Bitcoin Forum

We can't look past this any further.

Austria Post Crypto Stamp 1 (CS1)
Austria Post Crypto Stamp 2 (CS2)
These both should be considered "Breached" straight from the manufacturer. After market sales depend solely on the integrity and honor of the seller. If you do not care about the Non-Fungible Token(NFT) or online portion of collecting these stamps then you are fine.

CS1 was found(allegedly) to have been gamed by insiders/post office workers due to the ability to scan the forward facing and uncovered QR code to determine rarity. Anyone that had an inkling about rarities and cryptocurrency hype could have easily pocketed Blues/Yellows/Reds and sent out the more common Blacks/Greens to consumers. Hard to have concrete physical proof of this happening but the upgraded security to the CS2 (inside packaging with a tamper proof sticker) proves that this was recognized as a security flaw.

The attempt to fix this issue with the release of CS2 has still proven insufficient and can be bypassed by anybody with just one hand and a light squeeze. The tamper proof sticker does nothing to stop this from happening. I was able to squeeze the packaging and carefully remove the card from its slotted position inside. I was then able to retrieve the seed phrase and once again squeeze the package open and slide the card back into the slot. Little to no damage done to the packaging or stamp itself.. nothing a few hours in between two heavy books wouldn't fix.
https://i.ibb.co/x64cbfj/60314620.jpg

Now lets get to the major breach of not just CS2, but also CS1.

https://i.ibb.co/Cn5WkXV/60314620.jpg https://i.ibb.co/mBP7Nng/60314620.jpg
Both intact, I tried to show the serial to maintain authenticity through this story of pictures.

I took the previous two pictures inside but have moved into a pitch dark storage room for the next few. This is NOT needed for the effect shown on the CS2 stamp, moreso the CS1 stamp proves superior here but is still vulnerable to a flashlight and dark room. (This took me around five minutes, if I were a more nefarious actor I could have done a much cleaner job.)

CS1
https://i.ibb.co/r2XGt7k/60314620.jpg

CS2
https://i.ibb.co/88bTYkp/60314620.jpg

As you can see in a dark room with a flashlight the seed words and QR codes are visible. With a better flashlight and some contrast adjustments(Photoshop) these could be a lot more crisp and legible. CS1 proves superior with the scratch n' sniff label over it but still doesn't hold up to a dark room and a flashlight.

I am unsure who created the actual physical portion of CS1 for Austria Post - will edit if/when I find this information.

The physical CS2 were made by a company named Variuscard (https://www.variuscard.com/) and commissioned of course by Austria Post. Security testing appears to have been non existent.
Advice - If you ever want to avoid problems like this and work with the community, read THIS thread (https://bitcointalk.org/index.php?topic=5145343.msg51140003#msg51140003) and you'll see how it should be done. (There is a lot of talent you would not expect in the Bitcointalk Collectibles community.)

As this post is about the physical portion of the cards being breachable by anyone that has ever come into possession of them I won't get into the OnChain Shop mess going on right now as that would be labelled as a fail rather than a breach. Special nod to Capacity Blockchain Solution GmbH (https://capacity.at/) and the Ethereum Network (https://ethereum.org/en/) for that.

To sum up. Any and all CS1 and CS2 out there should be considered breached. If you bought straight from Austria Post then you're probably(maybe) alright. The sales that take place on eBay and in the Collectibles board here should be scrutinized and the character of the seller should be taken into account. If you only care about having the card in your possession and don't want to play with MetaMask/Ethereum/High Gas Fees then there is nothing to worry about. Both CS1 and CS2 are absolutely beautiful pieces to have in your physical collection.

Note: If you can do anything with the QR/Seed Phrase pieces I've used in this post, go ahead as they're now part of my compromised collection.

One of the hardest things to do in these situations is keep the packages sealed. I can’t tell you how many boxes of trading cards I’ve opened trying to find that “rare” card only to find nothing. The cost of the sealed box far outweighed the cost of the cards sold separately once opened. The fact of the matter is that if what you’re looking for is truly rare enough to be worth a lot of money statistically it’s not going to be in there. In my opinion you’d be a lot better off keeping them sealed in the original, unbroken packaging. Once you open them you’re only going to have regret at doing so. Trust me I know how hard the temptation is to resist but if you leave them alone for about a day or 2 you’ll forget all about them again. Just my 2 cents buddy.

If I remember correctly, there is some kind way you can use a bright/strong light to see what you got.

Other collectors who are more knowledgeable in this area can add to this :)

i think minerjones is referring to this post by teeGUMES, where it is described exactly how to get all the information of the particular stamp without peeling the cover off
enjoy it ;D