Multibit security with regards to "backup" folders

I'm using the MultiBit client to manage my wallet (right here on my computer), but I am concerned about the security with regards to the *-backup folders that it creates automatically.

When I inspect the wallet-unenc-backup directory, I find 2 pairs of .info and .wallet.cipher files. Using a text editor, I can see that the .info file only contains my public bitcoin address and a line referring to the rolling-backup directory and some other numbers. The .wallet.cipher file shows weird characters.

Does the .wallet.cipher file contain a private key unencrypted? If so, why does the client not warn me about this? Is it because its users are expected to know this, or am I wrong about this?

The other folders contain .info files as well, and .wallet files (probably and encrypted wallet).

Any clarification on the actual information stored in these files and whether that information is encrypted would be helpful.

I did read the documentation of MultiBit, but their description of these files, found here, isn't very clear and doesn't contain warnings where I expect them to be.

EDIT:
I have put a password on my wallet using the "file" menu in MultiBit.

pancake

Posted 2014-01-04T16:26:10.190

Reputation: 133

Answers

wallet-unenc-backup contains the backups that were created before you set a password. Since MultiBit creates a backup each time it adds a key, and it doesn't seem possible for a wallet to be encrypted from the start (before the first key is added), there will always be at least one of these. Once the wallet is encrypted, no further backups will go here. You can verify this by checking the timestamps.

As Jim says, MultiBit goes back and encrypts these old backups when you first set a password, but note that it's a different method of encryption from the regular wallet, hence the .cipher extension. A regular .wallet is a protobuf file (serialization of Java objects), inside which the public keys are stored in cleartext and private keys are encrypted individually. Whereas the .cipher is a custom format that encrypts the previous file's contents as a whole. (I assume they did it this way to avoid messing with old backups any more than strictly necessary.) I was mystified like you, so I found the format in the source:

// The format of the encrypted data is:
// 7 magic bytes 'mendoza' in ASCII.
// 1 byte version number of format - initially set to 0
// 8 bytes salt
// 16 bytes iv
// rest of file is the encrypted byte data

Then there's yet a third encryption format for exported private keys: http://test.multibit.org/en/help/v0.5/help_exportingPrivateKeys.html. My preference is to delete the "unenc" stuff, as it's an unneeded extra copy of sensitive information that just adds confusion. (Needless to say, don't delete any wallet related files unless you know exactly what you're doing!)

jwelsh

Posted 2014-01-04T16:26:10.190

Reputation: 353

Thank you so much! Your answer is very clear and addresses all relevant points. – pancake – 2014-06-20T07:36:36.077

Glad I could help and thanks for the feedback! – jwelsh – 2014-06-20T07:41:32.257

The files with the .cipher suffix are the regular wallets encrypted with 256 bit AES.

The password used is the one you use to first encrypt your wallet. MultiBit goes through all the unencrypted wallets, creates an encrypted copy and secure deletes the unencrypted one.

You can open the .cipher wallets using File | Open wallet and it asks you for the password.

jim618

Posted 2014-01-04T16:26:10.190

Reputation: 3 205

1So, am I to understand that all of the backups that MultiBit makes (which are described in the page I referred to in my question) are encrypted? Even the "unenc" one? – pancake – 2014-01-04T21:53:43.503