Topic: Andreas Antonopoulos says to stop using paper wallets, do you agree? - page 4. (Read 1039 times)

andreas antonopoulus said to stop using paper wallets, paper wallets are cold storage, our wallets are stored offline, many people say paper wallets are the safest wallets, but personally I agree with andreas antonopoulus, because there are so many risks involved we face if we use a paper wallet, everyone who sees it must be very easy to steal it, pieces of paper are also easily damaged, flammable and easily exposed to water, so I agree with andreas' opinion, I will leave the old method and I prefer to use the new method ..

I have this conversation all day every day with my clients, I’m like a parrot. My point was though don’t just always opt for what’s easiest, but take the time and do what’s best.

Moral of the story - proper paper wallet , if can guarantee proper creation and it’s safely (which might be technically impossible ) is best. Hardware however has enough advantage it’s deemed a viable alternative.

Andreas should have been more specific in his video, I don’t like how he framed it all.

My bad mods - this felt like a hard topic to know where to place.

Edit & thx again to all who contributed here, you all are always helping me and it’s very much appreciated!

Absolutely agree. Part of the problem here is not just having the knowledge required to avoid such pitfalls, but also having enough knowledge to realize that you don't possess such knowledge. We see time and again plenty of newbies on this forum who think that unplugging their Ethernet cable or turning off their WiFi means they can do whatever they like on their computer in complete safety. If you don't have the knowledge to safely create an airgapped wallet, the danger is you don't have the knowledge to realize that either. Perhaps Andreas' method of just saying "Never use a paper wallet" isn't so bad after all, rather than saying only use one if you can do x, y, and z, and newbies thinking they know how to do that. If you say "Never use a paper wallet" then this applies to the vast majority of users, and the few who know how to do so safely will also know they can safely ignore such statements.

But at the same time we should be steering newbies away from risky solutions such as creating their own paper wallets or using custodial closed source web wallets.

I fail to see a single benefit of doing this over writing down a seed phrase. You first have to generate the seed phrase anyway, you are trusting additional hardware and software to generate the QR code, it is time consuming, the potential for making an error is huge in comparison to a seed phrase, it is incredibly difficult (if not impossible?) to use a metal plate if you prefer that over paper, it is time consuming and error prone to duplicate, and trying to figure out/brute force a mistake will be exponentially harder than doing the same for a seed phrase. What is the use case here?

You can use open source SeedSigner (raspberry Pi zero), that is ONE device not two, but I was just giving example of how this can be done.
Similar thing can be done in software level on any offline computer.

Not a chance toner can last centuries.
They all have expiration dates, and printed ink is guaranteed to fade much faster than that, especially if you filled toner yourself or you kept it in bad air conditions.
Printer is also machine right? And your computer is also a machine, so you need two machines to print your paper wallet, that could leave memory history of you doing that, both in computer and in memory of printer.

You need a device that tells you which fields to make black. And you'll need another device to verify the QR-code actually works.

I trust my toner will last for centuries, and I don't think a black pen/marker can improve that.

It's much better than any printer, because you can make it even without electricity and it's written with your own hand, not by some machine you need to trust that ink will survive long enough without fading.
I didn't compare this with writing seed words, but this is example and possibility of manual ''printing'' by hand.

That's a terrible system It's far more work than just entering the 12 seed words, and it's far less reliable than using a cheap old laser printer.

The thing is Andreas is likely aiming this statement towards the masses, rather than those that are technically sound. While I do agree you shouldn't be speaking in absolutes, to be honest with the goal being getting average users with no technical background comfortable with Bitcoin, its best to offer advice which is the least technical, while still offering a good standard of security. I get what Andreas is trying to say, I wouldn't go as far as this statement, and instead would say that there are definitely more secure ways to secure your Bitcoin than x, however this usually requires some sort of technical know how, and has the potential for pitfalls which could ultimately lead to less secure storage despite being conventionally better.

