Topic: Bippy allow encryption/decryption of electrum seeds with BIP38-ish (Read 1812 times)

Hi
I'm Sam, the creator of Bippy.

First off, thanks for the interest and kind words. It's always very nice to hear compliments of work that I've done.
Bippy had a bit of an update since this original post. I added some functionality and prettified the UI a bit to make the flow easier. It also now has Windows installers available on the Bippy website here: http://bippy.org

The encryption method followed by Bippy is the exact one laid out in the BIP0038 specification. That does make use of AES as jonald_fyookball mentioned as well as using scrypt for key derivation. Bippy uses a pre-compiled binary version of scyrpt as the pure python implementation meant waiting ~10 minutes for encryption rather than ~10 seconds. If that's a cause for concern you an always compile your own scrypt binary as there is nothing special about the one bundled with Bippy.
I tweaked the BIP0038 specification slightly to allow for some other inputs other than private keys, but the underlying method remains the same.

The Private keys generated by Bippy use three entropy sources. There are the Operating system urandom pool, the clock based entropy and user entered entropy (the bot where you draw the dots over the UI). All told, it's as secure as the browser based tools such as BitAddress.org but doesn't rely on a browser with its associated cache. I know that browser tools recommend going offline to generate and to clear the cache after generating keys but, browsers contain thousands of lines of code. I myself haven;t been through that code to check what happens when I clear the cache to ensure that every last trace is cleared.
I'd recommend generating keys and addresses offline with Bippy too but the big difference is that there is no cache in Bippy. (I'm in no way trying to imply that browser based tools are unsafe, I'm just clinging to the one unique selling point I have )

Happy to answer any other questions that may come. I hope to update Bippy one day, perhaps to support BIP0032 and HD wallets but I must admit that this is no longer my primary concern.

Sam

Well, a quick look at the source code shows me its doing a pretty straightforward AES encryption.
Looks pretty good... but I'm not a cryptographer.

I think the wood wallets are great..they look amazing... I just prefer other methods.

This is awesome, why has no one commented on this post?! 

All Physical wallets should be done like this.

Anyone skilled able to review the source code and verify that this is legit and secure?

This is a bit of a xpost from here

As a physical wallet manufacturer I've been asking a few times if "Can you make electrum wallet backups on wood?".
So far the answer was : "Yes, provided that you encrypt the seed on your side before sending it to me and that the final key actually fits into our physical wallets" .

Now, there is an app for that

Together with the creator of inuit wallet, we are now exploring this possibility with Bippy . Bippy is a multi-currency userfriendly python implementation of the BIP38 encryption protocol.

Sam just tweaked the program to let users enter an Electrum seed and encrypt it with a passphrase. The resulting string starts with SeedE and is short enough to fit our woodwallets.  i.e :-> SeedER4sSM6VLmmDB6Ftu3wNSt483iXw17bJxu3nvQ6qTNsrx2bo7Nnw4zdD





We would love to hear what you think about it.

Step 1:

Install Kivy (required for the UI), clone and run from github :


Disconnect from the internet and make sure you are using a clean machine (better a Live DVD) and execute the tool



Then to encrypt your electrum seed :

• Type your seed into the "private key" field. Observe how Bippy detects that a seed has been entered
• Choose a passphrase
• Press "Encrypt"

To decrypt your encrypted electrum seed :

• Type the encrypted seed into the "private key" field.
• Enter your encryption a passphrase
• Press "Decrypt"

For technical details I quote his answer on the other post :



Any thoughts?