BIP 0038 - BitcoinWiki

Secure paper wallet tutorial

This is my handout for paranoid people who want a way to store bitcoin safely. It requires a little work, but this is the method I use because it should be resistant to risks associated with:
  1. Bad random number generators
  2. Malicious or flawed software
  3. Hacked computers
If you want a method that is less secure but easier, skip to the bottom of this post.
The Secure Method
  1. Download bitaddress.org. (Try going to the website and pressing "ctrl+s")
  2. Put the bitaddress.org file on a computer with an operating system that has not interacted with the internet much or at all. The computer should not be hooked up to the internet when you do this. You could put the bitaddress file on a USB stick, and then turn off your computer, unplug the internet, and boot it up using a boot-from-CD copy of linux (Ubuntu or Mint for example). This prevents any mal-ware you may have accumulated from running and capturing your keystrokes. I use an old android smart phone that I have done a factory reset on. It has no sim-card and does not have the password to my home wifi. Also the phone wifi is turned off. If you are using a fresh operating system, and do not have a connection to the internet, then your private key will probably not escape the computer.
  3. Roll a die 62 times and write down the sequence of numbers. This gives you 2160 possible outcomes, which is the maximum that Bitcoin supports.
  4. Run bitaddress.org from your offline computer. Input the sequence of numbers from the die rolls into the "Brain Wallet" tab. By providing your own source of randomness, you do not have to worry that the random number generator used by your computer is too weak. I'm looking at you, NSA ಠ_ಠ
  5. Brain Wallet tab creates a private key and address.
  6. Write down the address and private key by hand or print them on a dumb printer. (Dumb printer means not the one at your office with the hard drive. Maybe not the 4 in 1 printer that scans and faxes and makes waffles.) If you hand copy them you may want to hand copy more than one format. (WIF and HEX). If you are crazy and are storing your life savings in Bitcoin, and you hand copy the private key, do a double-check by typing the private key back into the tool on the "Wallet Details" tab and confirm that it recreates the same public address.
  7. Load your paper wallet by sending your bitcoin to the public address. You can do this as many times as you like.
  8. You can view the current balance of your paper wallet by typing the public address into the search box at blockchain.info
  9. If you are using an old cell phone or tablet do a factory reset when you are finished so that the memory of the private keys is destroyed. If you are using a computer with a boot-from-CD copy of linux, I think you can just power down the computer and the private keys will be gone. (Maybe someone can confirm for me that the private keys would not be able to be cached by bitaddress?)
  10. To spend your paper wallet, you will need to either create an offline transaction, or import the private key into a hot wallet. Creating an offline transaction is dangerous if you don't know what you are doing. Importing to a client side wallet like Bitcoin-Qt, Electrum, MultiBit or Armory is a good idea. You can also import to an online wallet such as Blockchain.info or Coinbase.
Trusting bitaddress.org
The only thing you need bitaddress.org to do is to honestly convert the brainwallet passphrase into the corresponding private key and address. You can verify that it is doing this honestly by running several test passphrases through the copy of bitaddress that you plan on using, and several other brainwallet generators. For example, you could use the online version of bitaddress, and brainwallet and safepaperwallet and bitcoinpaperwallet. If you are fancy with the linux command line, you can also try "echo -n my_die_rolls | sha256sum". The linux operating system should reply with the same private key that bitaddress makes. This protects you from a malicious paper wallet generator.
Trusting your copy of bitaddress.org
Bitaddress publishes the sha1 hash of the bitaddress.org website at this location:
https://www.bitaddress.org/pgpsignedmsg.txt
The message is signed by the creator, pointbiz. I found his PGP fingerprint here:
https://github.com/pointbiz/bitaddress.org/issues/18
"527B 5C82 B1F6 B2DB 72A0 ECBF 8749 7B91 6397 4F5A"
With this fingerprint, you can authenticate the signed message, which gives you the hash of the current bitaddress.org file. Then you can hash your copy of the file and authenticate the file.
I do not have a way to authenticate the fingerprint itself, sorry. According to the website I linked to, git has cryptographic traceability that would enable a person to do some research and authenticate the fingerprint. If you want to go that far, knock yourself out. I think that the techniques described in this document do not really rely on bitaddress being un-corrupt. Anyway, how do we know pointbiz is a good guy? ;-)
There are a lot of skilled eyes watching bitaddress.org and the signed sha1 hash. To gain the most benefit from all of those eyes, it's probably worthwhile to check your copy by hashing it and comparing to the published hash.
"But we aren't supposed to use brainwallets"
You are not supposed to use brainwallets that have predictable passphrases. People think they are pretty clever about how they pick their passphrases, but a lot of bitcoins have been stolen because people tend to come up with similar ideas. If you let dice generate the passphrase, then it is totally random, and you just need to make sure to roll enough times.
How to avoid spending your life rolling dice
When I first started doing this, I rolled a die 62 times for each private key. This is not necessary. You can simply roll the die 62 times and keep the sequence of 62 numbers as a "seed". The first paper address you create would use "my die rolls-1" as the passphrase, the second would be "my die rolls-2" and so on. This is safe because SHA256 prevents any computable relationship between the resulting private key family.
Of course this has a certain bad security scenario -- if anyone obtains the seed they can reconstruct all of your paper wallets. So this is not for everyone! On the other hand, it also means that if you happen to lose one of your paper wallets, you could reconstruct it so long as you still had the seed.
One way to reduce this risk is to add an easy to remember password like this: "my die rolls-password-1".
If you prefer, you can use a technique called diceware to convert your die rolls to words that still contain the same quantity of entropy, but which could be easier to work with. I don't use diceware because it's another piece of software that I have to trust, and I'm just copy/pasting my high entropy seed, so I don't care about how ugly it is.
Why not input the dice as a Base 6 private key on the Wallet Details tab?
Two reasons. First of all, this option requires that you roll the die 99 times, but you do not get meaningful additional protection by rolling more than 62 times. Why roll more times if you don't have to? Second, I use the "high entropy seed" method to generate multiple private keys from the same die rolls. Using the Base 6 option would require rolling 99 times for every private key.
I'm a big nerd with exotic dice. How many times to roll?
Put this formula in Excel to get the number of times to roll: "=160*LOG(2,f)" where f = number of faces on the die. For example, you would roll a d16 40 times. By the way, somewhat unbelievably casino dice are more fair than ordinary dice
The "Change address" problem:
You should understand change addresses because some people have accidentally lost money by not understanding it.
Imagine your paper wallet is a 10 dollar bill. You use it to buy a candy bar. To do this you give the cashier the entire 10 dollar bill. They keep 1 dollar and give you 9 dollars back as change.
With Bitcoin, you have to explicitly say that you want 9 dollars back, and you have to provide an address where it should go to. If you just hand over the 10 dollar bill, and don't say you want 9 dollars back, then the miner who processes the transaction gives 1 dollar to the store and keeps the remainder themselves.
Wallet software like Bitcoin-Qt handles this automatically for you. They automatically make "change addresses" and they automatically construct transactions that make the change go to the change address.
There are three ways I know of that the change problem can bite you:
  1. You generate a raw transaction by hand, and screw up. If you are generating a transaction "by hand" with a raw transaction editor, you need to be extra careful that your outputs add up to the same number as your inputs. Otherwise, the very lucky miner who puts your transaction in a block will keep the difference.
  2. You import a paper wallet into a wallet software and spend part of it, and then think that the change is in the paper wallet. The change is not in the paper wallet. It is in a change address that the wallet software generated. That means that if you lose your wallet.dat file you will lose all the change. The paper wallet is empty.
  3. You import a paper wallet into a wallet software and spend part of it, and then think that the change is in the change address that the wallet software generated. If the transaction did not need to consume all of the "outputs" used to fund the paper wallet, then there could be some unspent outputs still located at the address of the paper wallet. If you destroyed the paper wallet, and destroyed the copy of the private key imported to the wallet software, then you could not access this money. (E.g. if you restored the software wallet from its seed, thinking all of the money was moved to the wallet-generated change addresses.)
For more on this, see here
The hot paper wallet problem
Your bitcoin in your paper wallet are secure, so long as the piece of paper is secure, until you go to spend it. When you spend it, you put the private key onto a computer that is connected to the internet. At this point you must regard your paper wallet address as hot because the computer you used may have been compromised. It now provides much less protection against theft of your coins. If you need the level of protection that a cold paper wallet provides, you need to create a new one and send your coins to it.
Destroying your paper wallet address
Do not destroy the only copy of a private key without verifying that there is no money at that address. Your client may have sent change to your paper wallet address without you realizing it. Your client may have not consumed all of the unspent outputs available at the paper wallet address. You can go to blockchain.info and type the public address into the search window to see the current balance. I don't bother destroying my used/empty paper wallet addresses. I just file them away.
Encrypting your private key
BIP 0038 describes a standardized way to encrypt your paper wallet private key. A normal paper wallet is vulnerable because if anyone sees the private key they can take the coins. The BIP38 protocol is even resistant to brute force attacks because it uses a memory intensive encryption algorithm called scrypt. If you want to encrypt your wallets using BIP38, I recommend that you use bitcoinpaperwallet because they will let you type in your own private key and will encrypt it for you. As with bitaddress, for high security you should only use a local copy of this website on a computer that will never get connected to the internet.
Splitting your private key
Another option for protecting the private key is to convert it into multiple fragments that must be brought together. This method allows you to store pieces of your key with separate people in separate locations. It can be set up so that you can reconstitute the private key when you have any 2 out of the 3 fragments. This technique is called Shamir's Secret Sharing. I have not tried this technique, but you may find it valuable. You could try using this website http://passguardian.com/ which will help you split up a key. As before, you should do this on an offline computer. Keep in mind if you use this service that you are trusting it to work properly. It would be good to find other independently created tools that could be used to validate the operation of passguardian. Personally, I would be nervous destroying the only copy of a private key and relying entirely on the fragments generated by the website.
Looks like Bitaddress has an implementation of Shamir's Secret Sharing now under the "Split Wallet" tab. However it would appear that you cannot provide your own key for this, so you would have to trust bitaddress.
Durable Media
Pay attention to the media you use to record your paper wallet. Some kinds of ink fade, some kinds of paper disintegrate. Moisture and heat are your enemies.
In addition to keeping copies of my paper wallet addresses I did the following:
  1. Order a set of numeric metal stamps. ($10)
  2. Buy a square galvanized steel outlet cover from the hardware store ($1)
  3. Buy a sledgehammer from the hardware store
  4. Write the die rolls on the steel plate using a sharpie
  5. Use the hammer to stamp the metal. Do all the 1's, then all the 2's etc. Please use eye protection, as metal stamp may emit sparks or fly unexpectedly across the garage. :-)
  6. Use nail polish remover to erase the sharpie
Electrum
If you trust electrum you might try running it on an offline computer, and having it generate a series of private keys from a seed. I don't have experience with this software, but it sounds like there are some slick possibilities there that could save you time if you are working with a lot of addresses.
Message to the downvoters
I would appreciate it if you would comment, so that I can learn from your opinion. Thanks!
The Easy Method
This method is probably suitable for small quantities of bitcoin. I would not trust it for life-altering sums of money.
  1. Download the bitaddress.org website to your hard drive.
  2. Close your browser
  3. Disconnect from the internet
  4. Open the bitaddress.org website from your hard drive.
  5. Print a paper wallet on your printer
  6. Close your browser
submitted by moral_agent to BitcoinWallet [link] [comments]

