How to decrypt BIP38 Cold Wallet? : Bitcoin

Decrypting a BIP38 key (x-post from /r/Bitcoin)

submitted by ASICmachine to CryptoCurrencyClassic [link] [comments]

Cannot get my BIP38 paper wallet to decrypt! I am Freaking OUT! /r/Bitcoin

Cannot get my BIP38 paper wallet to decrypt! I am Freaking OUT! /Bitcoin submitted by BitcoinAllBot to BitcoinAll [link] [comments]

Is there an off line tool to decrypt a BIP38 encrypted address? /r/Bitcoin

Is there an off line tool to decrypt a BIP38 encrypted address? /Bitcoin submitted by BitcoinAllBot to BitcoinAll [link] [comments]

Where is the decrypt link for BIP38 on bitaddress /r/Bitcoin

Where is the decrypt link for BIP38 on bitaddress /Bitcoin submitted by BitcoinAllBot to BitcoinAll [link] [comments]

Question for Canton Becker: Is your site bitcoinpaperwallet.com still safe for generating and BIP38 encrypting/decrypting Bitcoin and Litecoin addresses?

This is an open message to u/cantonbecker
  1. Can you confirm that your bitcoinpaperwallet.com is still safe to use?
  2. Can people trust its random number generator for generating addresses for storing millions of dollars worth of bitcoins/litecoins?
  3. Are you still actively maintaining it?
submitted by 69520d0f929aeac8 to Bitcoin [link] [comments]

Recover bitcoin private key in a password protected zip file

Ask for a friend. He bought 1.5 BTC back in 2010 and put it in a wallet with BIP38 encrypted private key and totally forgot about this until the price rose to 20K in 2017, he still has the paper wallet but couldn't remember any more the password to decrypt the private key. When created this wallet he barely understand how bitcoin works and just created a paper wallet following a tutorial he found on internet. The password is fairly long he vaguely remember.
Fast forward to 2020, he found in the old hard disk a password protected zip file name mybitcoinkey.zip which contains a .txt file. New hope arise but he wonder anyone can do a service to hack the file? Of course he is willing to pay part of the wallet to the guy.
submitted by Glue_CH to Bitcoin [link] [comments]

Not Your Keys, Not Your Coins

Owning bitcoin is knowing a private key which can be used to spend a bitcoin UTXO.
If any other person knows this private key, they could spend the UTXO.
For this reason, you must keep your private keys secure, and secret.

Scams & Frauds

Scammers have been attempting to take bitcoin from uneducated users for years. One way to do this is to give an uneducated user a bitcoin wallet for which the scammer knows the private key.
The scammer can simply sit back and wait for the uneducated user to send bitcoin to this wallet, and at any time they can send all the bitcoin to their own address. The most malicious scammers may wait months or years before stealing the bitcoin, ensuring they steal as much as possible.

Ballet

Recently a kickstarter campaign has gone live for 'ballet', a product which purports to be a simple and secure way to hold bitcoin without any setup. This product is shipped with the private key & an address physically printed/engraved on the product.
Specifically there are 3 elements to the design;
  1. An encrypted private key printed on a sticker.
  2. A 'wallet passphrase' engraved on the product with a scratch-off sticker covering it.
  3. A public address printed on a sticker, stuck on top of the encrypted private key.
Anyone who can combine (1) & (2) can spend bitcoin sent to the address (3), be this person the owner of the product, the CEO of the company making this product, a malicious employee or an outside attacker.

Don't Trust - Verify

The claim made by the manufacturer is that that (1) & (2) are not permanently recorded by the company, and thus the company can't steal your bitcoin.
This is not a claim that you can verify.
It is not possible for you, the user, to watch every step of every process for every device and inspect the code running on every machine and thoroughly check every room for hidden cameras.
It is not possible for anyone to do this, because it would require complete constant pervasive surveillance.
Even if the company is not intentionally planning to steal from those buying these products, they cannot guarantee that a malicious employee or an outside attacker has not compromised their process.
The product is sold under the false pretense that securing your bitcoin is a technologically challenging process which requires technical expertise and identity checks. This is NOT TRUE.

The Solution

There are many bitcoin wallets which can be checked against malicious injection of code designed to steal your bitcoin. Software releases are done in such a way that you can download a specific version of a tool and check that the hash of the file matches that which you have confirmed to be secure. Because many of the wallets listed are used by thousands of users & developers there are lot's of 'eyes on the code', that is to say that many people are watching the code changes to ensure that there is no funny business.
It is true that some users blindly download bitcoin wallets, these users are exposed to the aforementioned risk of using a wallet which has an insecure private key. However it is possible for users to check a version of a piece of software, to combine their efforts and verify that a certain version of software is secure. To track the changes made to the software over time to give reassurances that the code is secure for their use.
For this reason it is inaccurate to liken the risk of 'balet' being insecure with the risk of a software wallet being secure. The former can NEVER be provably secure, whilst the latter can.
Furthermore, there are actual bitcoin hardware wallets which are designed to allow you, the user, to generate, secure and backup your bitcoin private keys in such a way that you don't need to trust the wallet manufacturer (my favorite is the ColdCard).

Archive of Text from Balet WEBSITE

  1. Using an offline computer, serial number, wallet passphrase, and intermediate code are generated in Ballet’s USA headquarters
  2. Serial number and intermediate code are then electronically transmitted to Ballet’s office in China.
  3. Afterwards, the BIP38 process is used to randomly generate an encrypted private key (EPK) using the intermediate code data.
The corresponding public key and coin addresses will be generated, along with a confirmation code, to be used for verification and additional checking afterwards. This encrypted private key is secure data, which is only stored once, on a hard disk drive.
In China, this two-layer QR code sticker is manufactured using an offline process in a secure printing facility
The secure data is never transmitted to any external computers or system. The secure data is transferred physically, on a hard disk drive. Right after the printing process, the secure data is then deleted, overwritten, and physically destroyed.
The secure two-layer QR code sticker will then be securely applied to the hardware wallets, without ever revealing the encrypted private keys.
Once finished, the partially assembled wallets are sent to the United States for final production. The confirmation codes are also electronically sent back to the United States. This is for further verification to ensure that the encrypted private keys and decryption wallet passphrase does match up with the generated cryptocurrency coin addresses.
The hardware wallets and QR code stickers are verified and double checked in the United States according to their corresponding serial numbers.
The matching decryption wallet passphrase and serial number will then be laser etched onto the wallets. A strip of tamper evident scratch-off material is then applied on the wallet, to cover the wallet passphrase.
submitted by 6102bitcoin to Bitcoin [link] [comments]

Recently had mind expanded by all matters bitcoin, spent 10 days studying and deliberating - need some technical / key security reassurance please!

Hi experienced bitcoin users, I've recently had my mind expanded by all matters bitcoin and have spent 10 days studying and deliberating and have reached a very positive place with regard to it.
What I could use now is just a critique of the way I've generated my paper wallets before I start using them!
I have not been able to boot my pc using any of the linux live cd / bootable usb options so I ran the bitaddress.org software from github on a very old laptop running xp. Router turned off at mains, wireless adaptor disabled.
Key pairs generated were printed out on a laser printer with no internet connectivity.
Provided that laptop never gets connected to the internet, am I safe to trust the security of this setup?!
One further question: if I encrypt the passphrase with BIP38, where does the decryption occur (i.e. through what interface?)
Am hangin out to get started by buying 0.5btc on localbitcoins but I want to be sure I have secure cold storage I can sweep the funds to immediately!
Thanks in advance and totally open to advice!
PS - if i can get confidence in the system quickly I'll start accepting btc in my small business! :-D
EDIT: Couple of hrs later and I have now successfully consolidated funds (about 0.006btc) from two sources into a single hot wallet with 2FA! :-D
Thanks to all redditors that replied for their generous advice AND btcs! I now need to double check that my keys work (using offline machine) before transferring my first funds into cold storage.
All being well I will start accepting bitcoins for my goods in next couple of days and will update as to my progress. I'll also be on the lookout for opportunities to pay-it-forward, which should be plentiful enough! :-D
submitted by justabtcnoob to Bitcoin [link] [comments]

Can anyone point me to instructions on how to sweep coins from paper wallet?

