Version 0.

1 (August 2011)

by Michael_S (forum.bitcoin.org)

OpenPGP KeyID=0xCC7E7C99

Vision of a Secure and Comfortable Bitcoin Client System (and how to get there)
The Bitcoin Client has to run in a secure environment, to be safe against attacks from malware that tries to steal your pivate keys (wallet.dat). Nevertheless, the system should be as simple as possible to operate by the user. A future Bitcoin client (or bitcoin client operating system) therefore has the following properties and can be realized as follows:

1 Properties
Easy to use, as few extra clicks as possible. Secure against theft of the private keys (wallet.dat) by malware Secure against theft of the private keys (wallet.dat) by someone with physical access to the computer or storage medium Safe against loss of the private keys (wallet.dat) due to hardware failure (e.g. disk crash)

2 How to Realize This

The key to achieving this is a dedicated 100% Open Source GNU Linux distribution that is solely designed for the purpose of running the Bitcoin Client in a 100% secure environment, thus constituting the user's Bitcoin banking software. This Linux distribution should meet the following criteria: 1) It contains only open source software, no proprietary software, especially no closed source software (not even proprietary [closed source] hardware drivers). Also software like the emacs text editor is problematic when it contains code that only exists in binary format, as reported for example in [2]/[3]/[4]. 2) It is a small distribution, only containing those parts that are needed for running the Bitcoin client and for updating to a newer version of the Bitcoin client without a need for installing a new version of this Linux distribution altogether. 2.1) Basic system tools like file browser, text editor, xterminal should be included for the user's convenience. 2.2) More complex programs like web browsers, email clients, media players, picture viewers, shall not be included, because any program that accesses the internet or opens many different file formats may constitute a potential hazard. If an internet browser is intended to be included in this Linux distribution, it could be included inside a virtual machine of VirtualBox (open source), that could be part of this distribution, and also a pre-configured virtual machine image could be part of this distribution already. This way, the host system enjoys extra protection against potential threads from these sorts of programs. 2.3) Proprietary programs like Skype, Opera, Adobe, Flash, VMware etc. are of course completely forbidden for this Linux distribution. 3) The Linux distribution is designed to boot from a Live CD or USB stick, very much in the way of KNOPPIX , compare also [1]. If the system boots from a USB stick, a checksum check (in the sense of [1], example 3+) should run automatically after start-up, to verify the integrity of the USB stick's system files. 4) The persistent user data is stored in a strongly encrypted (e.g. AES 256) image file, just like with KNOPPIX (compare e.g. [1]).
Bitcoin donations welcome: 14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR [1 of 3]

Version 0.1 (August 2011)

by Michael_S (forum.bitcoin.org)

OpenPGP KeyID=0xCC7E7C99

5) When the Bitcoin client is running, the private keys (wallet.dat) are never stored unencrypted to the hard drive or flash memory, not even temporarily. 5.1)This also implies that this Linux system has NO SWAP PARTITION which is anyway completely superfluous for this Linux distribution, because it is not at all demanding for the hardware resources. 6) Truecrypt is an integral part of this Linux distribution. 7) The private keys (wallet.dat) are stored inside a Truecrypt container file. This file is mounted automatically (user passphrase required) just after the integrity checksum check of (see bullet 3) has completed successfully. 7.1) Alternatively, a crypto file system could be used in this case the system would write the wallet.dat directly to the hard disk/flash memory where it would be available only in encrypted form. 8) A framework is implemented that copies a backup of the private keys (wallet.dat) into another small Truecrypt container file, then unmounts this container file and uploads it to a number of internet servers that are specified by the user. Upload targets should include a list of ftp servers that can be configured by the users. Also other targets like dropbox accounts can be included, but only if this can be done by open source software without installing any proprietary dropbox software. If possible, this framework should do its job as automatically as possible, i.e. once the user has specified the backup targets (like FTP servers and passwords), the system will always automatically do these backups in the background whenever the user terminates his banking session, and will inform the user by a short pop up window message if the backup was successful. 8.1) For the backup, the ftp backup engine should not overwrite the last backed-up file, but save the new file on-top, with the current date included in its file name. The reason: If the Bitcoin client, or Truecrypt, for some reason (software bug) creates a corrupted file, then the previous uncorrupted file will still be present at the backup location (FTP server/dropbox storage). 9) A list of the Bitcoin addresses should be exported to an UNencrypted location of the computer (compare [1]). This makes it easier to later transfer BTCs from another system towards this safe Bitcoin system.

3 Password/Passphrase Management
In summary, the following passwords/passphrases have to be entered by the user each time he/she boots his Bitcoin banking software system from the Live CD or USB stick: 1) During boot: the passphrase for the persistent image file that saves all the user settings 2) After system startup: The passphrase of the Truecrypt container File (or the passphrase of the crypto file system), acc. to item 7) of the previous section. Note: This passphrase must be different from the passphrase of the persistent image file. 3) At the end of the banking session: The passphrase for the small backup Truecrypyt container, acc. to item 8) of the previous section. Note: This passphrase can be the same as in step 2), but must be different from the passphrase of the persistent image file of step 1). Note: This passphrase is the most important one, because it will be used to protect container files that will be uploaded to the internet cloud, to various servers, hence the password protection must be very high. Compare the password/passphrase guidelines in [1]. Note: The passwords for the FTP servers/upload targets need to be specified only ones and are then remembered by the system persistently.

Bitcoin donations welcome:

14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR

[2 of 3]

Version 0.1 (August 2011)

by Michael_S (forum.bitcoin.org)

OpenPGP KeyID=0xCC7E7C99

4 FAQs
Q: A Linux distribution for Bitcoin already exists, its name is linuxcoin. Can't I use that one? A: Check for yourself, and you will find that it hardly matches any criterion that is listed in this document. Worst of all, it contains plenty of proprietary closed-source software and therefore cannot be considered as being free of backdoors and trojans. The linuxcoin distribution might be well eligible for BITCOIN MINING, but it is not eligible at all for secure BITCOIN BANKING, i.e. for managing your Bitcoin savings. Q: What I do not like about the concept of this document is the fact that I always have to boot another operating system for running my Bitcoin Client. When I find myself working with my computer in the normal way, and then I want to start a Bitcoin session, I first have to power down my PC, boot the bitcoin system, then do my Bitcoin session. Can't I do this with my normal Operating System that I use in normal life? A: Your normal Operating System that you are using on a daily basis might be infected with malware without you being aware of this. You have probably lots of proprietary closed-source software running on this system (even if you use Linux), and you cannot be sure whether they have built-in backdoors that might enable them to steal your private keys (wallet.dat). Hence it is inevitable to use an extra operating system that has no connections whatsoever with your normal system. Q: But I want to operate my Bitcoin client from my daily system for convenience... A: You can do the following, as a reasonably pragmatic compromise: You set up two Bitcoin clients with two different wallets: First you install the Bitcoin Client on your normal PC (in the way you probably use it today), and in addition you set up a secure Bitcoin client system as it is described in this document. The idea is that you will only hold a limited amount of Bitcoins on your normal PC's Bitcoin wallet, whereas the vast majority of your BTC savings are located at your secure Bitcoin system. This way your savings are safe, but for your daily business the amount of BTCs available in your daily PC''s Bitcoin wallet are sufficient and you do not need to start the secure Bitcoin operating system system each time you want to do BTC transactions with the external world. Practically, you will need to start your secure system only once in a while (e.g. once every few weeks). The price that you pay for this convenience is that a potential malware might steal your normal PC's wallet.dat. However, since you will make sure that this wallet contains only a very small fraction of your total BTC savings, the maximum possible loss is limited. Q: Ok, this sounds like a reasonable solution. However, can't I just install a Virtual Machine inside my normal PC and run the secure system described in this document inside this Virtual Machine? A: This is a quite bad idea. Because, if your normal PC is infected by a malware, this malware, if designed appropriately, can also see everything that is going on inside your virtual machine. So a system running inside your virtual machine cannot be secure by principle, unless the host system itself is completely secure!

5 References
[1] Tutorial: A Practical (and Paranoid) Guide: Setting up a Secure System for the Bitcoin Client keep your private keys (wallet.dat) secure and do not loose them -, version 0.5 or later, http://www.scribd.com/doc/61649663/Bitcoin-Safe-Usage-v05 or http://www.filedropper.com/bitcoinsafeusagev05 [2] http://www.h-online.com/open/news/item/Emacs-has-been-violating-the-GPLsince-2009-1288623.html [3] http://www.xydo.com/toolbar/25469965-say_what_gnu_emacs_violates_the_gpl__network_world [4] http://www.linuxtoday.com/it_management/2011073000441NWOO
Bitcoin donations welcome: 14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR [3 of 3]