Pages:
Author

Topic: The official BitcoinPaperWallet.com thread -- updates and news. - page 4. (Read 55974 times)

sr. member
Activity: 352
Merit: 250
That's the best design i've ever seen for a paper wallet
sr. member
Activity: 261
Merit: 285
Quote from: niko
If somebody can get to your paper wallet, and wish to steal the funds, they would be much smarter to just steal the damn thing, than to tamper with stickers, solvents, photo flashes, laser scanners, optical coherence tomographs, and neutron beams just so they can scan the priv key while leaving the wallet seemingly intact.

You forgot to mention unicorn breath, which is known to render all muggle technology fully transparent. Smiley

Your point is a good one though. What I'm aiming for is "casual" tamper-resistance -- for example, what would be especially useful for a paper wallet given as a gift. Myself, each time I give away 1 BTC to a friend or family member, I'm satisfied knowing that my design ensures that the recipient wont inadvertently lose their balance by letting someone post a photograph of the pretty wallet on Facebook, or to a sneaky bad roommate or ex girl/boyfriend.
donator
Activity: 640
Merit: 500
This is indeed a very nice design, and canton is an awesome guy to talk with.

An idea I was contemplating, how about if you make a striped line in the middle, and a corresponding unique number per paper wallet on both of the halves.
This would allow to put the private key slip in a bank box, and keeping the public key slip in your wallet.

This way you could keep track of which public slip corresponds to which private slip.

Illustration, now I am no designer, but you get my point


sr. member
Activity: 420
Merit: 250
★☆★777Coin★☆★
That one worked without folding by using those grey rub-off stickers
newbie
Activity: 14
Merit: 0
You did a really good job. Keep up the good work
hero member
Activity: 616
Merit: 500
Firstbits.com/1fg4i :)
I think the concern applies mostly to wallets that are passed on, when you might trust the original creator but not the individual that gave you the wallet (or anyone else in the chain of ownership).
hero member
Activity: 756
Merit: 501
There is more to Bitcoin than bitcoins.
You can also use some liquid to see it properly.

Hmm... have you tried?
I was told that freons work, and evaporate cleanly, but have not tested it myself. 

Ultimately, what's the actual problem here? If somebody can get to your paper wallet, and wish to steal the funds, they would be much smarter to just steal the damn thing, than to tamper with stickers, solvents, photo flashes, laser scanners, optical coherence tomographs, and neutron beams just so they can scan the priv key while leaving the wallet seemingly intact. Extracting the key without damaging the paper wallet is more of a prank than a crime.

If I am ever to accept a casascius coin or a paper wallet as payment, I'll gladly rip it open and spend it into my address. If it's more than a couple of hundreds of dollars worth, I'll check it for unconfirmed spends. If it's more that a couple of thousands of dollars worth, I'll wait for a confirmation or two. That's all.
sr. member
Activity: 261
Merit: 285
You can also use some liquid to see it properly.

Hmm... have you tried?
sr. member
Activity: 308
Merit: 250
You can also use some liquid to see it properly.

hero member
Activity: 756
Merit: 501
There is more to Bitcoin than bitcoins.
Hey there!

Someone's posted what might be a pretty good exploit on reddit, using a camera speedflash, see:

http://www.reddit.com/r/Bitcoin/comments/1jqmzv/dont_blindly_trust_bitcoinpaperwalletcom_you_can/

However I'm having a devil of a time trying to reproduce his results. See my attempts here:

http://imgur.com/a/FzPB0

Can anyone else see if they can use a flash to expose a readable QR code off of a properly printed/folded/sealed wallet? I'll gladly put up a token bounty just for fun, say .10BTC (or I'll send you a nice batch of free stickers & sealing bags, your choice.)

This is the best I could manage:


Make sure the layers are pressed together, perhaps between two plates of glass. This minimizes the blurring related to scattered light.
sr. member
Activity: 261
Merit: 285
Hey there!

Someone's posted what might be a pretty good exploit on reddit, using a camera speedflash, see:

http://www.reddit.com/r/Bitcoin/comments/1jqmzv/dont_blindly_trust_bitcoinpaperwalletcom_you_can/

However I'm having a devil of a time trying to reproduce his results. See my attempts here:

http://imgur.com/a/FzPB0

Can anyone else see if they can use a flash to expose a readable QR code off of a properly printed/folded/sealed wallet? I'll gladly put up a token bounty just for fun, say .10BTC (or I'll send you a nice batch of free stickers & sealing bags, your choice.)

This is the best I could manage:

full member
Activity: 168
Merit: 100
Where tamper resistance is warranted -

A) If the person is a guest in your house when it vanishes, you know who likely did it. So stealing the key to later extract funds is a better move than stealing it.

B) If there isn't much value on it, thief can wait until it has more value.
newbie
Activity: 16
Merit: 0
Out of curiosity... I take it this physical wallet isn't intended to be exchanged like currency?  But rather, it's designed to be a wallet to store incoming funds until such time as you wish to transfer these funds into a secure address?

In which case what's the point of it being tamper proof?  You can't use it as a medium of exchange anyways so there's no point in a tamper-proof private key.  If someone steals the wallet they can just steal the funds in it by opening the wallet anyways.  I guess this protects against someone finding it and writing down the key and leaving it where they found it, or photographic it, then?  But you can just leave the private key at home in a safety deposit box and carry around the QR code for the public address.

I can't imagine a scenario where the average person would need a wallet that can accept an unlimited number of coins until such time as you want to buy something with it, which you can only do once and only with certain technical knowledge (I'm thinking of the change, here) after which it's useless and you need a new one.