'What is wrong with my current cold storage method' - an examination of potential weaknesses in the most common cold storage methods

Today we are going to discuss cold storage and some specific problems with cold storage. While this applies directly to the Secret Key portion of a key-pair; it also applies to the seed used to back up HD wallets and hardware wallets.
Not to say everything is all bad but there are many potential weakness out there, and some in the Bitcoin and crypto community like to know the edge cases of things.
I will also highlight some of the aspects of the Keyois Capsule which is a 'physical bitcoin'.
A physical Bitcoin is a cryptographic key pair, a physical key printed and affixed to what has always been before a coin. The first physical bitcoin coin was the Casascius coin, since then the world of physical bitcoin coins has blossomed as a fun part of the Bitcoin world.
We will focus on mediums relating to cold storage and not ones designed for more everyday use, but this applies to the seed you save to keep your everyday spending wallets safe and backed up.
We will assume you generated your keys securely and that you already have them on some medium. We will also have to ignore endpoint physical security because they can all be carried away the same. Remember your cell phone /hardware wallet/ computer client are only as good as where you put the backup seed phrase, which can be thought of as data much like the SK discussed below.
Written on a piece of paper
Printed on a piece of paper
On laminated paper
Engraved / etched/ ablated/ stamped on a piece of metal
Stored digitally on a computer
Stored digitally on CD, floppy disk, laserdisc, or mini-disc
Stored digitally on a flash drive
Backups are essential for digital data Computer code for performing operations can be corrupted in transfer or in operation. Special systems exist and procedures help data to last longer. For ideas, see this archive.gov page Remember to store in multiple locations. You can lose everything in single structure
A physical bitcoin coin
What can solve most of these problems? A combination of good backup procedures and encryption.
If you have permeant access to more than one location (people who live in big cities, without family or cars have a hard time with this) or have people you trust with your money (don't) then look into using some form of Multi-signature option.
The Keyois Capsule is a crypto piggy bank; it can be funded from the outside but you to break it open to get them out. You give me a BIP38 encrypted key pair (well the address not the public key) and I engrave it in this tamper evident and time resistant package. You still have to hold on to the pass phrase that allows you to decrypt it; that is however the same problem as all methods with BIP38 encryption. How to store this without having to trust anyone but still being assured of it's security?
  • Engraving, embossing, or stamping on a sheet of metal is one option; however the metals that are easiest to stamp are ones that melt in a house fire. They could be put in a glass jar that's filled with aerogel and buried. These is the best readily available option for most people but it really can be tedious.
  • The cryptosteel is another ready-made option
  • Have the words etched onto glass at home with off the shelf products; but be carful of this idea because the glass can shatter from impact and heat or even sudden temperature changes
  • Anodize the words yourself on a pieces of metal, there used to be a service to help use your home printer to print the words with some chemicals you can buy
  • Bake them in clay, then encase that in epoxy resin so it can't shatter. then paint the outside, in the future you can solvent the paint off and see the written seed
  • Use a combination of techniques to split the seed so that it is safe(because split and separated) and redundant (because backed up).
Characters stamped on Aluminium is probably the most cost effective way to keep a secret key or seed safe from fire and rot.
submitted by ProfBitcoin to btc [link] [comments]

'What's wrong with my current cold storage method?' - an examination of potential weaknesses in the most common cold storage methods

Today we are going to discuss cold storage and some specific problems with cold storage. While this applies directly to the Secret Key portion of a key-pair; it also applies to the seed used to back up HD wallets and hardware wallets.
The best way to keep you seed/secret key safe is to have multiple copies in multiple locations perhaps with multiple formats and even better if the keys are split. However not everyone has access to multiple locations, or access to land long term, or more than one place to store their things. This is an examination of faults with individual methods; and not a comprehensive plan, obviously.
Not to say everything is all bad but there are many potential weakness out there, and some in the Bitcoin and crypto community like to know the edge cases of things.
I will also highlight some of the aspects of the Keyois Capsule which is a 'physical bitcoin'.
A physical Bitcoin is a cryptographic key pair, a physical key printed and affixed to what has always been before a coin. The first physical bitcoin coin was the Casascius coin, since then the world of physical bitcoin coins has blossomed as a fun part of the Bitcoin world.
We will focus on mediums relating to cold storage and not ones designed for more everyday use, but this applies to the seed you save to keep your everyday spending wallets safe and backed up.
We will assume you generated your keys securely and that you already have them on some medium. We will also have to ignore endpoint physical security because they can all be carried away the same. Remember your cell phone /hardware wallet/ computer client are only as good as where you put the backup seed phrase, which can be thought of as data much like the SK discussed below.
Written on a piece of paper
Printed on a piece of paper
On laminated paper
Engraved / etched/ ablated/ stamped on a piece of metal
Stored digitally on a computer
Stored digitally on CD, floppy disk, laserdisc, or mini-disc
Stored digitally on a flash drive
Backups are essential for digital data Computer code for performing operations can be corrupted in transfer or in operation. Special systems exist and procedures help data to last longer. For ideas, see this archive.gov page Remember to store in multiple locations. You can lose everything in single structure
A physical bitcoin coin
**What can solve most of these problems? A combination of good backup procedures and encryption. **
If you have permeant access to more than one location (people who live in big cities, without family or cars have a hard time with this) or have people you trust with your money (don't) then look into using some form of Multi-signature option.
The Keyois Capsule is a crypto piggy bank; it can be funded from the outside but you to break it open to get them out. You give me a BIP38 encrypted key pair (well the address not the public key) and I engrave it in this tamper evident and time resistant package. You still have to hold on to the pass phrase that allows you to decrypt it; that is however the same problem as all methods with BIP38 encryption. How to store this without having to trust anyone but still being assured of it's security?
  • Engraving, embossing, or stamping on a sheet of metal is one option; however the metals that are easiest to stamp are ones that melt in a house fire. They could be put in a glass jar that's filled with aerogel and buried. These is the best readily available option for most people but it really can be tedious. - This puts you back at anyone who can see it can steal it so dip in plastic dip, wrap in duct tape, bake in clay, encase in concrete, whatever just don't leave unencrypted keys visible!
  • The cryptosteel is another ready-made option
  • Have the words etched onto glass at home with off the shelf products; but be carful of this idea because the glass can shatter from impact and heat or even sudden temperature changes
  • Anodize the words yourself on a pieces of metal, there used to be a service to help use your home printer to print the words with some chemicals you can buy
  • Bake them in clay, then encase that in epoxy resin so it can't shatter. then paint the outside, in the future you can solvent the paint off and see the written seed
  • Use a combination of techniques to split the seed so that it is safe(because split and separated) and redundant (because backed up).
The most cost effective way for a 'normal' person (without their own land, without more than one location, and who cannot trust anyone else with their funds) to keep their backup seed/ secret key safe from damage from the elements would probably to buy a stamping kit and hammer and some stainless steel sheet or bar, Aluminium can be okay if you have the right alloy but better safe than sorry.
submitted by ProfBitcoin to Bitcoin [link] [comments]

Introducing the Keyois Capsule, a new type of physical Bitcoin. Better than cold storage, it's cold hard storage.

Hi everyone, my name is Jack, in the past I've gotten got my community college to host a short course on Bitcoin. (you can too!) and now I've made this new concept of physical bitcoins for some of you.
It's a cryptocurrency piggy bank. You can put funds into it but you need to break it apart to get funds inside; so it's tamper evident. It won't burn, rot, rust, melt, or otherwise lose data where so many other types of cold storage would.
I was unsatisfied with current methods of cold storage and so I decided to make myself something better. Click here to see problems with common methods of cold storage and why you should want something better
A backup seed or private key can be printed on paper or stored digitally but these mediums can be damaged by fire, time, water, and much more.
The Keyois Capsule is a tamper evident yet stylish way to keep a secret key safe from harm.
Benefits over a conventional paper cold storage wallet include:

The Keyois Capsule

Your BIP38 encrypted Secret Key (or otherwise encrypted backup seed) in engraved into a titanium ring. That is set inside another ring that bears the address. That is then put into a tamper evident and air-tight capsule with a elegant centerpiece of lab-created ruby or sapphire.
The end pieces are made of aircraft grade aluminium (al 6061) and surrounded by borosilicate (pyrex).
This product is designed mainly for those without access to multiple locations or land so that they cannot make split or multisig keys and they are forced to keep all their backups in one site.
It would have cost about the same to make 1 as to make 50, so I made 50 which also means you can buy one if you like them.
There are cheaper ways to improve your own situation, including: stamping or engraving on a piece of steel and securing that from wandering eyes. Be creative and have fun!
Here are some more professional photographs by videographer WordsmithJr and here is a long imgur album about me making the capsules. Oh, and here is another short album about making a capsule (not the capsules)
To order They aren't cheap, I wish they were but they weren't cheap to make. Price is $100USD worth of btc paid to only 13kqk3uk2b577KBSjZuwKQT3MGD9mEaVJC
To get the ball rolling I have made seven capsules available that are already ready-to-go that are available for sale without providing me with a encrypted key and address; I'll send you everything already generated and secured.
Everyone else, you must supply me with your address and BIP38 encrypted secret key or encrypted seed. If you don't understand this point then these are probably not for you.
Please re-read BIP38 and do some research on password strength and see this info about the pieces
Then message me with that information what what type of lab-created corundum you want.
21 red ruby stones remain
21 blue sapphire stones remain
6 generated by me ready to be sold
45 capsules remain available in total.
submitted by ProfBitcoin to btc [link] [comments]

BIP-38 issue and altchain support | Eric Voskuil | Sep 14 2015

Eric Voskuil on Sep 14 2015:
In the integration of BIP-38 into libbitcoin we ran into two issues.
First, the scenario that justifies the "confirmation code" is flawed. We
have implemented full support for this, but have also marked it as
deprecated.
I am seeking counter arguments, in case there is some scenario that we
haven't imagined where it might be useful. Details here:
[TLDR: the confirmation code cannot prove anything about the owner's
ability to spend from the public-key/address that it confirms.]
https://github.com/libbitcoin/libbitcoin/wiki/BIP38-Security-Considerations
Second, BIP-38 envisions altchain integration but doesn't specify it. We
have implemented the capability, documented here:
[TLDR: incorporate the payment address version into the last byte of the
encoded encrypted key prefixes, with backward compatibility]
https://github.com/libbitcoin/libbitcoin/wiki/Altchain-Encrypted-Private-Keys
If there is sufficient support I'll write up a Proposal that modifies
BIP-38.
Thanks to Neill Miller for the libbitcoin and bx BIP-38 pull requests.
e
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150914/0b841467/attachment-0001.sig>
original: http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-Septembe011002.html
submitted by dev_list_bot to bitcoin_devlist [link] [comments]

Buy a Keyois Capsule, less than 50 available

*This thread is no longer updated, please see: https://bitcointalk.org/index.php?topic=1659001.0 for current information *
The Keyois Capsule is a tamper evident yet stylish way to keep a secret key. Only fifty (50) of these first edition capsules will be made. If you guys like them another fifty might get made.
Benefits over a conventional paper cold storage wallet include:
What's wrong with my current cold storage?
At current rate you can order one of these for 0.1947 btc You can get one delivered for $111USD when sales officially open in mid-October; or $100 US if you order before I have get someone with a real camera to take some pictures. I am sorry it costs so much but it wasn't cheap to make. PM me and we will work out the details!
I am not transmitting you any money, I am engraving your key for you and putting it in this cool thing. You have to supply me with you bitcoin address and BIP38 encrypted key, you also have to promise you understand what you are doing and that you made a good pass phrase. These are not for beginners, if you don't understand how and why to make a strong BIP38 encrypted pass phrase then these are not for you. If you desperately want me to make you an unencrypted capsule I suppose I can do it but I will berate you for the poor decision to trust me (I don't trust you, why should you trust me).
There are 4 total powder coated black end pieces, there is also the possibility to powder coat more pieces however there are some logistical difficulties in that so I would need at least ten people who want the same color or someone willing to pay a lot more for colored caps.
For added security, I recommend you add a dab of glitter nail polish over the drilled out screw heads and take a high resolution photograph; you can use that for a comparison in the future if you ever fear an elaborate scheme has taken place to drill out your capsule, break apart your rings, and replace it all without your knowledge.
See how it was made, sort of
Please re-read BIP38 and do some research on password strength
There are some variations/customizations that you can chose from which include: Most notably, the center piece. Lab-created corundum, this is the mineral rubies and sapphires are made out of. 21 red ruby stones remain
21 blue sapphire stones remain
Assorted Sunstones 1 2 3 4
Assorted Opals 1 2 still 2 [3](
Half opal and sunstone
A mix of tourmaline gems
Some crystal rods 2 skinny quartz rods 1 2 1 fatter quartz rod 1 1 extra skinny selenite rod 1
Glowing vials are not available for sale online; they come in a few colors including: white green - gone green - gone green light blue - gone blue pink orange yellow red - gone purple
These items themselves are not numbered, in fact I purposely made them nice and smooth without any words or websites printed on them.
To arrange creation of your own Keyois capsule please comment here or send me a personal message before you send funds. Please be prepared to sign a message with your key.
There can be no refunds - pay to [this address](13kqk3uk2b577KBSjZuwKQT3MGD9mEaVJC) only - $111 USD worth of BTC

13kqk3uk2b577KBSjZuwKQT3MGD9mEaVJC

There are 50 capsules that will be made for this first edition. To get the ball rolling I have made seven capsules available that are already ready-to-go that are available for sale without providing me with a encrypted key and address; I'll send you everything already generated and secured.
  1. Not for sale - Green vial
  2. Pre-ordered - Green vial / red O-ring
  3. Already ready - Ruby
  4. Already ready - Sapphire
  5. Already ready - Ruby
  6. Already ready - Sapphire
  7. Not for sale - Red vial
  8. Already ready - Ruby
  9. Already ready - Sapphire
  10. Already ready - Ruby
  11. Already ready - Sapphire / brown O-ring - Not for sale
  12. Reserved for testing purposes - TBD
  13. Reserved for testing purposes - TBD
They aren't as prefect and blemish proof as I wanted so I am sorry if there are tiny imperfections on the item, however they should still be a pretty and useful btc piggy bank.
Also I have been playing with (and kind of scratching) 13 or the available 50. Two of those are the black powder coated capsules (with some imperfections). These scratched capsules (the ones used in the pictures) I will sell for a slight (10%) discount.
submitted by ProfBitcoin to Keyois [link] [comments]

BIP38 Paper Wallet

I want to store my bitcoins offline with BIP38 paper backups. Originally I was going to use Armory to set this all up, but I just learned that Armory unfortunately purposefully doesn't allow BIP38 encryption. The only other methods I could find for how to do this are the browser based JavaScript sites such as bitaddress or bitcoinpaperwallet.com. However, it is my understanding that these are nowhere near as trusted as Armory, and even the Bitcoin wiki itself says not to trust these sites with large amounts.
Can someone help point me in the right direction of how to do this? I was thinking I could set up the cold storage in Armory, and somehow do the BIP38 encryption myself on the private key? Don't know if this is possible...
Thanks!
submitted by JDFowler to Bitcoin [link] [comments]

What is wrong with my current cold storage method?

Today we are going to discuss cold storage and some specific problems with cold storage. While this applies directly to the Secret Key portion of a key-pair; it also applies to the seed used to back up HD wallets and hardware wallets.
The best way to keep you seed/secret key safe is to have multiple copies in multiple locations perhaps with multiple formats and even better if the keys are split. However not everyone has access to multiple locations, or access to land long term, or more than one place to store their things. This is an examination of faults with individual methods; and not a comprehensive plan, obviously.
Not to say everything is all bad but there are many potential weakness out there, and some in the Bitcoin and crypto community like to know the edge cases of things.
I will also highlight some of the aspects of the Keyois Capsule which is a 'physical bitcoin'.
A physical Bitcoin is a cryptographic key pair, a physical key printed and affixed to what has always been before a coin. The first physical bitcoin coin was the Casascius coin, since then the world of physical bitcoin coins has blossomed as a fun part of the Bitcoin world.
We will focus on mediums relating to cold storage and not ones designed for more everyday use, but this applies to the seed you save to keep your everyday spending wallets safe and backed up.
We will assume you generated your keys securely and that you already have them on some medium. We will also have to ignore endpoint physical security because they can all be carried away the same. Remember your cell phone /hardware wallet/ computer client are only as good as where you put the backup seed phrase, which can be thought of as data much like the SK discussed below.
Written on a piece of paper
Printed on a piece of paper
On laminated paper
Engraved / etched/ ablated/ stamped on a piece of metal
Stored digitally on a computer
Stored digitally on CD, floppy disk, laserdisc, or mini-disc
Stored digitally on a flash drive
Backups are essential for digital data Computer code for performing operations can be corrupted in transfer or in operation. Special systems exist and procedures help data to last longer. For ideas, see this archive.gov page Remember to store in multiple locations. You can lose everything in single structure
A physical bitcoin coin
**What can solve most of these problems? A combination of good backup procedures and encryption. **
If you have permeant access to more than one location (people who live in big cities, without family or cars have a hard time with this) or have people you trust with your money (don't) then look into using some form of Multi-signature option.
The Keyois Capsule is a crypto piggy bank; it can be funded from the outside but you to break it open to get them out. You give me a BIP38 encrypted key pair (well the address not the public key) and I engrave it in this tamper evident and time resistant package. You still have to hold on to the pass phrase that allows you to decrypt it; that is however the same problem as all methods with BIP38 encryption. How to store this without having to trust anyone but still being assured of it's security?
  • Engraving, embossing, or stamping on a sheet of metal is one option; however the metals that are easiest to stamp are ones that melt in a house fire. They could be put in a glass jar that's filled with aerogel and buried. These is the best readily available option for most people but it really can be tedious. - This puts you back at anyone who can see it can steal it so dip in plastic dip, wrap in duct tape, bake in clay, encase in concrete, whatever just don't leave unencrypted keys visible!
  • The cryptosteel is another ready-made option
  • Have the words etched onto glass at home with off the shelf products; but be carful of this idea because the glass can shatter from impact and heat or even sudden temperature changes
  • Anodize the words yourself on a pieces of metal, there used to be a service to help use your home printer to print the words with some chemicals you can buy
  • Bake them in clay, then encase that in epoxy resin so it can't shatter. then paint the outside, in the future you can solvent the paint off and see the written seed
  • Use a combination of techniques to split the seed so that it is safe(because split and separated) and redundant (because backed up).
The most cost effective way for a 'normal' person (without their own land, without more than one location, and who cannot trust anyone else with their funds) to keep their backup seed/ secret key safe from damage from the elements would probably to buy a stamping kit and hammer and some stainless steel sheet or bar, Aluminium can be okay if you have the right alloy but better safe than sorry.
submitted by ProfBitcoin to Keyois [link] [comments]

Please stop with all of this drama on the wiki

Paper wallets (especially with BIP38) are NOT insecure (at least no more so than the other forms of backup that have been recommend by Luke-Jr).
Saying address reuse is the main problem is ridiculous too, because that's a general problem with Bitcoin itself. I could easily make a single address in Bitcoin Core and use it for all my transactions.
If the admins on the Bitcoin Wiki aren't going to do something to stop this edit war, then I think we as a community need to break off and start a new wiki. The wiki is the main place for new users to get info on Bitcoin, and including misinformation or information that is only relevant to one person (Luke-Jr) is counter-intuitive to that purpose.
Finally, please stop flaming just because this guy is a Christian. It has nothing to do with the stuff that he has been doing and is just simple trolling.
submitted by Nathan2055 to Bitcoin [link] [comments]

Introducing the Keyois Capsule, a new type of physical Bitcoin. Better than cold storage, it's cold hard storage.

Hi everyone, my name is Jack, in the past I've gotten got my community college to host a short course on Bitcoin. (you can too!) and now I've made this new concept of physical bitcoins for some of you.
It's a cryptocurrency piggy bank. You can put funds into it but you need to break it apart to get funds inside; so it's tamper evident. It won't burn, rot, rust, melt, or otherwise lose data where so many other types of cold storage would.
I was unsatisfied with current methods of cold storage and so I decided to make myself something better. Click here to see problems with common methods of cold storage and why you should want something better
A backup seed or private key can be printed on paper or stored digitally but these mediums can be damaged by fire, time, water, and much more.
The Keyois Capsule is a tamper evident yet stylish way to keep a secret key safe from harm.
Benefits over a conventional paper cold storage wallet include:

The Keyois Capsule

Your BIP38 encrypted Secret Key (or otherwise encrypted backup seed) in engraved into a titanium ring. That is set inside another ring that bears the address. That is then put into a tamper evident and air-tight capsule with a elegant centerpiece of lab-created ruby or sapphire.
The end pieces are made of aircraft grade aluminium (al 6061) and surrounded by borosilicate (pyrex).
This product is designed mainly for those without access to multiple locations or land so that they cannot make split or multisig keys and they are forced to keep all their backups in one site.
It would have cost about the same to make 1 as to make 50, so I made 50 which also means you can buy one if you like them.
There are cheaper ways to improve your own situation, including: stamping or engraving on a piece of steel and securing that from wandering eyes. Be creative and have fun!
Here are some more professional photographs by videographer WordsmithJr and here is a long imgur album about me making the capsules. Oh, and here is another short album about making a capsule (not the capsules)
To order They aren't cheap, I wish they were but they weren't cheap to make. Price is $100USD worth of btc paid to only 13kqk3uk2b577KBSjZuwKQT3MGD9mEaVJC
To get the ball rolling I have made seven capsules available that are already ready-to-go that are available for sale without providing me with a encrypted key and address; I'll send you everything already generated and secured.
Everyone else, you must supply me with your address and BIP38 encrypted secret key or encrypted seed. If you don't understand this point then these are probably not for you.
Please re-read BIP38 and do some research on password strength and see this info about the pieces
Then message me with that information what what type of lab-created corundum you want.
21 red ruby stones remain
21 blue sapphire stones remain
6 generated by me ready to be sold
45 capsules remain available in total.
submitted by ProfBitcoin to Keyois [link] [comments]

Blockchain Wallet - YouTube How to secure Bitcoin Blockchain wallet Bitcoin wallets 101 Step-by-Step: How to Recover Bitcoin Cash From Paper Wallet created before August 1st with password Kalle Rosenbaum - Grokking Bitcoin

Using private browser mode, go to a bitcoin paper wallet creation site. As of July 2016, the most popular, open source paper wallet creation site is bitaddress.org and these instructions will use that site. Verify that you are on the correct bitaddress.org site by checking the https certificates by clicking to the left of your browser URL as seen in the photo. Advanced users can be even more ... Built on Bitcoin Core 0.10.x. Bip38 encryption / decryption of private keys. If you started to torment the question where you can buy AMS token – I will please you that this token is already trading on such large exchanges as Yobit and CoinExchange.io YOBIT - BTC / AMS COINEXCHANGE.IO - BTC / AMS Advantages <pre> BIP: 38 Layer: Applications Title: Passphrase-protected private key Author: Mike Caldwell <[email protected]> Aaron Voisine Source:- Bitcoin Wiki. As you might know, Bitcoin is not controlled by any single entity or company, and that’s why there is no formal structure to propose improvements in the Bitcoin protocol or code. Any developer or anyone from anywhere in the world can propose a BIP. And it is totally up to the whole Bitcoin community of users, miners, developers, and investors to vote and decide whether ... From Bitcoin Wiki. Jump to: navigation, search. This page describes a BIP (Bitcoin Improvement Proposal). Please see BIP 2 for more information about BIPs and creating them. Please do not just create a wiki page. Please do not modify this page. This is a mirror of the BIP from the source Git repository here. BIP: 38 Layer: Applications Title: Passphrase-protected private key Author: Mike ...

[index] [36863] [51431] [6254] [29186] [17611] [50180] [23769] [47971] [10865] [45484]

Blockchain Wallet - YouTube

In this video you'll find a step-by-step guide to help you recover your Bitcoin Cash From a Bitcoin Paper Wallet you created before August 1st with a password on it (BIP38 encrypted). Blockchain Wallet BITCOIN PRICE , BITCOIN FUTURE in doubt http://youtu.be/eO-yrpQpIT8 What is NAMECOIN BITCOIN'S First Fork http://youtu.be/oBkhPhu3_B4 Test ... This video is unavailable. Watch Queue Queue. Watch Queue Queue Standalone Bitcoin Offline Wallet Printer This is a demo of a protoype bitcoin paper wallet printer I have built. bitcoin bitcoin value bitcoin exchange rate... After hearing reports that bitcoin wallets can be hacked. This video shows you how to secure your blockchain wallet. blockchain technology advantages block chain block chain definition block chain ...

#