Pages:
Author

Topic: How would you say is the most secure way to create and maintain a paper wallet? - page 2. (Read 849 times)

member
Activity: 240
Merit: 54
In Electrum I see .tar.gz and Appimage. Which one to use?
the first one.

Wouldn't Appimage be better since it doesn't leave anything behind? https://itsfoss.com/use-appimage-linux

AppImage is just a compressed file that needs to be extracted to run the program and then is automatically deleted when the program is closed. In fact the link you posted says that. You could delete the folders extracted from a .tar.gz to erase the traces it leaves too.

2. choose an encryption tool and learn how to use it correctly. this must be an open source tool that is capable of strong encryption using AES. if your step 0 choice is to use a single private key you can choose a tool that supports BIP38 encryption and skip this step.

Can anyone post an example tool? I'm having a hard time finding one to get an idea what it is.

Save whatever you’re trying to encrypt in a text file and then run in a terminal:

Code:
gpg --cipher-algo AES256  --no-symkey-cache -c filename.txt

And then type a password for it and delete the original file. No PGP key required. --no-symkey-cache is necessary to prevent the password from being cached. It is only available in GPG >= 2.2.7 so you need to use Ubuntu 20.04 for your live distro. Older distros package an older version of GPG without this feature.

To decrypt:

Code:
gpg -o filename.txt -d filename.txt.gpg

And type the password you set.


Source: https://askubuntu.com/a/449647

Wouldn't saving a file make copies of it at various places that could be recovered later, regardless of whether you encrypt the file or not because the encryption would be after the file was saved without encryption?
And deleting the original unencrypted file doesn't really permenantly delete it. How do you get around this?

Writing private keys on paper can get damaged by natural disasters like water and fire
Obviously, as you say, engraving on metal plates is going to be more durable than writing on paper, but metal plates can also be damaged by natural disasters. You should make sure you are choosing stainless steel, titanium, or a similarly durable metal, as metals like aluminum (which many of the marketed back up devices are made out of) are malleable, do not resist corrosion, and have low melting points. Even then, a stainless steel plate is not indestructible. And even if it were, what if you can no longer access it? What if there is fire or explosion, and you can't find it in among all the rubble? What if there is a flood or tornado and it gets carried a few kilometers away?

What matters more than whether you choose paper or metal is having multiple copies in separate physical locations. I use paper wallets (on actual paper) and I use paper for writing down seeds. I am not concerned about them being damaged or destroyed even though they are just everyday paper, because I have multiple back ups. If one is destroyed, then I'll use one of the others to replace it. It's all about redundancy and not having a single point of failure.

Hand written or printed?
legendary
Activity: 2268
Merit: 18771
Writing private keys on paper can get damaged by natural disasters like water and fire
Obviously, as you say, engraving on metal plates is going to be more durable than writing on paper, but metal plates can also be damaged by natural disasters. You should make sure you are choosing stainless steel, titanium, or a similarly durable metal, as metals like aluminum (which many of the marketed back up devices are made out of) are malleable, do not resist corrosion, and have low melting points. Even then, a stainless steel plate is not indestructible. And even if it were, what if you can no longer access it? What if there is fire or explosion, and you can't find it in among all the rubble? What if there is a flood or tornado and it gets carried a few kilometers away?

What matters more than whether you choose paper or metal is having multiple copies in separate physical locations. I use paper wallets (on actual paper) and I use paper for writing down seeds. I am not concerned about them being damaged or destroyed even though they are just everyday paper, because I have multiple back ups. If one is destroyed, then I'll use one of the others to replace it. It's all about redundancy and not having a single point of failure.
member
Activity: 131
Merit: 29
What about getting a second hand laptop for something like fifty to one hundred dollars, with a cd/dvd burner drive, disconnect its wifi /bluetooth hardware (preferably get one without bluetooth for less work), keep it as a dedicated bitcoin cold wallet machine, and perhaps make burn a few dvds (get good quality blank dvds) each with copies of the encrypted wallet file (filling up nearly all the space on each dvd with lots of copies of the same wallet file since its purpose is a backup after all.)
legendary
Activity: 1624
Merit: 2481
So why exactly are we choosing .tar.gz over appimage?

"We" aren't choosing one over the other.

In the end, it really doesn't matter which you choose and only comes down to your own preference.

Do you want to install the wallet properly without giving up more space than necessary? Go for .tar.gz
Do you want it to be just a single file you need to run and don't care that libraries are included you already got installed which take up a few more MB while guaranteeing better compatibility between all systems? Go for .AppImage


Security-wise it doesn't matter as long as you verify the signature.
member
Activity: 240
Merit: 54
In Electrum I see .tar.gz and Appimage. Which one to use?
the first one.

