The official BitcoinPaperWallet.com thread -- updates and news.

[canton]

It's on!

Indeed! Your victim wallet just went out to the mailbox. If anyone reading this wants to sweeten the pot for Niko, feel free to chip a few pennies into the wallet @ 1LMKzdqhQ4LhHy5GGhT8BcG3HHpBTqAqbt. Niko, I have total faith in our respective country's postage services so the wallet has already been funded: https://blockchain.info/address/1LMKzdqhQ4LhHy5GGhT8BcG3HHpBTqAqbt

[1715053421]

1715053421

[1715053421]

1715053421

[1715053421]

1715053421

[dg2010]

When I’ve got enough feedback and a final design, I’ll publish a web page that will generate these wallets with just a couple of clicks. (No photoshop required, as the foundation will be based on the excellent wallet generator at bitaddress.org which as you probably already know uses a secure javascript page you can run even while offline.)

Hey, just want to say thanks in advance.

I was looking around for a service that would allow me to "print money" like this in a secure and easy to use manner which I could give to people.

[niko]

It's on!

Indeed! Your victim wallet just went out to the mailbox. If anyone reading this wants to sweeten the pot for Niko, feel free to chip a few pennies into the wallet @ 1LMKzdqhQ4LhHy5GGhT8BcG3HHpBTqAqbt. Niko, I have total faith in our respective country's postage services so the wallet has already been funded: https://blockchain.info/address/1LMKzdqhQ4LhHy5GGhT8BcG3HHpBTqAqbt

Most excellent! I'll try out a few non-destructive methods, and if I fail to extract the key I'll add the same amount of bitcents canton has already loaded, and it all belongs to him.
I find it important to determine if paper-only wallets can be made as tamper-proof as Casascius coins.

[Rodyland]

Danger Will Robinson!

The instructions on the back talk about sending part of the balance. Doing this presents a very  real chance of losing coins. The user must explicitly send the tx change back to the note's address (theone on the front)    . Otherwise the change is lost to an unknown  public key.       

       

[niko]

Danger Will Robinson!

The instructions on the back talk about sending part of the balance. Doing this presents a very  real chance of losing coins. The user must explicitly send the tx change back to the note's address (theone on the front)    . Otherwise the change is lost to an unknown  public key.       

       

Yes, you can only spend the entire balance associated with a private key. The difference between this and the actual payment is so-called "change" sent to another address (presumably the one that the client controls). Most wallets/clients do not make this apparent to the user - you only see your total balance. By the way: if you are concerned with privacy, you should not send round numbers as payments. Otherwise it is clear which one is the payment, and which one is the change (associated with the new address that now we know you control).

On the related (wording) note  - the exposed qr code is the public address, not public key. To avoid confusion down the line, it is wise to be strict about this distinction.

[Luckybit]

I had lots of fun this weekend working on my own design for a two-sided tri-fold tamper-resistant paper Bitcoin wallet. Thanks for any and ALL criticism / comments -- whether it's about the look & feel, functionality, security features, etc. See:

http://youtu.be/V4H1VE3EAtI

This video is also a treasure hunt in which I happily invite you to “steal” 0.1 BTC . Finders keepers, so race on!

Design features:

• Private key is hidden behind folds, so your wallet content is still safe if left out in the open or photographed.
• Tamper-proof tape indicates when you (or someone else!) has revealed the private key.
• Folding design obfuscates private keys so they’re hidden even when holding wallet up to a bright light.
• Reverse side has basic wallet operation instructions and a register for writing down deposits / balance.
• Private and public keys are replicated (and rotated) in triplicate to maximize chances of recovering keys if paper is damaged / crumpled.

When I’ve got enough feedback and a final design, I’ll publish a web page that will generate these wallets with just a couple of clicks. (No photoshop required, as the foundation will be based on the excellent wallet generator at bitaddress.org which as you probably already know uses a secure javascript page you can run even while offline.)

If you'd like to print out a sample for yourself, see PDF links here: http://cantonbecker.com/projects/2013/bitcoin-paper-wallet-design-video/.

