Topic: BTC Paper Wallet Recovery (Read 436 times)

If you encrypt your private key of your paper wallet by BIP38 it is obviously very important to properly document your encryption passphrase on redundant offline media which needs to be stored safely and separately from your paper wallet. Failing to do so or trying to rely on human memory will quite certainly leed to a loss in the future.

It should be obvious that such an encryption passphrase should never touch any online digital device!




The code of bitaddress.org is pretty well checked and tested, so it doesn't need to be updated like crazy as e.g. browser code desperately needs to be. You also already trusted the page code of bitaddress.org and idealy it should be the same as what you download from the Github repo. The difference is that you can verify the authenticity of the page code from Github!

To generate safe paper wallets any involved software pieces need to be verified for authenticity! The computer environment used needs to be safe (boot a Live Linux that runs solely in RAM best) and offline and after creation, printing^{offline non-saving printer!}/saving your paper wallet(s) the computer working environment has to be erased/formatted (easiest with a Live Linux that only runs in RAM as after a shutdown no traces of your working environment are left behind).

If you save a digital copy of your paper wallet on some removable storage media (if any then redundant copies recommended), those digital copies should never touch an online digital device (temporarily offline doesn't provide safety).

The CSPRNG used by Javascript might have implementation flaws and is dependant of the underlying Javascript engine of the browser. As o_e_l_e_o pointed out, if you're looking for better security (i.e. randomness of your paper wallet's private key) let well known and established wallets like Bitcoin Core, Electrum or Sparrow generate your paper wallet's private key(s). They all use very likely safer CSPRNG implementations than Javascript.

JavaScript key generators are not secure, and there have been a number of vulnerabilities and poor implementations which have resulted in wide spread losses. You should substitute using a JavaScript based website for a piece of good open source wallet software which uses properly secured random number generation, such as Bitcoin Core, Electrum, or Sparrow.

Use Linux instead.

Once you've downloaded the wallet software you are going to use, you need to verify it against the developer's signatures before transferring it to your airgappd computer.

Thank you OmegaStarScream, I appreciate your reply.

I looked at https://github.com/pointbiz/bitaddress.org but the dates of the files were quite old and that put me off using it - was  I wrong? I have no issue creating new wallets, I'd rather them be created as securely as possible in the first than coming back later down the line.

1. You should've downloaded the source directly from GitHub.
2. I guess that works, but a liveCD with Linux would've been better probably.
3..6. Sounds good.


Are you talking about the characters you're asked to type when moving the mouse?
Or about the BIP38 (to encrypt the private keys)?

If the latter, then as far as I know, these two go hand in hand. You can't create and encrypt your wallet unless you go through the "randomness" process.
And yes, it's better to encrypt your wallet, that way if someone find a printed version of it, or gain access to the USB stick, they won't be able to move the funds unless they have your passphrase.

Thank you for your advice and thoughts. I will certainly be more careful in future.

Hi everyone, sorry to revisit this old post but I wanted to ask for your expert opinions on whether my newly created paper wallet is safe to use. I've carried out the following steps:

1) Saved https://www.bitaddress.org/ as a html file and saved it to a freshly formatted USB stick
2) I have a PC with freshly installed version of Windows 10 - the PC has no Internet connection.
3) Opened the html file on the non-Internet PC and created the wallets.
4) Closed html file and deleted it from the USB stick.
5) Wallets saved on the USB stick and removed from PC
6) The laptop will never connect to the Internet.

For step 3, is it better to use the passphrase setting rather than the randomizer?

I'd appreciate your thoughts.

Thank you

First off, why would you use a flimsy site such as that to store your most precious asset? That was a little negligent of you dude. But let's save the reprimands for later.

I don't think there's a good way for you to even get your coins back, from the moment you generated that wallet you already relinquished any form of privacy that you may have over your crypto wallet. What's yours is theirs basically. Would've been really nice too if you asked the forum first before you actually dipped your toes into this ordeal. look into this article too though and see if this could enlighten you on how crypto scams work legally so you could discern if you could file a formal complaint or even sue them. Can You Recover Stolen Bitcoin From Crypto Scams?, but if I were you, I wouldn't get my hopes up. Let this be your first pricey lesson not to trust anyone on the internet with anything you own.

I specifically meant a DVD because of it's write-once characteristics. You can buy an external USB DVD burner starting at $20, and that's what I use for this purpose. I still have a pile of empty DVD-R disks, and another pile with all Linux distributions I've burned in the past.

Does anyone use DVDs anymore? Maybe you meant to say Linux Live DVD USB? Nowadays it is rare to find CD/DVD drives.

https://tails.net/install/linux/index.en.html - here are instructions for Tails OS (is a security-focused Debian-based Linux distribution aimed at preserving privacy and anonymity).

Tails OS pre-installed on a flash drive is essentially a live USB. In principle, you can choose any other Linux distributive, each of which allows you to boot into live USB mode (you must select this item, skipping “install Linux”).

No, the mistake was that you used an unknown website for generating your bitcoin wallet and stored your coins there. Don't even trust offline versions of those websites because there was a website that would let you to generate bitcoin address according to the move of your mouse cursor, i.e. you had to move it many times on your screen and this way you would get randomly generated bitcoin address but the actual truth was that even offline, this website already had generated thousands of bitcoin addresses, they have already saved them in their database and when user would generate one pseudorandom bitcoin address from this website in offline mode and would store coins there, website's owner would get a message about it (he was watching absolutely every address) and would wipe out your wallet.

The safest and the most secure options among hardware wallets are: The Passport Foundation and Coldcard.

---

You can use Sparrow or Electrum to generate bitcoin address on your computer. Users above me have already written what you have to do.

An air-gapped computer is permanently disconnected, not "disconnected for a while". If your computer is "disconnected for a while" and then reconnects, then it is not airgapped. What you have in your set up - a computer which never connects to the internet against - is exactly what is meant by an airgapped device.

And as Loyce says, you don't need to destroy it. Remove all permanent storage before you start and use a live OS, and then after you shut the computer down all traces of everything you have done disappear within a few minutes.

Use a Linux Live DVD, run from RAM, without hard drive, without internet, with the curtains closed, and there's nothing left to access after you turn it off.

I created some paper wallets with bitaddress.org with a computer & printer that I never connected to the Internet again. We have a local computer shop that sells "cheap" second hand computers and I bought a low spec computer and printer from them.

I created the wallets and printed multiple copies of the wallets and then I stored the computer in the basement. (I can actually destroy it, but I might want to make more wallets)

Some people use an air-gapped computer, but I feel that there are still some ways to access a computer, even if it was disconnected for a while. 

Like BlackHatCoiner, I also recommend you to avoid any website for creating wallets. I recommend you to use a trustworthy open-source wallet like electrum or Sparrow and create a HD wallet.

With creating a HD wallet, you will have numerous addresses all generated from a seed phrase and in this way, you don't have to keep multiple private keys if you want multiple addresses. Also, writing down a seed phrase is much more easier than writing a private key.

I would strongly recommend you to stay away from any browser-based wallet software. Besides known paper wallet scam-sites, as the ones mentioned, javascript (which is what they all use) is non-recommended by cryptography experts; https://bitcointalksearch.org/topic/m.56590276

I would add that they should verify the binaries using signatures from outside Github: https://bitcointalksearch.org/topic/ann-bitaddressorg-safe-javascript-bitcoin-addressprivate-key-43496

Working offline with such scripts isn't enough precaution and security when that computer will go online again at some later point of time. It's difficult to assess a computer's security status and be very sure there's no hidden malware. If you want security for your mnemonic recovery words or paperwallets, then you need to operate in a pristine and secure and disposable environment, like a live Linux box or agnostic Tails OS that don't permanently save any persistant data on the device.

You have to be certain that no data traces of your handling with mnemonic recovery words or exposed private keys are left on a device that might go online later. Don't do such things on your daily internet shit computer/device.

If you are looking for a web-based wallet generator, there is another option worth considering – a deterministic one. Take a look at https://iancoleman.io/bip39/. When using these tools, it is always a good idea to clone them and run them from your hard drive while staying completely offline for that extra layer of security.

Hi! I just want to point out that JS is not a superb language to use for entropy generation. The reason behind my claim is that they usually tend to use user input to generate it. For instance, they tell the user to move their mouse around. This process looks "random" but in my opinion it is not the safest. I don't know whether they (at bitaddress) do something that increases the randomness, but in my opinion, even though bitaddress is commonly used, I would avoid it. Anyway, if OP wants to use it, they should definitely follow your advice and do it properly to diminish all risks.

Yes, Bitaddress is good. It's probably best to do it offline and with a LiveCD. You should also sure to download the source code from the official GitHub repository:

https://github.com/pointbiz/bitaddress.org

Stay away from any other generators. In addition to the one you lost the funds to, BitcoinPaperWallet is also a known scam:

https://www.coindesk.com/tech/2021/02/24/bitcoinpaperwallet-back-door-responsible-for-millions-in-missing-funds-research-suggests/

I've never read anything bad about them. But there are phishing sites out there, so a typo could be costly.

If the code on the site is compromised, that doesn't help you.

As much as I don't like Ledger, it's still a better choice.