Pages:
Author

Topic: The official BitcoinPaperWallet.com thread -- updates and news. - page 7. (Read 55974 times)

sr. member
Activity: 261
Merit: 285
I was able to read the key in about two minutes, without any apparent damage.

I wanted to confirm for anyone following this thread (or following the bet Niko and I had re: his efforts to try to bypass the tamper-evidence features of this wallet) that Niko did in fact come up with a very smart way to reveal the private key without damaging the tape.

Once he sends me his public address I'll send him a few beers BTC to honor our bet.

For the time being, since I don't (yet) have a solution for Niko's hack, I appreciate that he's not making it public here. I'm no believer in security through obscurity, but at the same time I figure there's no especially good reason to post instructions for circumventing the tamper-evidence so long as I publicly declare: YES there are definitely ways to reveal the private key without anyone knowing it, and you don't need superconducting quantum NASA laserbeam technology or anything like that. Smiley
donator
Activity: 1274
Merit: 1060
GetMonero.org / MyMonero.com
My stickers just arrived today (thanks Canton, shipping to South Africa was FAST!) - I'm not going to post an unboxing, it's a frikkin envelope:)

I printed a wallet (1PJegEonLNGqxgtk1dva6sJze9F1HwraMn) in grayscale and decided to try candle it. For my experiment I'm using a Fenix TK41 U2, which produces 860 Lumens of blinding white brightness.

Setup:


15 Lumens test:


120 Lumens test:


365 Lumens test:


860 Lumens test:


I know it may be a little hard to see clearly, but even at 860 Lumens there was sufficient blur to make the QR code unreadable and impossible to clean up. The stickers obliterated any chance at reading the code. If I was extra paranoid I could stick an extra sticker to cover the QR code:) I'm confident that even at 860 Lumens, printed with relatively light toner on a grayscale laser printer, that it is safe to use. I'll be printing out a new permanent one in colour to be extra safe:)
hero member
Activity: 756
Merit: 501
There is more to Bitcoin than bitcoins.
Things usually work out much better when you don't try too hard. After officially giving up, and paying up the dues, I could finally have some fun with the sample wallet. I was able to read the key in about two minutes, without any apparent damage.
Canton, I emailed you with the details.
sr. member
Activity: 261
Merit: 285
I give up! Since this private key was inadvertently revealed elsewhere by canton, I will not be sending my dues there; canton, PM me a new address!

Nice work with the partial reveal, Niko!

I'll PM you an address for the .0255 BTC bet, but only if you let me send you a batch of these new holograms for your own use. Smiley Do you want silver, gold, or both?
hero member
Activity: 756
Merit: 501
There is more to Bitcoin than bitcoins.
I finally got a couple of hours to play with the early prototype. Here is what I was able to get by simply shining light through the wallet:


Now, as much as I am satisfied that I was able to read most of the letters, the level of satisfaction will not increase significantly if I spend time doing this until I am able to read all of the letters. If it was a 100-coin wallet, maybe.

Furthermore, canton included a sample sticker (that he did not apply to the wallet he sent it with) that would pretty much render my attempts completely futile: the sticker substrate appears to be metallic. No way we'll be able to read through that any more that we can read through Casascius coins.

I give up! Since this private key was inadvertently revealed elsewhere by canton, I will not be sending my dues there; canton, PM me a new address!

This was fun. Again, if you do make your own paper wallets, and you store any significant value in them, do not take tamper-proofness lightly.
sr. member
Activity: 261
Merit: 285
The latest revision to this wallet design is fairly minor. But pretty! I had gold and silver tamper-evident hologram stickers custom printed with white "bitcoin" text that exactly matches the pseudo "watermark" design on the reverse of the folding wallet.



Rainbows are wicked hard to photograph, so this video shows the silver vs. gold holograms best: http://youtu.be/gZBXhFT_GKo

Although I haven't officially launched this design yet, the stickers and the latest folding design are all both available at http://bitcoinpaperwallet.com

sr. member
Activity: 382
Merit: 253
For professionally printed notes, I was thinking the process might go like this:

  • customer uses a secure generator (like bitaddress.org)...
That's already too complicated.