I created BIP38 Encrypted paper wallet few years ago. Now I want to sweep the coins. Are there any step by step instructions on what to do this in safe manner?
submitted by helpmeretire to btc [link] [comments]

You can now email bitcoins as an attachment

Or Dropbox link… or however people share files.
I just launched moneypacket.org. It’s an open source, client-side website that allows you to create what I call “money packets”. A money packet is file on your computer which contains bitcoins, like a digital envelope. They can be shared over email or Dropbox or backed up to a hard drive, just like any other file.
I’d love to know what you guys think, especially if you run into any problems. This is my big launch and first attempt at serious front-end work.
Cheers!
Edit: Obvious disclaimer but I want to make it anyway. This is the first release of alpha level software. Please don't trust it with any significant amount of money.
Edit 2: I just pushed v0.22 which tightens up security:
P.S. to those that generously tipped, thank you!
submitted by loveforyouandme to Bitcoin [link] [comments]

Summary: pitfalls of paper wallets

Pitfalls and solutions of paper wallets

Creating paper wallets:

Problematic action: Create a paper wallet on a paper wallet service website without disconnecting from the internet. Reason: It's extremely insecure for many reasons, some being 1) the website is hacked with generated private keys sent to the hacker; 2) there may be malware in the browser or in the operating system that sends the private keys to the hacker. Solution: The bottom line is to disconnect the internet before creating the paper wallet. It's not secure enough because 1) the malware can save the private keys and wait for internet connection to send them out; 2) the malware can interfere with the generation process itself and give you a private key that is already known to the hacker, which is called backdooring the random number generator; 3) the private keys may exist on the hard disk therefore may be extracted by malware or after the computer is disposed. Better solution: Download the paper wallet app from an online computer. Copy it to an offline computer via a flash drive. Run it from there. Best solution: Use a live operating system, such as a Linux live CD, to run the paper wallet app. This is not ultimately bullet-proof, especially for high-value targets, because there exist malware that can hide in the BIOS and firmware of your computer and can infect your live operating system. It should be secure enough for average Joes.
Problematic action: Create a paper wallet without serious verifications. Reason: There may be incompatible issues with operating systems and browsers. Solution: Run tests on various operating systems and various browsers before putting BTC in. Make sure the generated private keys are identical. This applies to regular paper wallets and BIP38 paper wallets. Make sure the decrypted BIP38 keys are correct.
Problematic action: Create a brain wallet created by bitaddress.org or other brain wallets without key stretching. Reason: It has been proven insecure. Solution: Use WarpWallet or other brain wallets with key stretching, e.g., scrypt, bcrypt, sha512crypt, pbkdf2, and so on.

Printing paper wallets:

Problematic action: Use a wireless printer. Reason: It's insecure because wireless networks are insecure. Solution: Use a wired printer.
Problematic action: Use an advanced printer, which has internal storage, such as a hard drive. Reason: It is insecure because the private key of the paper wallet printed may be stored on the internal storage, therefore may be recovered if the printer is sold or scrapped. Solution: Use a dumb printer. Or keep the printer locked up and never sell or scrap it. Or smash the printer, including and especially the internal storage.
Problematic action: Leave the printer open for other people to access after printing without turning it off. Reason: It's insecure because the private key printed may still be in the memory of the printer. Solution: Turn the printer off after printing.
Problematic action: Leave the computer untreated after printing. Reason: It's insecure because the printer driver and/or operating system may be keeping copies of the documents you print in some sort of "spool" or print queue. Solution: Use a live operating system, such as a Linux live CD, to print.
Problematic action: Use a shared printer (at work or school, for example). Reason: It's insecure because 1) the printer may have a glitch and someone else may get your printouts; 2) the printing jobs may be centrally logged. Solution: Don't. Use your own printer.
Problematic action: Use a printer to print the private key or the QR code of the private key. Reason: See above. Solution 1: Don't use a printer for private key stuff. Hand-write the private key. Hand-draw the QR code if you and the helping checker are patient enough. Or ignore the QR code since hand-drawing the QR code of the private key may be too time-consuming. Double check. Then check it again, preferably on a different day. Get someone you trust to check it. Then get him/her to check it again, preferably on a different day. (Testing the private key in a wallet app can make it sure. But it comes with risks.) Solution 2: Don't use a printer for private key stuff. Use brain wallet. Write down the passphrase and the relevant information, e.g., the name of the tool used, e.g., WarpWallet, and the instructions. Store it the same way as a paper wallet. Save and store some copies of the tool, in case the future versions become incompatible. (There are pitfalls for creating man-made passphrases. It is beyond the scope of this post. In a nutshell, don't create the passphrase (solely) with your brain, and don't keep the passphrase (solely) with your brain.)

Spending from paper wallets:

Problematic action: Import a paper wallet private key into a wallet app, then spend directly from the paper wallet address.
Mistake: Expect the paper wallet automatically receives/holds changes, similar to a real-life wallet, which may not be the case. Reason: Early wallet apps didn't handle the changes correctly. The changes became the transaction fees of the miners. There is a misunderstanding of how Bitcoin works. There is no account balance of any kind in Bitcoin. There is only Unspent Transaction Outputs (UTXOs). The receiving addresses of changes, which will become the new UTXOs, must be specified when BTC is spent. Otherwise, the changes will automatically become the transaction fees. This depends on the implementation of the wallet app, which should not be trusted.
Mistake: Think nothing is wrong if changes are handled correctly. Reason: It's called address reuse, which is not recommended in Bitcoin because 1) it reduces anonymity of both the sender and all the consecutive receivers; 2) it reduces the security by exposing the public key, which is vulnerable to quantum computing. Addresses are hashes of public keys, which are safe from quantum computing.
Mistake: Destroy the paper wallet after it's imported into an HD wallet, thinking that it has become a part of the HD wallet and it's safe to destroy because the master seed of the HD has been backed up. Reason: It is not a part of the HD wallet. If the paper wallet (the paper) is destroyed and the app is uninstalled, the BTC is gone even if the HD wallet is recovered from its master seed.
The right way: Spend (transact) all BTC in a paper wallet to an address of your wallet app. It is called "sweeping", which is completely different from importing the private key. Spend BTC from there. After all the spending is finished, create a new paper wallet and transact all the remaining BTC to it. Store the new paper wallet. Keep the old one for future reference, or destroy it if you don't want the trace.

Destroying paper wallets:

Problematic action: Destroy a paper wallet after it is used. Reason: You may need to prove you had control of that address some day, e.g., for taxation purpose. In the case of a chain split, you may have a balance on the other chain. Solution: Don't ever destroy a paper wallet. Keep it on file. Mark it with the relevant information, e.g., "Used in April 2017". Unless you don't want to be tied to the address.

Pitfalls not specific to but more likely happen to paper wallets:

Problematic action: Google a famous wallet app, click the first link or the sponsored link, download/install it, and use it, without serious research. Reason: It's insecure because the wallet app may be a scam. Solution: Do thorough research prior to deciding which wallet app to use. Find the official site prior to downloading/installing it.
Additions and corrections are welcome.
Edit: multiple editing for additions, corrections, and clarifications.
Disclaimer: Although I set off to make this article in order to use paper wallet safely, I ended up not using it. Some of the solutions are collected from the internet. Some are my untested ideas. Use the article at your risk.
submitted by exab to Bitcoin [link] [comments]

Here are Security Tips to Generate Cold Storage Securely

Security is a spectrum.
The amount of effort, cost, and paranoia dedicated to generating cold storage should be proportional to the value being protected and its significance to the holder both now and potentially in the future.
To avoid loss of funds, here are some tips to generate cold storage as securely as possible:
submitted by cryptostorage to Bitcoin [link] [comments]

trying to import BIP-38 paper wallet into Electum.. what private key format do I need to use?

SOLVED* tldr I mis-copied the private key, or Electrum was not connected, or not synced, so re-copied and pasted and the greyed out "IMPORT" botton became clickable. I'm leaving this here for reference
I have a pre-btc/bch fork BIP-38 paper wallet. I want to import (not sweep) it into an Electrum Wallet v3.3.3, and then import the BCH in that paper wallet into an Electron Cash Wallet v3.3.5.
I created a new Electrum Wallet, chose "Import Bitcoin addresses or private key" as the wallet type, and was then asked to enter the Bitcoin address or private key to import.
I decrypted the BIP-38 paper wallet and was provided with the Private Key, in various formats. They are:
Private key WIF (51 characters base 58, starts with a "5" Private Key WIF Compressed (52 characters base 58, starts with a "K" or "L"; Private Key Hexadecimal Format (64 characters [0-9A-F]); Private Key Base64 (44 characters); or Private Key BIP38 Format (58 characters base58, starts with '6P') 
I've no idea which one to use. I tried the first (the one starting with "5") but the IMPORT button in Electrum remained greyed out. So I tried the next (the Private Key WIF Compressed format starting in "K" or "L"), and the IMPORT BUTTON became clickable so I clicked it.
But, I've been sitting waiting for something to reflect on the Electrum wallet, and after a couple of hours there is still no record of the import, either under Electrum's History page, Receive page, or Coins pages
Does anyone know what private key format I must use to import a private key of a BIP-38 paper wallet into Electrum?
Ty in advance
submitted by seedpod02 to btc [link] [comments]

Here are Security Tips to Generate Cold Storage Securely

Security is a spectrum.
The amount of effort, cost, and paranoia dedicated to generating cold storage should be proportional to the value being protected and its significance to the holder both now and in the future.
Here are some tips to generate cold storage as securely as possible:
submitted by cryptostorage to btc [link] [comments]

Paper Wallet Question

Hello Reddit,
Tried making a paper wallet for the first time. Did all the requirements, offline creation, BIP38 etc. I sent a 1$ worth of bitcoin just to try it out then and when I tried to import it to a mobile wallet through the private key, it won't import.
I decrypted the private key through bitaddress.org and when I tried to sweep it, it says that there are no funds on the private key.
I checked the balance on the blockchain through my public key and the 1$ is still there. Pretty weird predicament. Any suggestions on taking it out?
submitted by rudkeja to BitcoinBeginners [link] [comments]

Cryptographic Camouflage

I'm currently reading Hoover and Kausik's paper "Software Smart Cards via Cryptographic Camouflage" and try to assess the soundness of the approach. Though not generally applicable, I think it's a clever idea to protect a private key in software-only containers. Have you ever heard about it? I'm wondering how much scrutiny was performed against this scheme and if there's some widely-known weaknesses which I'm not aware of. Thanks!
submitted by rhpk to crypto [link] [comments]

An exhaustive look at private keys for the uninitiated.

