Why has my newly created Bitcoin address already been used?

[Yoan_H1]

Saludes

A few days ago I created a paper wallet on the bitcoinpaperwallet portal; then I checked it on the Blockchain page, and this one tells me that such address has two blockchain; one for Bitcoin and other for Bitcoin Cash. The Bitcoin Cash in turn is shown with another address. I'm just learning about this topic, and I suppose that up to here everything is normal, but then it happens that when I enter the Bitcoin chain, it appears to me that two transactions have already been made, one in and one out with differences of one minute, as of May 2019, but in the check-in there is a history of transactions to different addresses including this one, whose total sum is the one that is withdrawn in the second transaction, leaving the account at 0, which in my Ignorance this seems to me an inconsistency since the system tells me "total transfers 2". To all this what worries me the most is the following: If each created key is supposed to be random and unique in the Blockchain, at least Bitcoin, why has my newly created Bitcoin wallet already been used? Does this mean that now at least two users have access to the same wallet without our consent?

I would greatly appreciate whoever can answer me.

[1713558530]

1713558530

[1713558530]

1713558530

[1713558530]

1713558530

[1713558530]

1713558530

[1713558530]

1713558530

[1713558530]

1713558530

[o_e_l_e_o]

If the address you have generated has previous outgoing transactions visible on a blockchain explorer, then yes, someone else has access to one of the private keys that controls that address.

The chance that you have completely randomly generated the same address as someone else is astronomically small. Far more likely is that you have used a malicious version of bitaddress which is generating pre-defined addresses, or you have clipboard malware which has changed your generated address to something different, or potentially an error on your part.

Can you confirm the URL of the Bitaddress site you used. Did you download the site and run it offline?

[nc50lc]

The Bitcoin Cash in turn is shown with another address. -snip-

It's the same address in "cash address" format, every BCH sent to the '1' address will also reflect to the 'q' address, they are interchangeable for compatibility reasons.

The main issue is: you might have clicked a fake bitaddress URL just like o_e_l_e_o said.

[Yoan_H1]

Hello o_e_l_e_o, thanks for answering.

Excuse me I did not generate the key on Bitaddress.org, but on https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-wallet.html#, and I did not download it, I ran it directly on the web.

[nc50lc]

There are couple of off-site scam accusations for that paper wallet generator after the change of ownership, but nothing in this forum.
Just do not use that site (or any online address generator in general);
if you really want to, use bitaddress's source offline instead since bitcoinpaperwallet claims to be a fork of bitaddress.
And there's this guy with the same issue:

I've recommended this website to my friend. He just got back to me saying, that the wallet he just generated had previous in and out transactions starting in Jan 2019 and ending last month - March 2020. I spoke with him extensively, and I can't find any reasonable explanation. This is the address he "generated" two days ago: https://www.blockchain.com/btc/address/1PoZHV4rrftuv8YuoDgRqji1syuSw141q8

[Yoan_H1]

Hi nc50lc, thank you for clarifying this points for me.

[Abdussamad]

there have been scam accusations against that site on this forum as well. it's definitely a scam operation.

[LoyceV]

Excuse me I did not generate the key on Bitaddress.org, but on https://bitcoinpaperwalletSCAM.com/bitcoinpaperwallet/generate-wallet.html#

Update: It's a confirmed scam! Don't use it anymore!
I've used that site several times, but never since it changed ownership. I still have it's source from years ago, and that's what I use. I do the same with bitaddress.org: I don't trust newer versions, even though I have no reason not to trust them, there's also no need to "upgrade".
If bitcoinpaperwallet.com really turned into a scam, it would be very nice if someone can find hard evidence in the (open) source.

and I did not download it, I ran it directly on the web.

But why? The whole point of creating a paper wallet is to have COLD storage. That means the private key can never have touched the internet, and can never have been on a computer that has been online without being wiped after creating the wallet. See:

^* Download and use offline. Use for example Ubuntu or Knoppix from a LIVE DVD without ethernet/Wi-Fi

It's even better not to trust any site's random generator. You can for instance create a private key throwing a dice (read up how to properly do this!), or combine 2 random generators by creating a split key vanity address on a different system, then combining it with the original. This is a lot more work and prone to failure if you're not sure what you're doing.
Another option would be to get a private key from Bitcoin Core and use that as a paper wallet.

One last suggestion: test your paper wallet (again: on an offline system) before funding it. Make sure you have the correct private key to access the address.

[BrewMaster]

here is a better thought: instead of using websites or even their source code you can use a popular wallet to create a paper wallet. wallets such as bitcoin core or electrum.
just download them, verify their signature and then go offline on an airgapped machine. run the wallet and create a new key or better yet create a mnemonic with an HD wallet such as electrum. then write that down on a piece of paper as your paper wallet.
if you like the design that those sites offer you can always find their source code (or even through the HTML in the site that is open) and save the picture which is usually a jpg file and print your key on that.

[20kevin20]

here is a better thought: instead of using websites or even their source code you can use a popular wallet to create a paper wallet. wallets such as bitcoin core or electrum.
just download them, verify their signature and then go offline on an airgapped machine. run the wallet and create a new key or better yet create a mnemonic with an HD wallet such as electrum. then write that down on a piece of paper as your paper wallet.
if you like the design that those sites offer you can always find their source code (or even through the HTML in the site that is open) and save the picture which is usually a jpg file and print your key on that.

+1. I never felt secure when using paper wallets generated by a website.

If you are not new to PCs and like trying out new stuff, there is one more thing you can do: securely flash Tails (a Linux distro) on a 8GB+ USB stick and use Electrum over there offline (or online, your choice).

Plug out your Ethernet cable, optional step: physically disconnect all hard drives from your PC, insert the bootable USB, boot Tails from it and there you have an offline, airgapped PC to safely use Electrum with (Electrum is preinstalled on this distro). And as far as I know, you could use Tails even online with Electrum safely - as long as you've verified the flashed ISO signatures correctly, risks should be minimum.

Just make sure you store the seed correctly when generating the wallet and you should be good to go. Once you shut down or reboot your PC, everything on the stick will be reset and any new change/file will be deleted.

The advantage of this is that afterwards you can just shut down your PC, plug out the USB stick and use it again whenever you like. Moreover, your bootable Tails will run on Tor all the time.

[bob123]

here is a better thought: instead of using websites or even their source code you can use a popular wallet to create a paper wallet. wallets such as bitcoin core or electrum.
just download them, verify their signature and then go offline on an airgapped machine. run the wallet and create a new key or better yet create a mnemonic with an HD wallet such as electrum. then write that down on a piece of paper as your paper wallet.
if you like the design that those sites offer you can always find their source code (or even through the HTML in the site that is open) and save the picture which is usually a jpg file and print your key on that.

This is the way to go.


Don't ever use websites to create a paper wallet (neither online nor offline).

The most secure way to generate a paper wallet is to use a live linux distribution on an offline computer.
Either use electrum or any other reputable open source software (signature verified) to generate a private key / mnemonic code or just use openssl from the command line. Both works.

Just don't ever use a website. The risk is way higher and not worth it.

[o_e_l_e_o]

As others have said, there are multiple scam reports against bitcoinpaperwallet.com since the site was sold.
https://www.reddit.com/r/btc/comments/ea6bxg/warning_bitcoinpaperwalletcom_is_compromised/
https://www.reddit.com/r/CryptoCurrency/comments/cyd6uj/bitcoinpaperwalletcom_scam_or_not_4_btc_stolen/
https://np.reddit.com/r/Bitcoin/comments/cs68ri/my_paper_wallet_generated_on/


Am I the only one who generates my paper wallets manually?

Flip a coin 11 times, turn the resulting number in to a BIP39 word from the word list. Repeat 22 more times.
Flip a coin 3 times, calculate the checksum using a permanently airgapped computer, pick the last word.
Write down on paper, import in to a wallet or iancoleman on your permanently airgapped computer to generate a receiving address (Optional: add in a passphrase and write that down on a separate piece of paper).
Whole thing can be done in 15-20 minutes.

If you are using paper wallets for long term storage of the majority of your funds, then why not take the time to remove the trust for a third party generating your seed/keys entirely?

I do accept that this is outwith the scope of casual users, but if you have the knowledge to do it safely this way, then why rely on someone else's code?

[bob123]

Am I the only one who generates my paper wallets manually?

Flip a coin 11 times, turn the resulting number in to a BIP39 word from the word list. Repeat 22 more times.
Flip a coin 3 times, calculate the checksum using a permanently airgapped computer, pick the last word.
Write down on paper, import in to a wallet or iancoleman on your permanently airgapped computer to generate a receiving address (Optional: add in a passphrase and write that down on a separate piece of paper).
Whole thing can be done in 15-20 minutes.

If you are calculating the checksum on an airgapped computer and generating the address on it, why not simply create the seed/private key on it as well ?
That would be my approach.

I'd rather spend 2 minutes typing commands than 15 minutes flipping coins  

Is there a specific reason to not gather the entropy from an electronic device? Or do you just like generating it from scratch ?

[LoyceV]

Is there a specific reason to not gather the entropy from an electronic device?

You need to trust the software you're using. It's a lot more difficult to compromise a coin flip than it is to compromise a recently sold paper wallet website.

[bob123]

You need to trust the software you're using. It's a lot more difficult to compromise a coin flip than it is to compromise a recently sold paper wallet website.

That's why i said the following:

Don't ever use websites to create a paper wallet (neither online nor offline).

Trust required towards the software is true. But i'd say you can pretty much trust an officially signed open source linux distribution and openssl (or electrum).
Because that's basically all you need (or even less when generating it with coinflips). And that's what i was talking about.

But i was curious regarding the coinflips from o_e_l_e_o, and why he chose to use them instead of the other possibilities (openssl / electrum / core) on an airgapped computer (which has to be used anyway).

[o_e_l_e_o]

If you are calculating the checksum on an airgapped computer and generating the address on it, why not simply create the seed/private key on it as well ?

Because there is far less trust involved in performing a single SHA256 hash than there is generating your entire 256 bits of entropy from a piece of software, unless you've written the software yourself or read the entire code, but 99.99% of people can't or won't do that.

Is there a specific reason to not gather the entropy from an electronic device? Or do you just like generating it from scratch ?

As Loyce says, provided I am using a fair coin (or even better, a variety of coins), there is essentially zero chance that my output isn't truly random.

[math09183]

Hello o_e_l_e_o, thanks for answering.

Excuse me I did not generate the key on Bitaddress.org, but on https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-wallet.html#, and I did not download it, I ran it directly on the web.

It is even not possible to enter this page if you use Antivirus! Bitdefender blocks it

[Rath_]

It is even not possible to enter this page if you use Antivirus! Bitdefender blocks it

It depends on the anti-virus software you use. I use Malwarebytes Premium and it doesn't block the website.

[PrimeNumber7]

Is there a specific reason to not gather the entropy from an electronic device?

You need to trust the software you're using. It's a lot more difficult to compromise a coin flip than it is to compromise a recently sold paper wallet website.

You have to trust software to spend your coin when you spend it. When you sign a message or transaction, you combine what should be a random value with your private key to generate the signature. If you know one, it is trivial to calculate the other with a given signature. Malicious software could possibly leak information via this random value.

Creating a kay "by hand" also has a greater potential to make mistakes.

The scope of possible attacks is also greater when using a paper wallet than using an encrypted wallet.

[o_e_l_e_o]

You have to trust software to spend your coin when you spend it.

Risk and trust can never be zero, but it is all about reducing your risk to a minimum. If I want to spend from my paper wallet, then I will be importing my seed to my permanently airgapped computer, using it to sign a transaction, and then moving my signed transaction to an internet connected computer to broadcast it. Even if I have the most malicious software wallet in existence on my airgapped computer, there is nothing it can do to steal my coins. If it signs a transaction to the wrong address, for example, I can easily pick that up before moving the transaction to my live computer to be broadcast.

Creating a kay "by hand" also has a greater potential to make mistakes.

I don't disagree with you here, and as I said above I wouldn't recommend this technique to new users by any means. But if someone knows what they are doing, and double checks everything, then it's a more secure method to generate entropy than relying on third party code which you almost certainly haven't audited.