I get a lot of people asking me about the proper way to do cold storage of their Bitcoins. These are commonly folks who are building a Bitcoin startup and are taking preventative measures. I like to think these are the people that will be successful. Unlike Mt. Gox and many other Bitcoin startups who neglect to think about their customers.
Anyway, I’ve devised a scheme for this on the Bitcoin Security Project organization that I run. In my security engineer duties I’ve had to design many secure architectures and I certainly think that this is one of them. If you disagree, contact me.
The scheme is a multi-tier architecture that I believe to be suitable for small to large Bitcoin companies. The basics are simple:
- Keep only a small amount in hot storage that wouldn’t ruin you if you lose it.
- Require strong authorization and authentication from multiple people when moving Bitcoin between tiers.
- Give some training to the folks who have control of your Bitcoin, please.
- Use common sense and do not automate withdrawal from cold storage. Servers get hacked all the time ya know.
Below is the scheme if you’re too lazy to check out the link above.