I want my stuff now: Bitcoin and immediate transactions

By now you know that a bitcoin transaction can take at least 10 minutes to verify and process. And to be really sure that it is permanently and indelibly on the blockchain, you’re supposed to wait for another 6 blocks (at least!) to pile on top. So, technically, a bitcoin payment could take over 1 hour to go through. This obviously is not ideal if you want to buy something with the digital currency. Imagine if you were told that you had to wait at least an hour for your pizza. Or that you had to come back to the store later to pick up your new jacket. You’d be right in thinking that this could be a significant barrier to bitcoin adoption.

So, how do we get around that?

by Sean McAuliffe for Unsplash
by Sean McAuliffe for Unsplash

One method used “back in the day” and which has fallen out of favour is “green addresses”. These are bitcoin addresses that are set up by a “trustworthy” institution (probably an exchange or a wallet) that is willing to advance the funds to the seller, while waiting for confirmed reception from the buyer. If I wanted to send you bitcoins, and I wanted you to feel secure that you had received them immediately, I would open an account with a well-known intermediary, I would send them the bitcoins, and I would ask them to pay you using a green address. They would do so immediately, without waiting for confirmation that my transaction to them was valid. They would trust me because of our working relationship, and probably because I have a balance of bitcoins held with them. The receiver (the seller) would have heard of the intermediary, and would trust their reputation enough to accept that the green address payment is valid. In effect, the intermediary “vouches” for my payment, and the seller trusts the intermediary enough to accept that.

One of the reasons that this system is not used so much any more is that two of the main green address intermediaries back in 2011, when this form of transaction verification was at its peak of popularity – Mt. Gox and Instawallet – ended up imploding. Obviously, trusting intermediaries is no longer an obvious thing to do.

Another drawback is that green addresses are not as private, since the name of the intermediary has to be disclosed. The intermediary’s records would then identify the buyer. Without a green address, the receiver (the seller) has no idea through which intermediary the funds arrived.

Furthermore, using a green address creates an additional bitcoin transaction, which, given the current intense debate about bitcoin scaling, is probably not the most efficient solution.

And, there is the irony of depending on a centralized trustworthy entity to make a purchase with a currency designed to work in a decentralized environment where no trust is needed. 😉

bitgo instant

Some wallet companies are coming up with ingenious work-arounds. Earlier this year BitGo launched BitGo Instant to make immediate transactions possible. After initial risk checks, BitGo Instant guarantees the funds for the receiver. How does it do this? By co-signing. The keys to a BitGo Instant wallet are held by three participants: the user, BitGo Instant and a key recovery service (a third party that generates, stores and protects public and private key pairs). Two signatures are required on every transaction, and in most cases, those two signatures will be the user’s, and BitGo Instant’s. Obviously before co-signing, BitGo Instant will check that the coins have not been previously spent. If that condition is met, BitGo Instant’s co-signature implies a guarantee that the funds will be paid. The only way that those funds could be double spent is if the user enters into a conspiracy with the key recovery service to send those very same coins somewhere else. To prevent this, the service is required to inform BitGo before it co-signs anything. Also, the key recovery service adds a layer of assurance that the bitcoins will still be accessible in the event that BitGo Instant stops operating, as it could provide the necessary second signature, allowing the user to access the funds. BitGo Instant’s risk in this is low, as it can easily verify that the bitcoins are there. And it is an original way to monetize BitGo’s reputation.

As with green addresses, the privacy of this type of instant transaction is lower than the standard, slow option, as the receiver knows that BitGo is involved. With that information, it is possible to figure out who the buyer (sender of bitcoins) is. So these transactions will most likely be of interest to average users who want instant purchase confirmation, and traders who don’t want funds tied up, not even for an hour. Privacy is probably not their main concern.

We will probably (hopefully) see the emergence of other clever ideas that improve the efficiency of bitcoin over the coming months. Instant transactions will not only increase the liquidity in the system by increasing the circulation. It will also dramatically increase the use cases, by offering instant bitcoin trading settlement, instant purchase confirmation, and less risk that the bitcoin exchange rate will move during the waiting time.

