https://bitcoinpaperwallet.com/holiday-design/
Topic: The official BitcoinPaperWallet.com thread -- updates and news. - page 3. (Read 55957 times)
November 21, 2013, 04:05:54 PM
November 21, 2013, 04:04:23 PM
Perfect design. Best paper wallet I've seen by far.
Tip: Print on 10mil teslin for a 100% waterproof (inkjet) and durable wallet. Much more opaque than paper so shining light through isn't an issue either.
Any chance of adding optional BIP38 support for added security?
Tip: Print on 10mil teslin for a 100% waterproof (inkjet) and durable wallet. Much more opaque than paper so shining light through isn't an issue either.
Any chance of adding optional BIP38 support for added security?
Thanks for the kind words. Yes, Teslin synthetic paper rocks. I've been comparing about 3 different brands and so far Teslin is my favorite for this application. I've been thinking about adding BIP38, possibly with this different layout/design:
As I understand it, a folding/tamper-evident BIP38 design doesn't make a whole lot of sense since -- if BIP38 holds up the way we hope it does -- you can share a BIP38 encrypted private key with the whole world and it doesn't matter.
November 19, 2013, 09:19:36 AM
Perfect design. Best paper wallet I've seen by far.
Tip: Print on 10mil teslin for a 100% waterproof (inkjet) and durable wallet. Much more opaque than paper so shining light through isn't an issue either.
Any chance of adding optional BIP38 support for added security?
Tip: Print on 10mil teslin for a 100% waterproof (inkjet) and durable wallet. Much more opaque than paper so shining light through isn't an issue either.
Any chance of adding optional BIP38 support for added security?
November 16, 2013, 09:37:03 AM
I bet someone at Defcon could probably do it. They seemed to have no problem compromising Casascius coins which are probably considered the most secure/safe physical cryptocoins in existence.
IMO no physical variation of cryptocoins is 100% secure. The security measures and tamper evident properties will be broken over time as new technologies are developed and implemented. That's part of the reasons I probably won't sell "loaded" coins in my physical cryptocoin project, only customer funded/assembled coins. I don't want anyone to get the idea that I personally back the coin's worth if they are factory loaded and appear to have not been tampered with.
The truth is I cannot stop people from tampering with the coins after they leave my hands. As with all physical cryptocoins, it comes down to trusting the person you're buying the coins from that they haven't tampered with it... no matter what security measures are implemented or how reputable the company is that makes them.
IMO no physical variation of cryptocoins is 100% secure. The security measures and tamper evident properties will be broken over time as new technologies are developed and implemented. That's part of the reasons I probably won't sell "loaded" coins in my physical cryptocoin project, only customer funded/assembled coins. I don't want anyone to get the idea that I personally back the coin's worth if they are factory loaded and appear to have not been tampered with.
The truth is I cannot stop people from tampering with the coins after they leave my hands. As with all physical cryptocoins, it comes down to trusting the person you're buying the coins from that they haven't tampered with it... no matter what security measures are implemented or how reputable the company is that makes them.
November 16, 2013, 09:29:31 AM
Your tamper proof wallet is the worst!! How dare you waste my time with this nonsense?.. How was that?
Seriously though has anyone collected the .1 BTC yet?
Seriously though has anyone collected the .1 BTC yet?
November 15, 2013, 06:52:30 PM
Can this be done for litecoin as well?
October 25, 2013, 05:26:32 PM
Is there anyway you could allow an upload of own design for the wallet? Say I wanted my own logo or some text for promo's written on it?
Absolutely. Just download the ZIP from github and it should be very obvious which two images you swap out. It's the two 300dpi JPGs you see here:
https://bitcoinpaperwallet.com/bitcoinpaperwallet/images/
October 22, 2013, 12:39:35 PM
Hi Canton
Is there anyway you could allow an upload of own design for the wallet? Say I wanted my own logo or some text for promo's written on it?
Is there anyway you could allow an upload of own design for the wallet? Say I wanted my own logo or some text for promo's written on it?
October 22, 2013, 02:33:47 AM
in this step i can confirm that a cellphone light in a dark room is enough to make it perfectly clear to the human eye, so a good camera should be able to clearly pick it up.
Hi 413j0,
Thanks for the testing out the design! I didn't think it would be feasible to 'pinch' apart the folded layers, at least not without damaging the tamper-evident tape. Honestly, I tried your technique for about 5 minutes, both with a needle and by manipulating the inner fold with some sticky tape on the end of a firm bit of cardboard, but I just couldn't get them to separate so as to attempt an illuminated photograph. I don't doubt you succeeded -- it's just that on my end I wasn't able to. Perhaps it's my paper stock (or even humidity!) that's making it difficult. In any case, I'll think on this challenge a bit and see if there's an improvement I can come up with on the design. In the meantime, your addition of extra duct tape (or as others have suggested, slipping in a bit of tin foil) are great ways to improve the light impermeability.
As a thank you for your work on this, if you private message me your mailing address I'll send you some of the brand new tamper-evident stickers that include unique sets of serial numbers printed in white thermal foil (see image below).
https://bitcoinpaperwallet.com/images/gold-serials.jpg
i just used standard 75 g/m printing paper, but the folding part wasn't easy, and actually left the paper a little creased, it's easier to get about half off the qr at at a time and maybe photographing it with a good enough camera to joint it.
but as you point paper stock should have a huge effect on this technique, it's hard enough with standard paper, so a thicker or stiffer one should make it much harder.
October 14, 2013, 08:08:03 PM
Sorry for the confusion here, I think you might have noticed that for a few days, bitcoinpaperwallet.com (the live website) was a little more up-to-date than the git code. This is because I was soliciting feedback before pushing some significant Oct 1 version changes to github. (For example, you can now use your own keys / vanitygen and you aren't obligated to use the built-in random key generator.)
At the time I'm writing this, both the website and the github code should be identical. I'd post the SHA1SUM here, but what I prefer is for you to check the GPG signature that is distributed with the github zip code:
Quote
After downloading the ZIP package for this generator, you should find a file named generate-wallet.html.sig which you can use to:
1) verify that generate-wallet.html hasn't been tampered with, and
2) get proof that it really was authored by Canton Becker ([email protected]) whose public key and fingerprint can be confirmed at cantonbecker.com, bitcointalk.org, etc.
For example, if you have GPG installed, just open the terminal, change directory (cd) to where this generate-wallet.html lives, and type:
gpg --verify --with-fingerprint generate-wallet.html.sig generate-wallet.html
1) verify that generate-wallet.html hasn't been tampered with, and
2) get proof that it really was authored by Canton Becker ([email protected]) whose public key and fingerprint can be confirmed at cantonbecker.com, bitcointalk.org, etc.
For example, if you have GPG installed, just open the terminal, change directory (cd) to where this generate-wallet.html lives, and type:
gpg --verify --with-fingerprint generate-wallet.html.sig generate-wallet.html
The reason I prefer the GPG signature method is that it's not vulnerable to situations like bitcointalk.org getting hacked and having its posts modified. Not that this could ever happen of course, because bitcointalk.org never gets hacked.
Thanks for the clarification. A GPG signature is indeed a far better method than a checksum posted in the forum.
I missed to notice the sig file in the archive.
October 14, 2013, 05:52:59 PM
in this step i can confirm that a cellphone light in a dark room is enough to make it perfectly clear to the human eye, so a good camera should be able to clearly pick it up.
Hi 413j0,
Thanks for the testing out the design! I didn't think it would be feasible to 'pinch' apart the folded layers, at least not without damaging the tamper-evident tape. Honestly, I tried your technique for about 5 minutes, both with a needle and by manipulating the inner fold with some sticky tape on the end of a firm bit of cardboard, but I just couldn't get them to separate so as to attempt an illuminated photograph. I don't doubt you succeeded -- it's just that on my end I wasn't able to. Perhaps it's my paper stock (or even humidity!) that's making it difficult. In any case, I'll think on this challenge a bit and see if there's an improvement I can come up with on the design. In the meantime, your addition of extra duct tape (or as others have suggested, slipping in a bit of tin foil) are great ways to improve the light impermeability.
As a thank you for your work on this, if you private message me your mailing address I'll send you some of the brand new tamper-evident stickers that include unique sets of serial numbers printed in white thermal foil (see image below).
October 14, 2013, 05:18:01 PM
Canton, can you confirm the recent changes on the website?
sha1sum:
dbcaf6ff3a8b0bf1bd213272884b8a6c945dc678 - current website
a64a1bde6be1a0120984da9acf8d031842dc4f68 - current git code and website before change
Thanks.
sha1sum:
dbcaf6ff3a8b0bf1bd213272884b8a6c945dc678 - current website
a64a1bde6be1a0120984da9acf8d031842dc4f68 - current git code and website before change
Thanks.
Sorry for the confusion here, I think you might have noticed that for a few days, bitcoinpaperwallet.com (the live website) was a little more up-to-date than the git code. This is because I was soliciting feedback before pushing some significant Oct 1 version changes to github. (For example, you can now use your own keys / vanitygen and you aren't obligated to use the built-in random key generator.)
At the time I'm writing this, both the website and the github code should be identical. I'd post the SHA1SUM here, but what I prefer is for you to check the GPG signature that is distributed with the github zip code:
Quote
After downloading the ZIP package for this generator, you should find a file named generate-wallet.html.sig which you can use to:
1) verify that generate-wallet.html hasn't been tampered with, and
2) get proof that it really was authored by Canton Becker ([email protected]) whose public key and fingerprint can be confirmed at cantonbecker.com, bitcointalk.org, etc.
For example, if you have GPG installed, just open the terminal, change directory (cd) to where this generate-wallet.html lives, and type:
gpg --verify --with-fingerprint generate-wallet.html.sig generate-wallet.html
1) verify that generate-wallet.html hasn't been tampered with, and
2) get proof that it really was authored by Canton Becker ([email protected]) whose public key and fingerprint can be confirmed at cantonbecker.com, bitcointalk.org, etc.
For example, if you have GPG installed, just open the terminal, change directory (cd) to where this generate-wallet.html lives, and type:
gpg --verify --with-fingerprint generate-wallet.html.sig generate-wallet.html
The reason I prefer the GPG signature method is that it's not vulnerable to situations like bitcointalk.org getting hacked and having its posts modified. Not that this could ever happen of course, because bitcointalk.org never gets hacked.
October 01, 2013, 10:30:19 PM
Canton, can you confirm the recent changes on the website?
sha1sum:
dbcaf6ff3a8b0bf1bd213272884b8a6c945dc678 - current website
a64a1bde6be1a0120984da9acf8d031842dc4f68 - current git code and website before change
Thanks.
sha1sum:
dbcaf6ff3a8b0bf1bd213272884b8a6c945dc678 - current website
a64a1bde6be1a0120984da9acf8d031842dc4f68 - current git code and website before change
Thanks.
September 26, 2013, 11:12:00 PM
i just generated a huge random qr an started randomly using gimp's clone tool (no face intended)
September 26, 2013, 07:16:50 PM
If you look closely, you'll see a creepy smiling face in there.
September 26, 2013, 06:24:32 PM
my suggestion would be to change the back pattern which now i think its the most vulnerable, and besides its the one less likely to be confused with a qr for something like this:
http://img94.imageshack.us/img94/7285/rly9.png
Uploaded with ImageShack.us
http://img94.imageshack.us/img94/7285/rly9.png
Uploaded with ImageShack.us
September 26, 2013, 06:07:11 PM
now candle it from the front, so the dispersion off the front obscuring pattern's light works in your favor, and if you did it correctly any part off the qr that touches the back obscuring pattern should be visible, but any part that is'n touching it should still scatter.
before photographing make sure to press gently on the white surface on the back so all the qr touches the pattern and therefore becomes clear.
in this step i can confirm that a cellphone light in a dark room is enough to make it perfectly clear to the human eye, so a good camera should be able to clearly pick it up.
since i was already using duck tape, i though about using it to obscure qr, so i did this:
http://img833.imageshack.us/img833/7286/icj1.jpg
Uploaded with ImageShack.us
http://img94.imageshack.us/img94/5910/hz58.jpg
Uploaded with ImageShack.us
http://img163.imageshack.us/img163/7352/hmn0.jpg
Uploaded with ImageShack.us
http://img850.imageshack.us/img850/7707/afoe.jpg
Uploaded with ImageShack.us
[IMG=http://img5.imageshack.us/img5/3336/38ki.jpg]http://[/img]
Uploaded with ImageShack.us
http://img833.imageshack.us/img833/1733/hcb2.jpg
Uploaded with ImageShack.us
http://img28.imageshack.us/img28/1976/8ui2.jpg
Uploaded with ImageShack.us
but still wasn't enoug, because upon retriing one off my previos attemps at candling i used this old beast:
http://img34.imageshack.us/img34/6111/917x.jpg
Uploaded with ImageShack.us
note: this thing actually can lift again a small piece off tinfoil falling towards it when it fires
and actually i got the best picture i have been able to get from this particular flash on my phones camera:
http://img819.imageshack.us/img819/5563/58p2.jpg
Uploaded with ImageShack.us
if you notice the black shadow at right it's because this flash is faster than my cameras frame rate (60fps) and i couldn't light the whole frame, so under this conditions it's imposible to get my cellphone to focus or at least get any detail at all
proposed solution at next post....
before photographing make sure to press gently on the white surface on the back so all the qr touches the pattern and therefore becomes clear.
in this step i can confirm that a cellphone light in a dark room is enough to make it perfectly clear to the human eye, so a good camera should be able to clearly pick it up.
since i was already using duck tape, i though about using it to obscure qr, so i did this:
http://img833.imageshack.us/img833/7286/icj1.jpg
Uploaded with ImageShack.us
http://img94.imageshack.us/img94/5910/hz58.jpg
Uploaded with ImageShack.us
http://img163.imageshack.us/img163/7352/hmn0.jpg
Uploaded with ImageShack.us
http://img850.imageshack.us/img850/7707/afoe.jpg
Uploaded with ImageShack.us
[IMG=http://img5.imageshack.us/img5/3336/38ki.jpg]http://[/img]
Uploaded with ImageShack.us
http://img833.imageshack.us/img833/1733/hcb2.jpg
Uploaded with ImageShack.us
http://img28.imageshack.us/img28/1976/8ui2.jpg
Uploaded with ImageShack.us
but still wasn't enoug, because upon retriing one off my previos attemps at candling i used this old beast:
http://img34.imageshack.us/img34/6111/917x.jpg
Uploaded with ImageShack.us
note: this thing actually can lift again a small piece off tinfoil falling towards it when it fires
and actually i got the best picture i have been able to get from this particular flash on my phones camera:
http://img819.imageshack.us/img819/5563/58p2.jpg
Uploaded with ImageShack.us
if you notice the black shadow at right it's because this flash is faster than my cameras frame rate (60fps) and i couldn't light the whole frame, so under this conditions it's imposible to get my cellphone to focus or at least get any detail at all
proposed solution at next post....
September 26, 2013, 02:41:58 PM
actually i have a theory about the reddit flash way:
i have noticed that in most cases laser toner is much less translucent that inkjet ink, so if the wallet was printed with a cheap color inkjet printer, and then the codes added with a laser one (seen it recommended for durability purposes) it's possible that such difference is enough to render useless the obscuring pattern when a bright enough light is used
update:
i managed to reproduce the effect on a wallet printed on inkjet in one go, but sadly my phones camera is unable to photograph any detail at such light conditions, but ill explain in detail:
first thing is slightly pressing on the sides to separate the layers, so the light of the front obscuring pattern gets scattered before reaching the qr, so you will need to make the 3rd fold separate from the first two, which is actually quite harder than separating the first one, so you need to make a fold like this:
http://img42.imageshack.us/img42/5965/wt01.jpg
Uploaded with ImageShack.us
make sure you don't make it like this:
http://img59.imageshack.us/img59/9770/fvwz.jpg
Uploaded with ImageShack.us
and it should end up looking like this:
http://img850.imageshack.us/img850/3296/6qcr.jpg
Uploaded with ImageShack.us
notice the small creases that show that it seems to be "inflated".
front:
http://img9.imageshack.us/img9/7899/a61k.jpg
Uploaded with ImageShack.us
note:i used duck tape because i was doing several tries and it was easier and cheaper just using duck tape.
in case there is the slightest gap between the edge off the tape and the edge off the fold you can insert a needle and it will make it much easier, so never make any wallet like this:
http://img12.imageshack.us/img12/344/j3jw.jpg
Uploaded with ImageShack.us
but alternatively you could just pierce a small and discrete hole on any crease and do the same
continue in next post...
i have noticed that in most cases laser toner is much less translucent that inkjet ink, so if the wallet was printed with a cheap color inkjet printer, and then the codes added with a laser one (seen it recommended for durability purposes) it's possible that such difference is enough to render useless the obscuring pattern when a bright enough light is used
update:
i managed to reproduce the effect on a wallet printed on inkjet in one go, but sadly my phones camera is unable to photograph any detail at such light conditions, but ill explain in detail:
first thing is slightly pressing on the sides to separate the layers, so the light of the front obscuring pattern gets scattered before reaching the qr, so you will need to make the 3rd fold separate from the first two, which is actually quite harder than separating the first one, so you need to make a fold like this:
http://img42.imageshack.us/img42/5965/wt01.jpg
Uploaded with ImageShack.us
make sure you don't make it like this:
http://img59.imageshack.us/img59/9770/fvwz.jpg
Uploaded with ImageShack.us
and it should end up looking like this:
http://img850.imageshack.us/img850/3296/6qcr.jpg
Uploaded with ImageShack.us
notice the small creases that show that it seems to be "inflated".
front:
http://img9.imageshack.us/img9/7899/a61k.jpg
Uploaded with ImageShack.us
note:i used duck tape because i was doing several tries and it was easier and cheaper just using duck tape.
in case there is the slightest gap between the edge off the tape and the edge off the fold you can insert a needle and it will make it much easier, so never make any wallet like this:
http://img12.imageshack.us/img12/344/j3jw.jpg
Uploaded with ImageShack.us
but alternatively you could just pierce a small and discrete hole on any crease and do the same
continue in next post...
August 25, 2013, 01:02:03 PM
That's the best design i've ever seen for a paper wallet
Good design is a gateway to bitcoin adoption. Well done.
Thanks very much to the both of you for the kinds words.
Today I just figured out a really basic solution to (additionally) discourage tampering. Just use a 3rd sticker to seal the bag itself:
August 23, 2013, 04:29:57 PM
Quote from: niko
If somebody can get to your paper wallet, and wish to steal the funds, they would be much smarter to just steal the damn thing, than to tamper with stickers, solvents, photo flashes, laser scanners, optical coherence tomographs, and neutron beams just so they can scan the priv key while leaving the wallet seemingly intact.
You forgot to mention unicorn breath, which is known to render all muggle technology fully transparent.
Your point is a good one though. What I'm aiming for is "casual" tamper-resistance -- for example, what would be especially useful for a paper wallet given as a gift. Myself, each time I give away 1 BTC to a friend or family member, I'm satisfied knowing that my design ensures that the recipient wont inadvertently lose their balance by letting someone post a photograph of the pretty wallet on Facebook, or to a sneaky bad roommate or ex girl/boyfriend.
Spot on. This is exactly where I've gone wrong to date in gifting bitcoins. People accidentally lost them on their computers somewhere. Oddly, that was part of the reason I created the physical bitcoins that i'm selling (like Casascius but with a proprietary counterfeit/theft protection). If it looks valuable, people will take care of it.
Incidentally, I have people that want my physical bitcoins even though they couldn't care less about what a bitcoin is, purely because they look valuable.
Good design is a gateway to bitcoin adoption. Well done.
Jump to: