Topic: Personal 2-factor storing of private keys (10 BTC bounty) (Read 2868 times)
This has been implemented. Thanks!
I will give 10 BTC bounty for someone to create a pull request to modify bitaddress.org to give me an option to create an encrypted paper wallet using BIP 38.
Actually this is my plan:
3 physical locations and 3 electronic locations. If someone manages to hack my computer and get access to the passphrase, it's useless without the encrypted paper wallet. If someone breaks into my bank safe and steals the encrypted paper wallet, it's useless without my passphrase. And if anything happens to me, my family will know how to recover the bitcoins.
- use my chromebook in guest mode to access the bitaddress.org
- generate the encrypted paper wallet
- print 3 copies out
- put a copy each in 3 different bank safes
- save the passphrase in LastPass
- save the passphrase somewhere encrypted on Google Drive
- use deadmansswitch.net to send the passphrase (and instructions) out in case something happens to me
3 physical locations and 3 electronic locations. If someone manages to hack my computer and get access to the passphrase, it's useless without the encrypted paper wallet. If someone breaks into my bank safe and steals the encrypted paper wallet, it's useless without my passphrase. And if anything happens to me, my family will know how to recover the bitcoins.
Here's a script that lets you split a private key into N parts, of which any K can be used to reconstitute the original, where you pick the N and K when splitting.
https://github.com/vbuterin/btckeysplit
https://github.com/vbuterin/btckeysplit
I will give 10 BTC bounty for someone to create a pull request to modify bitaddress.org to give me an option to create an encrypted paper wallet using BIP 38.
Oops, didn't check the other thread first. Good luck!
Thanks BIP38 seems like what I want. But there doesn't seem to be an easy tool to do the encryption or decryption yet. I don't run Windows. 
And here's my dead man's switch: http://www.deadmansswitch.net/
And here's my dead man's switch: http://www.deadmansswitch.net/
There was a BIP38 bounty that Casascius posted a few days ago to implement it in javascript. There is now an implementation you can run here: http://scintill.github.com/bitaddress.org-bip38.html (go to wallet details)
Also see this thread for more info: https://bitcointalksearch.org/topic/20-btc-bounty-javascript-implementation-of-bip-38-claimed-136651
A simple non-techie approach, which I use, is to print out a paper wallet and then use this private key as the first factor.
Paste this into http://brainwallet.org/ passphrase field and then add your password as the second factor creating a new private key/address - send all your bitcoins to this address.
You can allow some access to the original paper wallet, so you can safely store it in many places, with family members etc
example.
paper wallet address 1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T
private key 5KJvsngHeMpm884wtkJNzQGaCErckhHJBGFsvd3VyK5qMZXj3hS
passphrase for brainwallet:
5KJvsngHeMpm884wtkJNzQGaCErckhHJBGFsvd3VyK5qMZXj3hSthisismydifficulttoguesspass word
producing address 1GuJmVpp4x1bhNoj67ngViEyk6Aa1yadVB - to which you can send all your stored wealth.
Goes without saying that this should all be done offline on a fresh os install.
Paste this into http://brainwallet.org/ passphrase field and then add your password as the second factor creating a new private key/address - send all your bitcoins to this address.
You can allow some access to the original paper wallet, so you can safely store it in many places, with family members etc
example.
paper wallet address 1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T
private key 5KJvsngHeMpm884wtkJNzQGaCErckhHJBGFsvd3VyK5qMZXj3hS
passphrase for brainwallet:
5KJvsngHeMpm884wtkJNzQGaCErckhHJBGFsvd3VyK5qMZXj3hSthisismydifficulttoguesspass word
producing address 1GuJmVpp4x1bhNoj67ngViEyk6Aa1yadVB - to which you can send all your stored wealth.
Goes without saying that this should all be done offline on a fresh os install.
I'm trying to come up with a safe way to store my bitcoins where you would need 2-factor to spend the coins. The simple approach I can come up with is to store my private keys in a bank safe, but make sure that the private keys are encrypted with a strong password that only I know. I would then set up a dead man's switch to send that password out in case anything happens to me. This way, you would need to have access to my bank safe and know my password in order to spend the coins. That seems pretty safe to me. Thoughts?
Now the question is, what is a simple way to encrypt my private keys? I need something that's secure but also easy to use to decrypt. Since I have to describe how to decrypt the keys in my dead man's switch email.
Now the question is, what is a simple way to encrypt my private keys? I need something that's secure but also easy to use to decrypt. Since I have to describe how to decrypt the keys in my dead man's switch email.
Some related threads:
Dead Man's Switch?
- https://bitcointalksearch.org/topic/dead-mans-switch-110353
Casascius "accidentally" creates a 2-party escrow GUI.
- http://www.reddit.com/r/Bitcoin/comments/14j7wx
pybtcsplit - m-of-n Private Key Splitting made easy in one simple python utility
- https://bitcointalksearch.org/topic/pybtcsplit-m-of-n-private-key-splitting-made-easy-in-one-simple-python-utility-104086
To generate a split key there is a new feature (v2.1) in the Vanity Wallet on bitaddress.org
- https://bitcointalksearch.org/topic/m.1421075That or how about just a password-protected PDF? That has the benefit of being completely usable by a layperson given only the file and the password. This also uses AES under the hood.
- https://bitcointalksearch.org/topic/how-do-i-encrypt-a-paper-wallet-from-bitaddressorg-92374Lately I have been working on an iPhone app to implement a BIP 38 tool for the end user.
- https://bitcointalksearch.org/topic/m.1430037
I'm trying to come up with a safe way to store my bitcoins where you would need 2-factor to spend the coins. The simple approach I can come up with is to store my private keys in a bank safe, but make sure that the private keys are encrypted with a strong password that only I know. I would then set up a dead man's switch to send that password out in case anything happens to me. This way, you would need to have access to my bank safe and know my password in order to spend the coins. That seems pretty safe to me. Thoughts?
Now the question is, what is a simple way to encrypt my private keys? I need something that's secure but also easy to use to decrypt. Since I have to describe how to decrypt the keys in my dead man's switch email.
I will give 10 BTC bounty for someone to create a pull request to modify bitaddress.org to give me an option to create an encrypted paper wallet using BIP 38. Claimed!
Now the question is, what is a simple way to encrypt my private keys? I need something that's secure but also easy to use to decrypt. Since I have to describe how to decrypt the keys in my dead man's switch email.
Jump to: