal when we have to interact directly with Fiatland, for example, when we want to buy or sell fiat. The real money should always be stored in the deepness of the Blockchain. There is no safer place on Earth.
Remember: All the government can access are those addresses generated by providers.
This newly generated address has not been generated by any provider, and therefore it is neither stored with or known by any provider and it is also not registered anywhere. Thus, no provider can diclose it to any government because no provider has it. Only you know it exists. Make sure you keep it that way. This is now your personal "Fort Knox", so to speak. No one can hack it, steal it or even see it, because nobody knows it exists, let alone knowing who it belongs to.
Even if all governments of the entire planet take down all providers, like CoinBase, CoinsBank, CoinExchange in order to prohibit the use of BitCoin, the money in this Wallet will still be safe and secure and always at the disposal of its creator and rightful owner.
And if this scenario comes true, one positive side effect is that the wallet will be worth a whole lot more than it is now.
Now there is the safest place on Earth to store life's savings free of taxes and interests, with an increase of purchasing power guaranteed by logic. In order to avoid a breach of security, the following advice should be followed:
- Never disclose any information on this wallet. All details should be treated as highly classified. Only the owner should know it exists.
- The account number should never appear anywhere.
- Never request or receive payments directly to this wallet.
- Never send payments to this wallet from one address more than once.
- Avoid sending coins to a secure address from addresses created by providers.
- Big amounts should be sent from many addresses, indirectly and never in a straight way.
- Ideally every address from which you send the money to the secure wallet is generated offline.