Topic: The official BitcoinPaperWallet.com thread -- updates and news. - page 6. (Read 55957 times)

I didn't know you had entered the wallet business. I'll update our course to mention the safe paper wallet in the paper wallet lecture.

Canton,

Very kind of you to drop a mention of the Safe Paper Wallet.

Today I upgraded the initial order, from 4000 to 8000 wallets, from regular perforation to micro-perf and from digital offset to 4-color linotype press.

The paper is a textile-weave texture, on 250gsm weight heavy paper which is acid-free and archival quality to last a lifetime, even on display and under light (which degrades regular paper and inks).

I will have samples at the conference.

The next print run will include your design as I branch out to more designs (and the MB Messer design too).

If the current rate of orders continues for a few days, I will be running break-even by end of week and ordering the next print run for 20,000 wallets.

Thank you for the mention and all your incredible work on this and other projects!

Funny you should ask! A related project selling professional printed paper wallets just launched at http://safepaperwallet.com . It's not a folding / tamper-evident design, and you still have to print out your own codes onto the blank spaces on the wallet, but these promise to be super high quality.

Right now I wouldn't invest much effort/trust in having anyone professionally print wallets *with* keys for you. There's a protocol in progress called "BIP38" which will make it possible for you to choose a password before having a wallet printed, which will circumvent the trust issue altogether. I haven't implemented BIP38 myself yet, but it looks very promising.

Hi JCW,

Thanks very much for the kind feedback. And especially for identifying yet another typo on the back. Oops. I think your suggestion about having the back refer to the website for more comprehensive/up-to-date wallet swiping instructions is an excellent one.

Ultimately for the back of the wallet I'd like to make the back something that's customized on-the-fly during print-time, so that when you print the wallet  you can choose:

* the language -- someone already sent me a portuguese translation...
* whether to include instructions at all (versus for example ample space to write a nice note if the wallet is a gift)

PS: If you decide not to buy a laser printer, there are some ways you can make your inkjet-printed wallets more water-resistant. I'll be posting a report on this soon as I'm in the process of testing a bunch of different products/solutions.

I love this wallet. I printed myself one of these and stored 0.1 BTC in it. Putting in a suitcase where I'll find it by surprise many months from now. Have you considered selling professionally printed wallets? Albeit everyone would have to trust you don't record the public keys. It'd still be nice. All I have is an inkjet, and no idea where I can possibly find a laser printer.

First of all, this is my favorite paper wallet I've seen by far. It has had a lot of thought put into it, and it shows. They look so good I am considering buying a color laser printer so that I can print these in color!

A couple of questions:

• The tamper-proofing is nice, but I intend to store these securely and so it is not as important to me as being able to trust the wallet generation code itself. Are there any plans to get a third party to post a hash of a vetted version of the offline wallet generator (and/or of the upcoming official Live CD)?
• I am currently using the technique of booting a Ubuntu Live CD from a non-internet connected computer which has the offline version of the paper wallet generator available on a USB thumb drive. Once opening this in Firefox, I print to a B&W laser printer (connected via USB). Once finished, I remove the Live CD and reboot into my normal OS, and reconnect the network cable. Would the official Live CD provide more security than this?

A few suggestions for the back:

• Typo in third point "until you are ready import"
• The last warning on the back of the wallet could be misinterpreted to mean you can't partially spend the funds you have on the wallet (i.e. so how do I ever use this to buy something less than the value on the wallet?). Since you mention How to Deposit as its own step, perhaps you should also have an entire step on How to Withdraw?
  
  Current:
  When withdrawing your funds from this wallet you should remove the ENTIRE BALANCE.
  If you attempt to spend only some of the funds you will likely lose the remaining bitcoins forever.
  
  Suggested (feel free to condense):
  To withdraw your funds from this wallet:
  1. Prepare a software wallet to receive the funds. This could be a bitcoin client on your computer or phone, an exchange, or an online wallet.
  2. Transfer the ENTIRE BALANCE to the software wallet. See http://bitcoinpaperwallet.com for instructions on how to perform this transfer. Note that it is important to transfer the entire balance in order to avoid losing control over the remaining bitcoins.
  3. Wait for the transaction to be confirmed. This typically occurs in under 10 minutes. Once confirmed, the funds are free to be spent as desired.
  4. Do not reuse the paper wallet - there is now a software wallet that has knowledge of its private key.
  

The reason I'm suggesting referring the user to the website for instructions on how to perform the transfer is because there doesn't seem to be a good way to do this just yet. There are several manual ways, some more complicated than others, but unfortunately there doesn't seem to be a feature common to most/all wallet software to sweep funds from another wallet, so the idea is that the current "recommended" ways of doing this could be maintained on the website, rather than out-of-date methods being printed on the wallet itself.

Hi Jabberwok,

I sure will post the PSDs/PDFs for editing/adjusting. Also someone else has generously worked on a shell script (live CD!) based version that uses vanitygen and outputs PDF files of my design as an alternative to the current bitaddress.org-based method I'm using now. Distributing this might be a few weeks out. It's a wicked bit of code: uses a RAM drive during wallet generation and then shreds the memory space afterwards -- less worrying about printer cache files and such.

Good work, Canton!

I love the design and am definitely going to start using these.

I agree completely, but I am very much enjoying the friendly battle with Niko.

Is there any way you could post the base design without keys and QR codes so that I could stick in a vanity address just for fun?  Or maybe you could find a way to incorporate vanitygen, though that sounds like it might be a bit difficult.  It might also be nice if other address formats could be used.  I would love to use this for Litecoins, too.

Good points, Terk. Furthermore, the slight-of-hand attack you described in yor next post is great. BIP38 addresses these kinds of problems, and canton is working on implementing it.

(BTW I love your evil scenario for replacing wallets with look-alikes. Very clever.) I think the next round of holographic tape I order might (1) feature a totally custom hologram (expensive to forge) plus (2) stickers with unique serial numbers printed in pairs to discourage wallet swapping / sticker replacing.

Regarding encrypted private keys, I'm working on implementing BIP38 as a different design less suited for gift-giving and more suited for long-term storage, something like this:



Finally, for anyone dying to know what Niko's subterfuge was, it was about soaking the wallet in a liquid to remove the stickers without detection. At some point he thought a heatgun/blowdrier might work as well. I haven't tested.

Truly paranoid could also deposit using multi signature transactions. You send the deposit to two or three recipients (addresses of your own paper wallets). Then when you want to withdraw, there are two private keys required from two of your wallets. Of course you store these paper wallets in different physical locations.

Well, I've suggested this before, but it seems none of the paper wallet systems out there support it: why can't the private key be encoded/encrypted with a passphrase? When importing, the passphrase would be required to decode/decrypt the private key, thus mitigating most physical attacks.

Handwriting the deposit information on the back would lead to early detection.

I am wondering if a two factor wallet would be a better option for the paranoid and/or large amounts.

That is ingenious - very clever attack vector! The only way to mitigate it somewhat, I suppose, is to handwrite something on the wallet. That way, unless they go to the extraordinary length of getting a really good handwriting forger, you will recognise someone else's handwriting.

Also, if there is someone who you know deposits regularly into his cold paper wallet and you really want to see the private key without him knowing, there's better attack vector than that.

You quickly take a picture of his wallet when you first have a chance (to have the public address). Then you go back home and print a copy using your website. On the outside, everything looks like the original with the same public key. On the inside, there is some random string instead of the private key.

You fold the wallet and use the original stickers purchased from https://bitcoinpaperwallet.com/. Now the wallet looks exactly like the original. You go back and switch wallets (or you do everything in one go with some portable printer). You open the original wallets without any tricks.

Now you can sit and enjoy balance increasing over time. He won't know the wallet is stolen until he opens it. And when he opens it, it's probably because he wants to withdraw. So as a bonus, you are secured in case that the owner would like to withdraw money. When he opens the wallet two years later he won't have access to the private key. You won't get that if you only read the private key and leave the original wallet.

So: reading private key and leaving it back in place isn't good. You never know when the owner is going to withdraw. You should either steal the whole wallet and withdraw or switch the wallet with a forged one. Both of these attacks are not only easier but more effective than trying to read the wallet and leave it intact.

1. These wallets aren't designed to be kept in your open space office desk drawer. You should keep it secure and unavailable for others' physical access.
2. More probable attack vector of someone who accessed that wallet physically is to rip it open and withdraw coins. All users should be aware that if someone can access the wallet, they're screwed.

Considering this, I think it's safe to assume that everybody sane will keep their paper wallet secured. And considering this, I think it's better to openly describe the hack, because crowdsourced solution might come much faster.

This exactly. I don't think that this is designed to be kept loose in your wallet, there are other solutions for that. This is meant to be stored somewhere safe, and is designed in a way that tampering will be evident.

I don't see the point in stressing about the 'hack'.  Keep your wallet physically secured and you won't have to worry about it.

So, will you inform us when you do have a solution? I would like to be sure it's the most secure possible before starting to use it.

Fluffypony -- thanks both for ordering those stickers and for testing them out with what appears to be a Jedi lightsaber.

Glad the stickers arrived to you intact. Your order was one of the first 30 or 40 orders in which I was using an attractive/descriptive "bitcoinpaperwallet.com" return address. Two of those orders (both to Canada, interestingly) were sliced open before arrival. Stickers intact, but someone tampered with the envelope on the way for sure, possibly someone high up in the CA postal route.

"It's not paranoia if they really are out to get you."

I've since made the return address more obscure, less likely to draw attention.