How does physical bitcoins' security work exactly?

[ttookk]

Hey,

I think the title says it all, but to be more specific here:

from my understanding, a physical bitcoin usually has some kind of hologram sticker under which the private key is hidden. So, as long as the sticker is intact, the privkey is unknown too. At least in theory.

In practise, I don't understand how the privkey is generated in the first place. Is this just a matter of trust, that the guys creating the coins are putting their reputation on the line? Or is there more to it?

I mean, the moment you send data to a printer, there is no way this data can't be accessed, right? Am I missing something here?  

[dsattler]

I've once read a report about the casascius coins and that the founder really carefully created the private keys for his those, so that no data could leak outside. I guess he only used air gapped systems to calculate and print the keys. Other manufacturers could have a different philosophy though. In the end it's only a matter of trust.

[ArcCsch]

The trust issue can be somewhat mitigated by having multiple parties generate private-public key pairs, placing the private keys under holograms, and using a k out of n multisignature.
This works as long as more than n-k erase their private keys (as opposed to saving them or leaking them to hackers) and at least k generate an actual key-pair (as opposed to placing random junk or a blank under the hologram), the first type of dishonesty is somewhat unlikely (but still plausible) as it requires a collusion, while the second type provides very little benefit to the defectors.

[Sex Video Chat VKcams.com]

the moment you send data to a printer, there is no way this data can't be accessed, right? Am I missing something here?  

If this printer will broken and transfered to some technician (or taked from the garbage by a hacker), there is possibility to extract data from it.
Before printing the data is stored in printer memory.
Extracting this data is one thing.

Other thing is a hijacking of printed data.
There are different ways too.

[dsattler]

I've just saw someone selling a titan physical bitcoin. They have the option to secure the stored bitcoins with 2fa: https://www.titanbtc.com/titan-bitcoin-security/

[ttookk]

Thanks guys (and gals). This is a very intriguing problem, because I'm working on a project, that effectively has the same issues and I am trying to find a good solution for it:

Ideally, I want to generate a bitcoin private/public key pair "in the dark", with the pubkey/address being known, while the privkey stays "hidden" within a smart contract. The obvious problem is, that all the data used to generate the keypair can be monitored, therefore, the key can be duplicated.

Having multisig addresses by different entities is the best I've come up with until now. Still not an ideal solution, since the entities could be in fact one.

[Sex Video Chat VKcams.com]

all the data used to generate the keypair can be monitored, therefore, the key can be duplicated

If Your code production system is not connected to Internet physically, no one have the chance to hijacking the data.

In the real world someone can introduct to Your system a spying devices with mobile Internet modem or trying to spy on Your machines from some short distance.
For example the Monitor is emitting the picture in radiofrequency, and this signal can be captured and reproduced to other monitor or registered.
Or someone can place the camera in Your Office.

But You probably just under audio/video/data spying on Your costs for someone with the Your smartphone (If You Use It).

No idea, who is the max expert in such question for today.
Try to listen https://blog.kaspersky.com/

[dsattler]

This very interesting and cheap device lets you create a private key yourself and can even sign a message with it, so you can be sure that it contains the correct private key:
https://opendime.com/

IMHO it's the next step of a physical bitcoin with private key under a hologram!
Unfortunately it's quite ugly and therefor won't become a collector's item. 

[ttookk]

This very interesting and cheap device lets you create a private key yourself and can even sign a message with it, so you can be sure that it contains the correct private key:
https://opendime.com/

IMHO it's the next step of a physical bitcoin with private key under a hologram!
Unfortunately it's quite ugly and therefor won't become a collector's item. 

Dunno, as a Neuromancer fan, I think this thing looks rad as fuck

I'm asking about physical bitcoins, because of this:

https://bitcointalk.org/index.php?topic=1689947.0

Ultimately, what I am trying there is not that different from creating a physical bitcoin, so I thought, I'd give it a look.

Thanks to all who contributed.