Bitcoin Forum
November 16, 2024, 07:00:32 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: « 1 [2]  All
  Print  
Author Topic: So BIP-38 Encrypted Paper Wallet = Most Secure?  (Read 11201 times)
Boussac
Legendary
*
Offline Offline

Activity: 1221
Merit: 1025


e-ducat.fr


View Profile WWW
April 02, 2014, 04:05:00 PM
 #21


Use http://bitaddress.org (a saved version, offline) to generate the BIP0038 paper wallet and use http://passguardian.com (a saved version, offline) for the m-of-n Shamir's Secret Sharing.
Your heirs will need instructions on how to reconstruct the BIP0038 password.

I knew about bitaddress (very useful) but thanks for mentionning http://passguardian.com and kudos to the developper: this is an awesome javascript utility (much easier than installing the ssss command line software on one's PC).

Brangdon
Sr. Member
****
Offline Offline

Activity: 365
Merit: 251


View Profile
April 02, 2014, 07:32:51 PM
 #22

Just wanted to add, the same thing would apply to a 2nd Cold offline computer right?

1) Install Bitcoin on your future cold computer
2) Generate a wallet/address on your future cold computer
3) Disconnect your computer from the internet and keep it disconnected permanently.
4) Using Blockchain, your Hot Computer, or whatever computer that has funds, send Bitcoins to your cold computer's address
5) Check/Watch the balance on the blockchain to see that you have the funds on the new address for your cold computer
You can install wallet software from a USB drive, so there's no need for the cold computer to ever be connected to the internet. Buy a cheap laptop, format it, install a free Linux-based O/S from USB, install Armory from USB, create a wallet, export it as a "watching" wallet (ie, without private keys), import it into a wallet on a second, online, computer. You can check the balance from the online computer. There's no need to use Blockchain.

You can even spend the funds without the offline computer going online. You have the online computer generate unsigned transactions, move them across the air gap to the offline computer, sign them there, move the transactions back, publish them from the online computer. Armory generates new addresses in a deterministic way, so you avoid reusing addresses and the offline wallet still only needs to be backed up once.

This is what Armory is all about.

Quote
6) Encrypt the cold computer wallet, make backups flash drives/paper copies with BIP-38, and/or hide the computer for more security
I'm not sure what BIP-38 gains you in this scenario, over just encrypting the wallet and then making copies of that. I trust my encryption enough to store a copy on DropBox.

Of course you have to make sure your heirs can get the necessary passphrase after your death, but nowadays most of us have a lot of passphrases so this is nothing new or special. I use a password manager. If my heir can get into that, they can find all the others, and the procedure can be documented once in my will.

Bitcoin: 1BrangfWu2YGJ8W6xNM7u66K4YNj2mie3t Nxt: NXT-XZQ9-GRW7-7STD-ES4DB
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!