A tamper-proof private key is only useful when you want to use it as a medium of exchange, which this thing can't be used as since anyone can print off any nonsense private key they want to on the private key slot before they seal it off.
full member
Activity: 168
Merit: 100
This might be a stupid question, but why can't I just sandwhich a paper wallet between two pieces of dark construction paper and put it in a sealed envelope?

Seems like a KISS solution that avoids the light thing.
full member
Activity: 147
Merit: 100
Hi canton,

Just to let you know I used Bitcoinpaperwallet to offer bitcoins to a friend, for his birthday. It's fantastic, very easy to use, and the design of the wallet is really gorgeous. Sadly, I printed it in black and white (on a laser printer), but it was still really cool and he loved my gift.

Mind if I suggest you only one thing? To be able to use our own public addresses/private keys. I guess it wouldn't be very secure, but since it was a gift, I thought it could be funny if the public address was a vanity one that I generated before. Thus, I used your great tool but had to generate the QR codes somewhere else, and replace them along with the keys using the Chrome Inspector.

I don't know if you'd like to implement a feature like that, but hey, maybe you'll consider it. Smiley
Thanks!

I'm also really interested in using my own addy's and keys from vanitygen. Unfortunately, I have zero coding experience. I was able to use chrome inspector to change the private and public keys, but after making my own QR codes, I got lost trying to figure out where the qr code image files are referenced in inspector.  Any help would be appreciated Smiley
sr. member
Activity: 280
Merit: 257
bluemeanie
you can make paper wallets more secure with Visual Cryptography.
https://bitcointalk.org/index.php?topic=226671.new#new

Hi bluemeanie1,

This is a neat idea, and something I'll consider if BIP38 doesn't come to full fruition for some reason. (As I understand it, visual encryption would effectively do the same thing as https://en.bitcoin.it/wiki/BIP_0038 )

As for the wallet sent to Niko not being secure because I knew the private key, it was even less secure than that because I subsequently inclued the private key in a mockup on an unrelated forum post by accident, and some clever person stole the funds while the wallet was still in transit. Smiley

But to answer your concern directly -- the purpose of this wallet isn't to simulate physical cash, it's meant for (1) storing your own coins, or (2) giving coins to people who implicitly trust you, e.g. friends, family.

For a full overview / explanation of the intent (and to try out the working code) please check out https://bitcoinpaperwallet.com

- Canton

Hi Canton,

it's possible right now to make password protected coins using Transaction Scripts.  Thus you could make such 2-factor protected coins, but not necessarily an entire address, but there are probably ways to simulate the functionality you are looking for.

-bm


sr. member
Activity: 261
Merit: 285
you can make paper wallets more secure with Visual Cryptography.
https://bitcointalk.org/index.php?topic=226671.new#new

Hi bluemeanie1,

This is a neat idea, and something I'll consider if BIP38 doesn't come to full fruition for some reason. (As I understand it, visual encryption would effectively do the same thing as https://en.bitcoin.it/wiki/BIP_0038 )

As for the wallet sent to Niko not being secure because I knew the private key, it was even less secure than that because I subsequently inclued the private key in a mockup on an unrelated forum post by accident, and some clever person stole the funds while the wallet was still in transit. Smiley

But to answer your concern directly -- the purpose of this wallet isn't to simulate physical cash, it's meant for (1) storing your own coins, or (2) giving coins to people who implicitly trust you, e.g. friends, family.

For a full overview / explanation of the intent (and to try out the working code) please check out https://bitcoinpaperwallet.com

- Canton
sr. member
Activity: 280
Merit: 257
bluemeanie

 you can make paper wallets more secure with Visual Cryptography.

 https://bitcointalk.org/index.php?topic=226671.new#new
sr. member
Activity: 280
Merit: 257
bluemeanie
It's on!

Indeed! Your victim wallet just went out to the mailbox. If anyone reading this wants to sweeten the pot for Niko, feel free to chip a few pennies into the wallet @ 1LMKzdqhQ4LhHy5GGhT8BcG3HHpBTqAqbt. Niko, I have total faith in our respective country's postage services so the wallet has already been funded: https://blockchain.info/address/1LMKzdqhQ4LhHy5GGhT8BcG3HHpBTqAqbt





how is this secure?  you have the private key to his account!
sr. member
Activity: 280
Merit: 257
bluemeanie
I had lots of fun this weekend working on my own design for a two-sided tri-fold tamper-resistant paper Bitcoin wallet. Thanks for any and ALL criticism / comments -- whether it's about the look & feel, functionality, security features, etc. See:

http://youtu.be/V4H1VE3EAtI

This video is also a treasure hunt in which I happily invite you to “steal” 0.1 BTC . Finders keepers, so race on!

Design features:

  • Private key is hidden behind folds, so your wallet content is still safe if left out in the open or photographed.
  • Tamper-proof tape indicates when you (or someone else!) has revealed the private key.
  • Folding design obfuscates private keys so they’re hidden even when holding wallet up to a bright light.
  • Reverse side has basic wallet operation instructions and a register for writing down deposits / balance.
  • Private and public keys are replicated (and rotated) in triplicate to maximize chances of recovering keys if paper is damaged / crumpled.

When I’ve got enough feedback and a final design, I’ll publish a web page that will generate these wallets with just a couple of clicks. (No photoshop required, as the foundation will be based on the excellent wallet generator at bitaddress.org which as you probably already know uses a secure javascript page you can run even while offline.)

If you'd like to print out a sample for yourself, see PDF links here: http://cantonbecker.com/projects/2013/bitcoin-paper-wallet-design-video/.


are these things meant to be exchangeable?
Pages:
Jump to: