I need help understanding how card HW wallets work

[NotATether]

I'm talking about cards like Ballet Crypto and Coinfinity, which have a QR code on them, and possibly a public or private key. What is inside the QR code, and how do you load it with funds? If private keys are revealed then how is that possible without compromising security?

Is it true that cards are supposed to be for one-way sending, and when you extract the funds, the card becomes unusable? So it's effectively a piggy bank?

Sorry for these basic questions, I'm a complete noob to card wallets.

[HCP]

I'm talking about cards like Ballet Crypto and Coinfinity, which have a QR code on them, and possibly a public or private key. What is inside the QR code, and how do you load it with funds? If private keys are revealed then how is that possible without compromising security?

Looking at the Ballet Crypto one... the visible QR Code is simply used for encoding the the deposit address... the underneath side of QR sticker, has a second QR code that contains the "encoded private key" (it's a BIP38 encrypted private key).

4. In Ballet’s secure printing facility, a two-layer QR code sticker is printed with the EPK on the concealed bottom layer and the deposit address on the exposed top layer.

To load with funds, you simply scan the QR code (or type in the displayed address) and send funds to the address as a normal transaction.


The passphrase for this BIP38 encrypted private key is stored under the "scratch off panel" on the front of the card...

8. At Ballet’s secure facility in the United States, the wallet passphrase and serial number are laser-etched onto the physical product.
a. The physical products and QR code stickers are double checked to ensure that all three serial numbers match correctly.
b. A strip of tamper-evident scratch-off material is then applied over the wallet passphrase to conceal it.

Is it true that cards are supposed to be for one-way sending, and when you extract the funds, the card becomes unusable? So it's effectively a piggy bank?

Yes, it is effectively a piggy bank... once you peel the sticker and scratch off the panel, the private key is essentially "compromised"... the key should be "swept" ASAP and funds transferred to another secure wallet. Re-use should be avoided if possible.


Essentially, it's just a fancy "paper wallet" (or "physical bitcoin"), just in a plastic credit card format instead of being printed on paper or on a "coin" shaped object. You can also get tamper evident stickers/seals for paper wallets and most physical bitcoins use them as well.

[NotATether]

I'm talking about cards like Ballet Crypto and Coinfinity, which have a QR code on them, and possibly a public or private key. What is inside the QR code, and how do you load it with funds? If private keys are revealed then how is that possible without compromising security?

Looking at the Ballet Crypto one... the visible QR Code is simply used for encoding the the deposit address... the underneath side of QR sticker, has a second QR code that contains the "encoded private key" (it's a BIP38 encrypted private key).

This QR sticker also has to be peeled off to access the BIP38 private key QR code at the bottom layer, just like the passphrase has to be scratched off too to spend the money?

[HCP]

Yes, it's a tamper-evident sticker... so when it has been peeled off to reveal the encrypted private key, the sticker has the tell-tale markings on it, so you can't peel it off, get the private key and then stick it back on again and it looks "normal".

Then you have to scratch the panel to get the decryption key for the encrypted private key... then you can decrypt the key and access the coins.

[Stalker22]

Yes, it's a tamper-evident sticker... so when it has been peeled off to reveal the encrypted private key, the sticker has the tell-tale markings on it, so you can't peel it off, get the private key and then stick it back on again and it looks "normal".

Then you have to scratch the panel to get the decryption key for the encrypted private key... then you can decrypt the key and access the coins.

Did I get it right, card wallets are predefined (manufactured) with a private/public key combination?
So, essentially, we have to trust the manufacturer that the keys are not stored anywhere in the production process and will never be leaked or hacked from some database?

[HCP]

Yep, like a lot of premanufactured "physical" coins... you're relying on the manufacturer to not keep records on the private keys... with the Ballet Crypto one, they were claiming in the docs that the private key and encryption key are actually generated by 2 different parties and that nothing is stored anywhere etc

refer: https://www.balletcrypto.com/en/2FKG/#three

[Lucius]

Did I get it right, card wallets are predefined (manufactured) with a private/public key combination?

It all really comes down to trust, only in the specific case of these crypto wallets that trust should really be great. When you buy a hardware wallet such as Nano S/X or Trezor, the process of generating the seed should ensure that only the owner is in possession of key information (seed words), and that this information was created at random. Ledger is using Random Number Generator which is part of their Secure Element.

While no HW is perfect, the fact is that those who pre-generate private keys should not be considered secure - because key information is not only known to the owner, but also to whoever generated that private key.

[Coin-Keeper]

Did I get it right, card wallets are predefined (manufactured) with a private/public key combination?

It all really comes down to trust, only in the specific case of these crypto wallets that trust should really be great. When you buy a hardware wallet such as Nano S/X or Trezor, the process of generating the seed should ensure that only the owner is in possession of key information (seed words), and that this information was created at random. Ledger is using Random Number Generator which is part of their Secure Element.

While no HW is perfect, the fact is that those who pre-generate private keys should not be considered secure - because key information is not only known to the owner, but also to whoever generated that private key.

The other obvious option would be to use a fully/truly air-gapped Live Disk computer to generate your SEED.  Then use that when you load your hardware wallet.  This would seem to eliminate the possibility that the hardware wallet mfg did employ setup keys that could be broken by THEM.  Since this method is a Live Disk there would be NO digital possibility of SEED exposure.  Simply write the SEED words on a piece of paper and proceed from there with loading the hardware wallet.

[Stalker22]

Simply write the SEED words on a piece of paper and proceed from there with loading the hardware wallet.

Thanks for the advice but I think you were mistaken.This topic is about card HW wallets that are already pre-generated with private keys like Ballet Crypto card and the like.
Read a few posts above this or at least the title of the thread and the original post by NotATether.

[The Sceptical Chymist]

So, essentially, we have to trust the manufacturer that the keys are not stored anywhere in the production process and will never be leaked or hacked from some database?

Yeah, that's the lousy part of it--and me being impulsive, I ordered a Ballet wallet and am expecting it to arrive today.  I don't own much bitcoin, so I don't really need it, but it just looks like a really cool thing and I'd like to experiment with it.  I know I could have generated a paper wallet for the price of a piece of printer paper, but I had some credit to blow on Amazon and bought one.

with the Ballet Crypto one, they were claiming in the docs that the private key and encryption key are actually generated by 2 different parties and that nothing is stored anywhere etc

Well that's something positive at least.  I don't expect I'll ever store much on the Ballet, but we'll see what happens. 

Does anyone here have a Ballet wallet?  I don't recall reading any posts in which anyone said they'd tried it out.

[HCP]

So, essentially, we have to trust the manufacturer that the keys are not stored anywhere in the production process and will never be leaked or hacked from some database?

Yeah, that's the lousy part of it--and me being impulsive, I ordered a Ballet wallet and am expecting it to arrive today.  I don't own much bitcoin, so I don't really need it, but it just looks like a really cool thing and I'd like to experiment with it.  I know I could have generated a paper wallet for the price of a piece of printer paper, but I had some credit to blow on Amazon and bought one.

And you won't ever own much BTC if you keep impulse buying hardware wallets! hahaha

Still, I'd be keen on a review once you receive the wallet... To me, it's basically just a physical "coin" in plastic card format... huh, I only just realised they're made from stainless steel!!?!

[Pmalek]

@The Pharmacist
I wouldn't be interested in trying one to be honest. Pre-generated keys that are physically written and saved on the same device only to be reveled with a scratch-off. Seems like you have to trust everyone involved in the development process not to act in a malicious way.

I have already been let down by Ledger and their team. It's not really a good time to experiment further with my bitcoins. I am still interested how you like it, once, it's in your hands.  

Edit: Just saw your other thread with your feedback!

[The Sceptical Chymist]

Edit: Just saw your other thread with your feedback!

Ehhhh.....not for nothing, but where did that thread go to?  I wanted to read some of the comments there that I remember, because some members had recommended a certain version of the Ballet, but for the life of me I can't find the thread that I created specifically about the Ballet.

Mods: any idea where that went to?  Did I break any rules with that?

I'm thinking of buying a late-minute Christmas present for a family member who I think would appreciate it, and it's probably going to be one of the Ballet wallets. 

[HCP]

Ehhhh.....not for nothing, but where did that thread go to?  I wanted to read some of the comments there that I remember, because some members had recommended a certain version of the Ballet, but for the life of me I can't find the thread that I created specifically about the Ballet.

Mods: any idea where that went to?  Did I break any rules with that?

I'm thinking of buying a late-minute Christmas present for a family member who I think would appreciate it, and it's probably going to be one of the Ballet wallets. 

Do you mean this one: https://bitcointalk.org/index.php?topic=5292310.msg55658855#msg55658855

It seems it got moved to the "Marketplace - Goods" section...

Also, PROTIP: check your "My profile -> Show the last topics started by this person" link to find threads you've created