Pages:
Author

Topic: [WTS] BIP38 cold-storage wooden cards to protect your bitcoin - 10% off - page 2. (Read 9259 times)

legendary
Activity: 1050
Merit: 1004
The anticipation is killing me. Tongue

Shipped 8 days ago.
copper member
Activity: 3948
Merit: 2201
Verified awesomeness ✔
Quote
Edit
I've just seen your updates on your post bitcoininformation. Would it be good if bippy could AES-256-CBC decrypt an Electrum encrypted seed? I could certainly look into that as a feature.
/Edit
That would be good, as long as I can double check the source. Grin
To be honest, I will most likely get more people to check it for me, since Python isn't a language I have mastered. I know the basics and that's about it.
member
Activity: 89
Merit: 10
sr. member
Activity: 277
Merit: 250
full member
Activity: 345
Merit: 100
https://wagabet.com/?ref=4GhhtoyKXXeVtx83ispZ1T
Will b ordering soon! Thanks for electrum support!
hero member
Activity: 692
Merit: 500
cool, and to decrypt it?
Paste/QR import it back in the wallet file
sr. member
Activity: 267
Merit: 250
Woodwallets.io
thank you for joining the conversation Wink  I Xpost my questions for you :

Quote
[from that file] Can you read it[the seed] and send it to physical wallet manufacturer?
Is it easy to un-encrypt it when you need it? Wink

Yes the encrypted seed is just a string of characters in a text file. As long as the cold wallet manufacturer allows you to laser a string of that length (88 chars in my case)
cool, and to decrypt it?
hero member
Activity: 692
Merit: 500
thank you for joining the conversation Wink  I Xpost my questions for you :

Quote
[from that file] Can you read it[the seed] and send it to physical wallet manufacturer?
Is it easy to un-encrypt it when you need it? Wink

Yes the encrypted seed is just a string of characters in a text file. As long as the cold wallet manufacturer allows you to laser a string of that length (88 chars in my case)
hero member
Activity: 692
Merit: 500
So, I could just get that AES encrypted seed from my wallet file and use that, correct? Only thing I need to do is decrypt it with my password if I want to use it. Right?

There is no need for you to decrypt the string.

You can read your encrypted seed from the wallet text file. Once you have safely recorded the string you could either shred the wallet file, or save a copy with the seed field blank, then shred the original. To restore the seed you would QR import/Paste the seed back into your copy of the wallet file, and open it with electrum
sr. member
Activity: 267
Merit: 250
Woodwallets.io

To my mind, bippy wins over similar tools such as bitaddress.org in a few ways. First, it can generate keys and addresses for multiple (45+) currencies, it can now handle Elecrtum seeds and encrypt them and I'm working on the intermediate code version of BIP0038. Most importantly though, although bitaddress.org is open source and is very very good (I've read it lots), it still relies on a third party web browser to display your keys, do the encryption and receive input. I know you can 'clear' a browsers cache but I know that I have never delved into a browsers code to see what it is actually doing. It seems like a weak point to my mind. Bippy doesn't need a browser so there isn't that reliance on a massively complicated bit of code written over a long time by multiple people.

Bippy will run fully offline and I totally recommend that you do just that. Boot up a Linux Live CD or USB, install bippy, encrypt your seed, write the encrypted code down and then reboot. Bippy never gets to see the internet and your seed is never exposed in a form that isn't password protected.

I do hope that Bippy becomes useful. It is a fun project and I will continue to work on it. Nico is a great guy too and it's a real pleasure being involved with something as aesthetically pleasing as wood-wallets
In answer to kuverty; A wood-wallet really is a thing of beauty. I took delivery of my first several weeks ago and I have been showing everyone since. It is wonderfully tactile and smells great. Everyone who has seen it has wanted one and 90% of them know very little about Bitcoin so it is a great conversation starter.


Thanks Sam, I can't stop repeating how lucky I was by finding inuit and begin the collaboration with you Wink

sr. member
Activity: 267
Merit: 250
Woodwallets.io
I have given some though to this exact idea - wooden cards like that, or maybe aluminum because that's nice too and I know a nice way of working it... but this looks better than anything I could have dreamt of. Congrats, these are one of the coolest Bitcoin items I've seen, on par with the nicest looking Casascius coins.

I am flattered . You should thank the designers (Isacco and Dan who know how to make simplicity look good Wink
newbie
Activity: 18
Merit: 0
]I have found my encrypted seed. Trying to decrypt it now Wink

Edit
I've just seen your updates on your post bitcoininformation. Would it be good if bippy could AES-256-CBC decrypt an Electrum encrypted seed? I could certainly look into that as a feature.
/Edit
 
I'd be interested to hear your experience with this. I only started to investigate Electrum when the possible need for a wood-wallet was raised. I could see that the seed was available in the wallet file but the instructions to get it were, I felt, a little unfriendly to a newcomer. It's worth pointing out too that the way Electrum handles seeds seems to be changing in version 2 (see rdymac's reply to AussieHash on reddit)
That said, bippy isn't particularly newbie friendly in its current form (ensure you have Python installed, download and run kivy, clone a git repo and run a program etc.). We are working on that though and should soon be able to offer single file executables so that it becomes very easy to run.

The reason we haven't done this so far is to try and counter the argument put forward by AussieHash. He quite rightly points out that trusting a third party with your private key or electrum seed details is risky. Both bippy and my other project inuit are fairly new and not as mature as say Electrum or Armory. They and I don't have the level of trust that these older projects have and rightly so. I hope, however that by being open, accountable and known, we can start to earn trust and gain acceptance and use in the community. Once we have that trust we can deliver an easier experience through compiled code.
Bippy isn't particularly complex and I have tried to comment the code as best I can. I would ask that, if you are interested, you give it a read and see what you think. I'm happy to answer any questions and will take all comments and criticisms on board.

To my mind, bippy wins over similar tools such as bitaddress.org in a few ways. First, it can generate keys and addresses for multiple (45+) currencies, it can now handle Elecrtum seeds and encrypt them and I'm working on the intermediate code version of BIP0038. Most importantly though, although bitaddress.org is open source and is very very good (I've read it lots), it still relies on a third party web browser to display your keys, do the encryption and receive input. I know you can 'clear' a browsers cache but I know that I have never delved into a browsers code to see what it is actually doing. It seems like a weak point to my mind. Bippy doesn't need a browser so there isn't that reliance on a massively complicated bit of code written over a long time by multiple people.

Bippy will run fully offline and I totally recommend that you do just that. Boot up a Linux Live CD or USB, install bippy, encrypt your seed, write the encrypted code down and then reboot. Bippy never gets to see the internet and your seed is never exposed in a form that isn't password protected.

I do hope that Bippy becomes useful. It is a fun project and I will continue to work on it. Nico is a great guy too and it's a real pleasure being involved with something as aesthetically pleasing as wood-wallets
In answer to kuverty; A wood-wallet really is a thing of beauty. I took delivery of my first several weeks ago and I have been showing everyone since. It is wonderfully tactile and smells great. Everyone who has seen it has wanted one and 90% of them know very little about Bitcoin so it is a great conversation starter.
sr. member
Activity: 770
Merit: 250
I have given some though to this exact idea - wooden cards like that, or maybe aluminum because that's nice too and I know a nice way of working it... but this looks better than anything I could have dreamt of. Congrats, these are one of the coolest Bitcoin items I've seen, on par with the nicest looking Casascius coins.
copper member
Activity: 3948
Merit: 2201
Verified awesomeness ✔
thank you for joining the conversation Wink  I Xpost my questions for you :

Quote
[from that file] Can you read it[the seed] and send it to physical wallet manufacturer?
Is it easy to un-encrypt it when you need it? Wink
I have found my encrypted seed. Trying to decrypt it now Wink
EDIT: Still working on decrypting it. Quite hard...
EDIT2: I give up, no idea how to do this. I know how it's encrypted AES-256-CBC, but I can't figure out how to decrypt it.
copper member
Activity: 3948
Merit: 2201
Verified awesomeness ✔
Cross post
http://www.reddit.com/r/Bitcoin/comments/27ot5c/before_writing_down_the_electrum_seed_anywhere/ci2wozo
Quote
Whilst I believe Bippy is open source there is no reason at all to trust a third party.
Electrum already AES encrypts your seed (if you password protect it) and stores it in the the wallet file.
https://electrum.org/faq.html#wallet-file
In my case the encrypted seed is an 88 character string.
So, I could just get that AES encrypted seed from my wallet file and use that, correct? Only thing I need to do is decrypt it with my password if I want to use it. Right?
sr. member
Activity: 267
Merit: 250
Woodwallets.io
thank you for joining the conversation Wink  I Xpost my questions for you :

Quote
[from that file] Can you read it[the seed] and send it to physical wallet manufacturer?
Is it easy to un-encrypt it when you need it? Wink
hero member
Activity: 692
Merit: 500
Cross post
http://www.reddit.com/r/Bitcoin/comments/27ot5c/before_writing_down_the_electrum_seed_anywhere/ci2wozo
Quote
Whilst I believe Bippy is open source there is no reason at all to trust a third party.
Electrum already AES encrypts your seed (if you password protect it) and stores it in the the wallet file.
https://electrum.org/faq.html#wallet-file
In my case the encrypted seed is an 88 character string.
newbie
Activity: 18
Merit: 0
Hi Everyone.

I'm Sam, the developer of Bippy. I'm happy to answer any question about the code or implementations of encryption that anyone may have

I've added the ability to encrypt Electrum Mnemonic seeds using a customised encryption method based on BIP0038. Bippy will recognise an Electrum seed based on the fact that it is twelve separate words. You add a password and the encryption takes place. Bippy can also decrypt the encrypted string back to the 12 word seed but only with the correct passphrase.

The code is available on github here:
http://github.com/inuitwallet/bippy
The Electrum specific code is in this file:
https://github.com/inuitwallet/bippy/blob/master/encrypt/electrum.py

As Nico has said, we are adding functionality to bippy as requests come in so the UI is in need of a bit of work.
I'll be working on making it easier to use over the next few days as well as attempting to get some compiled binaries up and working too.

If you have any questions or suggestions feel free to get in contact or post here.

A quick overview of the method for those who are interested (sorry for anyone who isn't interested. I'm quite pleased with this and want to talk about it Wink):
  • Use the Electrum method to convert the mnemonic into the seed number
  • Take a hash of the last 4 digits to act as a checksum
  • Use that hash and the passphrase to generate an encryption key using scrypt
  • Use that key to AES 256 encrypt the original seed in two halves (as in BIP0038)
  • The encrypted string is a Base58_Check encoded concatenation of some magic bytes (to make the start of the string 'SeedE'), the checksum hash and the two encrypted halves
The decryption is the reverse of this but using the various checksums to ensure that the string is correct and the password works. 
sr. member
Activity: 267
Merit: 250
Woodwallets.io
This is exactly the answer I wanted to read Wink
copper member
Activity: 3948
Merit: 2201
Verified awesomeness ✔
I will look into the implementation later on today to make sure that my seed and the encrypted private address really are safe. I trust you guys, but not enough to give you my whole wallet without double checking the code. No offence.
Pages:
Jump to: