How would you like to design a bitcoin banknote?

[teflone]

I originally mentioned a fold as a norm..

once folded it hides a QR private key underneath.. as opposed to having a private key QR on both sides..

So, a folded bill would be in practive, the defacto way of carrying it.. 

[1713972302]

1713972302

[1713972302]

1713972302

[1713972302]

1713972302

[1713972302]

1713972302

[1713972302]

1713972302

[da2ce7]

just fold the bill in half when handling it.  (maybe write on the backside of the bill how much it is worth, in pencil.).

[casascius]

The stitching would require additional work and could not be AUTO DECRYPTED using built in QR software. So accidental spends would be somewhat avoided.

Think of it as a PIN to a debit card. Requires a little WORK to spend the money.

Unless I am completely off track.

Thoughts Mike?

I think this is a little bit like putting alarms on shoes to stop you from tying them together. But I could be totally wrong, it remains to be seen how it works out in practice. I guess it could be that I use a wallet and my cash is usually out of sight, but surely others don't and will have a different set of problems than me.

I can say I would be impatient in the checkout line if the person ahead of me was having difficulty paying because he didn't cut or fold his bill just right.

[unclemantis]

The stitching would require additional work and could not be AUTO DECRYPTED using built in QR software. So accidental spends would be somewhat avoided.

Think of it as a PIN to a debit card. Requires a little WORK to spend the money.

Unless I am completely off track.

Thoughts Mike?

I think this is a little bit like putting alarms on shoes to stop you from tying them together. But I could be totally wrong, it remains to be seen how it works out in practice. I guess it could be that I use a wallet and my cash is usually out of sight, but surely others don't and will have a different set of problems than me.

I can say I would be impatient in the checkout line if the person ahead of me was having difficulty paying because he didn't cut or fold his bill just right.

Mike, I think we all need to step back and go back to your original post.

From what we have all put in with ideas do you think you could put together a list of Standard Operating Procedures?

[paraipan]

How is this going guys? We plan ending the contest on Rugatu almost at the same time with yours

http://www.rugatu.com/questions/1833/how-would-you-like-to-design-a-bitcoin-banknote

[aq]

Once everyone has one of these, literally seeing such a banknote means owning it.

[unclemantis]

Once everyone has one of these, literally seeing such a banknote means owning it.

True!

See Mike! THIS is why I am all paranoid

[casascius]

Once everyone has one of these, literally seeing such a banknote means owning it.

True!

See Mike! THIS is why I am all paranoid

I think covering the QR code with a Post-It note or a folded flap will be a lot more practical than a scheme where the bill has to be precisely cut or folded to be spent.  Remember, the whole prototypical point of this is speed and convenience for laypeople at a retail checkout scenario.  Anyone can rip off a Post-It note in less than a second, and anyone who can buy a printer can also buy a pad of Post-It notes anywhere in the world.

Since this whole effort is going to be public domain / open source, it comes with a license for anyone to do near whatever the f- they want with it, so no one will stop you from making and publishing a bill that must be folded like MAD Magazine.  But it's outside of the scope of my stated intent for this particular effort.

I think I have just about got the reward payout scheme just about finalized.  And the gracious donation of 10BTC, I think I am going to say should go to the person who successfully marries the BitAddress.org codebase with the SVG version of what is pretty much certainly the first-place winner: the banknote presented to us by Psy.

[unclemantis]

Once everyone has one of these, literally seeing such a banknote means owning it.

True!

See Mike! THIS is why I am all paranoid

I think covering the QR code with a Post-It note or a folded flap will be a lot more practical than a scheme where the bill has to be precisely cut or folded to be spent.  Remember, the whole prototypical point of this is speed and convenience for laypeople at a retail checkout scenario.  Anyone can rip off a Post-It note in less than a second, and anyone who can buy a printer can also buy a pad of Post-It notes anywhere in the world.

Since this whole effort is going to be public domain / open source, it comes with a license for anyone to do near whatever the f- they want with it, so no one will stop you from making and publishing a bill that must be folded like MAD Magazine.  But it's outside of the scope of my stated intent for this particular effort.

I think I have just about got the reward payout scheme just about finalized.  And the gracious donation of 10BTC, I think I am going to say should go to the person who successfully marries the BitAddress.org codebase with the SVG version of what is pretty much certainly the first-place winner: the banknote presented to us by Psy.

CONGRATULATIONS PSY!

I can't WAIT to try it!

[Timbo925]

Congratzz

[paraipan]

Congratzz

+1 

[Raoul Duke]

Thanks a lot.

Will also post a green revision which uses much less ink.

Wait a couple days and I'll post the SVG here and on the designer blog @ http://ocantinhodadama.clinicadosom.com/2012/07/20/bitcoin-note-design-psd-file/

[unclemantis]

Thanks a lot.

Will also post a green revision which uses much less ink.

Wait a couple days and I'll post the SVG here and on the designer blog @ http://ocantinhodadama.clinicadosom.com/2012/07/20/bitcoin-note-design-psd-file/

Looking forward to perhaps established denominations like the Euro?

[casascius]

Hang on a moment. You can scan the public address to see whether it holds coins, but you have no way to verify that the supplied private key will let you spend those coins. The only way you can possibly verify that the note holds value is to spend the note.

Therefore the public QR-code should not be labelled "Verify". Even "Load" is dubious, as you might be loading some scammer's address with your coins.

That's why you should print these yourself with a program you trust on a machine you know isn't hacked.  You aren't going to be loading bills that others printed for you.  When you actually spend the bill, all that matters is that they are able to sweep funds when scanning just the private key.

Any shenanigans and you will inconvenience only yourself.  Try going to Home Depot, put a tool in your cart, grab a new gift card off the shelf, and attempt to use the gift card to pay for the tools.  It won't work, anyone can guess it will be because the gift card has a balance of 0.00, and you'll only be wasting your own time.

[nybble41]

Why not have just one QR-code, encoded in such a way that it cointains both the private key and the public key? This forces people to read both keys, and makes it easy to check that the private key can spend funds sent to a receiving address generated from the public key.

This would remove the temptation to scan only the "verify" address and assume that the balance associated with that address can be spent.

I agree. There is no security advantage to having the public key if the private key is also visible. To verify the balance, or even load the address securely, you need to know that the private key matches the public key anyway, so the public key isn't sufficient. You might as well include only the private key, from which the public key can be generated; there is no need for a special encoding. That also simplifies the design (one QR code per certificate).

[cbeast]

You might as well include only the private key

I think that's the way to go. And the design of the note should allow folding to conceal the key. Folding over a corner to conceal a substantial portion of the QR-code would be sufficient.

All the public key does is to allow a payment to the bitcoin address for someone that doesn't own that address. If the bill is for a fixed amount then you do not need a public key and only need the value in BTC printed.

[casascius]

I agree. There is no security advantage to having the public key if the private key is also visible. To verify the balance, or even load the address securely, you need to know that the private key matches the public key anyway, so the public key isn't sufficient. You might as well include only the private key, from which the public key can be generated; there is no need for a special encoding. That also simplifies the design (one QR code per certificate).

I'd make it an option... like a checkbox... I could see others agreeing the bitcoin QR isn't needed while at the same time others saying it is needed.

I would enjoy these particular advantages having the public key.

* the ability to get the bitcoin address into a computer with a USB keyboard wedge barcode scanner without hand-pecking each character, so I can fund the note, or use block explorer, or e-mail the bitcoin address to somebody in anticipation of a payment.  (Remember, just because the bitcoin address could be calculated, doesn't mean that anything will calculate it!  And the keyboard-emulating barcode scanner is an example of something that sure isn't going to.)
* the ability to use the note to accept change from a transaction, or incoming payments, without giving away the opportunity to claw it back
* the ability to use a shared resource to confirm for my own benefit that the balance on the note is what I think it is (think similar to a price-check kiosk at Target)
* the ability to fund notes that will be used for safekeeping/storage and have 100% assurance that the private key wasn't captured by the funding computer (this matters mainly for large amounts, not so much for smaller ones)

[unclemantis]

I agree. There is no security advantage to having the public key if the private key is also visible. To verify the balance, or even load the address securely, you need to know that the private key matches the public key anyway, so the public key isn't sufficient. You might as well include only the private key, from which the public key can be generated; there is no need for a special encoding. That also simplifies the design (one QR code per certificate).

I'd make it an option... like a checkbox... I could see others agreeing the bitcoin QR isn't needed while at the same time others saying it is needed.

I would enjoy these particular advantages having the public key.

* the ability to get the bitcoin address into a computer with a USB keyboard wedge barcode scanner without hand-pecking each character, so I can fund the note, or use block explorer, or e-mail the bitcoin address to somebody in anticipation of a payment.  (Remember, just because the bitcoin address could be calculated, doesn't mean that anything will calculate it!  And the keyboard-emulating barcode scanner is an example of something that sure isn't going to.)
* the ability to use the note to accept change from a transaction, or incoming payments, without giving away the opportunity to claw it back
* the ability to use a shared resource to confirm for my own benefit that the balance on the note is what I think it is (think similar to a price-check kiosk at Target)
* the ability to fund notes that will be used for safekeeping/storage and have 100% assurance that the private key wasn't captured by the funding computer (this matters mainly for large amounts, not so much for smaller ones)

How about a design that is more descrete. Perhaps like a lottery ticket with a barcode instead of a qr code?

[casascius]

How about a design that is more descrete. Perhaps like a lottery ticket with a barcode instead of a qr code?

A QR code is a barcode.  Maybe you mean a 1-dimensional barcode rather than a 2-dimensional barcode.  The whole point of 2-dimensional barcodes is to increase the amount of data you can fit.  1-dimensional barcodes aren't suitable for bitcoin keys due to their size.  No commonly-used 1d barcode symbology supports mixed case text.

2d barcodes also add advanced error correction that can tolerate a total loss of a certain percentage of the code, something that would be desirable in a cash application, and something 1d barcodes don't offer.

[unclemantis]

+1