What follows is the minimum you must know in order to try bitcoins. It assumes that you do not want details of how bitcoins are created (mined), sent (broadcast), or verified (confirmed). You do not care whether bitcoins are truly “money”, whether they have “intrinsic value”, nor their political implications. You do not care whether they conceal your identity or reveal it. And you do not want to debate narcotics, pornography, guns, tobacco, alcohol, socialism, libertarianism, or anarcho-capitalism. You just want to get a few coins and play around with them.
The minimum five topics you must know are (1) key-pair — public address and private key, (2) software — receive, monitor, and spend, (3) acquire — earn or buy, (4) manage — security and privacy, and (5) disburse — spend or sell. The bottom of this page also has a link to a sixth topic: U.S. tax implications.
Your personal bitcoins are not stored in your computer. They are not stored in a software “wallet”, nor on a hard drive, nor on a flash drive. Bitcoins are dispersed across the internet cloud, scattered among hundreds of thousands of computers across the globe (about 6000 of which validate transactions). You access your personal bitcoin stash in the cloud via a key-pair.
1. Key-Pair — Public Address and Private Key
Your personal bitcoin stash in the cloud is a virtual lock-box. The lock-box is managed with a key-pair (two character strings). One string is the box’s public address. The other is the box’s private key. Every public address is generated from its corresponding private key. In a moment, we will see how to generate a private key.
The key-pair is a receptacle. To buy coins from me, you would: (1) Set up your own key-pair. (Explained in a moment.) At that point, only you know the key-pair. But at that point your key-pair contains the sum of 0.00 bitcoins. (2) Pay me cash for, say, 0.50 BTC and tell me ONLY the public address of your key-pair. I will then send the bitcoins to that public address. At that point your key-pair will contain 0.50 BTC.
Memorize two vital facts about key-pairs. Do it now.
1.1 Vital Fact No. 1 — Anyone, ANYONE! who knows your stash’s public address can deposit coins into the stash and see its balance and history, but they cannot spend coins from the stash.
1.2 Vital Fact No. 2 — Anyone, ANYONE! who knows your stash’s private key can also spend the coins from the stash, but nobody, NOBODY! can spend coins from a stash without its private key. The private key resembles the code to an old-fashioned numbered Swiss bank account.
Ponder the implications of those two vital facts. We will come back to them again and again.
2. Software — Receive, Monitor, and Spend
2.1 Receive — You do not need a “wallet” app in order to receive coins from others. In fact, although your personal bitcoins are scattered across the internet cloud, you do not even need access to the internet. Assume that you know a key-pair that is unknown to anyone else. Tell me its public address and I can send coins into that stash without your involvement. Post the public address to the world asking for donations, and anyone on earth can send bitcoins into the stash without your involvement. Your coins are safe. No one but you can ever spend them, even if you never have any access to the internet. Again, you do not need a “wallet” app to receive bitcoins. On the other hand, if you cannot access the internet then you cannot tell how much you have received into the stash.
2.2 Monitor — You do not need a “wallet” app in order to see your stash’s balance and history but you do need access to the internet. Any internet browser can see your stash’s balance and transactions. Several websites provide this free service. The most popular is “https://blockchain.info/address/[put your public address here]” as in: https://blockchain.info/address/1GDGfpdvoP5xw5bCJzazCyJoCKbQdJd6jh.
Think about privacy in the above example. Since you posted your public address to the world, then anyone on earth can go to that same website and look at your stash’s balance and transactions. Recall vital fact no. 1: “Anyone (anywhere) who knows your stash’s public address can deposit coins into it and see its history.” More about privacy later.
Again, you do not need a “wallet” app in order to see your stash’s balance and history. You need an app only to send/spend your bitcoins to someone else’s stash.
2.3 Send/spend — You need an app in order to send/spend bitcoins out of your stash into someone else’s. I recommend Android. Get an Android tablet or smartphone. Windows is too insecure to handle money. Linux is too hard to master for the casual person just wanting to get a few coins to play with. Macintosh lacks mature bitcoin-sending apps. I recommend Mycelium Bitcoin Wallet. Other apps currently on the market (“Bitcoin”, “Armory”, “Electrum”, “Multibit”, and many others) perform functions beyond a casual user’s needs. They are therefore more complex and so are harder to master.
Think about security. In order to send/spend bitcoins out of your stash, you must paste or scan its private key into your bitcoin-spending app (into Mycelium, say). You can either have the app remember your private key from then on, or you can paste/scan the private key into the app each time you spend. If the former and someone gets their hands on your tablet or smartphone, your coins will be stolen. If the latter and you forget the private key, your coins are lost forever. Recall vital fact no. 2 — Anyone (even a child) who knows your private key can spend your bitcoins but nobody (not even you) can spend your coins without the private key. More about security later.
3. Acquire — Earn or Buy
3.1 Earn — To earn bitcoins in return for merchandise or services (musician’s tips or charitable donations, say) simply show your stash’s public address to the customer. For instance, display a business card showing your public address as a QR code. Customers can scan the code from your business card into their own bitcoin-sending app and send you the coins.
3.2 Buy — You can buy bitcoins from commercial exchanges or from individual sellers. Commercial exchanges demand proof of identity, which can take weeks to approve, and they accept only bank transfer deposits, which are slow and costly. I advise the casual bitcoiner against this. Instead, join localbitcoins.com and find a commercial seller with several hundred online trades and a 100% reputation. Sellers with low prices demand physical cash. Sellers willing to accept reversible payments (cheques, bank transfers, credit or debit cards) charge more to compensate for the risk.
4. Manage — Security and Privacy
4.1 Security — comes down to safeguarding your private key. This means that: (1) you must know it and (2) no one else may know it. Either way, whether you forget it or someone else learns it, you will lose your money forever.
The resemblance to a numbered secret bank account is scary. Some unschooled people do not want to bother with private keys and public addresses. Instead, they leave their bicoins in a service that promises to keep their money safe. DO NOT DO THIS! If you buy BTC with USD at an exchange, withdraw the BTC to a private key-pair as soon as practical. If you sell BTC for USD at an exchange, withdraw the USD to a private bank account as soon as practical. Leaving either BTC or USD in an exchange is like buying jewelry at a store and then leaving your purchase and your money on the counter when you walk out.
In the future someday, bonded, insured, audited, regulated, trustworthy services may arise to serve this market. But they do not yet exist. Leave your bitcoins or private key for safekeeping with anyone, and you will lose your money with no legal recourse. You have been warned!
There are two ways to generate a private key (along with its corresponding public address). First, any bitcoin-sending app (like Mycelium) will produce on command a private key comprising a string of random characters. Second, a “brain-wallet” app (like “Bitcoin Address Utility”) will generate a random-looking private key from a sentence or phrase that you have memorized. Here are the pros and cons of the two methods.
4.1.1 A random-character private key is unguessable. That is the good news. The number of possibilities is so huge that the fastest computer ever made, guessing millions of possibilities each second, would run for billions of years before hitting your private key by sheer luck. Consequently, your bitcoin stash is safe as long you do not divulge its private key to anyone else. The downside is that no one can memorize a long string of random characters, so you must write the private key down somewhere in order to have it available for use when needed. And no matter where you write it, whether on paper, in a computer, on a flash drive, in the cloud, or tattooed on your skin, inevitably you will lose it or someone will see it. In fact, an entire industry of programs reside inside computers, tablets, smartphones, even printers, to see and report your every keystroke.
4.1.2 A “brain-wallet” passphrase is easily memorized. It need not be written or stored anywhere. It will generate the same private key from scratch every time that you want to send/spend bitcoins. It cannot be stolen because it exists only in your mind. The downside is that there exist relatively few easily memorized phrases. An army of programs runs constantly out there, trying every sentence in every book ever written. They will likely stumble across your phrase in a few hours and steal your money. They do not know who you are nor do they care. Recall that anyone who guesses your stash’s private key can spend your coins. One solution is to deliberately corrupt your passphrase with misspellings, odd capitalizations, or non-standard punctuation. But everything that makes it harder for a tireless computer to guess also makes it harder for a fallible human to remember. Recall that you will also lose your money if you forget your passphrase.
I advise a mixed approach. Devise a lengthy phrase that only you could possibly know. For example, “At the Gomez’s 2010 Christmas party, when Uncle Jim put the lampshade on his head, he tripped and knocked the Christmas tree over.” Then, so you do not forget the phrase, hide it within a tale of Uncle Jim’s other escapades, or inside a story about other Christmas parties. Then save the entire story in a folder (preferably password-encrypted) along with other backed-up text files. Do not publish it! For extra caution, append something that you can easily look up (like the first five decimal digits of pi “14159”) to the phrase just before generating the private key from it.
Now generate a key-pair from the passphrase. You may now load coins into its public address or send/spend them using its private key, as you wish. But then delete all record of the private key itself. Do not write it down. Do not print it. Do not save it in a flash drive. Do not encrypt it or put it in the cloud. Do not put it into any computer, whether connected to the internet or not. Destroy it. Delete it. Forget it. Whenever you want to spend your coins, use the same phrase with the same app to generate the same key-pair again.
Of course, such serious security applies only to your savings or nest-egg stashes (good to have more than one nest-egg stash). Your day-to-day spending key-pair can be kept on your cellphone and/or tablet (same key-pair on every device from which you send/spend). If you lose the device or its private key becomes known, you will lose only spending money.
4.2 Privacy — comes down to minimizing information about yourself that is visible via your public address. The two data items that you may want to hide from the public are your stash’s balance and its history.
To hide your balance, simply generate a permanent key-pair that you use only to receive coins. Empty this stash periodically into one of your unpublished savings or working-capital stashes at the end of each business day. Thus the receiving stash’s public address will always show a zero balance.
To hide your transaction history, you must use a different public address every time you want to receive money by generating a new key-pair. This approach would be tedious overkill for most businesses and virtually all consumers.
5. Disburse — Spend or Sell
5.1 Spend — To pay out bitcoins in return for merchandise or services ask the merchant to show you his public address. Most do this with a business card or a QR code taped to their cash register. Scan the code with your own bitcoin-sending app (Mycelium, say) and send the coins.
5.2 Sell — You can sell bitcoins at commercial exchanges or to individual sellers. Commercial exchanges demand proof of identity, which can take weeks to approve, and they send only bank transfers, which are slow and costly. I advise the casual bitcoiner against this. Instead, join localbitcoins.com and find a commercial buyer with several hundred online trades and a 100% reputation.
Extra Topic — U.S. Tax Implications
The most dangerous tax pitfall for a U.S. citizen is the $10,000 fine for failing to report (on both forms “TD F 90-22” and “8938”) your having an account in a foreign exchange (Bitstamp, BTC-e, Kraken, etc.). See A Primer on Bitcoin Taxation by Tyler S. Robbins, Esq.
|If you liked this essay, leave a tip using bitcoins.
Send to address:
Frank W. Sweet is an NRA-certified firearms instructor who teaches the safe and effective use of handguns for self-defense. He was awarded an M.A. in Civil War Studies in military history from American Military University in 2001. He is the author of Legal History of the Color Line (ISBN 9780939479238), Six Gems of Forgotten Civil War History (ISBN 9780939479023), and of numerous published historical essays. To receive a schedule of his firearms training courses, email to firstname.lastname@example.org. The information above should not be construed as legal advice.
|Other Backintyme sites:||Essays on the U.S. Color Line||Armed Citizens and the Law|
|Backintyme Performances||YouTube Channel||--|