...
  • customer sends the list of keys to the professional printer
  • printer prints out fully-filled in ready-to-load notes and sends them back.

I'm still not 100% sure I understand how BIP38 is supposed to be used so please correct me if my assumptions are wrong here.

IMHO it should be more like:

  • Customer visits site
  • Customer clicks "Buy a paper wallet"
  • Client side script generates two pass phrases, only showing one to the customer
  • Clear and concise instructions tell the customer to write down or print their pass phrase
  • Client side script then sends the other pass phrase and the public address to the server
  • Client side then says "to complete your order send XXX BTC to 1?... and also presents a QR code
  • Server alerts production that a new wallet is ordered
  • Production prints out and ships the wallet

The customer shouldn't have to know about BIP38 or any of that, although if they want to learn about it good links should be available.

The wallet should have the codes to verify that the pass phrase in the wallet will generate the half of the private key. The website should have a client side script page that will take both pass phrases and use them to determine the real private key.

I made a test wallet using my Shire Silver equipment, putting a piece of aluminum foil between two pieces of 100# cardstock and laminating them (private key on the inside of one of the pieces of cardstock). It sure seemed to be pretty well guarded against casual prying, and only when the laminate was cut on three sides was the private key portion visible.

You can also save the pass phrase that the customer didn't get in a database, so if they ever lose the card they can always ask for another (for a price).
sr. member
Activity: 261
Merit: 285
Wouldn't the best use of BIP38 be to have the manufacturer print half the private key while the customer writes down the other half? You can print a really nice note for them and they know that you don't have access to the funds, but they can verify that the half of the code you printed is correct.

For professionally printed notes, I was thinking the process might go like this:

  • customer uses a secure generator (like bitaddress.org) to produce 100 pairs of BIP38 encrypted keys and public addresses.
  • customer sends the list of keys to the professional printer
  • printer prints out fully-filled in ready-to-load notes and sends them back.

I'm still not 100% sure I understand how BIP38 is supposed to be used so please correct me if my assumptions are wrong here.
sr. member
Activity: 261
Merit: 285
Canton, do you do all the graphics art yourself?
Yup! Programming web stuff is my mainstay but I do a fair amount of design for fun and work as well.
sr. member
Activity: 382
Merit: 253
Wouldn't the best use of BIP38 be to have the manufacturer print half the private key while the customer writes down the other half? You can print a really nice note for them and they know that you don't have access to the funds, but they can verify that the half of the code you printed is correct.
legendary
Activity: 1134
Merit: 1008
CEO of IOHK
Canton, do you do all the graphics art yourself?
sr. member
Activity: 261
Merit: 285
Does anyone have any ideas about how a paper wallet design should look & work when the private key has been encrypted with a password? I'm talking about https://en.bitcoin.it/wiki/BIP_0038 implementation.

Folding, tamper-evidence, all that seems unimportant if you can show off your encrypted private key to the world with (relative) safety. On the other hand, what I like about an unencrypted wallet is that -- for example -- if you die, your spouse can recover your funds from a wallet stored in a safety deposit box without knowing your passphrase.

One idea I'm kicking around is a design that prints out a wallet plus a backup wallet stub (like on the open paper wallet project elsewhere on bitcointalk) -- but in this case a mixed encrypted / unencrypted private key wallet. Something like this:



If not this, then what do YOU think would be a good way to implement BIP38 on a paper wallet?
legendary
Activity: 1134
Merit: 1008
CEO of IOHK
Quote
No (good) reason at all! My generator is based on GitHub fork of bitaddress.org from about 2 weeks ago, so whatever bitaddress.org was using back then I'm still using now. I haven't folded in any recent developments (including BIP38 which I'm considering implementing.) I'll have to ask if pointbiz/bitaddress.org are using the older crypto for compatibility reasons or if it just needs refreshing.

The only reason I mentioned is that Jeff worked pretty hard to speed up the code in version 3.0.

Quote
I've also been thinking about building in some very human random input other than mouse movement... like an option to flip coins or throw dice or something...

Mouse movements are likely to be a more random express than such inputs. JS-Crypt's implementation has not been vetted as a CSPRNG, but it seems sufficiently good. You could always implement a proof of work style random generation and then hash the solution and select the first few bits of output as your seed. All hardware will have different solution time and the randomness of network latency would also add a slight stochasticism even on the same configuration. Combined with a hash, you would have a totally random seed.

Quote
I'm enormously grateful for any source code checking anyone wants to do, especially for a forthcoming live bootable CD I intend to distribute. (Someone generously ported my design to their own linux-based command line generator which uses an in-memory filesystem and PDF generation to circumvent issues with cached print files ending up on the hard drive, etc.)

If I can find the time, then I'd be happy to help. Shoot me an email. And any course suggestions you would recommend, I'd greatly appreciate.
sr. member
Activity: 261
Merit: 285
Canton any reason you didn't use the newer implementation?

No (good) reason at all! My generator is based on GitHub fork of bitaddress.org from about 2 weeks ago, so whatever bitaddress.org was using back then I'm still using now. I haven't folded in any recent developments (including BIP38 which I'm considering implementing.) I'll have to ask if pointbiz/bitaddress.org are using the older crypto for compatibility reasons or if it just needs refreshing.

I've also been thinking about building in some very human random input other than mouse movement... like an option to flip coins or throw dice or something...

I'm enormously grateful for any source code checking anyone wants to do, especially for a forthcoming live bootable CD I intend to distribute. (Someone generously ported my design to their own linux-based command line generator which uses an in-memory filesystem and PDF generation to circumvent issues with cached print files ending up on the hard drive, etc.)
sr. member
Activity: 261
Merit: 285
Canton I did a lecture today on your wallet. I recommended it to my students seeking a paper backup:

https://www.udemy.com/bitcoin-or-how-i-learned-to-stop-worrying-and-love-crypto/

Hi Charles,
Lecture looks *great* I skimmed it. Really glad to see a detailed straightforward explanation in such depth.
sr. member
Activity: 261
Merit: 285
Be wary - inject printer ink has a finite and relatively short life (can be as short as a few years).

I've been experimenting with spraying the finished printouts with Krylon "Preserve It" before folding up. Stinky as hell, but I think it's going to make a difference as long as their marketing info is accurate:

  • Digital photo and paper protectant more than doubles the life of documents and photos.
  • Ideal for protecting digital photos, address labels, greeting cards, scrapbook materials, artwork and more
  • Acid-free/Archival-safe
legendary
Activity: 1134
Merit: 1008
CEO of IOHK
He is using crypto-js https://code.google.com/p/crypto-js/downloads/detail?name=Crypto-JS%20v2.5.4.zip&can=2&q= Simon Greatrix and Jeff Mott. Yes the implementation looks fine.

Canton any reason you didn't use the newer implementation?

https://code.google.com/p/crypto-js/
legendary
Activity: 1134
Merit: 1008
CEO of IOHK
Quote
Insert Quote
Excuse me if this seems unappreciative (I think your design is awesome and have printed out 3 wallets for my family).  But has anyone verified the Javascript in the Zip download?  I'm just wanting to make sure that the random mouse movements are actually seeding the RNG and we aren't all just making the largest Bitcoin donation in history. ;-)

If someone is paranoid and is going to go through the extra effort of doing this completely offline, it would help to have 100% confidence in the RNG.

I looked through the javascript and it seems to be legit; however, I have not invested a huge amount of time verifying this claim. The random movements are seeding the PRG; however, I have not verified that he has implemented a CSPRNG.
legendary
Activity: 994
Merit: 1000
Excuse me if this seems unappreciative (I think your design is awesome and have printed out 3 wallets for my family).  But has anyone verified the Javascript in the Zip download?  I'm just wanting to make sure that the random mouse movements are actually seeding the RNG and we aren't all just making the largest Bitcoin donation in history. ;-)

If someone is paranoid and is going to go through the extra effort of doing this completely offline, it would help to have 100% confidence in the RNG.
legendary
Activity: 1134
Merit: 1008
CEO of IOHK
Canton I did a lecture today on your wallet. I recommended it to my students seeking a paper backup:

https://www.udemy.com/bitcoin-or-how-i-learned-to-stop-worrying-and-love-crypto/
Pages:
Jump to: