Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
[12:28am] elliottcable: To describe what I'm doing: To anonymize my identity away from my private “savings” address, from which I'm drawing funds,
[12:28am] elliottcable: I'm preforming a “shared send.” This uses a third-party anonymizing service that forwards the money through hundreds of transactions, that “mix” the money with other peoples', making it virtually impossible to trace the transaction back through the public block-chain.
[12:28am] elliottcable: (Basically, it's socially-acceptable money laundering. Standard practice.)
[12:29am] elliottcable: This is going to trickle money out onto a new address of my own I've generated for this purpose; once it's full, I'll be generating two transactions. One to the address you just signed for me, a private transaction to yourself. You will then be able to draw on that money (publically), or launder it back to your own anonymous savings account, as you please.
[12:30am] elliottcable: The second will go to a public address, which I'll help you generate in a moment; there's additional considerations there; that will serve as a public, recorded donation. I'll then post the hash (or a link thereof) of that transaction in the GitHub thread, it being public and all that.
[12:31am] whit537: Okay.
[12:35am] whit537: So we're on the "shared send" step?
[12:35am] whit537: The anonymizing step?
[12:36am] elliottcable: Mmhmm, on my side.
[12:37am] elliottcable: I'm going to grab a soda, this can sometimes take a while.
[12:37am] elliottcable: Everything you've done so far, is pretty standard-practice for a high-anonymity, high-dollar-amount transaction.
[12:37am] elliottcable: The following, is a bit less complex in some ways, but moreso in others (on your side, at least for the set-up.)
[12:38am] elliottcable: generating an address for temporary use, as you just did, is no big deal, especially because you're likely to set up a savings wallet of some sort and empty this temporary address out *anyway*, soon.
[12:38am] elliottcable: But generating a public identity is a very different can of worms.
[12:39am] elliottcable: Most importantly, this is an address which you *must never lose the private-key to.* Ever.
[12:39am] elliottcable: If you do, anybody who sends money to it ever again (which could be anybody who runs across the address anywhere on the Internet, and it *will* continue to exist in places on the Internet), will be throwing their money away. Permenantly.
[12:40am] elliottcable: Similarly, you must visciously protect that private-key; as if anybody else gets ahold of it, the same considerations apply: that address, which people could always still continue to use, will become a way in which those people are unwittingly giving their money to a scammer or other unsavory party.
[12:40am] elliottcable: There's plenty of approaches to being “super-paranoid” about your wallets, but here's the highlights, in order of *how* overboard they are in terms of security:
[12:42am] elliottcable: 1. _Flash-drive with the private keys, that is itself encrypted, and stored in a safe place._ Generally, this approach is the absolute minimum for a personal savings account; it's common to keep the private key somewhere safe like that, and simply deposit money to the address of the private key; you'll then have to physically retreive the USB key from, say, a safe-deposit box at a bank, and disencrypt it, to ever *remove* money from savings.
[12:44am] elliottcable: 2. _Printed QR code of private-keys, stored in a safe place._ Similar considerations to above, but without worrying about generic, inspecific malware reading the USB stick every time it's inserted and disencrypted (although you're still subject to specific malware that intercepts the video-camera when you're scanning the QR code into your phone/laptop to retreive savings.). This is often called an offline wallet.
[12:46am] elliottcable: 3. _Memorize a long, involved series of English words, which then provide entropy for predictably *generating* your private-key. This provides immediate and easy access (not necessarily a good thing, as it makes you more susceptible to malware, keyloggers, and such ... and thus requires more discipline on your part), and is nearly as secure as you can get ... but it's also an extremely good way to lose a *lot* of money, if you have a bad memory.
[12:46am] elliottcable: (that's, again, often called a brain-wallet.)
[12:46am] elliottcable: finally, if you want to get really hardcore:
[12:47am] elliottcable: 4. _Keep a read-only liveCD installation of a bare-bones Linux installation, with wallet-software on it, known to be free of malware, to generate transactions_, then combine this approach with any of the above for securing your private-key itself
[12:48am] elliottcable: and 5. _Keep a “cold box” computer, an ancient laptop without WiFi for instance, that never involves any form of network access,_ to *generate* transactions, and then manually copy the signed transaction-data to a “hot box” for submission to the blockchain (thus ensuring your private key never touches any machine that could have malware.)
[12:49am] elliottcable: approximately the most paranoid-secure setup, one “advocated” by most insane Bitcoin-security zealots, is the combination of 5. a cold-box, booting off 4. a read-only distro CD, into which you scan 2. your paper wallet from a safe-deposit box to generate transactions.
[12:50am] elliottcable: (You've gotta forgive them their paranoia, they work in the cryptographic field, after all!)
[12:50am] elliottcable: For you, depending on the quality of your memory, I suggest 2. or 3., for any public, direct Gittip address you're going to generate.
[12:51am] elliottcable: (In most situations, I should note, your system should be generating one-off addresses for each top-up received from a customer; but this is a public address you would place in the footer of the site, or on the blog, or on Twitter, for direct donations outside of the Gittip system.)
[12:52am] elliottcable: When you receive donations, you'll generally want to leave them to accumulate in the wallet associated with this public address, and then drain it into your private coffers only rarely, balancing the complex process of retreiving your privkey against risking too much money by leaving it collected in the publicly-visible account.
[12:55am] elliottcable: Once you've made your choices and configured this address (let me know if you need any specific advice on how best to do any of the above), either post it to the gittip Twitter account / blog / GitHub, or sign another message to me with it (same process as earlier tonight); and I'll send a public donation there. (=
[12:56am] elliottcable: Brain-wallet generator (once generated, it can be imported into your Bitcoin-Qt client, or into
[12:56am] elliottcable: More information on paper wallets:
[12:56am] elliottcable: (information there isn't specific to's wallet-services)
[12:57am] elliottcable: More on the Bitcoin wiki:
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.