Is it important to have an unencrypted backup of the private key?

Am I correct that in not having our private keys written in paper or otherwise backed up we are implicitly trusting the wallet developers to keep publishing wallet versions that are capable of reading and deciphering our password-phrase? Nobody else can decypher that phrase and give us access to the bitcoins, correct?

I recently had a bad experience with Mycellium wallet: i lost my Android mobile and the backup of my wallet was in a 1-year-old format (encrypted private key in paper, QR format) that the new desktop app, amazingly, would not recognise. In the meanwhile, I had moved to iPhone, where no Mycelium was available. Eventually i solved the issue by installing Mycelium in a friend's Android. Fortunately, the Android version did recognize the old encryption after scanning the QR with the camera, so I could send the money to another wallet. But this made me realise that we absolutely rely on the developers if we do not keep the private keys written somewhere, unencrypted.

In other words: What happens if a wallet app is discontinued and we find ourselves in 2020 with no way to install that old wallet in the 2020 standard devices?

Or am i missing something here?

Thanks in advance

DrGC

Posted 2016-01-06T17:58:10.713

Reputation: 201

Answers

It is important to be able to recover your private keys using only tools you fully control. That protects you against failure of infrastructure you would otherwise need to transfer your funds. There are lots of stories of corrupted backups, unreadable backups, and backups that didn't actually include the private keys.

Storing your private keys unencrypted on paper is one way of doing this. They can also be stored electronically in encrypted form, so long as you have reliable access to the encryption key and decryption tool.

David Schwartz

Posted 2016-01-06T17:58:10.713

Reputation: 46 931

So you would not recommend using wallets that do not allow exporting the private key unencrypted? (i'm having this problem with GreenAddress) – DrGC – 2016-01-06T23:18:50.843

1@DrGC I wouldn't recommend them for long-term storage of significant amounts of money. – David Schwartz – 2016-01-06T23:56:31.010

Probably best to use BIP 38 encrypted paper wallets for long-term cold storage, especially if printer drivers not trusted. However, be aware that not all hot wallets can directly sweep nor import BIP 38 encrypted paper wallets. To avoid wallet vendor lockin, BIP 39 technology is also an excellent technology for the long term to easily backup and restore your funds in a HD wallet. . – skaht – 2016-01-08T06:16:32.543

You are correct. However, in all open source wallets that follow the proper Bitcoin Improvement Proposals (BIPs) people will be able to replicate the encryption logic so you can use your passphrase to get access to your private keys again.

Still, I would recommend, for the majority of your bitcoins, to store them to a paper wallet with the private key encrypted (encrypted private keys starts with 6P...).

You can use something like https://www.bitaddress.org to generate bitcoin addresses and optionally encrypt them with a passphrase. Then hide those paper wallets... even if they get stolen people will not be able to access your bitcoins without the passphrase. However, you can decrypt the private key with any BIP38 compatible wallet/software.

For extra security, you could download (Save as...) the website page (www.bitaddress.org) locally. Then disconnect from the internet and load the page locally in your browser to create your new encrypted paper wallet offline.

karask

Posted 2016-01-06T17:58:10.713

Reputation: 2 089

about the first part: so, for instance, i started using GreenAddress wallet, which does not allow exporting the private key (i find this weird, isn't it?). My access to the wallet is via a 24 word phrase. Now imagine i forget about these savings during 5 years and in the meanwhile GreenAddress is discontinued and i loose my mobile. Do I relay on some developers who nicely will to recode GreenAccess to allow me to use my bitcoins using my 24 words? Is there no other alternative if i want to keep my bitcoins saved for a long time? – DrGC – 2016-01-10T11:37:40.290

The passphrase that you have in GreenAddress can re-create the private key(s) according to BIP39 (mnemonic codes). That is why there is no need to export private keys. You can recreate your private keys using other BIP39 compatible software not necessarily using GreenAddress code. For storing for a long time I suggest using encrypted paper wallets. – karask – 2016-01-10T13:46:30.160

It may be safe the assume that the most popular mobile wallet applications will still be around, or if the app does become unavailable, a user will recreate the encryption logic so you can recover your private key in the future using your passphrase.

That being said, in most circumstances it's a good idea to have a well-hidden physical backup of your private key just in case. Printing your private key on paper and hiding it in a safe place would eliminate the risk you mentioned and only introduce the small risk (assuming you hid the paper in an adequately private place) that a malicious party finds your private key and knows what to do with it.

toinetoine

Posted 2016-01-06T17:58:10.713

Reputation: 200

The thing is that i just started using the GreenAddress wallet, but I find no way to export my private keys, so I see no way to have a physical backup of my bitcoins, to be independent of the wallet developer. Am i missing something in this reasoning? In fact, if I understand this, i cannot even change my bitcoins to a different wallet unless I do a transfer and pay for the transaction fee, correct?. (Obviusly, I am not a bitcoin expert) – DrGC – 2016-01-10T11:03:24.170