In my previous article First Steps in the Bitcoin Journey, I outlined method for someone new to Bitcoin to implement their first Bitcoin wallet.
Since the method outlined didn’t go into detail on how to implement cold storage, this article will outline how to implement a cold storage solution with your Green wallet. Although this solution will be using the Green wallet as an example, it will work with any Bitcoin wallet that provides an option for specifying a data directory where the wallet data is located.
If you don’t have Blockstream’s Green wallet installed, please refer to my previous article.
First let me define my perception about the meaning of a Hot, Warm, and Cold storage.
- Hot Storage - accessible, unecrypted and readiable when the computer is started.
- Warm Storage - accessible, encrypted and NOT readiable when the computer is started.
- Cold Storage- NOT accessible, encrypted and NOT readiable when the computer is started.
With a Cold Storage solution, one as to physically or logically connect a storage device to the computer.
By my definition, the Green wallet previously installed is using a Warm storage solution because the wallet folder is encrypted until the wallet is opened using the correct PIN value. Once the wallet’s folder becomes unencrypted it changes into a HOT wallet solution.
Regardless of the wallet and the type of storage used, always quit the wallet after using it.
Now, I think the best question one needs to ask themselves. Do I need cold storage solution for my current Bitcoin wallet implementation? I can’t answer this question for you. If your are using your VM instance as a dedicate computer for only running your Bitcoin wallet, I say it’s optional.
I also think it is wise to have multiple levels of security guarding your Bitcoin wallet. The cold storage solution that I’m going outline here is so simple to implement and maintain, its worth doing.
In order to implement the Cold Storage solution on your Linux system hosting your Green wallet, the following software will need to be installed.
BEFORE INSTALLING OR UPDATING YOUR LINUX VM ALWAYS DO A BACKUP FIRST!!! This way if something goes sideways on you, you have a stupid simple way to retreat to the prior instance of your Linux VM.
VeraCrypt
VeraCrypt is a free open source disk encryption software for Linux, Mac OSX, and Windows.
Click on the above link for instructions on how to install and Setup VeraCrypt.
Take some time creating small encrypted disk volume(s) and mounting them on your Linux system. Do NOT move onto the next step until you have a basic understanding of working with VeraCrypt.
Now that you are comfrontable with creating encrypted disk volumes and mounting them on your Linux system, create a new 2GB or bigger encrypted disk volume to serve as your Green wallet’s cold storage.
I’ll assume you have mounted this new encrypted disk volume as /media/GreenWallet using VeraCrypt.
Now start the Green wallet application and point it to this new directory location.
GreenWallet -datadir /media/GreenWallet
There won’t be any wallets in this new directory, so you’ll need to create new wallet(s) as you did in the previous article.
After you stop the GreenWallet, the disk volume should be dismounted using Veracrypt and if the Veracrypt file is located on removable media (USB drive) then disconnect the removable media too.
Great!!! Now your wallet data is in cold storage
Next Steps
Perform another VM backup to save the changes you’ve just made.
If you are like me, at this point you should be overwhelmed with the amount of sensivity information you’ve had to write down on that piece of paper. On a follow-up article, I will document several solutions to automate the storing and retrieval of sensitiviy information and present some automation scripts that makes this process nearly effortless to use.
All of my automation work on Linux has been accomplished with PowerShell, so if you want a head start on my next article you can install PowerShell now and get some experience with it. The extent of knowledge you need to know is how to execute a PowerShell script from the terminal console. So, no coding will be required but feel free to dive deeper into PowerShell if that interests you.