Pages:
Author

Topic: Generating a paper wallet securely (Read 1053 times)

legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
December 02, 2019, 12:44:18 AM
#62
As an aside (genuine question as I am curious): Are there many sites people are using which don't work properly on Firefox?tion

No idea, but AFAIK :
1. Most complain is about buggy UI if you use Firefox rather than functional problem
2. When people complain about functional problem, usually it happens on website made by small or non-tech orientated company
legendary
Activity: 1382
Merit: 1122
December 06, 2019, 09:36:45 AM
#61
Here's my old guide on how I did it. I'd change a few things now, namely using your own entropy source and generating either multisig or bech32 addresses, but the basics are there.

I also don't actually print anything anymore. I wrote it out, check it many many times and etch it onto something more durable.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
December 06, 2019, 09:05:52 AM
#60
Do a test transaction with these time locked addresses for a near future (like a few days from now) so you can verify for yourself how it actually works. You wouldn't want to unintentionally lock up your funds for 100 years, say you added too much time.

After collecting dozens of paper and other offline wallet generators that use all sorts of input and entropy, I think it is still more convenient to use Electrum to generate your seed words and write that down as your paper wallet. 12 words = thousands of addresses, can use the master public key to create a watch-only wallet.
sr. member
Activity: 443
Merit: 350
December 06, 2019, 04:16:01 AM
#59
I'm considering creating a paper wallet for long time BTC holding.
-snip-
How can I generate a paper wallet in off line, provided that I am using Windows and not thinking of using any other platform like ubunto, I'm not much of a tech guy.
Please suggest me a safe way. I will bury the paper for next 5 years at least, till the 2024 halving.
-snip-

As far as I know, one of the most secure ways to generate a paper wallet is the use of physical entropy (not computer dependent). The bitcoin private key is a 256 bit number, so you can fip a coin 256 times, or roll 16side dice 64 times, etc. In order to make this process simple, I created a special tool - Bitcoin visual private key generator (available here: https://btckeygen.com) and on Github.

You can download the source (from site or github) and make the genreation process offline on your own PC. The recommended way is to flip a coin 256 times, and fill every bit of the key depending on the coin outcome.
Here is the video tutorial how to make a paper wallet with coin and the tool: https://www.youtube.com/watch?v=WyBdYhwweaE

Formore security you can also create a time lock address where the funds are unspendable until a set date and time has passed based on a safely generated private key (actually for time lock address only public key is neccessary).
Time lock address generation: https://coinb.in/#newTimeLocked (also could be done offline, but not neccessary at this stage, as you share only your public key, not private)

So, the whole process is:
[1] Generate a paper wallet with coin flips
[2] Based on the public key of the address from [1] generate a time lock address (with time specified to lets say 1 Jan 2024).

So you will receive the bitcoin address (starting with 3) and Redeem script, and can release funds from this address not earlier than the specified date.

However only paper wallet from [1] is also enough for security if you do no want to time lock you funds.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
December 04, 2019, 10:11:53 AM
#58
Yeah, my work computer has something called Cisco Recording installed on it. The managers and other call quality people can indeed see it, but it should be fine. They see all the work related credentials anyway. The device itself is secure (since you have access to many different systems and maybe even banks) but the IT people can see a lot of what's going on.

They said it's for those times when someone else calls and says you dropped them or hung up, so the manager can see if that was the case or it was some other system problem.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
December 04, 2019, 07:34:59 AM
#57
Only happened because I work in IT....
So, lets say this also, DON'T USE A MACHINE THAT IS NOT YOURS. AS IN DON'T GENERATE PAPERWALLETS ON THE LAPTOP YOU GOT FROM WORK.
Even if you are offline when you do it, it can still be recorded.

Just had to do an audit for a client part of which was grab a few laptops from random people and install monitoring software for a few days to see what they were doing.
Many many cat videos, but I could have been hijacking usernames / passwords / private keys etc. if I wanted to.
It's not yours, don't do anything that is not for work, you can be watched.

-Dave
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
December 02, 2019, 12:21:25 PM
#56
I don't necessarily have a specific site, but for ease of use, for the users, the company I work with right now only recommends two browsers for their own internal applications, IE and Chrome. This is in an enterprise environment so I personally don't use IE, but it's what's required for their own web-based in-house apps.

It's possible they should using another browser, but ... I'm not in charge and they also have a bunch of legacy looking apps (like some that limit usernames to 8 characters).


I think the other app that works only on Chrome will actually work with Firefox, but the userbase does not have it installed by default and would have to call in the admins to have it installed, so they don't.


For general sites, I haven't come across any that doesn't really work with plain Firefox. At one point, Crypto-Bridge was complaining that it prefers Chrome or their own app, but they're dying and closing before the end of the month.
legendary
Activity: 2268
Merit: 18771
December 01, 2019, 04:16:03 PM
#55
Since we were discussing good Chromium-based browser in case a website isn't running properly on Firefox, i'd say Brave is still acceptable choice.
As an aside (genuine question as I am curious): Are there many sites people are using which don't work properly on Firefox?

There are several sites which are broken by my "hardened" version of Firefox, with my various about:config tweaks and add-ons (such as NoScript), but I also have a "clean" install of Firefox without any of those changes/add-ons, and I've never come across a site which doesn't work on it. There are sites which are "optimized" for Chrome/Chromium, sure, but I don't ever remember finding one that is completely unusable/inaccessible via Firefox. Maybe I'm just visiting the wrong sites. Tongue
legendary
Activity: 2268
Merit: 18771
December 01, 2019, 02:07:03 AM
#54
just remember to install uBlock
Careful here. There are two add-ons with the uBlock name - uBlock and uBlock Origin. uBlock Origin is the one you want. uBlock is run by the same guy who makes AdBlock, and is done so mainly for his own profit. uBlock Origin is also more lightweight, better at blocking, and doesn't have any "allowed ads" like the others do.
legendary
Activity: 3472
Merit: 10611
November 30, 2019, 11:05:11 PM
#53
If you really want privacy though, then Firefox remains the best choice (short of Tor).

exactly. just remember to install uBlock (the popular script and advertisement blocker extension available for both Firefox and Chrome) on your Firefox and you end up with practically the same thing as Brave browser when "blocking" ads and scripts and privacy is involved.
legendary
Activity: 2268
Merit: 18771
November 30, 2019, 05:44:23 PM
#52
I'm not sure I'd go so far as to say "evil", but I certainly wouldn't recommend Brave. When compared to Google Chrome, for example, Brave is still miles ahead in terms of privacy, but at the same time it's not this perfect solution that they are trying to market themselves as, and there remain better options out there.

If you really want privacy though, then Firefox remains the best choice (short of Tor).
HCP
legendary
Activity: 2086
Merit: 4363
November 30, 2019, 05:15:00 PM
#51
Now I have a dilemma... I initially started using Brave as it was being touted as being better for privacy... but it now seems they have slowly become "Evil"™ while I wasn't paying attention Undecided

Might have to see if this "Ungoogled Chromium" is a suitable replacement... I'm guessing the issue will be whether or not it works with my workflow/"required" extensions etc.


EDIT: Initial testing shows that it might not be suitable... just trying to install an extension seems very difficult. None of the methods shown seem to work Undecided
EDIT2: Seems the newer dev releases (based on Chromium v78) aren't working properly... the Release version (Chromium v67) seems to allow the extensions to be install following some of the various install methods in the FAQ
legendary
Activity: 2268
Merit: 18771
November 30, 2019, 04:55:37 PM
#50
What KYC? Huh I am running Brave and haven't had to complete any KYC? Is it part of the "rewards" thing that I didn't opt into?
https://support.brave.com/hc/en-us/articles/360032158891-What-is-KYC-

Initially they enforced KYC for publishers only, but then they enforced it for any user which wanted to use their rewards program. If they want to go down that route, that's fine, but they can't also plaster their landing page with slogans like "unmatched privacy" and "privacy first" whilst also requiring KYC to use their flagship feature. Completely hypocritical.

Brave also whitelists several terrible trackers, including those from Twitter and Facebook.
That's why you should also run uBlock Origin to take care of that sillyness Tongue
Same point as above. If they want to whitelist these trackers then they are free to do so, but they should make it perfectly clear to users they are being tracked instead of stating that they block all trackers, which they categorically don't.
HCP
legendary
Activity: 2086
Merit: 4363
November 30, 2019, 04:47:50 PM
#49
Their KYC requirements seem to be ever worsening, and the fact that they continue to market themselves as the gold standard privacy browser while demanding this KYC is disingenuous at best.
What KYC? Huh I am running Brave and haven't had to complete any KYC? Is it part of the "rewards" thing that I didn't opt into?


Quote
Brave also whitelists several terrible trackers, including those from Twitter and Facebook.
That's why you should also run uBlock Origin to take care of that sillyness Tongue
legendary
Activity: 2268
Merit: 18771
November 30, 2019, 03:00:05 PM
#48
And Brave Browser which have built-in privacy/security feature such as adblock, fingerprint protection, block known tracker and block 3rd party cookies.
I don't think Brave is a good suggestion for people who are looking for privacy or security.

Brave is an advertising company. They make their money from selling ad slots to third parties. They strip out ads and inject their own, meaning you are giving them full control over many of things your browser downloads and many of the things you see online. CMIIW, but even if you trust Brave 100% (you shouldn't), it's a massive security risk that could be exploited to deliver malware to your browser instead.

They also obviously have business relationships with these third parties they sell ads to, and maintaining and growing of these business relationships will be a consideration in every decision they make. You can never be sure that a decision they are making is 100% for the benefit of the users, because there are third parties pushing in the other direction which they have to pander to or lose their income.

Their KYC requirements seem to be ever worsening, and the fact that they continue to market themselves as the gold standard privacy browser while demanding this KYC is disingenuous at best.

Brave also whitelists several terrible trackers, including those from Twitter and Facebook.
legendary
Activity: 2268
Merit: 18771
November 30, 2019, 04:43:08 AM
#47
I'll only use Chrome if I have no other choice, like some random website that doesn't work with Firefox, which is rare.
Even then, there are better options than run-of-the-mill Chrome. Ungoogled Chromium, for example, which is Chrome but with all the Google spyware removed.

I thought Tor was on Duckducks base ..if that’s not the case why does that browser always pop up on me
DuckDuckGo only have a browser app for mobile devices - they don't have a desktop browser. DDG is used as the default search engine for Tor browser, but Tor browser is very much built on Firefox ESR.

Agree with Dabs though - if you don't want/need to be using Tor, then Firefox is hands down the best browser to be using. HTTPS Everywhere and uBlock Origin add-ons are a must.
legendary
Activity: 3472
Merit: 10611
November 29, 2019, 11:18:41 PM
#46
I have made paper offline on a Virgin pc , no connection , to a wired virgin Printer no connection access etc but I’ve got a couple buddies who understand and work in the the cryptography space that say even then there’s more precautions you should technically be taking. I got lazy on learning how and here I am.

you didn't need "virgin PC", only "virgin OS". in other words running a live Linux would satisfy that need. you can boot it from DVD so there is no way to have persistence, also don't enable networking or hard disk mounting.
as for printing, a simple addition of encryption could solve the printer "remembering it" issue. then you just have to write down the password with pen and paper separately.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
November 29, 2019, 07:21:43 PM
#45

A long time ago, someone made a PiperWallet ... essentially some small device that has a thermal printer and generates paper wallets. I think recently, maybe it's Dave here, tried to do it again with a Raspberry Pi and a cheap printer, and package the thing as a small device.


Yeah, it's me trying to re-create something like it. Ran into a bunch of issues so I am stepping back from it for a week or 2 or 4.

The problem with the original Piper was that it had a setting that it could SAVE every wallet it generated. And without having a monitor hooked up the user pushing the button would never know that it was saving it. So, yeah the quick project is taking a lot more time to do because I am scrapping a lot of the code piper created.....

-Dave
legendary
Activity: 2282
Merit: 3014
November 29, 2019, 05:54:42 PM
#44
So should I just go back to leaving my coins on Coinbase?? JK  Cheesy The paypal of crypto is the last place I’d do business with at this point. I’m versed on wallets ..hardware , hot, paper etc. I would never even use Trezor if was PC smart enough not to. I have made paper offline on a Virgin pc , no connection , to a wired virgin Printer no connection access etc but I’ve got a couple buddies who understand and work in the the cryptography space that say even then there’s more precautions you should technically be taking. I got lazy on learning how and here I am.

I thought Tor was on Duckducks base ..if that’s not the case why does that browser always pop up on me ( I guess simply answer is my Tor skills match my wallet creating skills).  I plan to roll w ForeFox from now on tho ..I don’t trust google what so ever.

I use Bread, blockchain, Coinomi, Cake, as well as ledger and trezor via Electrum A few times as of just recently. I will spend more time and money (buy new air-gapped pc perhaps) on this all soon.  Piper wallets ..the collector in me has wanted one of those for a while !  So these were totally legit ? 
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
November 29, 2019, 04:20:41 PM
#43
For reasons I will not get into, I would avoid using Chrome as much as I can and just stick to Firefox. I think it's a personal preference, but something tells me it's better to be safe than sorry.

Tor browser uses Firefox as it's base.

I'll only use Chrome if I have no other choice, like some random website that doesn't work with Firefox, which is rare.

A long time ago, someone made a PiperWallet ... essentially some small device that has a thermal printer and generates paper wallets. I think recently, maybe it's Dave here, tried to do it again with a Raspberry Pi and a cheap printer, and package the thing as a small device.

But if you already have any kind of computer, no matter how old it is, if you can install a fairly recent OS, you can install the latest updated browser, then you can use any of a bunch of different websites OFFLINE to make paper wallets.

There are even apps out there I've managed to collect, some are python scripts, some are executables (but I don't have the source code, I just know it's "safe" since I used to have the source code somewhere), ... but really the easiest would be to use Electrum on an offline device. Then you can delete the app / factory reset / format / DBAN / secure erase ...

I would not do a physical destruction of the device simply because that's kinda wasting it, when a wipe or reset will do the job.
Pages:
Jump to: