Everyone has different needs for security, and the same person has different needs for security in different application scenarios.
To achieve financial freedom by hoarding Bitcoin, private key management is the only skill that needs to be mastered.
Through the previous articles:
"Bitcoin and Idealism" We are participating in a social experiment. There is a possibility of failure, but we have no regrets.
"Getting off the bus too early because the vision is too small" The goal of this experiment is very big. If everything goes well, the price of Bitcoin may rise to 160 million yuan in 20 years.
"Hoarding Bitcoin: How far are you from financial freedom?" 》We have no other ability but to hoard Bitcoins and wait patiently for our own financial freedom.
"Hoarding Bitcoin: Impulse, Loneliness, Boredom and Contradiction" Although we will experience psychological tests such as impulse, loneliness, boredom and contradiction, we are ready to hoard coins.
"Hoarding Bitcoin: The Pleasure of Holding the Private Key" It is a bit troublesome to master the private key, but we are still prepared to be responsible for ourselves.
We finally made up our minds to master the Bitcoin private key ourselves, so we immediately face the next question: How to manage the private key?
This question is important, but I was not prepared to answer it, because if you can't find the answer to the question through your own search, then you don't deserve to own Bitcoin. However, because many people asked, I finally decided to share some of my experiences.
This article will not provide a detailed tutorial, nor will it recommend any wallets. This is because Bitcoin is developing very fast, various wallet software updates are also very fast, and tutorials will soon become outdated. If you absolutely want tutorials, there are some online. Although I don’t know if they are outdated, you can give them a try.
"What should be done in a Bitcoin cold wallet?" 》
"Bitai Wallet" User Experience Report"
The focus of this article is to share some principles of private key management, which will never become outdated no matter how the software is updated and iterated.
Hierarchical management of private keys based on security requirements
Everyone has different security needs, and the same person has different security needs in different application scenarios. Therefore, it is impossible to have a universal private key management method that works for everyone or all application scenarios.
In addition, security and ease of use are usually a contradiction. Any private key management solution is actually a balance and trade-off between security and ease of use.
So we need to manage private keys hierarchically. For ordinary Bitcoin users, two levels are usually sufficient: high security level and low security level.
For example, you currently own 10 Bitcoins, 9 of which are intended to be held for a long time and will not be moved for several years, and the other 1 needs to be used frequently. Now, you have three options to choose from:
Put all 10 Bitcoins in 1 cold storage (safe);
Put all 10 Bitcoins in 1 hot storage (easy to use);
Put 9 Bitcoins in cold storage (safety) and 1 Bitcoin in hot storage (ease of use).
The third option is hierarchical management, which not only ensures security but also takes into account ease of use. The first option is very inconvenient to use, and the second option puts those 9 long-term held coins at unnecessary high risks.
Since we are currency hoarders, most of the coins will be hoarded for 10-20 years. Therefore, next, I will only introduce the principles for high-security private key management.
Manage private keys instead of wallet files
If you want to hoard coins for a long time, you must directly manage the private key. Although many people have started to use Bitcoin, they still don’t know what a private key is. Regarding what a private key is and what is the relationship between a private key and an address, please refer to:
"Mastering Bitcoin – Chapter 4 Keys, Addresses, Wallets"
"What are the private keys, public keys and addresses of Bitcoin?" 》
In "Hoarding Bitcoin: The Pleasure of Holding Private Keys", I briefly talked about how I made a cold wallet for the first time. I was still a novice at that time, so I was managing wallet files. This solution is still safe today, but I no longer use it.
Why do we need to manage private keys directly? Because software iterates very quickly, is upgraded frequently, and dies quickly.
4 years ago, many of us used a wallet called multibit (https://www.multibit.org/), but now this wallet has stopped updating. If you saved a multibit wallet file back then, you cannot open this file now. Even if you backed up the software at that time, there is still a risk because the software has not been maintained for a long time and the loopholes have not been fixed.
No one can predict what will happen in 10 years, and no one can know whether the wallets we use today will survive 10 years from now. No one knows how many more forks Bitcoin will have in the past 10 years.
The so-called person who gets the private key wins the world, and this world also includes the world of forked coins. If you sell the forked currency that you are not optimistic about at a high point, you can not only make a profit, but also make the manipulator of the fork miserable.
So, please manage private keys directly, not wallet files. In fact, you don’t even need a wallet, all you need is a tool that randomly generates addresses and private keys. This topic is a little more advanced and you can learn it by yourself when you have time. It’s actually not a hassle.
Basic solution for cold private key management
The steps for making a cold private key are as follows: prepare equipment (used mobile phones or used laptops), download software (wallets and other tools that can generate addresses and private keys offline), disconnect from the Internet (you can even destroy the network card), and generate addresses and private keys offline. Private key, encrypt and back up the private key (directly save the text and encrypt it).
After completing the production of the cold private key, you only need to transfer Bitcoin to the address corresponding to the private key, and use other Internet-connected devices to query the transaction records and balance of the address in the blockchain browser.
As for which wallet tool to choose, you can refer to (https://bitcoin.org/en/choose-your-wallet), which has a brief introduction to each wallet:
[Hoard Bitcoin] 7. Getting started: How to manage private keys?
Figure 1. Bitcoin Core wallet introduction
The most important thing is the first one. Be sure to choose a wallet that says "Control over your money". Do not use any wallet that does not have this first item.
Be sure to test before actual combat
Since the amount of cold storage coins is generally relatively large, if an error occurs, the loss will be very high. So, no matter what plan you choose, you need to use a small amount of coins to test it first. Testing is also a process of deepening understanding. Through repeated testing, you can continuously improve the solution. Until you are very sure that the solution is safe and reliable, you can officially use it.
How many backups are needed?
Lack of backups is dangerous because once the private key is lost, all Bitcoins are lost. Having too many backups is also dangerous, because the more backups you have, the easier it is for your private key to be exposed. After my long-term personal exploration, 3 backups should be the most suitable. These three backups must be different in form and their storage locations must be dispersed.
Electronic backups and paper backups each have their pros and cons. If electronic products are left for a long time, they may malfunction and fail to open. Although the paper version will not malfunction, the ink may disappear or become blurred. Recommendation: 2 electronic copies + 1 paper copy.
If three backups are placed in the same location, if a fire breaks out or a thief encounters, they are likely to be destroyed in one fell swoop. Recommendation: 3 backups are stored in 3 safe locations. This is difficult, it must be decentralized enough and secure enough.
Does the private key need to be encrypted?
Private key encryption is risky because if the password is forgotten, it is all lost. There is also a risk if the private key is not encrypted, because once stolen, it is lost immediately. Recommendation: Encrypt with the password you use most frequently and remember best.
You don't have to worry about the password not being strong enough or secure enough. The purpose of encryption is to prevent thieves. The password does not need to be particularly complex, as long as it can delay enough time. For example: One day you find that your home has been stolen. Since it takes time for the thief to crack the password, this buys you time to use other backups to transfer the coins. There are many encryption tools to choose from, even using the encryption that comes with the compression software is enough.
How many private keys need to be managed?
random. You can either store the coins in one address and manage one private key, or you can distribute the coins to N addresses and manage N private keys. There is essentially no difference in management difficulty. One more private key means one more string of characters.
There are advantages to spreading the coins among N addresses. For example, you have 9 Bitcoins distributed to 9 addresses. One day when you need to use <1 coin, you can directly import a certain private key into the hot wallet for use without affecting the security of the other 8 private keys at all. For hoarding Bitcoins, the possibility of selling a large amount of coins does not exist, so it is recommended to spread the Bitcoins among multiple addresses.
Prevent yourself from accidents
What does it mean to keep it in your own hands? Only you have the private keys to use these Bitcoins. This means that once something happens to you, all your Bitcoins will be lost. This is the characteristic of Bitcoin, wealth that truly belongs to you and cannot be shared with others.
However, you can still choose to give your private key backup to someone you trust 100%. You need to specifically remind him that he can only touch the private key if something happens to you.
why? Because private key management is difficult, sharing private keys will eventually lead to a breakdown of trust. For example, one day you find that your Bitcoin has been stolen. It may be due to your negligence, but you don't know it, and you will start to doubt the other party. Of course, it is also possible that the other party has betrayed you but does not admit it. All in all, this matter is unclear.
Therefore, when the other party keeps your private key, he needs to know very clearly the risks and responsibilities he bears. Vice versa, if you gain someone else's trust and help him keep his private key, you also need to be very clear about the risks and responsibilities you bear.
Moreover, once you decide to hand over your private key backup to someone else, you not only need to trust the other party absolutely, but you also need to be mentally prepared so that you will have no regrets if you are betrayed. Otherwise, you shouldn't give your private key to anyone. But this does not mean that you cannot share Bitcoins with others. You can transfer Bitcoins to others and let them keep their private keys.
Still think it’s too much trouble?
Then you should use a hardware wallet. If you want to buy one, buy 2 of them, plus 1 seed card, which is exactly 3 backups. There are electronic and paper versions.
The biggest risk with a hardware wallet is that the hardware has been tampered with, especially during the shipping stage. Someone once bought a second-hand hardware wallet, but it was tampered with, resulting in the loss of coins. Therefore, please place an order with the original manufacturer and carefully check whether the packaging and seals are intact when receiving the goods. After receiving the goods, save a small amount of coins to play for half a year, and the amount of coins will gradually increase.
You still need to understand that hardware wallets still do not directly manage cold private key security. However, for a person who doesn’t want to learn anything, it is already the best solution.
postscript
At first, I refused to write this article. Because I always think that if I need to teach you even this, it may not be suitable for Bitcoin. It seems that the attraction of financial freedom is not big enough.
However, there are many people asking this kind of question. I have also been a novice, and I really hope to get guidance from seniors, so that I don’t have to take detours. I can understand everyone's mood, so I bite the bullet and write it. Maybe it's not as detailed as you think, I'm really sorry.
I haven't used wallet software in a long time, so I don't know how to recommend it. Except for one hot wallet still kept on the computer, which used a version of Electrum a few years ago, and saved some coins for emergencies, all other wallets were uninstalled.
In fact, you don’t need any wallet software to hoard Bitcoin, you’ll figure it out eventually.
