canton (OP)
|
|
April 07, 2013, 08:41:13 PM Last edit: December 31, 2020, 02:41:31 AM by canton Merited by Financisto (1) |
|
Update: August 2018*** A reminder that you should ALWAYS run the generator from the GitHub source code, never from a live website. *** -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 bitcoinpaperwallet.com is under new ownership First of all, thanks to everyone who supported this project and helped with its development since I started it back in 2013. At the end of April 2018, I sold the bitcoinpaperwallet.com website, service, and associated domain names to a new owner. This also includes related projects such as litecoinpaperwallet.com and ethereumpaperwallet.com. All orders for hologram stickers and CDs, and any questions relating to the business, should be directed to the new owner at orders@paperwalletshop.com. Also, I will no longer be making updates or accepting code contributions for this project at https://github.com/cantonbecker/bitcoinpaperwallet. The updates posted in September 2017 are my final contributions to this project. If you have any questions regarding bitcoinpaperwallet.com, please direct them to the new owner at orders@paperwalletshop.com. Canton Becker -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEdh99U9EVkSdKFwuDknetcTbh2bYFAltjUJ0ACgkQknetcTbh 2bb4lggAmSQECgNx8XUccJOa5NkU76hQjtZLe+REWnaqLb9MOt3LhBl0+uaDaVPX VpIqBH0J78phPX7ZGIb5TnEfEy7Q19njCANtTqD686aKqNUsJRfKiRqmQBP9aAAq BcXdyl/zDHLw0taZIhmaemlb/FAze1jq5IvJ3XjcXn35N0Zd9k/7s9WBXOGWwvsZ IzFlUJwd1uT6hiT9lMiZ5AwBYUH5wmNSat4dK6qfh+3hu65A3Ex0/EcOFOqRBPBH 801Gv347/vFkV8LOuVEUnbhf/9FwJkqxy1TADVNQyNr7cdJfX5Rg3/X0FGnYUE6s xA9RXpfGJvFOZ4yoUTa3+qWt6krQbQ== =28VT -----END PGP SIGNATURE----- ---------------------------------- Original post (April, 2013)
I had lots of fun this weekend working on my own design for a two-sided tri-fold tamper-resistant paper Bitcoin wallet. Thanks for any and ALL criticism / comments -- whether it's about the look & feel, functionality, security features, etc. See: http://youtu.be/V4H1VE3EAtIThis video is also a treasure hunt in which I happily invite you to “steal” 0.1 BTC . Finders keepers, so race on! Design features: - Private key is hidden behind folds, so your wallet content is still safe if left out in the open or photographed.
- Tamper-proof tape indicates when you (or someone else!) has revealed the private key.
- Folding design obfuscates private keys so they’re hidden even when holding wallet up to a bright light.
- Reverse side has basic wallet operation instructions and a register for writing down deposits / balance.
- Private and public keys are replicated (and rotated) in triplicate to maximize chances of recovering keys if paper is damaged / crumpled.
When I’ve got enough feedback and a final design, I’ll publish a web page that will generate these wallets with just a couple of clicks. (No photoshop required, as the foundation will be based on the excellent wallet generator at bitaddress.org which as you probably already know uses a secure javascript page you can run even while offline.) If you'd like to print out a sample for yourself, see PDF links here: http://cantonbecker.com/projects/2013/bitcoin-paper-wallet-design-video/.
|
|
|
|
|
|
|
"With e-currency based on cryptographic proof, without the need to
trust a third party middleman, money can be secure and transactions
effortless." -- Satoshi
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
mai77
Newbie
Offline
Activity: 28
Merit: 0
|
|
April 07, 2013, 08:53:44 PM |
|
200 btc bounty am I am in
|
|
|
|
stillfire
|
|
April 07, 2013, 08:55:37 PM |
|
Looks like someone already nicked the 0.1. The paper wallet looks great. The old one on bitaddress.org is too low resolution for printing, plus the private key is right there in the open necessitating that each bill is put into an envelope for security. Your bill solves those problems beautifully. Where did you buy the tamper proof tape?
|
|
|
|
WiW
Sr. Member
Offline
Activity: 277
Merit: 250
"The public is stupid, hence the public will pay"
|
|
April 07, 2013, 09:12:36 PM |
|
I've also made some nifty paper wallets (though not as well designed as yours), but here's my problem with making well designed paper wallets: If you're making it for yourself, what do you care about design/tamper-proof/etc? If you're making it for others, why would they trust you that you didn't print another copy of the private key at home?
|
|
|
|
Bitsky
|
|
April 07, 2013, 09:18:33 PM |
|
Seems I was too slow Address: 16nQ2FD6qTLymmsZQAufJHqdqPJYbcGpj6 Privkey: 5K9bNHVjCGgqnv1vGZAKaye4VPdFUMvexbqCCmkB5rouC93wWSC The 0.1BTC are already gone The idea isn't bad. I think I saw some other threat here with a similar approach (the banknote one iirc). That one worked without folding by using those grey rub-off stickers.
|
|
|
|
Neverest
Newbie
Offline
Activity: 70
Merit: 0
|
|
April 07, 2013, 09:24:41 PM |
|
Just for my understanding: I also had the private key copied 5K9bNHVjCGgqnv1GZAKaye4VPdFUMvexbqCCmkB5rouC93wWSC
When going to Blcokchain.info. opening an account/wallet and importing private key, I get the Error Importing private key: unknown key format.
I also tried to use a new multibit wallet, but even when exporting a key, replacing it with the one above and reimporting, it did not work.
So how would I recreate my wallet from just a private key backup?
|
|
|
|
stillfire
|
|
April 07, 2013, 09:29:23 PM |
|
If you're making it for yourself, what do you care about design/tamper-proof/etc?
It doesn't offer much in terms of security - if someone did find your bill they'd probably just take the whole bill with them and sweep the address quickly, leaving neither evidence nor much to do about it. But the tamper proof tape does offer peace of mind. It's the knowledge that if you did get robbed you'd know it at once, and not discover it much later when you perform a routine check of you balance.
|
|
|
|
canton (OP)
|
|
April 07, 2013, 10:36:01 PM |
|
The old one on bitaddress.org is too low resolution for printing, plus the private key is right there in the open necessitating that each bill is put into an envelope for security. Your bill solves those problems beautifully. Thanks -- in fact I'm already having good success modifying the bitaddress.org code so it works exactly like it did before, but with this new design at 300dpi. Where did you buy the tamper proof tape? Ebay! $7 for 100 stickers, delivered. These are the 2 inch wide strips.
|
|
|
|
canton (OP)
|
|
April 07, 2013, 10:41:32 PM |
|
If you're making it for yourself, what do you care about design/tamper-proof/etc?
It doesn't offer much in terms of security - if someone did find your bill they'd probably just take the whole bill with them and sweep the address quickly, leaving neither evidence nor much to do about it. But the tamper proof tape does offer peace of mind. It's the knowledge that if you did get robbed you'd know it at once, and not discover it much later when you perform a routine check of you balance. It's not just for myself -- once the design is reviewed/revised, it will be available as a clientside javascript wallet generator based on the code from bitaddress.org. The idea is just to incrementally improve on the paper wallet generator already there, especially for people who want to do things like give their family members and friends a more attractive and idiot-proof wallet. Also I think a wallet should look valuable so that if I die, someone stumbling on my belongings will think, "Oh, this looks valuable. Maybe we should keep it!"
|
|
|
|
Rodyland
|
|
April 08, 2013, 12:51:32 AM |
|
If you're making it for yourself, what do you care about design/tamper-proof/etc?
It doesn't offer much in terms of security - if someone did find your bill they'd probably just take the whole bill with them and sweep the address quickly, leaving neither evidence nor much to do about it. But the tamper proof tape does offer peace of mind. It's the knowledge that if you did get robbed you'd know it at once, and not discover it much later when you perform a routine check of you balance. It's not just for myself -- once the design is reviewed/revised, it will be available as a clientside javascript wallet generator based on the code from bitaddress.org. The idea is just to incrementally improve on the paper wallet generator already there, especially for people who want to do things like give their family members and friends a more attractive and idiot-proof wallet. Also I think a wallet should look valuable so that if I die, someone stumbling on my belongings will think, "Oh, this looks valuable. Maybe we should keep it!" I like the design - well done. If I'm not mistaken, inkjet printer ink can fade relatively quickly (a couple of years?). I am not sure about laser printers. If I were you I would put some warnings up when using the software to that effect.
|
Beware the weak hands! 1NcL6Mjm4qeiYYi2rpoCtQopPrH4PyKfUC GPG ID: E3AA41E3
|
|
|
SuperZac
Newbie
Offline
Activity: 14
Merit: 0
|
|
April 08, 2013, 12:58:39 AM |
|
Something else you could do if you don't think your printer is up to snuff, is to go get a bunch of blank ones printed in high quality, and then just run them through your printer with only the address part of the template showing.
|
|
|
|
TiagoTiago
|
|
April 08, 2013, 01:13:38 AM |
|
Have you tested it both with different lights, different printers, different types of paper, lit at different angles, trying to curve it so the layers of paper separate a bit etc?
|
(I dont always get new reply notifications, pls send a pm when you think it has happened) Wanna gimme some BTC/BCH for any or no reason? 1FmvtS66LFh6ycrXDwKRQTexGJw4UWiqDX The more you believe in Bitcoin, and the more you show you do to other people, the faster the real value will soar!
|
|
|
canton (OP)
|
|
April 08, 2013, 01:34:36 AM |
|
Have you tested it both with different lights, different printers, different types of paper, lit at different angles, trying to curve it so the layers of paper separate a bit etc?
Only one printer so far, and my biggest concern is about the volatility of inkjet printers. I don't think the ink fading significantly would be a big deal but I am trying to figure out some ways to try to protect against moisture which is a huge issue. (One ounce of water and the whole bill turns to soup.) Some success with packing tape but I wonder if there's a better fixative... What do you mean re: "layers of paper separate a bit"? If your question is about trying to read the private key via backlight, it's hard to imagine any combination of supplies/lights would bear fruit. Very, very opaque. I've played around with a high intensity laser even, and though you can get a couple of letters of the key it's neigh impossible to get anything close to a complete cipher. BTW here's a couple of photos -- I realized I'd only posted the video so far.
|
|
|
|
TiagoTiago
|
|
April 08, 2013, 01:52:45 AM |
|
I mean so the folded parts aren't touching each other kinda like () instead of ||
|
(I dont always get new reply notifications, pls send a pm when you think it has happened) Wanna gimme some BTC/BCH for any or no reason? 1FmvtS66LFh6ycrXDwKRQTexGJw4UWiqDX The more you believe in Bitcoin, and the more you show you do to other people, the faster the real value will soar!
|
|
|
niko
|
|
April 08, 2013, 02:08:30 AM |
|
One problem is that the mask is a regular pattern - it's trivial to shine light through the folds and subtract this pattern. I simply include a piece of aluminum foil as a mask in my wallets..
Another issue is that this wallet advertises what it is. My wallets are stripped-down version of bitaddress - just two QR codes, and Al foil mask folded around the priv key. Then I laminate these - works as well as security sticker (I'd know if someone had cut the wallet to reveal the priv key).
Finally, this thing is huge. Too much wasted real estate.
|
They're there, in their room. Your mining rig is on fire, yet you're very calm.
|
|
|
bitcoinstarter
|
|
April 08, 2013, 02:15:10 AM |
|
You did a really good job. Keep up the good work!
|
|
|
|
canton (OP)
|
|
April 08, 2013, 02:50:38 AM |
|
I mean so the folded parts aren't touching each other kinda like () instead of ||
Oh I totally get it now. Thanks for the ASCII art. You're the second person to comment on this possible weakness. (The other person was on reddit.) So I just now [did a test], squishing the bill and then shining an extremely bright laser through the now 2 instead of 3 folds. Result? The QR code is still totally obfuscated because of the security pattern printed on the opposite panel. However I could easily read *some* of the characters in the alphanumeric private key. Probably not enough to be a risk but I'll redesign to make sure there's a good security stripe that gets folded over the alphanumeric private key as well. Thanks for the advice!
|
|
|
|
canton (OP)
|
|
April 08, 2013, 03:02:52 AM |
|
One problem is that the mask is a regular pattern - it's trivial to shine light through the folds and subtract this pattern. I simply include a piece of aluminum foil as a mask in my wallets...
I've been fooling around with bright lights and lasers and such I'm feeling pretty confident that transparency won't be a problem... ... but would you like to wager on this, just for fun? I'll mail you a wallet loaded with the equivalent of $5 USD (lord knows what that will be in BTC as of tomorrow) and if you can read the private key without opening the tri-fold you can swipe the funds with my blessing. (In return I'd appreciate you telling me how you succeeded so I can improve the design.) If you fail, you can load the same amount into that wallet's public key and I'll trust you to destroy the wallet afterwards. Send your snailmail to canton@gmail.com if you'd like to have a go at it. With regards to the bill being obvious and bulky, I agree that secretive wallets should be obtuse, memorized, etc. However there's a legitimate need for providing idiot-proof wallets to friends & family. Additionally, if I die and my wife finds a few paper wallets in my desk, I'd like her to be able to easily recognize the wallets as having value (as opposed to being scraps of random gibberish.)
|
|
|
|
Stephen Gornick
Legendary
Offline
Activity: 2506
Merit: 1010
|
|
April 08, 2013, 09:26:45 AM |
|
When I’ve got enough feedback and a final design, I’ll publish a web page that will generate these wallets with just a couple of clicks.
Will you also be providing a method for redeeming them? e.g., a page that takes two fields: Withdraw (for scanning the private key) and the Send To (for the Bitcoin address to pay). That way I can simply do two scans, first the private key from the paper wallet, and the second I show my QR code for my mobile wallet. Also, will this work with only a black and white printer?
|
|
|
|
niko
|
|
April 08, 2013, 11:19:20 AM |
|
... but would you like to wager on this, just for fun? It's on! Not just for fun, but also because I like what you are trying to do. I suggest you don't load the value until I let you know I've received the mail. You'd have to trust me I won't first try, then claim I've never received the letter if I can't figure it out.
|
They're there, in their room. Your mining rig is on fire, yet you're very calm.
|
|
|
|