Prototype: Cold-Storage Wallet Card - Fireproof, Waterproof, Magnetproof, etc!

[Razick]

Stainless Steel Card

Our stainless-steel fire-proof, water-proof, wear-resistant Bitcoin Cold Storage Card will keep your money safe from online theft and real world disaster. Perfect for a wallet, safety deposit box or safe, it's the perfect way to store your extra Bitcoins safely when you aren't using them.

Computerized "hot-wallets" can be stolen by hackers or even malware as simple as a key-logger. Hackers are getting better at specifically targeting Bitcoin wallets with specialized attacks. Paper, plastic and even some metal wallets are vulnerable to water, wear, fire, and can be easy to lose. Are you storing your Bitcoins on a CD or DVD? They can be damaged not only by fire, but also by magnetic fields (or EMPs!).

The Bitcoin Cold Storage Card is the best way to keep your money safe.

Just send Bitcoins to the exposed address and no one will be able to spend them without physical possession of the card. The balance can be checked online with just the address, and you can redeem the private key when you are ready.

Prototype Cold Storage Cards:

I am currently in the early stages of planning stainless-steel fireproof (up to 2750 degrees Fahrenheit, a 1000 degree safety margin over the upper level of most house-fires)  cards (credit card sized) for the storage of Bitcoins. The purpose of this thread is to provide updates, gauge interest and take input from potential customers, so give me you're thoughts!

Also under consideration are pre-loaded, denominated physical Bitcoins similar to BitBills only meeting the above specifications.

Two possibilities are being considered for the private key on the cards, I'd appreciate input on which would be preferred:

1. Cover the key with a hologram.
-
2. Require the user to remember 8 digits of the key, these would be included on a sticker with the card to be memorized and removed.

Security

All wallets would be generated on a never-connected live-cd linux and saved to a blank, unused CD for printing. After the wallets are saved, the PC would be shut down and disconnected from power to ensure no trace of the wallets are left.

The CD would be physically destroyed by being broken and then burned with acid or fire.

When the cards are packaged for sale, the keys will not be recorded anywhere for any reason. <<< peroid.

Expected Pricing:

Goal: $10 each. (individual)
Current Expected: $12.99. (individual)
Bulk discounts would be available.

EDIT: Two-factor private keys are now planned for security (ie. you won't have to trust me).

[1715264543]

1715264543

[1715264543]

1715264543

[1715264543]

1715264543

[1715264543]

1715264543

[ShireSilver]

I wouldn't trust it for sums worth paying $10/card for unless it uses something like Shamir's Secret Sharing or the BIP-XX(?) that Casascius has talked about using. That is, there should be a way that I can order a card and you only ever see part of the private key so there's no way you could steal from the account. Simply asking customers to believe you have destroyed the copy you have is insufficient.

I do like the idea of using stainless steel as long as the data is stamped into the card and not simply printed onto it. The metal might be able to withstand high temps, but the ink likely would not.

[b!z]

You should make it so that customers can add the private key themselves for security.

[starsoccer9]

yea not a huge fan of the fact that the privite key is clearly visable. I think the privite key should be on the back or on a one time scratch off pad or something. Even something as simple as a door that covers the privite key so that someone can send to you without seeing the privite key

[jasinlee]

Got one for LTC? Have you considered a private key that only would display when heated?

[maxmint]

I really like the idea but I see a clear problem of trust. How could a customer be sure that you won't keep a copy of the private key?
I know you promise you won't (and I believe you), but as a customer I would have to be 100% sure – otherwise this would make no sense at all.

[Razick]

I wouldn't trust it for sums worth paying $10/card for unless it uses something like Shamir's Secret Sharing or the BIP-XX(?) that Casascius has talked about using. That is, there should be a way that I can order a card and you only ever see part of the private key so there's no way you could steal from the account. Simply asking customers to believe you have destroyed the copy you have is insufficient.

I do like the idea of using stainless steel as long as the data is stamped into the card and not simply printed onto it. The metal might be able to withstand high temps, but the ink likely would not.

Shamir's Secret Sharing would defeat the purpose. The crad is supposed to hold the key and keep it safe, if another peice of data is needed, what's the point.

Speaking of Casascius, his physical coins are made in the same way, he has to see the keys. Obviously he has earned the trust, but will you ONLY ever trust products made by him? That being said, I'm open to suggestions for how to reassure customers since it is a valid concern.

It would either be engraved or printed using a glass based method. Whatever I decide on, I will ensure that it is fireproof up to AT LEAST 1750 degrees Fahrenheit.

I do have one possibility, but it would require that I get 200 preorders. What if the customer generated the wallet and sent me all but the last 8 digits of the private key? I could then print that on to the card and require that 8 digits be memorized.

You should make it so that customers can add the private key themselves for security.

If you have any ideas on how this could be done in a way that doesn't require the customer to have any equipment and yet would be permanently and securely affixed let me know. However, I don't really see this working.

Got one for LTC? Have you considered a private key that only would display when heated?

If all goes well on the Bitcoin model I could make some for LTC, however, they would likely cost more due to less demand.

I will look into that, but I am not sure that there is an affordable yet secure way to do so.

.

yea not a huge fan of the fact that the privite key is clearly visable. I think the privite key should be on the back or on a one time scratch off pad or something. Even something as simple as a door that covers the privite key so that someone can send to you without seeing the privite key

I am definetly leaning toward covering it with a scratch-off or hologram right now.

[jasinlee]

http://store.sirchie.com/Fluorescent-Invisible-Metal-Marking-Ink-P1973.aspx

This is what I was thinking of.

[camolist]

why are we still discussing trust on a product like this?

why is not two factor with one factor being a brainwallet/passcode?

no need to trust the seller in that case (well except that they don't deliver)

[Razick]

why are we still discussing trust on a product like this?

why is not two factor with one factor being a brainwallet/passcode?

no need to trust the seller in that case (well except that they don't deliver)

There are some downsides to security and conveinience for a Brainwallet. I am, however, looking into two-factor methods. The only downside is I would have to get a substantial amount of pre-orders before I could even make them.

http://store.sirchie.com/Fluorescent-Invisible-Metal-Marking-Ink-P1973.aspx

This is what I was thinking of.

That could work, it requires a UV lamp to view though. Thanks for the link. Is this fireproof?

I wonder if anyone makes a QR Code stamp...

[jasinlee]

Even if its not fire proof, there are clear coats that are that can be applied on top of the Fluorescent Ink to retard heat.

[camolist]

There are some downsides to security and conveinience for a Brainwallet. I am, however, looking into two-factor methods. The only downside is I would have to get a substantial amount of pre-orders before I could even make them.

security downsides compared to not having it at all and the sole control of your cold storage wallet to a random new user on the forum? might not be as convenient but would you rather having to remember a pass phrase or letting some random person have full control of your wallet?

don't get me wrong i think this is an awesome idea and am looking for something non paper myself but there is 0 chance of it not being two factor


edit: to add we're not even just trusting you here if not 2 factor...but also your supplier/manufacturer and anyone that handles it in between.


do you want the possibility of someone upstream snapping a picture and later sweeping the funds and blame coming back to you?


real question should really not even be who would buy non two factor...it should be who would be willing to put their word on their own security procedures and everyone up stream of them.


ideally i want a two factor wallet like this that is fireproof i can make one part myself on my own offline equipment  and memorize then someone else on their own equipment make the other part....what are the chances of a hacker being able to log my part and your part to make the full key?

[Razick]

+1 to both of the above posts.

I am looking into buying an engraving machine which would remove thre preorder requirement and make two-factor work great.

There are some downsides to security and conveinience for a Brainwallet. I am, however, looking into two-factor methods. The only downside is I would have to get a substantial amount of pre-orders before I could even make them.

security downsides compared to not having it at all and the sole control of your cold storage wallet to a random new user on the forum? might not be as convenient but would you rather having to remember a pass phrase or letting some random person have full control of your wallet?

don't get me wrong i think this is an awesome idea and am looking for something non paper myself but there is 0 chance of it not being two factor


edit: to add we're not even just trusting you here if not 2 factor...but also your supplier/manufacturer and anyone that handles it in between.


do you want the possibility of someone upstream snapping a picture and later sweeping the funds and blame coming back to you?


real question should really not even be who would buy non two factor...it should be who would be willing to put their word on their own security procedures and everyone up stream of them.


ideally i want a two factor wallet like this that is fireproof i can make one part myself on my own offline equipment  and memorize then someone else on their own equipment make the other part....what are the chances of a hacker being able to log my part and your part to make the full key?

I'm looking to take upstream manufacturers out of the mix and engrave the key myself.

I am planning on doing two-factor, but I will point out that Casascius Bitcoins are not two-factor, and yet are to the best of my knowledge highly secure.

I am also planning (potentially, and after I've earned some trust) on making physical Bitcoins with this method, and there is no way to do that two factor.

[antimattercrusader]

This is an awesome idea. I would purchase one.

Have you seen those blocks of glass which contain an image made of bubbles or epoxy or something? That may be another thought.

[evlew]

Make it float somehow.  I have lost countless items in bodies of water.