Bitcoin Forum
December 12, 2024, 02:35:32 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 »  All
  Print  
Author Topic: Publicly released some of the magic potion that goes into physical bitcoins!  (Read 9240 times)
casascius (OP)
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1140


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
December 06, 2012, 07:22:45 AM
 #1

I just released some of the magic that goes into physical bitcoins: a generator for those little round key circles I put in my coins.

How it works:
1 - download latest Casascius Bitcoin Address Utility (either on github, or https://casascius.com/btcaddress-alpha.zip)
2 - generate some keys
3 - print physical bitcoin inserts!

I made it so you can generate key circles with Minikeys, regular keys, or two-factor Encrypted Private Keys.  Minikeys are 30 characters and fit in a single circle.  Regular keys are 51 characters and two-factor encrypted ones are 58 characters, these print on a two-circle shape that you fold in half.

Each sheet gives you 8 keys, and gives you a QR code for the bitcoin address.

I added one more thing, and that's something called "confirmation codes".  A confirmation code lets someone who ordered a two-factor passphrase physical bitcoin verify that the address they were given is really protected by their passphrase, without giving them access to the funds.  So... I can sell a two-factor physical bitcoin with YOUR passphrase, and also give you back a "confirmation code" that allows you to independently calculate the bitcoin address that went inside your product.  It allows you to prove that I didn't just give you an address of my own.

Of course, with this generator, the genie is out of the bottle, and you could create your own physical bitcoins yourself.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
Uglux
Full Member
***
Offline Offline

Activity: 222
Merit: 100



View Profile
December 06, 2012, 07:27:48 AM
 #2

Nice. Thank you.
BoardGameCoin
Sr. Member
****
Offline Offline

Activity: 283
Merit: 250



View Profile
December 06, 2012, 07:31:35 AM
 #3

Yay! Your roll-your-own coins just got a bit more valuable... Not that I don't trust you, but I prefer not needing to Wink


I'm selling great Minion Games like The Manhattan Project, Kingdom of Solomon and Venture Forth at 4% off retail starting June 2012. PM me or go to my thread in the Marketplace if you're interested.

For Settlers/Dominion/Carcassone etc., I do email gift cards on Amazon for a 5% fee. PM if you're interested.
Yuhfhrh
Full Member
***
Offline Offline

Activity: 238
Merit: 100



View Profile
December 06, 2012, 07:36:02 AM
 #4

Mike, this is perfect. I'm speechless about the impact you have had on bitcoin. So many more people are learning about bitcoin from the coins I have been buying from you. The light just turns on for them when I whip one of them out!

Thank you for releasing this, now I feel silly for asking for more of the private key circles.
casascius (OP)
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1140


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
December 06, 2012, 07:37:31 AM
Last edit: December 06, 2012, 07:56:51 PM by casascius
 #5

Important thing I should add: for cutting out circles you really want is a hole punch meant for train tickets that punches the right diameter of holes (about 10mm)

I searched high and low in the US and a company called M C Mieth Manufacturing had one.  That was long ago before I gained access to a laser machine that I now use to just bulk cut keys by the thousands.  If you are just doing a few for fun, then scissors will work fine.

EDIT: here is a link: http://ticketpunch.net/index.php/vmchk/Large-Die-Punch/Large-Round-Holes-up-to-1/2.html - I bought the 3/8" version and it fits all of my coins and bars.  You do NOT want the reservoir option - it will get in the way of aiming the tool at the text on the key.



Mike, this is perfect. I'm speechless about the impact you have had on bitcoin. So many more people are learning about bitcoin from the coins I have been buying from you. The light just turns on for them when I whip one of them out!

Thank you for releasing this, now I feel silly for asking for more of the private key circles.

No problem!  The key circle you print yourself is inherently a better one anyway.

Now I will have to make a report that prints more than 8 of them to a page, but that'll come later, it's my bed time.

I will probably up my minimum order quantity of the roll-your-owns and decrease the price...

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
casascius (OP)
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1140


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
December 06, 2012, 07:45:50 AM
 #6

Just pushed a couple quick bug fixes, including fixing an inability to print more than 1 page worth of keys at a time

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
smoothie
Legendary
*
Offline Offline

Activity: 2492
Merit: 1491


LEALANA Bitcoin Grim Reaper


View Profile
December 06, 2012, 07:52:05 AM
 #7

Downloaded, Unzipped, Clicked "wallet generator" and it crashed...


███████████████████████████████████████

            ,╓p@@███████@╗╖,           
        ,p████████████████████N,       
      d█████████████████████████b     
    d██████████████████████████████æ   
  ,████²█████████████████████████████, 
 ,█████  ╙████████████████████╨  █████y
 ██████    `████████████████`    ██████
║██████       Ñ███████████`      ███████
███████         ╩██████Ñ         ███████
███████    ▐▄     ²██╩     a▌    ███████
╢██████    ▐▓█▄          ▄█▓▌    ███████
 ██████    ▐▓▓▓▓▌,     ▄█▓▓▓▌    ██████─
           ▐▓▓▓▓▓▓█,,▄▓▓▓▓▓▓▌          
           ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▌          
    ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓─  
     ²▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓╩    
        ▀▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀       
           ²▀▀▓▓▓▓▓▓▓▓▓▓▓▓▀▀`          
                   ²²²                 
███████████████████████████████████████

. ★☆ WWW.LEALANA.COM        My PGP fingerprint is A764D833.                  History of Monero development Visualization ★☆ .
LEALANA BITCOIN GRIM REAPER SILVER COINS.
 
casascius (OP)
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1140


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
December 06, 2012, 07:54:15 AM
 #8

Downloaded, Unzipped, Clicked "wallet generator" and it crashed...



What's the error you get?  Does it say?

Also what version of Windows, and what country and language edition (if not English)?  I have seen instances where the Microsoft crypto routines refuse to run because they don't like what country you're in or what edition of Windows you're running.  I have removed many references from Microsoft crypto in favor of Bouncy Castle to prevent this nanny sitting, but there are plenty of spots that still refer to the MS crypto.

Also, where is "Wallet Generator"? this is something I had on a much earlier version of this utility, but currently I don't believe I expose access to the screen named that, since I made a better one.  What do you see when it runs?  One big white empty box, or a bunch of little text boxes and arrow buttons?

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
Yuhfhrh
Full Member
***
Offline Offline

Activity: 238
Merit: 100



View Profile
December 06, 2012, 08:59:33 AM
 #9

Its working fine for me. Windows 7 64-bit.
DobZombie
Hero Member
*****
Offline Offline

Activity: 896
Merit: 532


Former curator of The Bitcoin Museum


View Profile
December 06, 2012, 02:13:37 PM
 #10

Cheers casascius, you the man Smiley

Tip Me if believe BTC1 will hit $1 Million by 2030
1DobZomBiE2gngvy6zDFKY5b76yvDbqRra
casascius (OP)
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1140


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
December 06, 2012, 02:24:20 PM
 #11

Quote
Downloaded, Unzipped, Clicked "wallet generator" and it crashed...
The same for me - Win Vista
The file to download seems to be the "old" address generator. Could it just be a mistake?

OK - I figured it out - largely with this helpful reply.  I had put "source.zip" at the download link instead of "btcaddress.zip"

"source.zip" is the inner zip file that contains the source code, but also apparently contains an older version of the binary and none of the dependencies.  It made it into the source directory as I was a while ago experimenting with compiling from the command line using the stripped down compiler that comes with the runtime, instead of the whole toolchain.  "btcaddress.zip" contains the binary, dependencies, and source.zip within it.

Try again.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
casascius (OP)
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1140


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
December 06, 2012, 07:19:37 PM
Last edit: December 06, 2012, 07:54:13 PM by casascius
 #12

Would it be possible to get a small user guide (howto), in particular for the 2-factor features?

In a nutshell:  Alice and Bob.  Alice wants a 2-factor physical bitcoin, and Bob is going to make it for her.  Alice doesn't want there to be a way for Bob to steal her money.

Alice picks a passphrase.  She uses the "Intermediate Code Generator", enters the passphrase, and generates an intermediate code.  An example of an intermediate code is: passphraseoRryVSRbiHXimnSbXSgh7fsq3u3tx1vgZPs9myhhuVUDftcLBVSGxGZY99JwbW (passphrase for this example was ''Fizzie Gullbits'')

She gives this to Bob.

Bob goes to the Generate Addresses screen, and generates some addresses using the intermediate code as the passphrase.  The utility automatically acknowledges this is an intermediate code (important!).  It generates some addresses and encrypted private keys.  Bob can see the Bitcoin address, but importantly, can't get the private keys or spend the funds without Alice's passphrase.

Bob prints key circles and confirmation codes (they come out on the same page).  Bob cuts out the key circles and inserts them into the physical bitcoin product.  He sends the product and the confirmation code to Alice.

Alice has the option of entering the confirmation code into the Confirmation Code Validator.  She doesn't have to, but if she does, she can confirm that the bitcoin address Bob gave her is really encumbered by her password.  (This prevents Bob from giving her his own bitcoin address and running with the money).  She has to trust that Bob really put the right private key inside the physical bitcoin product and didn't commit a "fail" in doing so, but at least she can be assured that there is no way Bob can take the money she sends to the physical bitcoin's address.

A confirmation code example is cfrm38V5qFs3BhUVjxeGnxwV3LH63oyaqRwm8Q9P8CsFchFKDaknBGyUMExvhNm4FCL9XJC8bsN - when verified with the password "Fizzie Gullbits", Alice can see a bitcoin address and know that, for all practical purposes, this bitcoin address could not have been generated without this passphrase.

In this example the combined bitcoin address was 1NKABYfNEDc7xXLYKyyWNYyYvdHuxKWEcd.  Alice and Bob can both independently verify it.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
Adrian-x
Legendary
*
Offline Offline

Activity: 1372
Merit: 1000



View Profile
December 06, 2012, 07:49:04 PM
 #13

Thanks, I will give it a go.
I do have a question, it is not probably new, to Bitcoin, if 1000 people are generating addresses at the same time what stops the your system from making 2 identical addresses on alternate systems?

Thank me in Bits 12MwnzxtprG2mHm3rKdgi7NmJKCypsMMQw
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1079


Gerald Davis


View Profile
December 06, 2012, 07:51:55 PM
 #14

Thanks, I will give it a go.
I do have a question, it is not probably new, to Bitcoin, if 1000 people are generating addresses at the same time what stops the your system from making 2 identical addresses on alternate systems?

Same thing which prevents 2 random bitcoin users on the planet from making the same address.

The simple version is 2^256 is much much much larger than you think.   A billion users, each generating a billion keys a year for a billion years has a ~0% chance of producing a duplicate.
SlaveInDebt
Hero Member
*****
Offline Offline

Activity: 699
Merit: 500


Your Minion


View Profile
December 06, 2012, 07:53:29 PM
 #15

Sharing is caring. Though I'll go ahead and order 50 from you for friends and family for buy random material things day.

"A banker is a fellow who lends you his umbrella when the sun is shining, but wants it back the minute it begins to rain." - Mark Twain
DannyHamilton
Legendary
*
Offline Offline

Activity: 3514
Merit: 4894



View Profile
December 06, 2012, 09:09:17 PM
 #16

. . . what stops the your system from making 2 identical addresses on alternate systems?
. . . A billion users, each generating a billion keys a year for a billion years has a ~0% chance of producing a duplicate.
This assumes that all users are using a method that generates adequately random keys.  If they use some deterministic method and use the same starting point for their determination, then they will have a 100% change of producing duplicates. As an example, if I use

echo "Danny" |shasum -a 256

on my Mac to produce my private key, and someone else named Danny comes up with the same idea, we will both have access to the same bitcoins.
Red Emerald
Hero Member
*****
Offline Offline

Activity: 742
Merit: 500



View Profile WWW
December 06, 2012, 09:15:51 PM
 #17

. . . what stops the your system from making 2 identical addresses on alternate systems?
. . . A billion users, each generating a billion keys a year for a billion years has a ~0% chance of producing a duplicate.
This assumes that all users are using a method that generates adequately random keys.  If they use some deterministic method and use the same starting point for their determination, then they will have a 100% change of producing duplicates. As an example, if I use

echo "Danny" |shasum -a 256

on my Mac to produce my private key, and someone else named Danny comes up with the same idea, we will both have access to the same bitcoins.
Well this program does the private key generation for you doesn't it?

DannyHamilton
Legendary
*
Offline Offline

Activity: 3514
Merit: 4894



View Profile
December 06, 2012, 09:39:53 PM
 #18

. . . what stops the your system from making 2 identical addresses on alternate systems?
. . . A billion users, each generating a billion keys a year for a billion years has a ~0% chance of producing a duplicate.
This assumes that all users are using a method that generates adequately random keys.  If they use some deterministic method and use the same starting point for their determination, then they will have a 100% change of producing duplicates. As an example, if I use

echo "Danny" |shasum -a 256

on my Mac to produce my private key, and someone else named Danny comes up with the same idea, we will both have access to the same bitcoins.
Well this program does the private key generation for you doesn't it?
True, as long as Casascius has used a reasonable source for randomness then using the Bitcoin Address Utility should have a ~0% chance of an address collision.
BitcoinHoarder
Full Member
***
Offline Offline

Activity: 146
Merit: 103


View Profile
December 06, 2012, 10:35:39 PM
 #19

Very cool, thanks man.

I will be using this to give away as gifts to people for the holidays.
LoweryCBS
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250


firstbits 1LoCBS


View Profile
December 06, 2012, 11:05:00 PM
 #20

Not being much of a programmer, could someone explain it to me (like I'm 10 years old) the randomness of the algorithm?

How likely is it that someone can analyze the code and predict what keys will be generated?

I mean, are we looking at this:



(lifted from here http://xkcd.com/221/)

. . . what stops the your system from making 2 identical addresses on alternate systems?
. . . A billion users, each generating a billion keys a year for a billion years has a ~0% chance of producing a duplicate.
This assumes that all users are using a method that generates adequately random keys.  If they use some deterministic method and use the same starting point for their determination, then they will have a 100% change of producing duplicates. As an example, if I use

echo "Danny" |shasum -a 256

on my Mac to produce my private key, and someone else named Danny comes up with the same idea, we will both have access to the same bitcoins.
Well this program does the private key generation for you doesn't it?
True, as long as Casascius has used a reasonable source for randomness then using the Bitcoin Address Utility should have a ~0% chance of an address collision.
Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!