Author

Topic: Paper wallet: A poor practice and risky (Read 209 times)

hero member
Activity: 1106
Merit: 912
Not Your Keys, Not Your Bitcoin
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
February 02, 2022, 09:22:19 AM
#16

It's very good that you created this thread. You cam now see how many things you've misunderstood, from focusing onto certain websites generating paper wallets (which should clearly not be used online and most probably not used at all, when one can easily make a live OS with a wallet and get himself either private key, either a HD seed as he prefers) to adding unnecessary complications to the topic, like spending and change addresses.

I don't want to offend, but from this point on, you'd better correct that long text, so other newbies don't get into the same mistakes as you.

Aside of reading all the comments and corrections you've got (and may continue to get) here, I recommend watching/reading/studying this other topic, which looks pretty good until now: What is a paper wallet?

legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
February 02, 2022, 09:03:49 AM
#15
To be clear the scam case you bring up has nothing to do with "dangers of using paper wallets" at all. It is all about how dumb it is to use a website to create a private key!
You are right but wrong in some of your conclusions.
Will you call someone who is naive and noob introduced to bitcoin by creating a paper wallet, you are on Bitcointalk, that's an advantage and those who aren't active can't differentiate between these things. At times, smart people get scam because they have no formal knowledge about what they are into. Despite the warnings here, majority of users who were scam aren't here on bitcointalk.
To be sincere, this is pointless and not related to what pooya87 posted at all. It is quite surprising you do not want to accept your newbie-like content mistakes that was corrected. What does paper wallet has to do with scammers.

Wrong. There is nothing stopping you from creating a [deterministic] paper wallet (that is writing down a mnemonic) and use different addresses from that wallet.
But your topic is solely about the old way of generating paper wallet which generates single key and an address.

Not everybody can afford a hardware wallet, especially those with a small amount of bitcoin, I recommend bitcoin core and Electrum because they are the most widely used wallets. Hardware wallets, on the other hand, are the most highly recommended by experts I've seen.
If you want to keep like $200, you can still afford $45 hardware wallet. But some people that are bitcoin enthusiasts and know how to run wallet on airgapped device and paper wallet may see no reason to yet get an hardware wallet.

Do not recommend a wallet because they are most widely used, there are many close source wallets that are widely used too but not recommendable. Bitcoin Core is recommended for privacy while Electrum is recommended because it is open source and have many other features that most other SPV wallets are not having.

Experts will recommend paper wallet, wallets on a safe and secure open source airgapped device or hardware wallet. Before experts will recommend one, you can give reasons you want to setup the wallet. For frequent transactions, hardware wallet is good.
jr. member
Activity: 53
Merit: 1
February 02, 2022, 08:36:46 AM
#14
In my opinion, a paper wallet is only good when laminated, hidden under reliable protection. Otherwise, you will simply lose it, corrupt it and you'll have zero chances to return the savings.

That's why I prefer wallets that I can get help with if needed, like mobile wallets. You always have access to them, there is some kind of tech support and good protection. Plus, nice promotions are arranged from time to time. For example fee discounts are offered for swaps thanks to Chinese holidays. In my opinion, such wallets have a lot of advantages.
hero member
Activity: 1106
Merit: 912
Not Your Keys, Not Your Bitcoin
February 02, 2022, 06:17:20 AM
#13
To be clear the scam case you bring up has nothing to do with "dangers of using paper wallets" at all. It is all about how dumb it is to use a website to create a private key!
You are right but wrong in some of your conclusions.
Will you call someone who is naive and noob introduced to bitcoin by creating a paper wallet, you are on Bitcointalk, that's an advantage and those who aren't active can't differentiate between these things. At times, smart people get scam because they have no formal knowledge about what they are into. Despite the warnings here, majority of users who were scam aren't here on bitcointalk.


Quote
Paper wallets are still paper wallets and hardware wallets are unrelated category of wallets. They are not the new "progressed" version of paper wallets.


 Source: https://oiipdf.com/mastering-bitcoin-programming-the-open-blockchain-oreilly-2nd-edition-2017

Sort should haven't  been the perfect tense in that phrase but I think version just change the message I was trying to pass.
Paper wallet and Hardware are not the same, not close in architecture. I was just trying to convey what most people refer paper wallet as cold storage. Most paper wallet advice users to download the HTML page and print offline, minimizing risk of hacks.

Quote
This is something you won't find with a paper wallet: if you spend from a single key, your balance becomes public and exposed.

This feature isn't accessible in paper wallets, so you'll have to deal with a slew of keys every time you want to perform a transaction or backup, and switching wallet software will be a pain.
Wrong. There is nothing stopping you from creating a [deterministic] paper wallet (that is writing down a mnemonic) and use different addresses from that wallet.


Please don't misunderstand me, there is nothing wrong with a paper wallet. As pooya has stated, using Electrum or Bitcoin core could go wrong if your machine is infected. The main goal of this thread is to inform newbies that used paper wallets for storage with knowing much about what they are using.
Not everybody can afford a hardware wallet, especially those with a small amount of bitcoin, I recommend bitcoin core and Electrum because they are the most widely used wallets. Hardware wallets, on the other hand, are the most highly recommended by experts I've seen.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
February 02, 2022, 04:33:11 AM
#12
It depends, there are many reasons I may want to use paper wallet.

For example, I do not have reputed hardware wallet, and I want to setup a wallet for my child, old the coin for 20 years while letting him and her mother to know about it and how to use it appropriately in case anything happens. Paper wallet is not bad in this regard in term of security which is what is needed.

But normally, I have preferred using HD wallet for paper wallet setup, generating the keys and addresses on Electrum on an airgapped device, writing down the seed phrase and copied some addresses, then delete the wallet. Although, that is HD wallet, but because I deleted the wallet after setting it up and backing up its seed phrase still makes it a paper wallet.

Let's put aside the risk part, practically, using it now as a one of the traditional way of storing BTC poor in the sense that they are not good for security and privacy, they are totally so different from the working principles of Deterministic wallets that are used today. These cool features that concflict paper wallet include:
Try and differentiate between security and privacy.

Paper wallet still remain and will remain a secure wallet, if you set it up correctly, security is guaranteed. About privacy, it will be hard or more time consuming if someone wants to have privacy to an extent while using paper wallet, this will require as many as possible keys to be generated individually. Normally, privacy may not be possible at all while using paper wallet, but can be better than other SPV wallets if you know how to do it.

Even the so called HD SPV wallets, they are not private, it only depends on how you are using it too to have some privacy, but most people do not use it for privacy as they do not know what is required to have privacy while using SPV wallet in general. To have privacy, you will have to go for full client wallet and run your own node.

Paper wallet is the grand master of them all as we know it, also it's the most secured of them all, you only lose your coins if your private key gets leaked, no need to connect to internet to use them makes them even more reliable than new crypto wallets.
Why posting in bold letters while it is not necessary, not appropriate they way you bolded it.

Paper wallet is one of the most secure and safe wallet, but also reputed hardware wallets and wallets on a perfectly setup airgapped devices are also most secure and safe.
member
Activity: 271
Merit: 14
February 02, 2022, 01:52:00 AM
#11
Paper wallet is the grand master of them all as we know it, also it's the most secured of them all, you only lose your coins if your private key gets leaked, no need to connect to internet to use them makes them even more reliable than new crypto wallets.
legendary
Activity: 3472
Merit: 10611
February 02, 2022, 12:25:11 AM
#10
Except this one tool is the most popular implementation and this is the "Beginners & Help" board, so I'd say it's a good idea to warn beginners about this kind of paper wallets, because that's what they will most likely use when they read some article that says that paper wallets are the safest and will go and google paper wallet online generator.
If you want to warn people then warn them correctly. It is like if you wanted to warn them about risks of being scammed by token creators but instead say "bitcoin is risky because you can lose it when you invest in NFTs"!
If you want to warn them a bout paper wallets tell them that creating them using a website is not just insecure it is also dumb.

Quote
I think no one will argue that single-address paper wallets should not be recommended to beginners, because these days there are more user-friendly options.
I wouldn't say "shouldn't be used" because they are still useful. For example I have used them to gift bitcoin to others, someone may need them as a storage for a chunk of their bitcoin stash that they will not touch for years (eg. 2BTC out of 5 put in a single address paper wallet).
legendary
Activity: 2492
Merit: 1232
February 01, 2022, 06:45:51 PM
#9
No, for newbies who still didn't understand how to secure a wallet or any wallets, I don't recommend a paper wallet, it's very crucial for them to use especially for those who wanted to give it a try.  So, I tend to agree with those comments above, it's a risky part to use paper wallets for newbies.

I prefer to use an air-gapped wallet particularly with the high-end device which you can use to install the Electrum wallet app that didn't connect to the internet and it's free but if you can afford it, no doubt hardware wallet is the best ever.
full member
Activity: 1008
Merit: 139
★Bitvest.io★ Play Plinko or Invest!
February 01, 2022, 03:30:11 PM
#8
I don't like paper wallets as much, although they may be useful for some situations. They're hard to use securely, and there's a risk that if someone does find them, they could take them and make your money disappear. I would rather create a normal encrypted wallet and encrypt it with a strong random password. I believe this is safer than paper wallets and much more convenient.
legendary
Activity: 3024
Merit: 2148
February 01, 2022, 02:20:42 PM
#7
In summary your whole arguments (like most resources out there) are not about paper wallets but instead about flawed methods and tools people use to create paper wallets. You can't claim paper wallets are inherently flawed because one tool was flawed.

Except this one tool is the most popular implementation and this is the "Beginners & Help" board, so I'd say it's a good idea to warn beginners about this kind of paper wallets, because that's what they will most likely use when they read some article that says that paper wallets are the safest and will go and google paper wallet online generator.

I think no one will argue that single-address paper wallets should not be recommended to beginners, because these days there are more user-friendly options.
legendary
Activity: 2450
Merit: 4415
🔐BitcoinMessage.Tools🔑
February 01, 2022, 01:37:01 AM
#6
    Bunch of keys: [/li][/list]Most wallets are now have a human readable code and are easily to generate as many as possible private keys. Very easy to spend from any addresses because your private keys are secure in a single 12 seeded words ( can also be 15, 18, 21, 24 depending on the entropy). This feature isn't accessible in paper wallets, so you'll have to deal with a slew of keys every time you want to perform a transaction or backup, and switching wallet software will be a pain.
    You can use a human-readable phrase as your paper wallet and get as many receive addresses as you want. For example, you generated your seed words manually or using a special air-gapped device and then back it up on a piece of indestructible material. In order to be able to generate receive addresses, you need to enter your words on an offline hardware device and generate a master public key which you can import to any watch-only wallet. This watch-only wallet will generate addresses for you despite being unable to access your main seed or your private keys. You can generate as many addresses as you wish while never exposing sensitive information to the online environment. In order to spend coins from your paper wallet, you can use the same hardware device you used to generate a master public key. You can sign transactions offline and then broadcast your signed transactions with any wallet connected to the Internet.
    mk4
    legendary
    Activity: 2870
    Merit: 3873
    Paldo.io 🤖
    February 01, 2022, 12:44:37 AM
    #5
    I've been against paper wallets as a cold storage recommendation for the masses for a while now, and we don't even need to really go deep into the nooks and crannies. I simply don't trust the typical person's computer to be secure enough; I mean, people in general just don't take security seriously — they download and install random files and software, click shady links left and right, etc. Hence there could be breaches on the multiple attack vectors on the wallet generation process.
    legendary
    Activity: 3472
    Merit: 10611
    January 31, 2022, 11:33:15 PM
    #4
    ~ some dangers of using paper wallet ~ heist of Bitcoinpaperwallet
    To be clear the scam case you bring up has nothing to do with "dangers of using paper wallets" at all. It is all about how dumb it is to use a website to create a private key!

    Quote
    Paper wallets have progressed from a sort of cold storage to a hardware wallet,
    Paper wallets are still paper wallets and hardware wallets are unrelated category of wallets. They are not the new "progressed" version of paper wallets.

    Quote
    They used to be a good and trustworthy technique of generating private keys, but they have now become literally bad, and also too risky.
    Wrong. A paper wallet is simply a key (or master key) written on a physical medium (usually paper). The method you generate that key should obviously be safe (air-gap system using a trusted source code), anything else has never been safe and will never be safe. This has not changed from day 1.

    Quote
    There are other similar paper wallets websites that are still widely used, what will happen if there is going to be a similar shift of ownership with the remaining ones?
    Ownership does not matter at all, a website must never be used. There is a lot of things that could go wrong on an online PC inside a browser before even getting to risks of the website itself.

    Quote
    This is something you won't find with a paper wallet: if you spend from a single key, your balance becomes public and exposed.

    This feature isn't accessible in paper wallets, so you'll have to deal with a slew of keys every time you want to perform a transaction or backup, and switching wallet software will be a pain.
    Wrong. There is nothing stopping you from creating a [deterministic] paper wallet (that is writing down a mnemonic) and use different addresses from that wallet.

    Quote
    Poor Entropy:
    Again nothing is forcing you to use a JavaScript code to generate your paper wallet, you can use the c++ code (bitcoin core) to generate it or python (Electrum), or...


    In summary your whole arguments (like most resources out there) are not about paper wallets but instead about flawed methods and tools people use to create paper wallets. You can't claim paper wallets are inherently flawed because one tool was flawed.
    legendary
    Activity: 1288
    Merit: 1081
    Goodnight, o_e_l_e_o 🌹
    January 31, 2022, 11:04:59 PM
    #3
    Paper wallet was years back regarded as the safest means of storing your bitcoin. The reason being it's ability to be operated offline. Though there was challenges but I don't think that paper Wallets were as vulnerable as you portrayed them. Paper Wallets are still in use now.
    The major security risks lied on the devices that were used to print the keys. If it is computer or mobile phone, it can be hacked or infested by malwares.
    Another challenge was the printer used to print the paper wallet. Due to some hardware problems of the printer, keys and bitcoins were lost.
    Quote
    The new owner managed to create a backup saver on the server that stored every private keys created from the website and no one noticed the backend structure even when it was open-source.
    How was this possible in an open-source protocol?
    member
    Activity: 120
    Merit: 15
    January 31, 2022, 10:41:22 PM
    #2
    What? Really?  Shocked years back I use paper wallet to store some coins that are only available on PC/desktop wallet because I don't want to sync the whole blockchain data and till date they work, veil coin, turtle coin, graft, havven and few others, I store the recovery seed just the way I store my trust wallet recovery seed but you do have a point about how risky they are compare to mobile wallet and hardware wallet
    hero member
    Activity: 1106
    Merit: 912
    Not Your Keys, Not Your Bitcoin
    January 31, 2022, 10:30:24 PM
    #1
    I was enthralled by one of the recognized bitcoin books, Mastering Bitcoin by Andreas M. Antonopoulos,[1] so I decided to go through some of his youtube bitcoin playlists and a particular one interested me, The use of the paper wallet, their benefits and how to use them securely.[2] I was thinking there was going to be an updated video about some dangers of using paper wallet but I didn't find any on the channel until I came across about heist of Bitcoinpaperwallet[3] that accounted for 124.85 BTC that was swept from private keys generated from the website last year.

    How did that happen? Some years back, one of the forum member, Canton [4], developed a bitcoin paper wallet and a thread[5] in 2013 as a bitcoin cold storage but eventually sold it in 2018 for undisclosed reasons. Would anyone expect the current admin to keep them safe? Even when Canton advised users to run generator from the Github source code, many users were unaware that there had been a change of ownership. The new owner managed to create a backup saver on the server that stored every private keys created from the website and no one noticed the backend structure even when it was open-source.
    Did users think they are safe with the new management? Many were not even aware that there was a change of ownership even when he reminded people to specifically run generator from the Github source code.
    There were warnings that were reported here and would have prevented some of the stolen funds, LoyceV created a thread[6] and alerted the original thread to let others know about the ongoing scam but I presume many who used the wallets are not on Bitcointalk.  

    What is the point of this thread, exactly? Bitcoin developers have never slept, rather seizing and using each opportunity to improve bitcoin and its network for simplicity and effectiveness. Paper wallets have progressed from a sort of cold storage to a hardware wallet, but they are still widely used. They used to be a good and trustworthy technique of generating private keys, but they have now become literally bad, and also too risky. There are other similar paper wallets websites that are still widely used, what will happen if there is going to be a similar shift of ownership with the remaining ones? Are they presently sweeping Bitcoin from users?
    Let's put aside the risk part, practically, using it now as a one of the traditional way of storing BTC poor in the sense that they are not good for security and privacy, they are totally so different from the working principles of Deterministic wallets that are used today. These cool features that concflict paper wallet include:

    • Change address:
    Privacy and security have a cost, they weren't created for no reason, therefore you should cherish yours. Your transactions are distributed as a file across the every connected nodes, your wallet address always changes any time you spend, and this helps you limit the public from knowing who owns the balance, especially if you are holding a large sum. It also protects you from hackers trying to figure out who is behind a large sum of Bitcoin. This is something you won't find with a paper wallet: if you spend from a single key, your balance becomes public and exposed.

    • Bunch of keys:
    Most wallets are now have a human readable code and are easily to generate as many as possible private keys. Very easy to spend from any addresses because your private keys are secure in a single 12 seeded words ( can also be 15, 18, 21, 24 depending on the entropy). This feature isn't accessible in paper wallets, so you'll have to deal with a slew of keys every time you want to perform a transaction or backup, and switching wallet software will be a pain.

    • Poor Entropy:
    There is still an ongoing debate as to which why javascript random number generator is still not the best option. I checked one of the popular paper wallet git repository[7] and the last time it was updated was 2016, there is high chance your are likely using a  Math.random() and they are not too good random number generators.[8]

    Another reason why you should never rely on javascript random number generators that use math functions.

    Javascript's randomness is not very good.
    For example, Math.random()  is not really random. So if your scripts uses it, I think it is not good.
    https://hackernoon.com/how-does-javascripts-math-random-generate-random-numbers-ef0de6a20131


    Some of the most common random wallet generators take random numbers from the operating system, such as /dev/urandom in Linux and CryptoGenRandom() in Windows and how other popular cold wallet generate good entropies include:

    How are Hardware Wallets doing entropy?

    Trezor is mixing external entropy from computer with internal entropy from built-in hardware random number generator RFC 6979,  and this can be verified on their github page.

    Ledger wallet is using Random Number Generator from their closed source Secure Element to generate mnemonic seed with AIS 31* certification.

    ColdCard have the option for using internal true random number generator from their secure element or to use D6 Dice Rolls that can be verified. Verifiable Seed Generation.

    Keystone (ex Cobo) is using Random Number Generator from their open source Secure Element and it can generate seed with casino-grade dices. Verifiable Seed Generation.

    Passport wallet is using Avalanche noise source, an open source true random number generator. Verifiable Seed Generation.

    Bitbox is using five different entropy sources from factory setup, secure element, regular chip, computer and device password, everything is open source and with latest update you can roll dices for verifiable seed generation.

    Safepal is using closed source secure element for random number generation with AIS 31* and FIPS PUB 140–2** certification

    BC Vault uses built-in hardware gyro sensor and various timings with human shaking the device for random number generation.

    Jade wallet is mixing internal entropy from built-in hardware random number generator and various other things with companion app entropy.

    Onekey mini uses internal random number generator that satisfies NIST SP 800-90A/B/C; CSPRNG is used to guarante the quality of randomness, which is equivalent to DIEDARD TEST, FIPS 140-2, TEST U01 test criteria.

    • Coin control:
    This is cool feature are available in almost popular cold and hot wallets such as Bitcoin core[9], Electrum[10] and other hot wallets especially ledger.[11] An advanced features that enable you to spend from a particular address, you dont have to aggregate all over addereses just to spend a UTXO, a single address or more is adequate to spend depending on quantity your are willing to sign and lock on receiver address.



    Source: https://nopara73.medium.com/coin-control-is-must-learn-if-you-care-about-your-privacy-in-bitcoin-33b9a5f224a2



    Soure: https://support.ledger.com/hc/en-us/articles/360015996580-Using-Coin-control?

    • You may have to deal with additional issues when using paper wallets as storage, such as avoiding fire, theft, and deciding where to store them. When dealing with paper wallets, there is a high level of security in your hands.

    Hot wallets might not be the best alternative for paper wallet  but you have less headache to worry about. Better still, get a hardware wallet, they are affordable and outstanding cold storage for those who want their btc to be offline.
    Avoid paper, cheap things may cause you big sometimes.



    [1] https://oiipdf.com/mastering-bitcoin-programming-the-open-blockchain-oreilly-2nd-edition-2017
    [2] https://www.youtube.com/watch?v=cKehFazo8Pw
    [3] https://www.coindesk.com/tech/2021/02/24/bitcoinpaperwallet-back-door-responsible-for-millions-in-missing-funds-research-suggests/
    [4] https://bitcointalksearch.org/user/canton-39021
    [5] https://bitcointalksearch.org/topic/the-official-bitcoinpaperwalletcom-thread-updates-and-news-169836
    [6] https://bitcointalksearch.org/topic/m.54525886
    l7] https://github.com/pointbiz/bitaddress.org
    [8] https://hackernoon.com/how-does-javascripts-math-random-generate-random-numbers-ef0de6a20131
    [9] https://bitcoinelectrum.com/how-to-spend-specific-utxos-in-electrum/
    [10] https://bitcoinelectrum.com/how-to-spend-specific-utxos-in-electrum/
    [11] https://support.ledger.com/hc/en-us/articles/360015996580-Using-Coin-control?
    Jump to: