[macns]

> This is a digression

Two things make currency work: usability and security. How can this be a digression?

> Cold storage is essentially isomorphic to keeping treasure in a safe

I'll admit the wiki is a bit tl;dr .. (I guess you didn't read it). Using your "keeping treasure in a safe" quote: Cold storage is like keeping a treasure in a safe, at the bottom of the deepest ocean of another earth-like planet in a solar system which we cannot even assume (knowing about it is impossible;) that exists.

[ajross]

What? No, no, no. Cold storage is exactly as secure as the physical storage used to keep it. Unless that physical safe (or deposit box, or mattress) in which you put the printout or USB stick was launched on an interstellar rocket, then no.

It's true that it's inaccessible to the internet. It's not true that it's more secure than physical storage, because ultimately it is physical storage.

I await your "But you can memorize a key such that the attacker can't use it!" response and am presently googling the XKCD link to zing you with.

[macns]

Well regarding bitcoin theory obviously you skimmed through the basics, but I'll make an effort to counter your arguments.

A (public) bitcoin address is useless without the private key. Suppose you do find one, you'd just knew the transactions referring to it(by looking up the blockchain).

One can easily have thousands of addresses. Many people generate a different address for each transaction, so good luck finding the one that looks like a safe.

A safe will be opened up without a key, eventually, a bitcoin address never: [0]The private key is mathematically related to the Bitcoin address, and is designed so that the Bitcoin address can be calculated from the private key, but importantly, the same cannot be done in reverse.

[0]https://blockchain.info/wallet/bitcoin-faq

[ajross]

I don't have the foggiest idea what you're on about. The subject was bitcoin "cold storage", which is the idea of storing the private keys to a walled offline, out of the reach of network-enabled attackers.

You're just saying that recovering a private key is mathematically hard, but that's not the attack vector in question. You still need to store the private key somewhere, and that storage is subject to attack. Network-attached storage is subject to lots of attacks, thus there's interest in storing this stuff offline.

[macns]

OK my bad, having just read myself this morning I'll admit I got confused along the way.

But still: > Cold storage is essentially isomorphic to keeping treasure in a safe

Though I don't like this analogy, if we must use it then it's the key that you keep in a safe[0]. As previously mentioned, one can have many keys and simply stealing one doesn't mean their "treasure" is stolen, whereas a safe is easier to be found and opened.

[0]:https://en.bitcoin.it/wiki/Cold_storage

A simple example of deep cold storage is opening a safe deposit box and putting a USB stick containing an encrypted wallet file in it. The public (sending) addresses can be used any time to send additional bitcoins to the wallet, but spending the bitcoins would require physical access to the box (in addition to knowledge of the encryption password).