Though, that doesn't have the same ring to it does it? His advice is sound, he isn't ruling out the use of paper wallets completely, only to those that don't quite understand the technical sides, the pros, and the cons of using one. Paper wallets are usually as secure as the person generating them.

Ultimately, our goal as a community should be providing as many people as possible with the freedom to choose what they want to do with their money, and by making Bitcoin less complex we will achieve that goal a little easier than if it was overly complex.

I don't know if anyone saw what SeedSigner is doing for manually backing up wallets with QR codes that are drawn with a pen, instead of using any printer.
This can be done at your own home and no machine will be used, you just follow instructions and fill up empty squares with permanent marker or pen.
This QR code for example contains twelve word seed phrase, and entering this code will import your seed words:
https://www.youtube.com/watch?v=c1-PqTNx1vc

It's more likely that even if your family finds your paper wallet they won't know how to use it, or if you used bad printer they wont find anything because ink palled like we see in those thermal receipt printers all the time.
 
He was talking for years and educating people why paper wallets shouldn't be used my masses anymore, and this is not his first video about that subject.
It's easy to find all his previous videos and I am sure you will find that he explained several times what you are talking about.

Imho this is the correct view over what Andreas said.

I'll only add that with a tiny bit of ingenuity the seed can be hidden in plain sight, which is not that much possible with the private key, also the seed is less prone to typos.
But the main reason is being dumb-proof. And for that the solution at hand is seed and HW.

My kids are young, I don't want them around when handling sensitive stuff because they're distracting.

That's a perfect use case for paper wallets, they're much easier to copy than hardware.

So don't use a printer at all, or only use it to print out information which is not a security risk, such as your addresses, xpubs, or QR codes of the same. Write down the seed phrase instead.

So create entropy manually by flipping a coin.

So close the curtains, put some tape over your laptop camera, and leave your phone in another room.

So use one or more passphrases.

All of these supposed "weaknesses" of paper wallets are weaknesses of every wallet which you back up your seed phrase on paper. By creating a wallet, backing it up on paper, and then destroying the electronic copy, then I am only removing some vectors of attack.

Regardless of the audience, claiming that paper wallets are obsolete is pretty misleading. In fact it is more misleading if the audience is at beginners level or doesn't understand much. They should be educated on why and when a paper wallet is insecure or doesn't provide the functionality that you would want (single private key compared to HD wallets). And more importantly they should be told about what they can do to improve that.

if you dont trust your own family in your own home. maybe you should get a divorce and get your kids sent away to be adopted.(joke)

seems some are a little too paranoid in their own homes.
heres the thing though. with all the old school definition of paper wallet and the paranoid requirements of printed said paper wallet in complete privacy away from family.... what still remains is that you then have to hide said paper away from family. and put a hammer to your PC and printer to stop family from checking your document history later
(kind of overboard)

and for the rest of your life, not keep the paperwallet at home.. because you dont trust family to not find it a day, week, month later laying around the house.

the only real advice, without the paranoid 'over-fearing' scare tactics is:
to not do it on someone elses device, EG in a public library.
to not make a single paper wallet with significant amounts on it

if a burglar was to break into your house. they are not going to spend hours trying to look on your PC for fingerprints of if you are a bitcoiner. it takes too long
burglars dont rummage through all your letters and paperwork. it takes too long
they are simply going to steal your wifes jewellery. or your car keys and be out your house in under 5 minutes

no burglar bothers to look at printer cache data on the printers chip. they have a crowbar, not a device with hacker tools.
no burglar bothers to spend months trying to brute force your PC password.

they are more then likely going to factory reset your PC without going into your files to avoid any 'trace my pc' software pinging their location. and then selling the PC to a pawn shop

the real world fear is not your coins being stolen. but your access to your device/wallet being taken where the coins end up 'burned' via lost keys

My assumption is that a cheap black and white laser printer doesn't store anything after I cut it's power. But if you're really worried about that, make sure the printer never leaves your house. Or encrypt the wallet before printing.

I can think of a few risks from storing digital data. I trust paper much more than anything digital when it comes to (for example):

• Magnets
• Aging/Reliability
• Accidentally connecting it to the internet
• Hiding
• Moisture (when laminated)
• Static electricity
• Physical damage

I can think of several ways to add random data which doesn't rely on that OS.

It's generally wise not to do anything confidential when anyone or any device can see you.

Fold it, staple it, tape it, laminate it, mount it on the wall, hide it... How is this different than writing down the mnemonic to your hardware wallet?

Some printers have features that do not work well with printing confidential information. For example, some printers will save the last n pages it has printed so the user can easily reprint something they spilled coffee on. Sure, you can probably disable this feature, but it is one more thing you need to worry about.

The thing about paper wallets is that it really never makes logical sense to use one. In all cases, the potential risks involved in using a paper wallet include all risks involved in using a wallet stored in digital format and include additional risks not involved in storing a wallet in digital format.

For example, when you generate your private keys, you must rely upon the RNG of your OS. This is true regardless of whether you are creating a paper wallet or a wallet that will be stored on a USB drive. If you are creating a paper wallet, you must expose your private key to any "eyes" (including cameras) that can see in the room you are in. If you are creating a wallet that will be stored on a USB drive, you never need to expose the private keys to "eyes looking in the room".

While you are storing your paper wallet, if someone is able to access your paper wallet, they can ~instantly make a copy of the paper wallet with a camera (they can also take the actual paper wallet, however there may be some situations in which an adversary can see the paper wallet, but cannot remove it). With a wallet stored on a USB drive, an adversary would need to connect the USB drive to a computer, or other equipment in order to make a copy (or they can remove it, if possible). If there is any encryption applied to a paper wallet, the exact same encryption can be applied to a wallet being stored on a USB drive.

When you spend any coin stored on a paper wallet, you again will need to expose the private keys to the "eyes looking in the room", and again this is not the case for a wallet being stored on a USB drive.

If you were to replace "USB drive" with "Hardware Wallet" above, you would have incrementally greater security because HW wallets generally have a "cool-down" period in between unsuccessful attempts to use the HW wallet.

For most people in crypto he is right.
For some very careful and technical trained and social aware people, the paper wallet style might still be an option (Also i recommend steel engraved word lists)

Remember, we have a majority of users with few computer skills. They are in for the craze and the moonshots and meme coins.
Whatever instruction they follow, they have no idea what is safe. They ll likely loose their coins when dealing with paper wallets.

With single key paper wallets, sure. With HD paper wallets, it's as easy as having a watch only wallet with your master public key on your computer.

Clearly the group of those who do not have the technical knowledge required to safely set up and use a paper wallet far outnumber the group of those who do. But I agree that saying that no one should ever use a paper wallet because most people can't use it safely is wrong. Most people can't fly a plane safely or perform surgery safely - doesn't mean those things should be off limits for everyone.

Off topic, but any interest rate below inflation means you are losing money. Whether you are losing 4.5% or 5% per year is pretty academical.

the issue andrea is falling short of, is that his definition of a paper wallet is limited to HIS old companies design of said "paper wallet" buzzword. he is stuck in that small concept of what he believes is a paper wallet.

the term "paper wallet" has actually evolved passed andrea's definition.
its no longer 'single use key, requiring bootable clean operating system to print snazzy banknote-esq design'

modern paperwallets are actually mnemonic seeds stored on paper.. thats it.
its not special design(bank notes) style that get passed around.
what he has lapsed in his evolution of buzzwords, is that his old concept of paperwallets is now buzzworded as 'bitnotes'

what he is actually saying is that HIS old companies concept can be risky and people should stop using his old companies process of their paperwallet concept

I agree. However, which group do you think is bigger? Those who know how to go about using paper wallets or those who could mess it up somehow? You might not even belong to either of those groups, but you just don't want to commit to the task of creating such solutions. 

Exactly! I have to quote myself here: