Author

Topic: How safe is my paper wallet? (Read 1231 times)

newbie
Activity: 56
Merit: 0
November 06, 2013, 09:17:36 AM
#6
Hi trade-for-pokermoney, how do you think that would help exactly? If it was for the physical access part I was thinking of just using the BIP 38 option  although it takes the raspberry pi quite a long time to just make addresses, it might take hours with BIP 38.
member
Activity: 112
Merit: 10
November 06, 2013, 08:25:10 AM
#5
One step further in security would be to use an offline vanity generator to create an adress
newbie
Activity: 56
Merit: 0
November 06, 2013, 07:36:00 AM
#4
Wow Rannasha, thanks for the info! If that is true it takes a load of my chest. I am guessing you think my method is safe enough then? I mean not tinfoil standard but good enough.

Also, jl2012, thanks for the extra info also. I'm not sure how I could check the hash? I don't think I have the ability to audit the code either. I will definitely put some thought into rolling dices though, but I'll have to look it up first as I don't know how.
hero member
Activity: 728
Merit: 500
November 06, 2013, 06:40:18 AM
#3
3. Never allow the raspberry pi connect the internet again or simply remove its lan port. Never use it for any other purpose
There is no non-volatile memory in the RPi other than the SD card you install (or any USB devices you connect). There is no place for any malware to exist in a form that survives simply turning the device off except for the SD card and other connected storage devices. So simply not reusing the SD card is enough, even if you're paranoid.

Quote
5. Never connect your printer to anything other than that particular raspberry pi. Your printer may store the private key in its RAM
RAM is wiped once you take power off.
legendary
Activity: 1792
Merit: 1111
November 06, 2013, 03:30:51 AM
#2
So I just bought some bitcoins and wanted to try to make them as safe as possible within a reasonable way. I also happen to have a raspberry pi, so here is what I did:

On my normal computer:
1. Formatted SD card.
2. Installed raspbian.

Then on my Raspberry pi:
1. Connected to the internet.
2. Updated software.
3. Downloaded and installed printer software.
4. Went to bitaddress.org and saved it.
5. Disconnected from the internet and changed raspbian log in password.
6. Generated multiple copies of my paper wallets and printed them.
7. Stored paper wallets and SD card in different locations I consider safe.

I could also secure wipe/destroy the SD card but I don't think it's necessary at the moment and I might want to create more wallets later on (I will never connect to the internet again of course).
I realize there are a few ways this could be insecure (other then gaining physical access to my wallets) such as:

1. Bitaddress.org doesn't make random enough addresses offline.
2. Some kind of software from when I installed raspbian on my normal computer or when I connected to the internet through my raspberry pi changed how bitaddress.org makes its keys so they aren't really random.

I can't think of anything else at the moment. How likely do you think any of the above is and what do you guys think in general of my method? Thanks in advance!


Depends on how paranoid you are, you may:

1. Check the hash of bitaddress.org against the one on github. Check it on the offline raspberry pi, not on the desktop computer
2. Audit the bitaddress.org code if you could
3. Never allow the raspberry pi connect the internet again or simply remove its lan port. Never use it for any other purpose
4. If you worry about randomness, generate private key by throwing dices, and transform the key into address with bitaddress.org
5. Never connect your printer to anything other than that particular raspberry pi. Your printer may store the private key in its RAM
newbie
Activity: 56
Merit: 0
November 06, 2013, 03:01:21 AM
#1
So I just bought some bitcoins and wanted to try to make them as safe as possible within a reasonable way. I also happen to have a raspberry pi, so here is what I did:

On my normal computer:
1. Formatted SD card.
2. Installed raspbian.

Then on my Raspberry pi:
1. Connected to the internet.
2. Updated software.
3. Downloaded and installed printer software.
4. Went to bitaddress.org and saved it.
5. Disconnected from the internet and changed raspbian log in password.
6. Generated multiple copies of my paper wallets and printed them.
7. Stored paper wallets and SD card in different locations I consider safe.

I could also secure wipe/destroy the SD card but I don't think it's necessary at the moment and I might want to create more wallets later on (I will never connect to the internet again of course).
I realize there are a few ways this could be insecure (other then gaining physical access to my wallets) such as:

1. Bitaddress.org doesn't make random enough addresses offline.
2. Some kind of software from when I installed raspbian on my normal computer or when I connected to the internet through my raspberry pi changed how bitaddress.org makes its keys so they aren't really random.

I can't think of anything else at the moment. How likely do you think any of the above is and what do you guys think in general of my method? Thanks in advance!
Jump to: