Paper Wallet and Hardware wallet?

[tayyabdar]

In another thread i have asked about the safest wallet and ...90% suggested me these Paper wallet and Hardware Wallet.
Now i want to ask if someone tell me in Simple and clear What is Paper Wallet and Hardware Wallet mean, because I'm new and non-IT person?
Please be nice, Thanks

[1714157076]

1714157076

[1714157076]

1714157076

[1714157076]

1714157076

[1714157076]

1714157076

[Thirdspace]

In another thread i have asked about the safest wallet and ...90% suggested me these Paper wallet and Hardware Wallet.
Now i want to ask if someone tell me in Simple and clear What is Paper Wallet and Hardware Wallet mean, because I'm new and non-IT person?
Please be nice, Thanks

Paper Wallet = wallet in a piece of paper, your public address and private key printed/written on a paper
Hardware Wallet = wallet in a piece of hardware, similar to usb appearance, private keys never leave the hardware
both will need intermediate software to spend your bitcoin from those wallets on the bitcoin network

[OmegaStarScream]

In addition to what thirdspace said already, hardware wallets are more suitable If have large amounts and in the same time, you want to spend them on a regular basis while paper wallets are better for long term storage and cost nothing.

[Rodrigo Santos]

A hardware wallet is a special type of bitcoin wallet which stores the user's private keys in a secure hardware device.
They have major advantages over standard software wallets:
- Private keys are often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext.
- Immune to computer viruses that steal from software wallets.
- Can be used securely and interactively.
- Easy to use.

A paper wallet, is a piece of paper where you write your private keys, which must be imported, allowing a user to validate the entire operation.
- Immune to computer viruses that steal from software wallets.
- Harder to use.

[jossiel]

In addition to what thirdspace said already, hardware wallets are more suitable If have large amounts and in the same time, you want to spend them on a regular basis while paper wallets are better for long term storage and cost nothing.

I'll add;

Hardware wallets = cost some bucks.

Generating paper wallets can be found through the entire search engines (i.e. google) by just simply putting the keyword "bitcoin paper wallet".

[jtipt]

In addition to what thirdspace said already, hardware wallets are more suitable If have large amounts and in the same time, you want to spend them on a regular basis while paper wallets are better for long term storage and cost nothing.

Also you can secure paper wallet as much as your imagination can allow, after its a paper and can be stored in anyplace even in plain sight while a hardware wallet will require a place in your drawer or safe.

[jinksters09]

Well for it depends upon your budget and how much bitcoin are you gonna store in your wallet if your only gonna store a certain amount in cryptocurrency coins on that, then it is advisable to use paper wallet even though the security is not much as compared to hardware but it does not cost that much, if you will secure a huge amount of cryptocurrency coins then it's best if you use hardware wallet security wise is needed since it is a large amount of coins we are talking about even if you have to spend more, so that you can be assured of your coins protection.

[ranochigo]

A paper wallet, is a piece of paper where you write your private keys, which must be imported, allowing a user to validate the entire operation.
- Immune to computer viruses that steal from software wallets.
- Harder to use.

It's not. Paper wallets are still as susceptible to theft as a normal desktop wallet. The only difference it has is that the wallet itself is stored on paper and thus its exposure is lesser but their risk is roughly the same. You would still have to spend it securely and its to import it on a clean computer or on a computer that has never been online. It's not secure if its not generated and spent securely.

Paper wallets are harder, sure. But they aren't that impossible. It's not hard to use it on a client, say Electrum. The importing and spending of it is rather fast.

[Spendulus]

A paper wallet, is a piece of paper where you write your private keys, which must be imported, allowing a user to validate the entire operation.
- Immune to computer viruses that steal from software wallets.
- Harder to use.

It's not. Paper wallets are still as susceptible to theft as a normal desktop wallet. The only difference it has is that the wallet itself is stored on paper and thus its exposure is lesser but their risk is roughly the same. You would still have to spend it securely and its to import it on a clean computer or on a computer that has never been online. It's not secure if its not generated and spent securely.

Paper wallets are harder, sure. But they aren't that impossible. It's not hard to use it on a client, say Electrum. The importing and spending of it is rather fast.

Risk is roughly the same?

No it is not. Anything which provides offline, air gapped storage is lower risk than anything that does not. You can't dodge this by noting the "moments of insecurity" such as when a paper wallet is read in. There are ways around those risk factors.

A paper wallet is no less than writing down a private key. Since it is possible to store it in encrypted fashion, it may be more than just writing down a private key...

[pooya87]

A paper wallet, is a piece of paper where you write your private keys, which must be imported, allowing a user to validate the entire operation.
- Immune to computer viruses that steal from software wallets.
- Harder to use.

It's not. Paper wallets are still as susceptible to theft as a normal desktop wallet. The only difference it has is that the wallet itself is stored on paper and thus its exposure is lesser but their risk is roughly the same. You would still have to spend it securely and its to import it on a clean computer or on a computer that has never been online. It's not secure if its not generated and spent securely.

Paper wallets are harder, sure. But they aren't that impossible. It's not hard to use it on a client, say Electrum. The importing and spending of it is rather fast.

Risk is roughly the same?

No it is not. Anything which provides offline, air gapped storage is lower risk than anything that does not. You can't dodge this by noting the "moments of insecurity" such as when a paper wallet is read in. There are ways around those risk factors.

A paper wallet is no less than writing down a private key. Since it is possible to store it in encrypted fashion, it may be more than just writing down a private key...

there are still risks, some shared with desktop wallets.
for example the risk of creating the paper wallet on a not-clean computer and having your private keys compromised. this is shared with desktop wallets.
after creating it, the risk is losing the wallet. it is a piece of paper after all, it can be lost, ruined if it is exposed to water, fire,...
and of course the risk of someone simply reading your key and using it

but each of these can be prevented as long as you are aware of the risk itself and the way to eliminate it.

[Spendulus]

A paper wallet, is a piece of paper where you write your private keys, which must be imported, allowing a user to validate the entire operation.
- Immune to computer viruses that steal from software wallets.
- Harder to use.

It's not. Paper wallets are still as susceptible to theft as a normal desktop wallet. The only difference it has is that the wallet itself is stored on paper and thus its exposure is lesser but their risk is roughly the same. You would still have to spend it securely and its to import it on a clean computer or on a computer that has never been online. It's not secure if its not generated and spent securely.

Paper wallets are harder, sure. But they aren't that impossible. It's not hard to use it on a client, say Electrum. The importing and spending of it is rather fast.

Risk is roughly the same?

No it is not. Anything which provides offline, air gapped storage is lower risk than anything that does not. You can't dodge this by noting the "moments of insecurity" such as when a paper wallet is read in. There are ways around those risk factors.

A paper wallet is no less than writing down a private key. Since it is possible to store it in encrypted fashion, it may be more than just writing down a private key...

there are still risks, some shared with desktop wallets.
for example the risk of creating the paper wallet on a not-clean computer and having your private keys compromised. this is shared with desktop wallets.
after creating it, the risk is losing the wallet. it is a piece of paper after all, it can be lost, ruined if it is exposed to water, fire,...
and of course the risk of someone simply reading your key and using it

but each of these can be prevented as long as you are aware of the risk itself and the way to eliminate it.

I've bolded my comments that answer your assertions, leaving one. "It is a piece of paper...."

No, a "paper wallet" is not a piece of paper. It might be, but it might also be engraved phrases on steel, or other materials. And there isn't necessarily just one copy in one location.

One more time. A paper wallet is simply writing down and storing private keys.

[ranochigo]

I've bolded my comments that answer your assertions, leaving one. "It is a piece of paper...."

No, a "paper wallet" is not a piece of paper. It might be, but it might also be engraved phrases on steel, or other materials. And there isn't necessarily just one copy in one location.

One more time. A paper wallet is simply writing down and storing private keys.

Sure. Paper wallets are basically private keys that are stored offline.

A paper wallet isn't just simply writing down and storing private keys. The paper wallets would have to be generated and spent somehow. If it somehow gets into contact with a computer that has at least been connected to the internet, it isn't considered air-gapped. It can be secure, if you generate and spend it securely. But the whole process is basically spinning up an offline desktop wallet which I would consider just using it instead of going through the whole fiasco of having to store it and spend it securely.

If you do get any malware on your desktop, your private keys could get compromised, desktop wallets or not. I don't find it particularly reasonable to say that a paper wallet is more secure as a desktop wallet when it isn't generated securely most of the time, regardless of how big of a risk it is.

It's not wrong to say that paper wallets are secure. But the thing is, most people generate it and spend it online which makes it much less secure that it seems.

[bob123]

If you do get any malware on your desktop, your private keys could get compromised, desktop wallets or not.

This statement itself is wrong.
If you have malware on your desktop PC, only those private keys which are stored on this pc will get compromised (considering they aren't secured in any other way, e.g. encryption).

I don't find it particularly reasonable to say that a paper wallet is more secure as a desktop wallet when it isn't generated securely most of the time, regardless of how big of a risk it is.
It's not wrong to say that paper wallets are secure. But the thing is, most people generate it and spend it online which makes it much less secure that it seems.

Paper wallets are safer than desktop wallets by definition.

Desktop wallet: Your private keys are on your PC the whole time.

Paper wallets: Your private keys shouldn't ever be on an PC which is connected to the internet.

Even if you create it on an online-pc, those private keys are still only stored there for a short amount of time.
Infections AFTER creating a paper wallet would not compromise those private keys. Where infections after you created a desktop wallets will lead to compromised private keys.


The statements that most people create their paper wallets online / on an online machine is not reasonable for me.
People who are taking the step to find out how to create paper wallets and how to use them properly won't create them on an unsecured PC.
Most of them are using a linux distro from which they boot to create the paper wallet without an internet connection.

In cases where paper wallets are generated on an online pc its the users fault for getting compromised.
Where with desktop wallets its (mostly) not the users fault since the only way you can assure your wallets doesnt get compromised is to not get infected with malware.
And this can't be guaranteed to never happen.

[Spendulus]

I've bolded my comments that answer your assertions, leaving one. "It is a piece of paper...."

No, a "paper wallet" is not a piece of paper. It might be, but it might also be engraved phrases on steel, or other materials. And there isn't necessarily just one copy in one location.

One more time. A paper wallet is simply writing down and storing private keys.

Sure. Paper wallets are basically private keys that are stored offline.

A paper wallet isn't just simply writing down and storing private keys. The paper wallets would have to be generated and spent somehow. If it somehow gets into contact with a computer that has at least been connected to the internet, it isn't considered air-gapped. It can be secure, if you generate and spend it securely. But the whole process is basically spinning up an offline desktop wallet which I would consider just using it instead of going through the whole fiasco of having to store it and spend it securely.

If you do get any malware on your desktop, your private keys could get compromised, desktop wallets or not. I don't find it particularly reasonable to say that a paper wallet is more secure as a desktop wallet when it isn't generated securely most of the time, regardless of how big of a risk it is.

It's not wrong to say that paper wallets are secure. But the thing is, most people generate it and spend it online which makes it much less secure that it seems.

I'm having some trouble parsing your comments and trying to understand in what possible context they might be true.

I think you are saying that sloppy use of paper wallets is no better than an online wallet.

However, I can't agree with that. Suppose you have a sloppy and careless user, who may have malware. He creates some paper wallets and five years later remembers he has them, and does something with them.

Surely he is better off than the sloppy and careless user who had bitcoin on his malware infested computer for five years.

[pooya87]

If you do get any malware on your desktop, your private keys could get compromised, desktop wallets or not.

This statement itself is wrong.
If you have malware on your desktop PC, only those private keys which are stored on this pc will get compromised (considering they aren't secured in any other way, e.g. encryption).

a malware can be a lot of different things and do so many different things.
it usually is a form of key logger where you create a key randomly and securely but it steals it and broadcasts it to the hacker.
but it can also be changing the key you are making. for example you may install a wallet and after you generate the new wallet safely it simply replaces the wallet file with the one it creates. the malware doesn't even have to be online to do that. it can have the master pubkey hardcoded in it. so your wallet keeps giving you the addresses that the hacker controls

[bob123]

If you do get any malware on your desktop, your private keys could get compromised, desktop wallets or not.

This statement itself is wrong.
If you have malware on your desktop PC, only those private keys which are stored on this pc will get compromised (considering they aren't secured in any other way, e.g. encryption).

a malware can be a lot of different things and do so many different things.

Thats true, never challenged that fact.

it usually is a form of key logger where you create a key randomly and securely but it steals it and broadcasts it to the hacker.

1) Malware usually is not a key logger. Key logger are quite underrepresented actually.
2) A Keylogger would not steal a securely/randomly generated key. A keylogger does that what the name says.. it logs every keystrokes and broadcasts them to the "hacker".
So if you don't type that key (private key / seed) nothing will get transmitted.

but it can also be changing the key you are making.
for example you may install a wallet and after you generate the new wallet safely it simply replaces the wallet file with the one it creates.
the malware doesn't even have to be online to do that. it can have the master pubkey hardcoded in it. so your wallet keeps giving you the addresses that the hacker controls

This actually is not that easy.
These malware would have to interact with the program creating the seed/private key.
This would require to hijack the process generating those keys. Thats just way too much work for such a simple effect.
Its way easier to just realize a keylogger/clipboardvirus/exploit(which lets you steal those keys)/reading out memory when private key is being used/ etc...

But in the end my statement is still true.
Private keys which have been generated BEFORE the infection (and are no longer stored there) won't get compromised.
Simply because there is nothing to get compromised.

[Spendulus]

If you do get any malware on your desktop, your private keys could get compromised, desktop wallets or not.

This statement itself is wrong.
If you have malware on your desktop PC, only those private keys which are stored on this pc will get compromised (considering they aren't secured in any other way, e.g. encryption).

a malware can be a lot of different things and do so many different things.

Thats true, never challenged that fact.

it usually is a form of key logger where you create a key randomly and securely but it steals it and broadcasts it to the hacker.

1) Malware usually is not a key logger. Key logger are quite underrepresented actually.
2) A Keylogger would not steal a securely/randomly generated key. A keylogger does that what the name says.. it logs every keystrokes and broadcasts them to the "hacker".
So if you don't type that key (private key / seed) nothing will get transmitted.

but it can also be changing the key you are making.
for example you may install a wallet and after you generate the new wallet safely it simply replaces the wallet file with the one it creates.
the malware doesn't even have to be online to do that. it can have the master pubkey hardcoded in it. so your wallet keeps giving you the addresses that the hacker controls

This actually is not that easy.
These malware would have to interact with the program creating the seed/private key.
This would require to hijack the process generating those keys. Thats just way too much work for such a simple effect.
Its way easier to just realize a keylogger/clipboardvirus/exploit(which lets you steal those keys)/reading out memory when private key is being used/ etc...

But in the end my statement is still true.
Private keys which have been generated BEFORE the infection (and are no longer stored there) won't get compromised.
Simply because there is nothing to get compromised.

One more word.

Trezor.