Wouldn't Appimage be better since it doesn't leave anything behind? https://itsfoss.com/use-appimage-linux

AppImage is just a compressed file that needs to be extracted to run the program and then is automatically deleted when the program is closed. In fact the link you posted says that. You could delete the folders extracted from a .tar.gz to erase the traces it leaves too.

So why exactly are we choosing .tar.gz over appimage?
legendary
Activity: 2268
Merit: 18771
Any beginners tutorial of this (preferably visual) so I can see what you're talking about and get a clearing understanding?
I'm a big fan of the book "Mastering Bitcoin" by Andreas Antonopoulos for explaining a whole bunch of technical bitcoin concepts in easy to understand ways. It also includes some nice diagrams. The book is available for free on GitHub here: https://github.com/bitcoinbook/bitcoinbook. Chapter 5 deals with the structure of wallets and seed phrases, but see particularly the following sections:

https://github.com/bitcoinbook/bitcoinbook/blob/develop/ch05.asciidoc#hd-wallets-bip-32bip-44
https://github.com/bitcoinbook/bitcoinbook/blob/develop/ch05.asciidoc#mnemonic-code-words-bip-39

Another great resource is the site https://learnmeabitcoin.com/. Again, lots of easy to understand explanations, and even less technical than the Mastering Bitcoin book if you are finding that a difficult read. See particularly these pages:

https://learnmeabitcoin.com/technical/hd-wallets
https://learnmeabitcoin.com/technical/mnemonic
member
Activity: 240
Merit: 54
Do i get a new mnemonics phrase for every address I create?
No. The mnemonic phrase is unique to the wallet, but the wallet can contain a near endless number of addresses. Every single one of those addresses is ultimately derived from the same mnemonic phrase.

More technically, the phrase is hashed to produce what is called a "seed number", and that seed number is hashed again to create a "master private key". That master private key can create billions of child private keys, which can each create billions of their own child privates keys, which can each create billions of their own child private keys, and so on. Each one of those private keys can be turned in to a unique public key and therefore a unique address.

If you back up your one 12 or 24 word mnemonic phrase, then you have backed up every single one of those billions upon billions of unique addresses.

Any beginners tutorial of this (preferably visual) so I can see what you're talking about and get a clearing understanding?
legendary
Activity: 2268
Merit: 18771
Do i get a new mnemonics phrase for every address I create?
No. The mnemonic phrase is unique to the wallet, but the wallet can contain a near endless number of addresses. Every single one of those addresses is ultimately derived from the same mnemonic phrase.

More technically, the phrase is hashed to produce what is called a "seed number", and that seed number is hashed again to create a "master private key". That master private key can create billions of child private keys, which can each create billions of their own child privates keys, which can each create billions of their own child private keys, and so on. Each one of those private keys can be turned in to a unique public key and therefore a unique address.

If you back up your one 12 or 24 word mnemonic phrase, then you have backed up every single one of those billions upon billions of unique addresses.



Search google for paper wallet, grab any result, or an Ad is even better. Print it and put in your sock drawer. Put all your money on it before getting comfortable with spending (don't worry about change address, WTF are those anyway). Back up on dropbox, or post it here.
Instructions unclear, uploaded my socks to Dropbox.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
In Electrum I see .tar.gz and Appimage. Which one to use?
the first one.

Wouldn't Appimage be better since it doesn't leave anything behind? https://itsfoss.com/use-appimage-linux

AppImage is just a compressed file that needs to be extracted to run the program and then is automatically deleted when the program is closed. In fact the link you posted says that. You could delete the folders extracted from a .tar.gz to erase the traces it leaves too.

2. choose an encryption tool and learn how to use it correctly. this must be an open source tool that is capable of strong encryption using AES. if your step 0 choice is to use a single private key you can choose a tool that supports BIP38 encryption and skip this step.

Can anyone post an example tool? I'm having a hard time finding one to get an idea what it is.

Save whatever you’re trying to encrypt in a text file and then run in a terminal:

Code:
gpg --cipher-algo AES256  --no-symkey-cache -c filename.txt

And then type a password for it and delete the original file. No PGP key required. --no-symkey-cache is necessary to prevent the password from being cached. It is only available in GPG >= 2.2.7 so you need to use Ubuntu 20.04 for your live distro. Older distros package an older version of GPG without this feature.

To decrypt:

Code:
gpg -o filename.txt -d filename.txt.gpg

And type the password you set.


Source: https://askubuntu.com/a/449647
member
Activity: 240
Merit: 54
In Electrum I see .tar.gz and Appimage. Which one to use?
the first one.

Wouldn't Appimage be better since it doesn't leave anything behind? https://itsfoss.com/use-appimage-linux

2. choose an encryption tool and learn how to use it correctly. this must be an open source tool that is capable of strong encryption using AES. if your step 0 choice is to use a single private key you can choose a tool that supports BIP38 encryption and skip this step.

Can anyone post an example tool? I'm having a hard time finding one to get an idea what it is.

legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
Haha I get that. I meant risks from within the computer itself. Let's say a borrowed laptop for instance.

In the extreme case, it might have malware installed in the BIOS, and that stuff can’t be deleted.
member
Activity: 240
Merit: 54
What would be the risk if I'm booting from a DVD?
well for starters someone might be looking over your shoulder!

Haha I get that. I meant risks from within the computer itself. Let's say I borrowed laptop for instance.

legendary
Activity: 3472
Merit: 10611
Do i get a new mnemonics phrase for every address I create?
it is called deterministic key generation. you have a single entropy (your mnemonic) that all your subsequent keys (and addresses) are derived from.

What would be the risk if I'm booting from a DVD?
well for starters someone might be looking over your shoulder!
member
Activity: 240
Merit: 54
Quote
Is there any risk of doing this on a public computer?
most probably yes.

What would be the risk if I'm booting from a DVD?
member
Activity: 240
Merit: 54
OK. I'm not getting much luck Googeling "private key vs mnemonic vs mneminics BIP39".

Could you please help me out? What's the difference between the three in the way they are and function in as layman's termish as possible?
Mnemonics or mnemonic phrases are a series of words (usually 12 or 24) which can be used to recover your bitcoin wallet and all the addresses it contains. They are also known as seed phrases. (Indeed, "mnemonic" is a bit of a misnomer since these phrases are supposed to be backed up on paper, not memorized).

There are different ways that these phrases can be generated. Most wallets use a method known as BIP39, which is a standardized method. You can read more about it here: https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki (a little bit technical). Electrum, on the other hand, uses their own system which is not compatible with BIP39.

Private keys are numbers which relate to individual addresses. Each address in your wallet has a different private key which can be used to spend any coins on that address. All the private keys in your BIP39 or your Electrum wallet are derived from the mnemonic phrase. So to answer your other question further down your post, if you back up the mnemonic phrase, then you are effectively backing up every private key in your wallet and therefore your entire wallet. If you were to back up a single private key, then you are only backing up a single address.

OK thanks for that explanation.

Do i get a new mnemonics phrase for every address I create?
legendary
Activity: 3472
Merit: 10611
Like Coinbase?
Coinbase is not a wallet, it is an account where you have zero control over your keys.

Quote
Sorry. I'm not sure I understand the core function of this tool in relation to Bitcoin. Is it a tool where you enter your btc key and it would convert it to a code and then you can use that code to retrieve your key? If so, then when does the password come into play?

Or does it also generate a password so now you'd have to enter the password AND the code to retrieve your key?

If it's the later, then what's the point of the code? Why not only a password to retrieve your key instead of (what basically seems to me as) two sets of passwords; the code and the actual password?
If it's for extra security then wouldn't you be able to create the same level of security with combining both the code and the password to make one password. What am I missing here?
practically you only have your password and the encrypted result. the rest is the "under the hood details", and under the hood the password you give the application could be extended to make any brute forcing attempts even more impossible. if you want to know more about the details look at BIP-38, what i explained above is very similar. there are some examples at the bottom under Test vectors too.

Quote
In Electrum I see .tar.gz and Appimage. Which one to use?
the first one.

Quote
1) What exactly is the benefit of mnemonic over private key?
2) What exactly is the benefit of mnemonic over private key when using an encryption tool?
with a mnemonic you can generate as many keys as you want, which makes reusing the paper wallet possible (eg. you use the first key of the wallet then move to next). you can't do it with a single private key paper wallet, you must throw it away after using it and send the remainder to a newly generated paper wallet which is a tedious task.
when encryption is involved there is a standard for encrypting private keys (BIP-38) but there aren't any for mnemonincs.

Quote
Is there any risk of doing this on a public computer?
most probably yes.
legendary
Activity: 1442
Merit: 1186
Search google for paper wallet, grab any result, or an Ad is even better. Print it and put in your sock drawer. Put all your money on it before getting comfortable with spending (don't worry about change address, WTF are those anyway). Back up on dropbox, or post it here. 


In all seriousness, unless you are really advanced and/or a developer you are setting yourself up for failure with paper wallets. 


I love paper wallets personally, and I like building my own tools for key generation, storage and spending but for obvious reasons I can't recommend this approach to most users.

legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
~snip~

So what do you suggest as a 2nd best alternative to HW?

Don't listen to him.
You should never use any website to generate a paper wallet. And neither are you forced to only use paper as the medium of storage.

To be clear, I never suggested to OP to use a website to make a paper wallet (I'm not so foolish to suggest such a thing to anyone). I said:

Also when using paper wallets your security is at the mercy of the site or app you use to get the private keys. Some of these sites aren’t using enough randomness and could leak the keys.

Only reason why I suggested to OP to use hardware wallets instead is that most people don't make their paper wallets safely.
legendary
Activity: 2268
Merit: 18771
OK. I'm not getting much luck Googeling "private key vs mnemonic vs mneminics BIP39".

Could you please help me out? What's the difference between the three in the way they are and function in as layman's termish as possible?
Mnemonics or mnemonic phrases are a series of words (usually 12 or 24) which can be used to recover your bitcoin wallet and all the addresses it contains. They are also known as seed phrases. (Indeed, "mnemonic" is a bit of a misnomer since these phrases are supposed to be backed up on paper, not memorized).

There are different ways that these phrases can be generated. Most wallets use a method known as BIP39, which is a standardized method. You can read more about it here: https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki (a little bit technical). Electrum, on the other hand, uses their own system which is not compatible with BIP39.

Private keys are numbers which relate to individual addresses. Each address in your wallet has a different private key which can be used to spend any coins on that address. All the private keys in your BIP39 or your Electrum wallet are derived from the mnemonic phrase. So to answer your other question further down your post, if you back up the mnemonic phrase, then you are effectively backing up every private key in your wallet and therefore your entire wallet. If you were to back up a single private key, then you are only backing up a single address.
member
Activity: 240
Merit: 54
Appreciate it Pooya!

Any recommendations if I want to go the mnemonics route?
i'd go with Electrum but keep in mind that Electrum mnemonics are only usable in Electrum itself and one or two other wallets. it is not a big deal since the algorithm is known and pretty easy to duplicate but you should know that it is different from BIP39 (the mnemonic BIP).

OK. I'm not getting much luck Googeling "private key vs mnemonic vs mneminics BIP39".

Could you please help me out? What's the difference between the three in the way they are and function in as layman's termish as possible?

And what exactly is an "export option"?
...some wallets only show you the addresses they generated and don't have an option to show you the private key of it.....

Like Coinbase?

And if I'm doing mnemonics....Recommendations? Also, what is an encryption tool?
an encryption tool is a tool that lets you enter an arbitrary string plus a password and gives you the encrypted result. it has to be open source and popular. since i haven't used any i can't recommend any. maybe someone else can chip in. i pretty much wrote my own code using a KDF and .net System.Security.Cryptography.AES

Sorry. I'm not sure I understand the core function of this tool in relation to Bitcoin. Is it a tool where you enter your btc key and it would convert it to a code and then you can use that code to retrieve your key? If so, then when does the password come into play?

Or does it also generate a password so now you'd have to enter the password AND the code to retrieve your key?

If it's the later, then what's the point of the code? Why not only a password to retrieve your key instead of (what basically seems to me as) two sets of passwords; the code and the actual password?
If it's for extra security then wouldn't you be able to create the same level of security with combining both the code and the password to make one password. What am I missing here?

OK, I'm going to need this in layman's terms..."build"? How? Download the binaries? I'm guessing this is not a download an app and install type of deal.
trusted bitcoin wallets are always open source, which means you can download the source code and "build" it yourself and then use that instead. but since not everyone can do this, the developers of these wallets build it themselves and release the "binaries" which you can download. for example for Windows it is the .exe file that you download and install. for Linux it is usually a tarball (.tar.gz file).

In Electrum I see .tar.gz and Appimage. Which one to use?

I'm guessung this tool encrypts the key? Is the result of step 6 the key?
it is your choice.
for example again using Electrum you can use the mnemonic that it created for you and encrypt that, or you can simply select one of the addresses and export its private key to create a paper wallet from that single key. then encrypt that.

1) What exactly is the benefit of mnemonic over private key?

2) What exactly is the benefit of mnemonic over private key when using an encryption tool?

So persistence...necessary or not?
persistence will remember the changes you made. for example if you install and create the wallet it will remember the wallet and next time you boot the OS it will have it. you don't want this if you are creating a paper wallet.
that is why i suggested using a DVD since you can't add persistence to a DVD.

Is there any risk of doing this on a public computer?
Pages:
Jump to: