Bitcoin Forum
December 11, 2016, 12:14:12 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: [IDEA] Casascius physical Bitrings  (Read 3103 times)
Meni Rosenfeld
Donator
Legendary
*
Offline Offline

Activity: 1890



View Profile WWW
April 26, 2012, 08:08:09 PM
 #1

Like a Casascius physical Bitcoin. But in ring form.

It needn't be particularly easy to extract the private key, but it should be possible in theory. If it's possible to make a fine enough engraving to fit it would be optimal.

Preferably it should also come in wedding ring form, and I want them to be available by the time I get married. (I might be a while, no rush.)

1EofoZNBhWQ3kxfKnvWkhtMns4AivZArhr   |   Who am I?   |   bitcoin-otc WoT
Bitcoil - Exchange bitcoins for ILS (thread)   |   Israel Bitcoin community homepage (thread)
Analysis of Bitcoin Pooled Mining Reward Systems (thread, summary)  |   PureMining - Infinite-term, deterministic mining bond
1481458452
Hero Member
*
Offline Offline

Posts: 1481458452

View Profile Personal Message (Offline)

Ignore
1481458452
Reply with quote  #2

1481458452
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481458452
Hero Member
*
Offline Offline

Posts: 1481458452

View Profile Personal Message (Offline)

Ignore
1481458452
Reply with quote  #2

1481458452
Report to moderator
1481458452
Hero Member
*
Offline Offline

Posts: 1481458452

View Profile Personal Message (Offline)

Ignore
1481458452
Reply with quote  #2

1481458452
Report to moderator
1481458452
Hero Member
*
Offline Offline

Posts: 1481458452

View Profile Personal Message (Offline)

Ignore
1481458452
Reply with quote  #2

1481458452
Report to moderator
enmaku
Hero Member
*****
Offline Offline

Activity: 742



View Profile WWW
April 26, 2012, 08:12:27 PM
 #2

Find out how many characters a regular jeweler can engrave inside the ring. It might be enough for a mini-privkey format already.

Yankee (BitInstant)
Legendary
*
Offline Offline

Activity: 1078


Charlie 'Van Bitcoin' Shrem


View Profile WWW
April 26, 2012, 08:13:26 PM
 #3

I have a 10 BTC silver coin I bought from him, that I've slowly moves around ~200 BTC

I'd love to be able to put them on a ring and then be able to wear my investment!

Bitcoin pioneer. An apostle of Satoshi Nakamoto. A crusader for a new, better, tech-driven society. A dreamer.

More about me: http://CharlieShrem.com
Meni Rosenfeld
Donator
Legendary
*
Offline Offline

Activity: 1890



View Profile WWW
April 26, 2012, 08:16:54 PM
 #4

I have a 10 BTC silver coin I bought from him, that I've slowly moves around ~200 BTC

I'd love to be able to put them on a ring and then be able to wear my investment!
I guess your coin should be easier to wear as a pendant than as a ring.

Find out how many characters a regular jeweler can engrave inside the ring. It might be enough for a mini-privkey format already.
Good point, from a quick search it looks like at least 30 characters are not a problem at all, so for the most basic usage we don't need to wait for anyone to offer this as a specific product. But I wonder if some provision needs to be made to make stealing the key a bit harder.

1EofoZNBhWQ3kxfKnvWkhtMns4AivZArhr   |   Who am I?   |   bitcoin-otc WoT
Bitcoil - Exchange bitcoins for ILS (thread)   |   Israel Bitcoin community homepage (thread)
Analysis of Bitcoin Pooled Mining Reward Systems (thread, summary)  |   PureMining - Infinite-term, deterministic mining bond
evoorhees
Legendary
*
Offline Offline

Activity: 994


Democracy is the original 51% attack


View Profile
April 26, 2012, 11:28:09 PM
 #5

I'd love a ring like this... and in fact the private key needn't be that hidden at all. I'd be happy if the private key was engraved on the inside band. Thus if the ring was stolen, the funds would be also (but this is true of all nice rings, no?).  Would also need to be real silver - I'd want something classy Wink
bg002h
Donator
Legendary
*
Offline Offline

Activity: 1288


Got GLIPH? https://gli.ph/m *p-d-d


View Profile WWW
April 28, 2012, 02:00:45 AM
 #6

Fantastic idea. You could put some of the private key on the outside and some on the inside without any real security risk.

My very own Casascius Bearer Bar: 1GCDzqmX2Cf513E8NeThNHxiYEivU1Chhe
drakahn
Hero Member
*****
Offline Offline

Activity: 504



View Profile
April 28, 2012, 02:10:52 AM
 #7

If they are wedding rings, half a private key on each of the pair...

14ga8dJ6NGpiwQkNTXg7KzwozasfaXNfEU
cbeast
Donator
Legendary
*
Offline Offline

Activity: 1722

Let's talk governance, lipstick, and pigs.


View Profile
April 28, 2012, 02:13:13 AM
 #8

check out this thread:
https://bitcointalk.org/index.php?topic=52061.msg621359

Any significantly advanced cryptocurrency is indistinguishable from Ponzi Tulips.
REF
Hero Member
*****
Offline Offline

Activity: 526


View Profile
April 28, 2012, 02:57:45 AM
 #9

If they are wedding rings, half a private key on each of the pair...
I love it but I dont think my fiance would go for it. she said she would go for it.

I like the idea but it all depends on the ring design. Might be better off getting a plain/any ring and having the jeweler in grave it with a private key.(thats a security risk there too having the jeweler engrave it.)
drakahn
Hero Member
*****
Offline Offline

Activity: 504



View Profile
April 28, 2012, 03:06:42 AM
 #10

If they are wedding rings, half a private key on each of the pair...
I love it but I dont think my fiance would go for it.

I like the idea but it all depends on the ring design. Might be better off getting a plain ring and having the jeweler in grave it with a private key.(thats a security risk there too having the jeweler engrave it.)

Decentralise the engraving, use N jewellers and have each jeweller only know part of the key :p

...

Imagine the treasure hunt in 150 years for hidden private keys after the block rewards reach 0... Don't publicise that you got buried with bitcoins lol (not to self, buriedwithbitcoins.com)

14ga8dJ6NGpiwQkNTXg7KzwozasfaXNfEU
Stardust
Full Member
***
Offline Offline

Activity: 190


View Profile
April 28, 2012, 05:08:11 AM
 #11

You could use a secret alphabet, or glyph set that allows higher base than 58. Or use Chinese characters, some dictionaries assign a number to each character (some have over 40000). Or use the Kanji SKIP system for steganography (Due to the redundancy, you could create a meaningful sentence that you could decode to a private key).
Stardust
Full Member
***
Offline Offline

Activity: 190


View Profile
May 01, 2012, 01:46:36 PM
 #12

I also found this interesting: https://bitcointalk.org/index.php?topic=11267.msg693430#msg693430
enmaku
Hero Member
*****
Offline Offline

Activity: 742



View Profile WWW
May 03, 2012, 12:51:48 AM
 #13

Also keep in mind that mens rings are usually wide enough to fit 2 or 3 lines of text @ 30 characters each, so you could potentially put up to 90 characters inside the ring and if you got the right material, style and finish another 90 characters outside. It might be wise to use a separator character on each line to show where the characters start and stop, depending on how the engraving works out so 87 inside and 87 out for a total of 174 characters. If you use Bitcoin's standard Base58 encoding that gives you log2(58)*174≈1019 bits for both sides or  log2(58)*87≈510 bits - WAY more than you'd actually need for a privkey. Even falling back to hex would give you log2(16)*174=696 bits for a double-sided inscription or log2(16)*87=348 bits, still more than adequate.

Given that the Casascius mini private key is kind of an industry standard though, it's probably best to stick with it for compatibility's sake.

cbeast
Donator
Legendary
*
Offline Offline

Activity: 1722

Let's talk governance, lipstick, and pigs.


View Profile
May 03, 2012, 01:45:25 AM
 #14

You could even just make it a cipher reminder for a brain wallet. The enigmatic writing can be on the outside and/or inside the ring.

Any significantly advanced cryptocurrency is indistinguishable from Ponzi Tulips.
enmaku
Hero Member
*****
Offline Offline

Activity: 742



View Profile WWW
May 03, 2012, 01:50:53 AM
 #15

Wearable Password Card anybody?

Tuxavant
Hero Member
*****
Offline Offline

Activity: 756


Bitcoin Mayor of Las Vegas


View Profile WWW
May 03, 2012, 01:51:26 AM
 #16

Stamp the private key on a tungsten chip and embed it inside a gold coin. The only way to retrieve the key would be to melt it down to retrieve the chip.

Generation Bitcoin | G+ | FB | Bitcoins In Vegas | CoinBus.com | TOR Exit Operator 1MVTPATVCKBMfALRHJsXpHfKJu7GyL7nAc
enmaku
Hero Member
*****
Offline Offline

Activity: 742



View Profile WWW
May 03, 2012, 02:18:02 AM
 #17

This ring seems almost custom-made to hide a privkey. If you use the mini privkey format you could actually keep up to 4 on it, though 1 would be visible to the outside world, so in practice only 3. The engraving fields aren't long enough to hold an entire address, though you could definitely fit the firstbits on there. Assuming the firstbits for all 3 addresses are <= 7 characters long you could fit the firstbits for all 3 addresses on the inside of the ring and the firstbits on the outside. 3 complete privkeys and everything you need to make payments to them all on one ring. Snazzy.


casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1344


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
May 03, 2012, 02:24:22 AM
 #18

Also keep in mind that mens rings are usually wide enough to fit 2 or 3 lines of text @ 30 characters each, so you could potentially put up to 90 characters inside the ring and if you got the right material, style and finish another 90 characters outside. It might be wise to use a separator character on each line to show where the characters start and stop, depending on how the engraving works out so 87 inside and 87 out for a total of 174 characters. If you use Bitcoin's standard Base58 encoding that gives you log2(58)*174≈1019 bits for both sides or  log2(58)*87≈510 bits - WAY more than you'd actually need for a privkey. Even falling back to hex would give you log2(16)*174=696 bits for a double-sided inscription or log2(16)*87=348 bits, still more than adequate.

Given that the Casascius mini private key is kind of an industry standard though, it's probably best to stick with it for compatibility's sake.

If one did more than 30 characters for a private key, the additional characters ought to contribute to some sort of forward error correction scheme (e.g. Reed-Solomon codes), so that the key can be recovered with any substantial fraction of the message.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
enmaku
Hero Member
*****
Offline Offline

Activity: 742



View Profile WWW
May 03, 2012, 02:31:27 AM
 #19

Also keep in mind that mens rings are usually wide enough to fit 2 or 3 lines of text @ 30 characters each, so you could potentially put up to 90 characters inside the ring and if you got the right material, style and finish another 90 characters outside. It might be wise to use a separator character on each line to show where the characters start and stop, depending on how the engraving works out so 87 inside and 87 out for a total of 174 characters. If you use Bitcoin's standard Base58 encoding that gives you log2(58)*174≈1019 bits for both sides or  log2(58)*87≈510 bits - WAY more than you'd actually need for a privkey. Even falling back to hex would give you log2(16)*174=696 bits for a double-sided inscription or log2(16)*87=348 bits, still more than adequate.

Given that the Casascius mini private key is kind of an industry standard though, it's probably best to stick with it for compatibility's sake.

If one did more than 30 characters for a private key, the additional characters ought to contribute to some sort of forward error correction scheme (e.g. Reed-Solomon codes), so that the key can be recovered with any substantial fraction of the message.

Not a bad idea. Perhaps that'd be a better use of the extra space in my wacky sliding nested ring thing up there than storing multiple keys. I'd trust you to come up with the scheme for that better than I'd trust myself, you tell us?

enmaku
Hero Member
*****
Offline Offline

Activity: 742



View Profile WWW
May 11, 2012, 03:05:29 PM
 #20

So here's what I ended up doing for my wearable paper wallet - dog tags.

Dog tags are durable (made of steel), cheap (a set of 2 with chain and silencers cost me $9), and hold a lot of text (5 lines of 14 characters each per tag and it's customary to wear two).

The major downside? Most of the places that emboss dog tags don't allow lowercase letters so I couldn't use base58, I had to default downward to base32. Luckily, base32 is a recognized standard (unlike base58 which we more or less made up for Bitcoin) so if you want to do fancier things than me there are pre-existing libs for it. Also, since each character of b32 is worth 5 bits of entropy we only need 160/5=32 digits for entropy to be >= the amount of entropy in a Bitcoin address or about 24 digits to match the entropy in one of Casascius' mini private keys.

Now if you're super paranoid you could just put half of your key on one tag and half on another and have them engraved by separate companies but I opted for a different (and I think more clever) approach. Since each tag can hold up to 5 lines of text, I generated some random 40-bit (8 character) base32 and labeled my tags thusly:

Tag 1:
0 RNESQS5Y
1 KI3QGVP3
2 IY4EZIIH
3 OYHBET4C
4 CLMAD264

Tag 2:
5 QEPOOXFJ
6 JRIIEL2K
7 VAIV5HU4
8 I2H4ZGP5
9 C6NPVY3Y

(note: not my actual key values, I'm not that dumb...)

Now I just need to remember any number with at least 3 (preferably 4+) digits and use the tags as a lookup device. If my pin were 1286, for example, I'd look up the values for those numbers on my tag and come up with a key of KI3QGVP3IY4EZIIHI2H4ZGP5JRIIEL2K. I can enter this value into something like Casascius' BitcoinAddress utility and generate an address (or even a whole deterministic wallet) just like it were a valid mini private key from one of his coins. I could also add another bit of entropy by varying whether I enter the b32 values above in upper or lowercase characters and could even "salt" the values with a simple/descriptive passphrase.

IMO this is the best combination of a physical wallet and a mental wallet since it requires both a physical device and a value known only to me to recreate any given wallet. It also allows me to store an effectively limitless number of privkeys on my person (limited only by however many PINs or salt passwords I can memorize).

For the truly insane, most embossers do support a small number of special characters - hyphens, colons etc. so it's possible to extend base32 as you see fit, and I'm sure if you hunt you can find someone that will emboss mixed case letters, but for cheapness and simplicity base32 just works. It also has the advantage of representing a number of bits that 160 is divisible by, so Bitcoin-related entropy math is very easy.

Any thoughts?

Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!