Bitcoin Forum

I am currently keeping 90% of my BTC in cold storage on paper wallets. Now I want to start generating my paper wallets with encrypted private keys (just using a cipher of my choice to encode the key before printing it out). However, I'm a little nervous that I'll make a mistake when encoding it, and then the funds I send there will be lost.

I was wondering if there would be a way to test the private key to see if I've actually written it down correctly, but without connecting to the network while doing this (because I want these wallets to remain pure cold storage). Just for my own peace of mind.

Is there any way to do this?

send small amount of btc?

Download bitaddress.org save html file, go on offline computer, go to wallet details tab, enter private key, see if address matches what you have

Thanks, that sounds like it will work.

@daoneway I meant testing the private key. I know the public address is correct because I didn't encode that.

Use bitcoin-qt.
Use offline computer.
Run bitcoin-qt.
Use importprivkey with the unencrypted private key.
Check the address if it's there.
Securely erase or wipe wallet.dat of offline computer.

What you should be doing is testing the methodology used to create multiple keys, not testing a particular key.

Spending money sent to an offline address removes the associated security:

• The private key must be put on an online computer system in order to spend the money, where it may be compromised, and,
• Spending from an address reveals it's public key, which may reduce cryptography robustness.

Generate multiple paper wallets at the same time using the same method. Spend a test amount of bitcoins sent to one wallet (and discard it), ensuring that your creation and spending method is not flawed.

I know, I don't want to actually spend any of the money associated with the paper wallet. I just want to check that I encoded and printed the private key correctly, so that in the future when I want to spend the money I don't discover that I made a mistake and the money is lost.

I think Patel and Dabs' solutions will both work, I'm going to test them today.

Yes, doing an actual test import on a brand new wallet on an offline computer using bitcoin-qt that you securely delete later should allow you to check that you can do it in the future.

For the most part, all my vanitygen generated compressed keys work; you can use any prefix or just 1 to make a lot of them and pick one. If you make wallets using dice or true random numbers, bitaddress.org also works.

For bitaddress.org I use the compressed version. For the brain wallet, I input the passphrase, then I get the resulting uncompressed private key, I put that in the wallet details tab, and use the compressed version of the address and private key.

That has not failed me.

Thanks. I haven't tried a brain wallet yet, just normal paper wallets where I encoded the keys before printing them. So just went ahead and booted an offline machine again, decoded the keys myself and then entered them into bitaddress to make sure the address it gave me matched, and it did, so I'm assuming everything is good.

Sorry, to reactivate this two years old thread but I have got a similar question. I created paper wallets using offline Bitaddress.org.
Now, I want to verify that the generated private keys fit to the public keys. Just to get sure that the algorithm of the downloaded source of Bitaddress.org is not damaged in any way. Is there a little Python or C++ comand tool to verify the keys offline?

You could try pybitcointools: https://github.com/vbuterin/pybitcointools

Thanks, this was exactly what i was looking for. Very easy to use. Did not know that Valerin Buterin has released a set of Bitcoin tools based on Python.

Sorry to re-bump this old thread. But I am a little paranoid whether I will be able to actually spend the Bitcoin wallet that I created offline.

I know you can use bitaddress.org AND the importprivkey with bitcoind and you can easily check if the PRIVATE key matches the PUBLIC key.

However I am concerned with this situation
http://www.reddit.com/r/Bitcoin/comments/2t3vn0/i_cant_send_my_btc_a_triangle_apear_i_use_multibit/

Basically he created an offline wallet but due to some bug he cant ever spent that bitcoin due to some exponent bug.

I heard that the best way to see if you can actually spend the BTC is to SIGN and VERIFY a message offline. However I can't find an website which does this at the moment.

There are a few ways to check the validity of the key.

First, you can decode the base58 check encoding to get the raw hex of the private key. Then just check that that number is between 1 and 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 inclusive. Obviously if you happen to get a key that is either of those two numbers, you should generate a new key.

You can also install electrum or Bitcoin Core on the machine itself and sign and verify a message to ensure that the key works.

So using
http://lenschulwitz.com/base58

Say my private key is:
L2vDMT2mY9AiNYZgnfK8tBoCh55XWS76h8bdM2Y3wGfnf4R2EamP

Decoding results in:
80AA05F15D112414670BAD47FCCC52AD6486D5CB33BEA4463E8DFF0C5B1C1F4D150146441A8A

So as long as it doesn't start with a 0 it should be good?

Close. First you drop the first byte (0x80) and the last 4 (0x46441A8A). What remains is the actual private key. So long as that is not all zeros or that it does not begin with a bunch of F's, it should be good.

1. Launch Bitcoin Core (can be offline)
2. Open console
3. type importprivkey L2vDMT2mY9AiNYZgnfK8tBoCh55XWS76h8bdM2Y3wGfnf4R2EamP
4. See if you get a new address in the wallet
5. Securely erase / restart tails / revert VM / toss a grenade / shoot computer / burn in thermite


My post from 3 years ago has not changed.

Besides all suggestions above I would do like this
1) Download brain wallet (a copy is here http://wallet-2sx53n.sakurity.com/ , or in github)
2) (Offline) Sign a message, if it works then it's ok.

When I put in

AA05F15D112414670BAD47FCCC52AD6486D5CB33BEA4463E8DFF0C5B1C1F4D1501

I get an error:

Cannot Decode! Invalid Base58 Character(s)!




But as you sure I will be able to spend the funds even though the privkey prints the public key? I am concerned about the bug listed here
http://www.reddit.com/r/Bitcoin/comments/2t3vn0/i_cant_send_my_btc_a_triangle_apear_i_use_multibit/


Is there a difference of that brain wallet sign/verify function compared to the one found in the bitcoin core ?

That's because it isn't a base 58 check encoded private key (what you normally think of as a private key). That is the hex of the actual private key, just a really big number.

1. You are using Bitcoin Core, not Multi-Bit
2. That bug is for a particular address, you won't ever get that address from using Bitcoin Core
3. When you see the public key and address, it should work. It will work.

So is there any tutorial or examples can that show how to decode/encode the base 58 private keys. I am still confused.

You already have decoded the base58 check encoded private key. As I already said, you have the key in its hex format. You can convert that to decimal if you really want to. You have the key in hex so you can check whether it is greater than 0x01 and less than the large hex number I posted earlier.

https://bitcoin.org/en/developer-reference#address-conversion
https://en.bitcoin.it/wiki/Base58Check_encoding

Also I think the following can be helpful to look at:
http://orm-chimera-prod.s3.amazonaws.com/1234000001802/images/msbt_0406.png
http://chimera.labs.oreilly.com/books/1234000001802/ch04.html#base58

What about if I use Bitaddress to generate the keys offline. Does it have that bug fixed?

If you are so interested in that particular bug you can read about it here: https://github.com/keepkey/multibit/issues/661 and https://multibit.org/blog/2015/02/02/wallet-forensics.html and it seems to me that the problem was with the user not the wallet and because he had imported private keys and messed up things in his wallet.

You are talking about generating a private key with bitaddress not a wallet with multibit

If your using bitaddress then you will be fine, but be careful if you are messing about with it yourself. :o