“Zero confirmation transactions”, or transactions that have not yet been embedded on the blockchain, are accepted in some cases, but the risk is high, so the practice is actively discouraged. For bitcoin to one day be widely used as a payment method, the “zero confirmation transaction” risk needs to be resolved. Some exchanges and wallets have been looking at probability approaches, but the system needs to find a simpler and more secure way to transact quickly. Even transactions that are one or two blocks deep in the chain are not free from risk of a block re-write, and waiting over an hour (after which the probability of the block being modified falls to practically zero) is often not practical. And until using the digital currency becomes practical, the talk of bitcoin one day replacing cash will remain just that: talk.

How does a bitcoin paper wallet work?

A bitcoin paper wallet is simply a public and private key printed together. It is an offline wallet, and is usually regarded as a type of cold storage, although it has some important differences that make its presence in that category debatable (more on this further down).

As the name suggests, paper wallets are usually made out of paper, although technically they could also be made of plastic or any other substance on which information can be durably printed.

bitcoin paper wallet
via bitaddress.org

What is printed on the paper wallet are the private and public keys, usually in QR form, with the latter also serving as the address. You could just copy and paste the keys onto a text document and print that out (erasing the copy on the computer afterwards). Or you could use one of the free web services that generate the printable wallet for you. The key generation is usually done in your browser, so they are never transmitted on the internet. To be safe, you should clear your browser after printing.

Some paper wallet services have a nifty design that you can cut, fold and seal, making them a lightweight and relatively secure form of storing bitcoins offline. You send your bitcoins to the public address displayed on the wallet, and then store it in a secure place.

What makes paper wallets secure is that they are totally offline. They are not within the reach of hackers, and your bitcoins are never trusted to a third party. As long as the paper wallet is secure, the bitcoins are secure.

But, therein lies the relative lack of security. Someone could find your hiding place, take your printout, spend all the bitcoins associated with those keys, and return the paper, so you would never know.

A more secure version would involve folding the paper so that the private key is hidden from sight, taping the fold with a seal that can’t be broken and replaced (just search for “tamper evident seals”, there are many different providers and models), and making sure that the private key cannot be seen even if the folded paper is held up to the light.

bitcoin paper wallet
image from bitcoinpaperwallet.com

Even that is not particularly secure. What if the folder, drawer or box that you keep it in floods? Sure, it’s unlikely, but when you’re securing a lot of bitcoins, it pays to think of worst case scenarios (and hey, what with climate change and all…). So, a tightly-sealed plastic bag would help. Or, if for whatever reason you have a machine that seals things in plastic, that would also be a good option (we may be verging on the surreal here, but some people do have them!).

So, how do you protect a paper wallet from fire? I have no idea. Keep it in the freezer? (That definitely would be “cold storage”, he he.)

Also, paper itself is not the most durable of substances. Apart from the obvious risks of fire or water damage, the ink could fade with time, making the keys unreadable. No readable keys, no bitcoin.

You can check your balance at any time using blockexplorer.com or blockchain.info (just type your public key into the search box).

 

bitcoin paper wallet
screenshot from blockchain.info

Most online wallets allow you to import your paper wallet data. To spend those bitcoins, you will be asked to type in the private key information, or scan the private key QR code (sometimes called the “spend” QR code). Because the private key will have now “touched” the internet, that does (however slightly) compromise its security, and it is advisable to move any remaining bitcoin to a new paper wallet.

Right there you have the main difference between paper wallets and other cold storage methods. With dedicated cold storage devices, the private key never touches the internet. With paper wallets, you do need to input the private key to sign the transaction. And, while steps can be taken to limit the danger, it is possible that the key can be intercepted. (Unlikely, but possible.)

It is worth remembering that the bitcoins are not actually stored in the wallet, they are on the blockchain, associated with those public and private keys – no-one can spend them without the private key, which is why it is important to keep that part of the paper wallet especially secure, and away from prying eyes.

bitcoin paper wallet
screenshot from bitaddress.org

Some good paper wallet generators:

Bitaddress.org and Walletgenerator.net are open-source random address and key generators that uses your browser’s JavaScript engine, so no keys are sent over the Internet. They’re simple and quick, and have a very cool random generator function in which you move your mouse around the screen to mix up the characters in a long string. That random sequence is then used to generate your public and private keys, which are displayed on the next screen, for printing.

Bitcoinpaperwallet.org will create a printout of a colourful paper wallet, with the appropriate fold lines, and will sell you tamper-evident stickers for sealing it shut.

Mycelium offers an original and even more secure way to generate paper wallets, with a USB dongle that you plug directly into your printer. The device generates a paper wallet that automatically gets printed out, without ever having touched your computer.

mycellium entropy bitcoin paper wallet

No doubt others will also come up with ingenious ways to make paper wallets even more reliable. Meanwhile, the current offerings are ingenious, relatively simple, and provide an additional step in bitcoin security. Of course, care needs to be taken. You can’t go scribbling phone messages on the back of your wallet printout if you have bitcoins associated with it. But, following the security measures and advice given above, paper wallets offer a relatively easy way to keep your bitcoin safe and away from hackers and digital thieves. Paper is not the most durable of materials, though. So for serious bitcoin safety, you’re better off with a dedicated cold storage device.

(For more on how Bitcoin works, see Bitcoin Basics.)

What is cold storage?

Imagine a cold, freezing vault deep underground in the Swiss mountains, with icicles decorating the thick steel door. That’s cold storage.

cold storage bitcoin - by Erol Ahmed for Unsplash
by Erol Ahmed for Unsplash

But “cold storage” in the bitcoin world (and in the tech world in general) is a bit more accessible. It implies the storage of data (in the case of bitcoin, of your private keys) completely offline. It could just be a pendrive or even a printout of the key (yes, on old-fashioned paper), shut in a drawer. Or, if you have a lot of bitcoin, locked away in a vault.

Security

The important characteristic of cold storage is that it is not connected to the internet. This makes it especially secure, as there is virtually no way in for hackers or viruses. So, cold storage is used to “park” large amounts of bitcoin in a more secure manner.

Why “more secure”, rather than “totally secure”? If your storage device is damaged by water or fire and your keys are not retrievable, nor are your bitcoins. For “totally secure”, you’d probably have to resort to the aforementioned freezing vault in the Swiss mountains. But the idea does highlight the (relative) vulnerability of anything stored online. Many bitcoin holders keep most of their bitcoin in cold storage, and the minimum necessary for transactions in their online, desktop or mobile wallet.

How?

But, I hear you ask, to move bitcoin to and from the cold storage address, to spend and to receive, surely you have to connect online?

To move bitcoin to the cold address, no. A cold address can receive bitcoins without connecting, since the bitcoins are stored on the blockchain, not the device. The device only stores the keys. The bitcoins sit on the blockchain, but are associated with those keys. You can check on your balance at any time by entering your public address into the search bars in either blockexplorer.com, or blockchain.info.

To send those bitcoins to another address, either for a purchase or a transfer, you do need to input the keys online. This is either done manually (typing in the keys, or scanning the QR codes with your phone camera or your computer webcam), or by temporarily connecting the device (switching it on and connecting via wifi, or plugging it in to your computer).

A problem arises when you want to use a different cold storage address each time you send coins there, for privacy reasons (re-using addresses is not a very secure practice). If the “cold” side is not connected, how can the “hot” (= online) side know the addresses that it needs to send the coins to? One solution would be for the cold side to connect every now and then to send a bunch of addresses over to the hot side. But that would reduce the cold storage’s security (each connection opens up a vulnerability).

HD Wallets

Another, more secure, solution lies with the hierarchical deterministic wallets that we looked at last week. Both the hot and the cold side work with the same root, or “seed”, which is usually a long string of words. The hot side generates the addresses using one algorithm, while the cold side generates the corresponding private keys using an offline “sister” algorithm. If the hot side is compromised, the private keys are still safe, as are the associated bitcoins.

The physical wallet

When we talk about cold storage, what does it actually look like? What are the “cold storage devices” that we mentioned earlier?

They can be anything that can store data. A pendrive, a laptop, a tablet, a piece of paper, a mobile phone… Or, a dedicated cold storage wallet.

Dedicated cold storage wallets

A more convenient and secure option is dedicated cold storage wallets, which can remain offline even when signing transactions. This may sound like magic, but the way it works is the following:

The electronic wallet is set up on an offline device (such as an old laptop, tablet or special hardware), using a previously downloaded program. A “watch only” copy (ie., only the public key, so it can only consult, not transact) is imported to your online computer using a pendrive, USB stick, or whatever you want to call it. This copy creates the transaction using the copied public key, and copies the transaction file onto the same USB device (or a different one, if you happen to have many lying around). The transaction is then imported into the software on the offline device, where it is signed using the private key. The signed transaction then gets downloaded onto the USB drive, and imported into the wallet software on the online device, which then broadcasts it to the network. There’s a lot of flaffing about with USB sticks, but your cold storage never “touches” the internet.

keepkey cold storage
screenshot from KeepKey

A new generation of gadgets promise to make cold storage even easier. Trezor, Ledger, KeepKey and Hardbit are some examples of the devices that make it easier to sign offline and then broadcast the transaction to the network. Most require plugging into an online computer, but strong encryption and barriers to keystroke hacking prevent an “attacker” (what the sector calls someone trying to get at your information) from getting access to the private key information stored there.

— x —

Cold storage is a recommendable solution for keeping significant bitcoin holdings safe. As with all ultra-secure options, though, it is not very straightforward, and should be used for storage, not for frequent transactions. Just as you keep most of your money in the bank but carry around cash for convenience even though it’s less safe, cold storage wallets are secure but online or mobile wallets are more convenient.

Bitcoin security is getting more and more attention these days, partially fuelled by media reports of hacking and theft, but also by more of us waking up to the idea that bitcoin is not just a payment mechanism. It is also an investment*, and investments need a different treatment than digital currencies bought for transaction purposes. Xapo is even developing a system that will allow you to store your bitcoins in outer space. Assuming that the satellite is recoverable, that removes any concern about jurisdictional risk, and highlights the importance of contemplating the worst case scenario. For anyone bullish on the potential value of the digital currency, the value and usefulness of cold storage, earth-bound or not, is becoming more obvious.

(*I am not recommending bitcoin as an investment. It is illiquid and risky, and you should form your own opinion before buying for investment purposes.)

What is an HD wallet?

While researching bitcoin wallets, I kept coming across the letters “HD”, which I at first thought might be the initials of the inventor. But no, they stand for “hierarchical deterministic”, and represent a pretty cool innovation that has made wallets even more practical. So, let’s try and put those two words with lots of syllables into plain language.

by Gabriel Santiago for Unsplash - HD wallets are a bit like trees, in that one "seed" can create many "branches" (=addresses)
by Gabriel Santiago for Unsplash – HD wallets are a bit like trees, in that one “seed” can create many “branches” (=addresses)

Old-style bitcoin wallets generate addresses and keys randomly. Random generation is obviously much more secure than user generation (given that users can be quite lazy or uncreative: “password” is still the most popular password). And new addresses are automatically generated when needed, which is convenient. But it also presents complications.

Wallets that transact frequently will have many associated addresses, since for privacy reasons some users prefer each bitcoin they purchase, or receive in exchange for a service, to have a separate address. Also, each transaction generates a “change address”: if I have three bitcoins at one address and want to spend two, I can’t just spend part of that address’ bitcoins, I have to spend the whole lot. So, I send all three and one automatically gets returned as change, to a new, automatically-generated address. Frequent transactors generate a lot of change addresses.

However, keeping up to date with the backups of a steadily increasing array of addresses is complicated. Backups are important, since if you lose your keys (your computer dies, your pendrive goes missing, whatever) you lose your bitcoins. Frequent generation of random addresses will require equally frequent backups, which can become a hassle.

What if there were a way to generate an almost infinite number of seemingly random addresses, but following some sort of pattern that could be replicated, but that at the same time was impossible to guess or hack?

Deterministic wallets (in this case “deterministic” can be taken to mean the opposite of “random”) generate addresses and keys according to a pre-set algorithm, which depends on a “seed”, or starting sequence of characters. This seed can be a sequence of words randomly assigned, and is a bit like a “master key” which can be used to generate any number of public and private key pairs.

With deterministic wallets, frequent backups are not as necessary, since your wallet addresses can be “re-created” from the seed string. Instead of spending a lot of time and computing power backing up a list of addresses, you focus on backing up the seed string. The rest can be recovered from that. You don’t need to worry about outdated backup copies.

“Hierarchical” deterministic wallets allow for the generation of keys from a “master” seed, in a cascade, an hierarchy, a stream of keys/addresses depending on one at master level. This allows for the sharing of keys below the master level – you can hand your auditor a sub-level key, even a private one (the one that allows spending of the bitcoins associated with that address), and not worry about him or her figuring out the private key for all the addresses that “belong” to the master seed. While this scenario is not free of security risks, it does open up an interesting range of possible uses within teams and even corporations.

To summarize: HD wallets are especially cool in that you can recover your addresses from a seed phrase, and you can “split” a bitcoin account into several addresses, sharing those among interested parties without compromising the others. The full repercussions of this have yet to be explored, as with most things bitcoin. And twists and evolutions will no doubt increase functionality and security in incremental steps.

Web-based vs. desktop vs. mobile bitcoin wallets

Assuming you’ve decided to download a bitcoin wallet, do you want a web, desktop or a mobile version?

This is more confusing than it sounds, since each performs a different function, with different levels of security. As we’ve seen before, a wallet is simply a way to store your public and private keys, and to display the net amount of bitcoin that you have associated with those keys. They can usually also show you the transaction history of those keys.

The word “wallet” may be confusing as it implies that your bitcoins are stored in it. They’re not, they’re actually stored on the blockchain, which itself is stored on servers (bitcoin “nodes”) around the world. Thanks to the user interface, the wallet just looks like it stores your bitcoins. And just like an online bank, it can show you your transaction history.

bitcoin wallet

Web-based wallets

Web-based wallets store your keys online, which is convenient as you can access them from any computer. However, it is not as secure as some other options, as your keys are stored on someone else’s server. Those servers are well protected – no wallet service provider wants to be hacked – but they’re not under your control. Since this is what bitcoin was created to avoid – your funds being in someone else’s control – this solution may seem ironic. It is convenient, though, especially if your wallet service provider also allows you to purchase bitcoin through their exchange.

Some web-based wallets such as Blockchain encrypt the keys before storage in the online server, which is a slightly more secure option than those that store the keys on their servers, such as Coinbase.

Desktop wallet

It’s worth remembering that an online wallet is not the same as a desktop wallet, although you access your online wallet via your desktop. For a desktop wallet, you install the software directly on your PC. Assuming that your security is thorough, this is one of the safer options, but if your hard drive is hacked, chances are your bitcoin keys will be copied and your bitcoins transferred without your knowledge. In other words, your bitcoins will be stolen.

Most desktop wallet are “lightweight”, which means they don’t download the entire blockchain (just as well, since it currently occupies almost 50GBs). Lightweight wallets only store block headers, rather than entire blocks – this allows them to take up less than a tenth of the space. However, the trade-off is that they are less secure than full blockchain wallets as they can’t examine all the transactions in the blocks to make sure that they are valid, because they doesn’t have the transaction history. Lightweight wallets, otherwise known as “SPV” (for Simplified Payment Verification), can only validate the transactions that concern them. They trust the fully validating nodes to check all the others.

If you have downloaded the bitcoin protocol, that acts as a wallet as well as a full node.

Mobile wallet

The mobile wallet is the most practical option in that your bitcoin are accessible at any time. Your smartphone can be used to pay for products with bitcoin, or to easily transfer funds to someone else. Your camera scans the recipient’s QR address, which is so much easier than typing in a long string of letters and characters. True, the desktop and web versions usually allow for copy and paste, but pointing your phone at a pixelated square is simpler and faster. Some phones enable NFC connections, which means that all you have to do in certain circumstances is tap your phone against a reader to pay.

Mobile wallets are also SPV or “lightweight” (see above), which compensates a reduction in necessary space with a reduction in thoroughness and blockchain integrity, but for most daily applications, they work very well.

However, since your phone can be lost or stolen, and your keys along with it, you could lose your bitcoins unless you have been smart enough to keep secure backups.

— x —

This may seem like a confusing sea of options, and differentiating between the different providers can get complicated. But it is not necessary to choose just one. Most bitcoin users have several wallets, to cover a variety of different needs. I have three, two of them web-based (Coinbase and Blockchain) and one mobile version (Blockchain, for now).

The three options covered here are especially useful for frequent transactions. With a few taps or clicks you can send bitcoin to any other wallet, move funds amongst your own, or purchase more to top up your holdings. These wallets do, however, imply a trade-off between ease of access and level of security. They are easier to use, but not as secure as some other more complex options. To safely hold a significant amount of bitcoin, offline storage is a stronger solution, and we’ll talk more about that next week.

(For more on how Bitcoin works, see Bitcoin Basics.)

How does a bitcoin wallet work?

As we’ve seen already, there are many different kinds of bitcoin wallets (also called bitcoin clients). Each has different characteristics and functionalities, but each works in basically the same way: they store your public and private keys.

Your bitcoins – or rather, the pieces of code that represent them – are not actually stored in your wallet. They are stored on the blockchain, which in turn is stored on node computers all around the world.

bitcoin wallet

What your wallet contains is your bitcoin address, which is the same as your randomly generated public key (a long string of numbers and characters). Anyone can see this, it’s public information. The wallet also contains the private key that goes with that address/public key. Without the combination of the two keys, you can’t use your bitcoins. Actually, most wallets contain several addresses, and hold the public and private key pairings that make each of them work.

Obviously, most bitcoin wallets today do a lot more than that. They also relate your public and private keys to the bitcoins that match those keys, and display the list of related transactions and the current balance in a clean user interface (ie. a nice, easy-to-understand format).

But it’s important to understand that the wallet doesn’t actually contain your bitcoin. It contains permission to spend your bitcoin. And if you lose access to that permission to spend, then you effectively also lose your bitcoins, because you no longer have access to them. That is why it is so important to keep the keys secure.

Some wallets, especially the older ones, are full node wallets. This means that you download the entire blockchain, and act as a relayer or transmitter of transactions, even those that you had nothing to do with. You receive transactions from nodes and pass them on to other nodes, and thus contribute to the updating of the bitcoin network. While no actual work on your part is involved (the transmitting is done automatically), it is onerous – the blockchain occupies approximately 40GB of memory.

Most wallets, however, are “thin wallets”, or an SPV wallet (which stands for Simplified Payment Verification). If you have a wallet on your mobile phone, it’s almost certainly one of these, and an increasing number of desktop wallets are also offering this option. SPV wallets do not download the entire blockchain, they only download block headers. There are concerns that this weakens the security of the network as a whole, since they cannot tell the difference between a block with valid transactions and one with invalid ones. (Segregated Witness offers a potential solution to this problem, but the project is still at the testing phase.) But they rely on nodes to check the transactions for validity, and assume that after a certain number of blocks have been added on top, a transaction can be counted on to be correct.

Wallet technology is evolving rapidly in terms of efficiency and functionality, so this overview does not hope to cover all wallet types, but the basic principle is the same for most: wallets hold your keys, not your bitcoins, although the distinction is actually not that relevant for the average user. Bitcoin wallets are a fundamental piece in the path to increase bitcoin use beyond geeks and techies, as it is the only face of bitcoin that most will ever see. Wallet ease of use and security will increase confidence in transactions, while at the same time encourage more use cases. With more users comes even more innovation, and the entire sector – from front-end wallets to back-end miners and including the many applications in between – benefits.

Is Bitcoin anonymous?

Much hype has been frothed about the anonymity of Bitcoin, and how that makes it ideal for illegal activities. (Let’s not even go into the illegal activities that the ever-so-anonymous cash is used for.) So it’s worth setting the record straight: Bitcoin is not anonymous. But it can be.

First, rather than anonymous, Bitcoin is pseudonymous. All your bitcoin transactions are linked to your bitcoin address (or addresses). In the Bitcoin transaction sphere, you are known by that address, no-one else can use it. It is your “pseudonym”. Totally anonymous transactions would have no attached pseudonym.

True, figuring out that that address belongs to you, specifically, is difficult. Difficult, but not impossible. How would one go about doing it? By combing through all other transactions to and from that address and looking for clues such as delivery destinations, transfers to private sidechains, links to other addresses that have been identified, donation requests in forums… Or, investigators could look for transactions that combine two Bitcoin addresses into one input. For instance, if you had 3 bitcoins in one address, 2 in another and wanted to buy something that cost 5, you’d combine your two bitcoin addresses into one transaction. If the identity behind one of the input addresses is known, then the other one is, too.

an example of bitcoin activity tracking, from An Analysis of Anonymity in the Bitcoin System
an example of bitcoin activity tracking, from An Analysis of Anonymity in the Bitcoin System

Another technique used for figuring out bitcoin ownership is patterns in activity. Parallels can be drawn between transaction activity and Twitter activity, for example. Periodic repeat purchases, even from different addresses, can be a giveaway.

And most of us get our first bitcoins on an exchange. In general, exchanges are regulated and have to comply with the local Know Your Client laws, which generally involve verifying your identity with authorised documents such as passports or ID cards. That address is linked to your real self (in theory), as are other addresses that that address transfers to. Even simple wallets (not related to exchanges) that don’t ask for your identity need to keep records of all transactions associated with your bitcoin address, in order to know how many bitcoins are rightfully yours. Records are hackable, and can be subpoenaed by the authorities.

The anonymity of Bitcoin has been one of the main barriers to banks’ willingness to work with Bitcoin-related businesses. Chainalysis (which recently signed a deal with British bank Barclays) intentionally combs through transaction data to de-anonymize the network and to provide banks with a compliance service. While this will no doubt bother many Bitcoin users who value the philosophical benefits of the freedom that anonymity brings, Chainalysis’ goal is to get banks more comfortable with working with Bitcoin users, which will help the digital currency’s spread and influence.

However, with some extra effort, Bitcoin can be anonymous. It is possible to buy bitcoins anonymously using cash and local exchangers. Bitcoin users can employ a different address for each transaction to make ownership harder to trace. The heavily encrypted network Tor makes it much harder to track transactions (among other features, IPs are not recorded), but even just using Tor can alert authorities that you are hiding something.

These aren’t foolproof anonymity methods, but they do make it harder to follow a bitcoin through the network. Mixing services, which shuffle your bitcoins with those of other users, do provide a very high level of anonymity, but are much riskier than traditional wallets in that they are unregulated and often unaccountable. If Bitcoin anonymity is important to you, your best bet would be to use a mixing service and withdraw your funds immediately, and to use a different address for each transaction. Of course, the best way to avoid getting caught for illegal activity is to simply not do it.

(For more on how Bitcoin works, see Bitcoin Basics.)

What is a bitcoin wallet?

Before owning any bitcoins, you need somewhere secure to store them. That place is called a “wallet”. Since bitcoin is really just a snippet of code, your wallet will probably live on your computer and/or mobile device, but physical storage gadgets are also used, and there even is such a thing as a paper wallet. Here we’ll take a look at the different types of wallets, with a brief overview of how they work.

But first, it’s important to clarify something that will help to understand how they work. You store your bitcoins at your Bitcoin address, not your wallet. What your wallet holds is the private key that gives you access to your Bitcoin address (which is also your public key). If the wallet software is well designed, it will look as if your bitcoins are actually there, which makes using bitcoins more convenient.

Electronic wallets can be downloaded software, or hosted on the web (“in the cloud”, as we say these days). The former is simply a formatted file that lives on your computer or device, and that facilitates transaction formatting. Hosted wallets tend to have a more user-friendly interface and more on-the-go functions, but you will be trusting a third party with your private keys. There are a few hybrid models, and some really strange ones, and each provider is slightly (in some cases very) different from the rest. This summary is meant as a general overview of the different types, not a list or a recommendation of specific services.

One very cool function worth mentioning is that most wallets will convert your public bitcoin address into a QR code, which makes it so much easier to send bitcoins directly from your phone. You just hold your phone’s camera up to the square, scan it, and the address is entered into the “send” location.

Here’s mine:

(feel free to send me some bitcoins if you wish!)
(feel free to send me some bitcoins if you wish!)

Software wallet

Installing a wallet directly on your computer gives you the security that you control your keys. Most have relatively easy configuration, and are free. The disadvantage is that they do require more maintenance in the form of backups. If your computer gets stolen, hacked or corrupted and your private keys are not also stored somewhere else, you lose your bitcoins.

The original software wallet is the Bitcoin Core protocol, the program that runs the Bitcoin network. You can download this here and become a node (that doesn’t mean that you need to mine bitcoins) with wallet capability, but you’d also have to download the ledger of all transactions since the dawn of bitcoin time (2009). As you can guess, this takes up a lot of memory (over 20GB).

Most wallets in use today are “light” wallets, or SPV (Simplified Payment Verification) wallets, which do not download the entire ledger but sync to the real thing. Armory is a good example of a software bitcoin wallet, as are Electrum and MultiBit.

Web-based wallet

Web-based wallets offer increased convenience – you can generally access your bitcoins from any device if you have the right passwords. All are easy to set up, come with desktop and mobile apps which make it easy to spend and receive bitcoins, and most are free. The disadvantage is the lower security. With your private keys stored in the cloud, you have to trust the host’s security measures, and that it won’t disappear with your money, or close down and deny you access.

Several offer a wide range of services such as bitcoin purchase or sale, multi-wallet generation, coin mixing (to hide the origin), offline storage, merchant services, bank account connection, search function for address of people you know or people near you, maps of places near you that accept bitcoins…  Some are accessible via a web page, others as a browser extension, and almost all have a smartphone app. Among the best-known ones are Blockchain, Coinbase, Xapo and Hive.

 

image via KeepKey
image via KeepKey

Hardware wallets

Hardware wallets are small devices that occasionally connect to the web to enact bitcoin transactions. They are extremely secure, as they are generally offline and therefore not hackable. They can be stolen or lost, however, and the bitcoins that belong to the stored private keys along with it.

Trezor, KeepKey, LedgerWallet and Case are recent examples of efficient hardware wallets.

Paper wallets

Perhaps the simplest of all the wallets, these are pieces of paper on which the private and public keys of a bitcoin address are printed. Ideal for the long-term storage of bitcoins (away from fire and water, obviously), or for the giving of bitcoin as a gift, these wallets are more secure in that they’re not connected to a network. They are, however, easier to lose. With services such as bitadress.org and bitcoinpaperwallet.com, you can easily create a new address and print the wallet on your printer. Fold, seal and you’re set. Send some bitcoins to that address (the QR code that you see in the picture), and then store it safely or give it away.

image via BitcoinPaperWallet
image via BitcoinPaperWallet

Warpwallets

This relatively obscure variety invokes some heavy cryptography to make it not necessary to store private keys anywhere other than in your head. If your memory’s as bad as mine, this is understandable cause for concern, but apparently all you have to do is remember a long phrase (such as the first sentence from your favourite book, or the first few lines from your favourite Beatles song).

— x —

Even within these categories there is a wide variety of services and functions, some very technical, some incredibly useful, and some both. Going into more detail will involve delving into cryptography and connectivity, which is best saved for individual profiles and security updates. Bitcoin wallets is a fascinating sector, impacted by technology, regulation and some unusual business models. And it’s a rapidly changing sector, too. The capabilities of the wallets are deepening in line with our understanding of how it all works, consolidating in line with the regulator’s interest, and broadening in line with our increasing use of digital currency.

(For more on how Bitcoin works, see Bitcoin Basics.)