Back to help contents

Wallet backups

You can always recover your bitcoin through your wallet words (seed phrase).

So long as you know your wallet words (or your KeepKey and PIN if you are using one) you can use a wallet backup to recover:

Hardware and software can fail, be lost or stolen. MultiBit ensures that an automatic encrypted backup is made of your wallet to a location that you specify.

Use a cloud backup service

Setting up a cloud backup service is straightforward and for small amounts of data (under 2GB) it is often free. We would strongly urge you to consider SpiderOak for its end to end encryption. An alternative is Dropbox which is extremely common and provides an excellent user experience.

MultiBit encrypts all your cloud backup information using a strong AES key derived from either your wallet words or from a password provided by your Trezor. It is safe to store in the cloud without worrying about bad people being able to read your data.

Technical details

MultiBit maintains three stages of wallet backup:

More information on the scheduling of these backups is given later.

Encrypting "soft" wallets and their backups

A "soft" wallet is one that is not linked to an external hardware device such as a Trezor.

The rolling backups encrypt a snapshot of the current wallet. Rolling backups are loaded automatically if the load of the primary wallet fails. The user is told if a rolling backup is loaded on the 'Wallet startup' screen after unlock. The rolling backup is AES-256 encrypted using a key derived from the user's password after running it through Scrypt (N=16384, r=8, p=1). Interested readers should refer to the Scrypt white paper (PDF) for more details if brute force or dictionary attacks are a concern (in particular pages 12-14).

When making a local or cloud backup we zip up the wallet directory and include the wallet password in encrypted form in the archive. Short wallet passwords are padded. The zip file is then encrypted using a key derived from the wallet words. This approach allows the password to be recovered from a cloud backup so long as the user knows the wallet words.

It also means that cloud backups are safe for long term off-site storage.

Encrypting "hard" wallets and their backups

A "hard" wallet is one that is linked to an external hardware device such as a KeepKey. They provide much greater protection for your bitcoins because the private keys are never present on your desktop machine and are not susceptible to malware or viruses.

After entering the KeepKey PIN the password for your KeepKey wallet is provided by the KeepKey encrypting a fixed phrase in a deterministic manner. This password is also used to encrypt your cloud backups.

Therefore the only way to unlock either the wallet or the backups is to physically have the correct KeepKey present and to know its PIN.

Managing all the backups

MultiBit maintains a comprehensive backup strategy consisting of rolling, local and cloud backups. While technical in nature interested readers may find the following information helpful.

After successfully unlocking a wallet MultiBit will follow this process to maintain backups:

  1. Wait 1 minute after MultiBit starts and then start "ticking" every 2 minutes.
  2. Every "tick" (2 minutes), create a rolling wallet backup. This is a copy of the encrypted wallet stored in the wallet's rolling-backup sub-directory. It is timestamped and encrypted with the wallet password. There are up to 4 of these in place covering the last 8 minutes of activity.
  3. Every "tick modulo 5" (10 minutes), create a zip backup in the wallet zip-backup directory. These are the local zip backups. This is everything in the wallet directory except the blockstore (always retrievable from the Bitcoin network) and the zip-backups themselves. Note that the rolling backups are put in the zip backup. It is a zip file which is then AES encrypted using a strong key derived from your wallet words or from a password provided by your KeepKey.
  4. Every "tick modulo 15" (30 minutes), copy the just created zip backup to the cloud backup directory if one has been set.

In summary:

To avoid excessive unnecessary data storage the rolling backups are pruned, oldest first, when there are more than 4 backups using a secure delete mechanism.

The local and cloud zip backups are pruned when there are more than 60 using the following process:

This approach gradually spaces out the backups so that there is protection for the most recent changes and also the ability to go all the way back to the beginning if necessary.

What about storing wallets directly on USB keys ?

MultiBit does not support changing the location of where wallets are stored.

This is by design. We found that the seemingly straightforward option of letting users choose where to put their wallet, including on removable media such as USB drives (IronKeys and so forth), created a whole host of subtle problems:

Using a removable drive introduces a single point of failure that invalidates the automatic backups. The rolling and local zip backups are co-located with the wallet so if you lose/break your USB drive you've also lost them. By contrast, it would take a catastrophic fixed disk failure to prevent access to both the rolling and local zip backups which is much less likely.

Consider also how cloud backups would be set up in this configurable wallet environment. Assuming that a cloud backup folder has been set the path/mapping is likely to be different between machines. Consequently by relying on the removable media you run the risk of losing 3 out of the 4 possible recovery mechanisms (wallet words being the only remaining one, which won't recover all your contacts, exchange rates etc).

Overall, the failure rate for storing wallets on removable media is too high for the intended user of MultiBit so we've chosen not to support it for the above safety and security reasons.


Back to help contents