Introduction
This article will list the steps I followed when creating a cold storage Bitcoin wallet for me. The article will not be a comprehensive analysis of best ways for creating cold storage wallets or best practices, etc. It will just show one possible scenario which worked for my case. The article will target Windows users, but I think with little additional research it can easily be applied in all other analog operation systems.
First what is a cold storage Bitcoin wallet? Typically Bitcoin users have an application holding their Bitcoin wallet. It may be a desktop application, mobile application or an online service. In most cases these applications protect the wallet (and the private keys inside) via password. The problem is that computes get hacked, passwords compromised and funds get stolen. In order to protect their Bitcoins from computer related risks many people and organizations prefer to store their wallets offline - on computers that are not connected to the internet or as physical entities (on paper for example). This is called cold storage.
This is possible because the Blockchain is just a big ledger where funds are transferred between Bitcoin addresses - big numbers that meet some special formatting requirements. This means that any number that is a valid Bitcoin address can be used to transfer money to and there is no need of some authority to assign you a Bitcoin address. All the Bitcoin addresses are valid and can be used, but only those that have finds transferred to them are recorded in the Blockchain. So anyone at any moment can transfer Bitcoins to any address without restrictions.
The tricky part is to have the private keys that can afterwards transfer the Bitcoins from that Bitcoin address (to spend them). Therefore you want to use a Bitcoin address for which you have the private key. The address is derived from the private key trough a mathematical formula so you can choose a private key (again meeting specific format requirements) and from it to calculate the address that corresponds to it. This is a calculation that anyone can do with a desktop application, no need of Internet connection or any connection to the Bitcoin network. For this reason you can choose a private key and calculate its corresponding address on a computer that was never connected to the internet, then you can print the key to a paper, lock it in a safe and format the computer hard drive. Then you can transfer funds to the Bitcoin address and only you have the key with which to spend it, locked in a safe, a key that never touched the Internet.
This article explains how to do that and how afterwards to move your funds out of cold storage and back into a live wallet in order to spend it. So lets dive into it.
Generating private key and Bitcoin address for cold storage wallet using the Pycoin library
1. Install Python - The library that we are going to use to generate a private key and its corresponding address - Pycoin (Python Cryptocoin Utilities) is written in the computer language called Python, so you will need it in order to execute the commands from the library. You can download Python from here.
2. Next you will download the Pycoin library itself - You can download it from here. When you open the link you will see on the right side of the screen a button with caption "Download ZIP", click it in order to download the library.
3. Open the command prompt console and go to the directory where you unziped Pycoin. There go to the pycoin\scripts directory - You can open the command prompt by clicking on the Windows Start button and writing "cmd" in the search field, or you can also open in Windows Explorer the directory you want (pycon\scripts) and writing "cmd" in the address bar.
4. Execute the ku.py script to generate a WIF (Wallet Import Format) private key from a pass phrase of your choice - With it you will be able to spend the Bitcoins afterwards (this will be the private key for your wallet). The command looks like this:
C:\Python34\python.exe ku.py -W P:"mnemonic phrase"
The command above consists of the following parts:
- "C:\Python34\python.exe" - This is the path to the python compiler that will execute the the script;
- "ku.py" - This is the python script you want to execute;
- the "-W" parameter - Indicates that you want a private key in WIF format generated;
- the P:"mnemonic phrase" parameter - Indicates the mnemonic phrase to be used for generating the private key. This is the pass phrase from which the key is generated. It is advisable the phrase to be much longer. I don't know how long it can be, but I have tried with more then a 100 words and it worked fine. Also in my experience the same phrase will always produce the same key, but I don't know if this will be the case on other computes (if it is not installation specific), so it is preferable to write down the generated private key and not rely on you knowing the phrase that generated it.
The result from executing the command above is this:
L4VPP4gEiFEJiWc9dpuHbSbcGDjh8oi8NGnmSnj1imNgeqm41qG8
This is a valid Bitcoin WIF private key with which you can spend the Bitcoins transferred to its corresponding Bitcoin address which we will generate bellow.
5. Execute the ku.py script to generate a Bitcoin address from the pass phrase - This will be the address to which you will transfer Bitcoins to. The command looks like this:
C:\Python34\python.exe ku.py -a P:"mnemonic phrase"
The command above consists of the following parts:
- "C:\Python34\python.exe" - Again this is the path to the python compiler;
- "ku.py" part - This is the python script;
- the "-a" parameter - Indicates that you want a Bitcoin address generated;
- the P:"mnemonic phrase" parameter - Indicates the pass phrase to be used for generating the address. Note that this is the same phrase I used for generating the private key. This means that the address generated is corresponding to the private key generated earlier and the Bitcoins transferred to this address can be accessed with that private key.
The result from executing the command above is this:
17fbV1Rf9er7eW2pDpDwjN3UhycvuZpDPW
This is a valid Bitcoin address to which you can transfer Bitcoins and you will be able to spend them using the private key generated earlier:
L4VPP4gEiFEJiWc9dpuHbSbcGDjh8oi8NGnmSnj1imNgeqm41qG8
So in summary:
- You will choose a long pass phrase that only you (or the people which you trust with your Bitcoins) know. You will use this pass phrase to generate the private key and Bitcoin address for your cold storage.
- You execute the two commands from above with the same pass phrase.
- Write down the private key and keep it safe.
- Transfer the Bitcoins you want to the generated address.
Spending the Bitcoins from your cold storage wallet.
Sooner or later you will want to get access to your Bitcoins from the cold storage wallet, after all this is what Bitcoins are for - spending. Bellow I will explain the easiest way I found for achieving this. Again I don't claim it is the best way, but it worked for me.
1. Go to blockchain.info
2. Go to the Wallet section
3. Create your online wallet - Click on the "Create My Free Wallet" button
4. Transfer the Bitcoins from your cold storage to your new online wallet by importing the private key
- Login to your wallet in blockchain.info;
- Go to the Import / Export section;
- Write your private key in the Private key field and click the "Add Private Key" button;
- Transfer the Bitcoins to your online wallet by clicking the "Sweep Key" button.
After you have done this I would recommend that you immediately transfer your Bitcoins from the online wallet to your personal wallet (one managed by a client on your personal device - computer, smartphone, etc.). Maybe transfer only the funds you need to your personal device and the rest to a new cold storage wallet. I personally don't trust online wallets at all - too many of them were hacked in the past.
Important
I would recommend that, before you follow the steps described above and transfer any significant amount of Bitcoins to your cold storage account, you go through the process with a small amount, just to check that you understand the procedure and it works as you have expected.
- Create a new private key and address from some test pass phrase;
- Transfer to the address a small amount of Bitcoins (0.0005 BTC for example = 0,12 $ at the current price);
- Go to your blockchain.info account and import in your online wallet the Bitcoins using the private key;
- Transfer the Bitcoins from your online wallet back to your personal devise (computer, smartphone, etc.), to ensure that you will actually be able to get them back when ever you need them.
Only when you are sure that your Bitcoins are safe and you know how to gain access to them again, create a cold storage wallet in which to transfer a significant amount of Bitcoins. Remember it is your Bitcoins and it is your responsibility to keep them safe. This is the responsibility that comes with the power to work outside of the conventional banking system and to be the only one in charge of your funds. If you loose you private key, there is no one to call to get it back and no other way to get access to your Bitcoins.
Also keep in mind that, when you finish will all the tests and you decide to create an actual cold storage account in which to store your Bitcoins, you will create new private key and new Bitcoin address from a new pass phrase. This way you will work with a private key that has not touched the Internet. Don't use the one with which you have perform your tests and which you have imported in blockchain.info.
Some general thoughts
All the resources I have read online recommend that you create your cold storage wallet offline, on a computer that is not and never was connected to the Internet. You should decide for yourself how relevant is this to you and your needs. If you want to follow this advice an easy way to do it is by using some free or trial tool for creating a virtual machine and a new installation of Windows just for that purpose. For example you can use VirtualBox or HyperV.
One very important thing that is not always discussed regarding cold storage wallets and Bitcoin wallets in general is insurance policy. What happens with your Bitcoins in case of an emergency or an accident? Does your loved ones know how to access your Bitcoins? Do they even know that you have Bitcoins? In my opinion it is very important that you think and prepare for such cases. Talk with the people closes to you and let them know that you have Bitcoins, how they can access them and how to spend them. If they don't have the necessary technical skills, find a close friend (or several) that you can trust with your Bitcoins. Instruct them how to access your wallets in case of an emergency and how to split them between your loved ones if the worst comes.
It is also prudent that you create several cold storage wallets. Don't hold all your eggs in one basket. It is almost certain that you will not need all your funds at once so by holding several wallets you will compromise only one of them when accessing the Bitcoins in it. The other cold wallets will still be offline and you can always transfer any left over Bitcoins to them without going through the hustle of creating new cold storage wallets.
Almost all I know about how Bitcoin, the Blockchain and wallets work, I know from Andreas Antonopoulos and his book Mastering Bitcoin. He is a great person and I would recommend watching any of his talks online. He not only explains Bitcoin, but extensively talks about the future development of the network 5-10-20 years from now.
About the book "Mastering Bitcoin" - even though it contains a lot of technical information, it also explains how Bitcoin works in a way that is accessible to everyone, especially the first 2 chapters. So I strongly recommend it, because thanks you it and Andreas this article became possible.
