Bitcoin Forum
December 14, 2017, 09:12:25 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: How do Paper Wallets work? I'm completely mystified  (Read 5089 times)
LurbQBurdock
Newbie
*
Offline Offline

Activity: 24



View Profile
April 21, 2013, 07:50:53 PM
 #1

I was told that a paper wallet contains unencrypted copies of your public and private keys.

However, I don't understand how this is possible since the Armory paper wallets contain less than 100B of data, while my wallet can be arbitrarily large.

What's really going on here?
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513242745
Hero Member
*
Offline Offline

Posts: 1513242745

View Profile Personal Message (Offline)

Ignore
1513242745
Reply with quote  #2

1513242745
Report to moderator
1513242745
Hero Member
*
Offline Offline

Posts: 1513242745

View Profile Personal Message (Offline)

Ignore
1513242745
Reply with quote  #2

1513242745
Report to moderator
1513242745
Hero Member
*
Offline Offline

Posts: 1513242745

View Profile Personal Message (Offline)

Ignore
1513242745
Reply with quote  #2

1513242745
Report to moderator
notbrain
Jr. Member
*
Offline Offline

Activity: 41


What u resist, persists; what u look at disappears


View Profile
April 21, 2013, 08:04:43 PM
 #2

https://blockchain.info/wallet/paper-tutorial

All you need to access a certain wallet address is the private key. Create address/key pair offline, then print out the address and private key on paper, which gives you all the info you need to spend the BTC. Send BTC to this address and the only way to spend it is to know the printed details.

Your wallet can contain many different addresses and keys (behind the scenes) as you send/receive coins, and that's how they grow in size. This is why it's wise to make continual backups (or more often than every 100 transactions your wallet was a part of) in order to make sure you back up all the new addresses your wallet creates in the course of spending/receiving.

HTML, CSS, jQuery, Symfony [PHP], Playframework [Java, Scala], Ruby/Rails, Python, AWS, Scalable/Cloud Systems Infrastructure
BTC: 14LicLheLmMf7mvLSiA3AqtTBjVxcyYGxQ
TierNolan
Legendary
*
Offline Offline

Activity: 1148


View Profile
April 21, 2013, 08:10:32 PM
 #3

What's really going on here?

The number is the root of your wallet.  From that number, you can calculate a sequence of private keys.

Also, from the root, you can generate a public root and from the public root a matching sequence of public keys.

This means that if someone has your public root, they can generate your public key sequence.  However, they can't generate your private keys.

The public monitoring software computes the first say 1000 public keys and watches the network for those.  This is safe since it is impossible to generate matching private keys.

To spend a coin, you need the private key.  This requires the private root key.  This should be stored offline.

Once  you have that root (written on paper), all public and private keys can be generated.  So if you lose your wallet, all the keys can be regenerated from the paper backup (which never changes).

1LxbG5cKXzTwZg9mjL3gaRE835uNQEteWF
LurbQBurdock
Newbie
*
Offline Offline

Activity: 24



View Profile
April 21, 2013, 08:31:30 PM
 #4

Ah OK

But does this mean that anyone can see that all of the addresses in my wallet belong to one person?  If you know one of my wallet's addresses, can you find the rest of my wallet's addresses?

Edit: Nevermind, I found a description of how it works here: https://en.bitcoin.it/wiki/Deterministic_Wallet  I see that depending on the algorithm used to generate key-pairs, it can be difficult to find the root key & chain code from a given public key.

Actually, I'm very impressed by this.  I was under the impression that I needed to print a new paper wallet each and every time I created a new key-pair, but now I see that my root key and chain code never change, so I only ever need 1 paper wallet.
kjj
Legendary
*
Offline Offline

Activity: 1302



View Profile
April 22, 2013, 11:25:24 AM
 #5

I get nervous with deterministic wallets.  I very much prefer to generate really random keys for each transaction so that they are totally unrelated.

But, that is silly.  Done right, like the way Armory does it, the wallet sequence is at least as secure as everything else in bitcoin.

p2pcoin: a USB/CD/PXE p2pool miner - 1N8ZXx2cuMzqBYSK72X4DAy1UdDbZQNPLf - todo
I routinely ignore posters with paid advertising in their sigs.  You should too.
Stampbit
Full Member
***
Offline Offline

Activity: 182



View Profile
April 22, 2013, 11:33:02 PM
 #6

What's really going on here?

The number is the root of your wallet.  From that number, you can calculate a sequence of private keys.

Also, from the root, you can generate a public root and from the public root a matching sequence of public keys.

This means that if someone has your public root, they can generate your public key sequence.  However, they can't generate your private keys.

The public monitoring software computes the first say 1000 public keys and watches the network for those.  This is safe since it is impossible to generate matching private keys.

To spend a coin, you need the private key.  This requires the private root key.  This should be stored offline.

Once  you have that root (written on paper), all public and private keys can be generated.  So if you lose your wallet, all the keys can be regenerated from the paper backup (which never changes).

So easy even a caveman could do it.
WilderedB
Member
**
Offline Offline

Activity: 93


View Profile
April 23, 2013, 04:36:47 PM
 #7

But I just read elsewhere that if you spend less than the amount of an incoming transaction that the remaining 'change' is sent out and then sent back, where your wallet then creates new addresses and new keys for the change.

As such surely a paper record would immediately become out of date, as it doesn't have the newest keys?
etotheipi
Legendary
*
expert
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 23, 2013, 05:03:27 PM
 #8

But I just read elsewhere that if you spend less than the amount of an incoming transaction that the remaining 'change' is sent out and then sent back, where your wallet then creates new addresses and new keys for the change.

As such surely a paper record would immediately become out of date, as it doesn't have the newest keys?

This is why you use a solution like Armory (which is what the original OP is talking about).  The paper backup holds every address ever generated by the wallet.  Including change addresses.  You don't have to worry about it, it's completely transparent to you.

(1) Restore your wallet
(2) Send coins
(3) Destroy your computer.

Armory will send change to the next address that is already backed up by the paper backup.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
WilderedB
Member
**
Offline Offline

Activity: 93


View Profile
April 23, 2013, 05:35:23 PM
 #9

OK... thanks for that...

Just downloaded Armory.. It says I don't have the software? Oh, you mean the main client thing?

The thing that takes forever to try to catch up with the entire history of bitcoin, and then says there was an error and starts all over again? THAT software?



Oh boy..
etotheipi
Legendary
*
expert
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 23, 2013, 05:51:29 PM
 #10

OK... thanks for that...

Just downloaded Armory.. It says I don't have the software? Oh, you mean the main client thing?

The thing that takes forever to try to catch up with the entire history of bitcoin, and then says there was an error and starts all over again? THAT software?

Oh boy..

Yeah, it's got some usability issues to get over.  But it is a widely used app for people that are serious about Bitcoin security.   Like many advanced tools,  it may take some patience to get setup.   You'll notice that the website doesn't say anything about being for new users.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
WilderedB
Member
**
Offline Offline

Activity: 93


View Profile
April 23, 2013, 05:58:09 PM
 #11

I was hoping it was a replacement for that bloatware, rather than an extra layer on top of it.  Grin

etotheipi
Legendary
*
expert
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 23, 2013, 06:02:47 PM
 #12

I was hoping it was a replacement for that bloatware, rather than an extra layer on top of it.  ;

Unfortunately, building on top of that "bloatware"  is the best way to maximize your security and avoid hard forks.  Which is fairly important for a piece of software that advertises maximum security.

It won't be,  in the future,  but it's the best solution available right now.   All apps trade off various dimensions of security for convenience/usability.  You clearly don't prefer this tradeoff. Oh well.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
WilderedB
Member
**
Offline Offline

Activity: 93


View Profile
April 23, 2013, 07:05:12 PM
 #13

Well tried it for awhile. Seemed to be stuck at 95%, so closed it.

I wasn't sure where the icon would be to restart it, found it, clicked it, like you do...  "0%  8 hours"

Why start again from the beginning? How does that make sense?

But yeah, I suspect you're right. This whole bitcoin thing seems to be becoming more hassle than its worth.
etotheipi
Legendary
*
expert
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 23, 2013, 07:44:30 PM
 #14

Well tried it for awhile. Seemed to be stuck at 95%, so closed it.

I wasn't sure where the icon would be to restart it, found it, clicked it, like you do...  "0%  8 hours"

Why start again from the beginning? How does that make sense?

But yeah, I suspect you're right. This whole bitcoin thing seems to be becoming more hassle than its worth.

I don't mean to go troubleshooting in this unrelated thread, but perhaps this topic is essentially closed anyway (question answered).  So I won't feel guilty about it. 

There seems to be a problem with some existing Bitcoin installations, where the block data gets corrupt and Armory can't read it.  That's why it gets stuck.  And also why I'm changing the stuff under the hood to avoid this in the future.  It has led to me recommending that users redownload the blockchain until I have a more-robust solution in place. 

It's not ideal, by any means.  As I said, the price of security and features (in this case) is usability.  Luckily, once you get over the usability curve, Armory is actually qiute pleasant, but the setup can be a pain for some configurations.  I'm working on making this easier.  Until then, I don't blame people for glossing over it when it doesn't work out-of-the-box.  I hope I can make it work out-of-the-box, better.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
WilderedB
Member
**
Offline Offline

Activity: 93


View Profile
April 24, 2013, 05:15:19 AM
 #15

Your add-on seems fine, it's the base client that seems to be the problem.

I uninstalled it before, because it did the same thing, took forever to finally catch up, then a day or two later gave some error message and started all over again. That's why I switched to Multibit.

However it seems Multibit isn't encrypted and so not overly secure, so when I heard of Armory I was hoping it was a good compromise between the two.

If the QT thing means it can, and does, take 8 hours just to open and use the software then that's a non-starter for me.

Mmmm, just tried loading it again, now it says 95%.. 12 minutes. That's a bit better, though.. ah, 13... 15 minutes.. It's going UP? Well waited 5 mins, now says 96% and still 15 minutes. Crazy.

Yet to do the paper wallet thing I should ideally have an old PC or netbook offline? All 4 of my cores are currently over 85%, this is a 2 month old 64 bit PC with 8 GB RAM and Win7 on a SSD and it's straining with this. How long would an Atom-powered netbook take?

Ah, 98% - 2 hours.

2 hours?

Also says in red that it's "offline'. Why? My modem is going crazy, currently at 199 kps, it's very much online.

I love the concept of bitcoin, I'm a strong libertarian and understand the economics. Heck, I just want to buy one coin and store it safely, just as a vote of confidence really, and to understand the system so I can explain it to others. However I'm getting a strong deja vu feeling from various other open source projects, raw, never actually finished and polished, overly complex and hours spent on a forum trying to figure things out.

I would say "I'll be back in 6 months when you've finished it" but experience tells me open source stuff never IS finished.

Not moaning at you, just ranting at the world of bitcoin in general Smiley I'm very close to giving up entirely right now.




A.
dserrano5
Legendary
*
Offline Offline

Activity: 1848



View Profile
April 24, 2013, 07:04:08 AM
 #16

Mmmm, just tried loading it again, now it says 95%.. 12 minutes. That's a bit better, though.. ah, 13... 15 minutes.. It's going UP? Well waited 5 mins, now says 96% and still 15 minutes. Crazy.

Recent blocks are thoroughly checked and that's why they take more time to synchronize. Let it some time, you only have to go through it once Smiley.

WilderedB
Member
**
Offline Offline

Activity: 93


View Profile
April 24, 2013, 07:31:24 AM
 #17

Mmm.

Well that's the thing, it synced once before, then started again.

Well it's finally finished, and NOW it (Armory) says it's online.

Presumably it has to catch up with the block chain before it considers itself online? I was confused with that because in the FAQ for paper wallets it talks of an online and an offline install, so I thought it was in the wrong mode or something.

Well let's test it a bit, gonna reboot, re-open the software and see if it syncs fast...
WilderedB
Member
**
Offline Offline

Activity: 93


View Profile
April 24, 2013, 09:41:11 AM
 #18

Nope.

My PC froze up/crashed the first time, 2nd time it took about 15 mins to get back online, including a 4 minute wait for it to scan my transaction history. I've never made a transaction in my life.  Huh

I can see this is probably quicker, and cheaper, than driving into town and depositing cash into some bank to send. And it's semi-anon', so there's that. For making micro-payments though, such as paying to view webpages or an online tip jar? No-one is gonna hang around for 10 or 20 mins while their wallet opens.

For savings it makes sense I guess but I don't think I could use this as my day to day wallet, but if you're NOT using it daily then it takes even longer to start up.

Mmm.

All right for paper wallet savings kind of thing I guess. Penalty for early withdrawal? You have to wait. And wait. Then wait some more.

Anyway, sorry for clogging the thread with my musings and mumblings (grumblings).  Undecided

OK, question - if I download the bitaddress.org web page, create a key pair offline, print off the secret key and use Multibit, entering just the public key, what's wrong with that? How exactly is this QT client and armory thing better than that?

Or is that a really dumb question?

etotheipi
Legendary
*
expert
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 24, 2013, 02:14:22 PM
 #19

Nope.

My PC froze up/crashed the first time, 2nd time it took about 15 mins to get back online, including a 4 minute wait for it to scan my transaction history. I've never made a transaction in my life.  Huh

I can see this is probably quicker, and cheaper, than driving into town and depositing cash into some bank to send. And it's semi-anon', so there's that. For making micro-payments though, such as paying to view webpages or an online tip jar? No-one is gonna hang around for 10 or 20 mins while their wallet opens.

For savings it makes sense I guess but I don't think I could use this as my day to day wallet, but if you're NOT using it daily then it takes even longer to start up.

Mmm.

All right for paper wallet savings kind of thing I guess. Penalty for early withdrawal? You have to wait. And wait. Then wait some more.

Anyway, sorry for clogging the thread with my musings and mumblings (grumblings).  Undecided

OK, question - if I download the bitaddress.org web page, create a key pair offline, print off the secret key and use Multibit, entering just the public key, what's wrong with that? How exactly is this QT client and armory thing better than that?

Or is that a really dumb question?

Sounds like you and Armory weren't meant to be together.  The initial download will still be required, but the rest of it will be improving dramatically in the near future.  Reduced resource usage and near-instant startup time.

The reason to use Armory is that when you create the offline wallet, you can put the watching-only wallet on your online computer and it behaves identically to a regular wallet.  You can generate millions of addresses, without the private keys on the online computer, and you can verify incoming payments just like a regular wallet.  The key feature is that spending the coins from the offline wallet only takes 1-2 minutes with a USB key to get the signature from the offline computer. 

Lots of people have figured out how to put their private keys offline and try to watch them from the online computer.  But no one else has figured out how to actually make that wallet usable.  If it requires any command-line, or re-distribution/synchronization of data between online and offline, it's inferior to Armory.  But obviously, Armory has some work to do on the other dimensions of usability.


Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
WilderedB
Member
**
Offline Offline

Activity: 93


View Profile
April 24, 2013, 05:56:59 PM
 #20

Stop trying to put me off; I'm doing a great job of that all by myself thankyouverymuch.  Tongue

Regarding usability, I've been playing with it..

1. I got the general idea of an offline wallet and a 'watching only' wallet - but how to create a watching wallet? There's nowhere in the software that seems intuitive.

Eventually found a reference on the 'quick start' thing, on your website. However that says you can make a wallet watch-only in the "wallet properties".

Nope.

Not until I finally gave up looking and deleted the wallet... and THEN it offered the option of deleting just the private keys, making it a watch-only version!

2. But wait...

I was given 2 options, delete completely, or just the private keys. A pretty clear-cut, yes or no question, using radio-button selectors.

Except I could not unselect the "delete completely" option.

Once again some head-scratching before finally giving up and saying yeah, delete everything, completely.. and THEN it produced a watch-only version!

Stop doing that!


3. Help files.

Firstly, it has that classic (cliche?) thing, where you click on 'Help' in an open-source software and instead of helping it gives a long-winded overview of all the changes from previous versions.

As a sales copywriter that is PAINFUL to me. Nobody cares about previous versions; tell me how to use this one?

Your quick-start guide isn't even linked in the software, let alone readable offline inside it?

Mmm, just to double-check that I restarted and got this:


There was an error starting the underlying Bitcoin engine. This should not normally happen. Usually it occurs when you have been using Bitcoin-Qt prior to using Armory, especially if you have upgraded or downgraded Bitcoin-Qt recently (manually, or through the Armory automatic installation). Output from bitcoind:
StdErr:

: Error opening block database.
Do you want to rebuild the block database now?


See what I mean? So I have to wait another 8 hours or so now?

Also there's no 'Yes/No' to select, it asks the question but there's no way of answering it.

In the box below it offers the option of reinstalling the bitcoin software. Seriously?

Let's try the QT thing... Well it opened but 'Error opening database"....  So that was the "output" above? *sigh* OK...

"Catching up  2.4% done"


*fumps head on desk*

Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!