Okay here is a flaw in your design. You trust your printer to print your keys and not report back to mallory.

[niko]

Okay here is a flaw in your design. You trust your printer to print your keys and not report back to mallory.

Can you point to any documented examples of similar exploits? I am thinking about home inkjet or laser printers, not the enterprise copier/printer/fax/scanner networked machines.

Speaking of home printing, everyone should know that many home printers include steganographic serial number in the printout, but that is irrelevant for the tamper-proofness of he design.

[Luckybit]

Okay here is a flaw in your design. You trust your printer to print your keys and not report back to mallory.

Can you point to any documented examples of similar exploits? I am thinking about home inkjet or laser printers, not the enterprise copier/printer/fax/scanner networked machines.

Speaking of home printing, everyone should know that many home printers include steganographic serial number in the printout, but that is irrelevant for the tamper-proofness of he design.

Do I win a prize in BTC if I can? I know plenty of not so well known exploits and not just with printers.

[StarfishPrime]

Great project.

One comment about printing: It is very easy to imagine trojan/spyware that would 'listen' for specific types of printing (i.e. from certain apps/scripts) and capture/send the output somewhere. Probably not easy to detect if disguised as a printer driver library for example. Also, many newer printers are wi-fi connected and a printer-resident trojan is not an impossibility either, although it's unclear if this has been exploited (yet).

Just a thought.

[franky1]

Great project.

One comment about printing: It is very easy to imagine trojan/spyware that would 'listen' for specific types of printing (i.e. from certain apps/scripts) and capture/send the output somewhere. Probably not easy to detect if disguised as a printer driver library for example. Also, many newer printers are wi-fi connected and a printer-resident trojan is not an impossibility either, although it's unclear if this has been exploited (yet).

Just a thought.

to feed your paranoia.
QR codes are not made by someone with a pen doing dot to dot. in 99% of cases people use googles QR code generator or blockchain.info, or an app designed by a third party to grab the QR Code image to then print out. whats stopping those third parties from keeping logs of every string of code it receives to convert into a QR Code image.....

[canton]

The instructions on the back talk about sending part of the balance. Doing this presents a very  real chance of losing coins. The user must explicitly send the tx change back to the note's address (theone on the front)    . Otherwise the change is lost to an unknown  public key.       

Good point. Is this an improvement?



Ultimately, I'm thinking that the wallet printing page might have some options for what appears on the back, e.g.
Language: [select language]

Style:
[]blank
[]simple deposit register
[]deposit register plus instructions my grandma can understand
[]happy birthday

[canton]

On the related (wording) note  - the exposed qr code is the public address, not public key. To avoid confusion down the line, it is wise to be strict about this distinction.

Oops! Thanks. How's this for edits on the front & back?

[canton]

One comment about printing: It is very easy to imagine trojan/spyware that would 'listen' for specific types of printing (i.e. from certain apps/scripts) and capture/send the output somewhere.

A few people have brought this up, and I don't think it's a tinfoil hat issue. Stuxnet spread far and wide to infiltrate the control software for fairly dumb uranium enrichment equipment behind Iran's military firewalls, so it's conceivably easier to write a virus that reprograms printers so that they transmit any printed QR codes to the mothership.

My intent with this wallet printing service is to give users clear tutorials on what steps to take depending on their level of paranoia (or based on the value of the wallets they intend to produce.) So what are some reasonable steps a fairly paranoid user should take when printing? For example:

Less paranoid: Connect directly via USB, turn off your internet connection when printing wallets, and cycle power on printer before going back online.

Most paranoid: Dedicate a printer to printing wallets exclusively, never let it go online, connect it directly via USB to your computer, factory-reset your printer from time to time.

Insanely paranoid: Don't use a printer. Use a photo-sensitive ink and expose it by pressing it against your screen to burn in the QR code that's been generated by your totally offline javascript.

[TiagoTiago]

And depending on the model of printer used, i guess it might be possible to perform a sort of audio variation of TEMPEST style attacks... ¬.¬

[sebastian]

Another security idea is to use a printer which support on-site Printing, eg you put a Picture or PDF on a USB or SD card, and then you print with the printer "stand alone".

Many printers today have the capatibility to print files from a USB or SD card.

Since the computer cannot know which off-line stand-alone printer you use, the risk of getting a "fake firmware update" is negligible. Many printers also have a sequence that needs to be triggered Before it will accept a firmware upload via USB/SD, so its completely secure. For example Power on the printer with the firmware update USB/SD inserted. So never turn on the printer with a SD or USB inserted to be on the safe side.


For a leak to sucessfully travel from your printer to internet, the printer would have to "infect" the usb with a autorun software containing the private key AND a "payload" that transmits the private key home. And for such infection to exist in the printer, it would have to travel from computer to printer via USB/SD, and for that to happen, the printer must be able to receive software updates arbitary via USB and the computer needs to know the exact model of your printer.

[StarfishPrime]

One comment about printing: It is very easy to imagine trojan/spyware that would 'listen' for specific types of printing (i.e. from certain apps/scripts) and capture/send the output somewhere.

A few people have brought this up, and I don't think it's a tinfoil hat issue. Stuxnet spread far and wide to infiltrate the control software for fairly dumb uranium enrichment equipment behind Iran's military firewalls, so it's conceivably easier to write a virus that reprograms printers so that they transmit any printed QR codes to the mothership.

My intent with this wallet printing service is to give users clear tutorials on what steps to take depending on their level of paranoia (or based on the value of the wallets they intend to produce.) So what are some reasonable steps a fairly paranoid user should take when printing? For example:

Less paranoid: Connect directly via USB, turn off your internet connection when printing wallets, and cycle power on printer before going back online.

Most paranoid: Dedicate a printer to printing wallets exclusively, never let it go online, connect it directly via USB to your computer, factory-reset your printer from time to time.

Insanely paranoid: Don't use a printer. Use a photo-sensitive ink and expose it by pressing it against your screen to burn in the QR code that's been generated by your totally offline javascript.

Yeah, I don't imagine that those are real threats at this time (at least not yet) but anyone with a security background will appreciate we should all be aware of potential vulnerabilites.

One printing idea for durability is to use laser-printable waterproof, white polyester sheets. Not sure where they can be purchased now but have used them for other projects. Pretty much tear-proof with a paper-like feel and color laser-printable.  

Thanks for your work on this project - it will be very useful for many.

[StarfishPrime]

One comment about printing: It is very easy to imagine trojan/spyware that would 'listen' for specific types of printing (i.e. from certain apps/scripts) and capture/send the output somewhere.

...
Insanely paranoid: Don't use a printer. Use a photo-sensitive ink and expose it by pressing it against your screen to burn in the QR code that's been generated by your totally offline javascript.

Here's some waterproof/tearproof mil-spec laser-printable material:

http://rippedsheets.com/laser/reemay.html#100721-1

Outrageously Insanely paranoid: Also available in Olive Drab / Desert Sand colors in case you find yourself running through a Red-Dawn style post-apocalyptic landscape clutching your paper wallet. Be sure to print in both colors, as a precaution

[niko]

It's in my hands!  First attempts at non-destructive readout will follow soon, as allowed by my newborn's sleep schedule...

Not that it matters, but it seems that bounty has been claimed three days after wallet was mailed out, and five days before it arrived into my mailbox...

https://blockchain.info/address/1LMKzdqhQ4LhHy5GGhT8BcG3HHpBTqAqbt

[Malawi]

Very nice project. It will be interesting to hear about the outcome.

BTW: One thing to try is a halogen worklight.

[canton]

Not that it matters, but it seems that bounty has been claimed three days after wallet was mailed out, and five days before it arrived into my mailbox...

OI! Matters quite a bit. I'm trying to figure out WTF might have happened. I messaged you privately with details. As for the bounty even though it's no longer on the wallet I'd still pay up of course.

Good luck!