I wrote this explanation of private keys several months ago for folks in /BitcoinBeginners, but I thought some of the new people here might get some benefit out of it. There is no TL;DR. Sorry for the length! Any corrections or clarifications are welcome and appreciated!
A private key is just a really big number--that's it. If someone discovers the number you've chosen to use as your private key, they will be able to access any bitcoins assigned to that number. This may seem disconcerting at first. After all, if someone were to just happen to guess your number, they would have access to all your bitcoins, right? But many types of security come down to knowing or possessing something that is difficult to guess or reproduce. For example, a Master brand combination padlock with a 3 number combination on a dial with 0-36 has around 50,653 possible combinations (373 ). A typical pin-tumbler lock today has 5 pins with each pin having only about 10 different height levels meaning that there are only 100,000 (105 ) effective combinations for an average house key. Even a credit card number is only 15 characters long with 10 digits per character. That means there are only 1015 possible combinations of credit card numbers which is equivalent to about 1 quadrillion (there is some added security by combining that number with an expiration date and 3-digit security code, but I'm ignoring that for now). The point is, we're accustomed to using much smaller pools of possible combinations to protect many parts of our lives today.
By comparison, a private key for Bitcoin begins as a 256-bit number or a number that is 256 characters long with 2 digits per character (a bit in the binary number system that computers understand is either 1 or 0), which is 2256. That's huge. How huge? Remember that 1015 was equal to a quadrillion? A 256-bit private key used for Bitcoin can be any number between 0 and 115 quattuorvigintillion 792 trevigintillion 89 duovigintillion 237 unvigintillion 316 vigintillion 195 novemdecillion 423 octodecillion 570 septendecillion 985 sexdecillion 8 quindecillion 687 quattuordecillion 907 tredecillion 852 duodecillion 837 undecillion 564 decillion 279 nonillion 74 octillion 904 septillion 382 sextillion 605 quintillion 163 quadrillion 141 trillion 518 billion 161 million 494 thousand 336.
In reality (because of some of the fancy math we do to that 256-bit number to make it a bit more useable create the public key pair value which we will use as the address), some of the available addresses will overlap, so the actual pool of available addresses is more like 2160, but we're still talking about a gigantic number of possible addresses. To give you some context on the sheer scale of 2160, the number of grains of sand on the Earth is estimated at about 266. The number of stars in the universe is estimated at about 276. There are approximately 296 atoms in a cubic meter of water, and the number of atoms in the sun is estimated at 2190. Need a visual comparison? This graph shows the number of available Bitcoin addresses compared to the width of the universe in Zeptometers (one Zeptometer is one quintillionth of a meter) and the age of the universe in Yoctoseconds (one Yoctosecond is one sextrillionth of a second). So your private key with its 2160 possible combinations should be pretty safely hidden. Even a computer that could execute 1013 instructions per second would take around 5 trillion years to guess your private key.
Since most humans can't keep a number in the quatturovigintillion's in their head, there are a number of tricks we can use to make it easier to manage. One thing we can do is to reduce the number of characters we have to remember, and the way to do that is to change the numerical base we use. Computers represent numbers in binary (also called base 2) which means every digit in the number is either a 0 or 1. To represent a private key in base 2, we have to use 256 places. To represent the same number in the base 10 we most commonly use, where each digit can be 0-9, we would only need 77 places. So, the higher the base, the smaller the resulting string. Base 16 (also known as hexadecimal) uses 0-9 and A-F for a total of 16 different possibilities for each digit. This reduces the number of places needed to represent the number to 64. There are many other bases that use different characters to represent more and more of the number, but the most common numerical base to use for Bitcoin addresses is Base 58 (actually, it's a special version of Base 58 called Base58Check which only uses characters that are not easily confused visually like 0 and O, and includes a 32-bit checksum appended to the payload, and has an extra step to preserve leading zero bytes). The result is a string of letters and numbers that is usually about 51 characters long.
Of course, if you don't want to waste time trying to memorize a string of 51 characters, most of us trust our Bitcoin wallet applications to write that number to a file and to keep track of it for us. But anytime you write down your key, you make it vulnerable to being discovered, especially if the thing you write it on is connected to the Internet. This is why it is smart to encrypt the file containing your private key. And this is where some people get confused: The passphrase for your private key, in this example, is only for locally decrypting a file on your computer or device that stores your private key. It is not for using or accessing the private key itself. You cannot passphrase-protect the ability to use your private key to prevent an unauthorized person from using your private key, you can only take steps to hide what that key actually is.
Another way you can hide your private key to make it easier to transport on paper is by using an encryption process developed specifically for Bitcoin addresses known as BIP38 (BIP stands for Bitcoin Improvement Proposal). BIP38 allows you to create a new address which looks similar to a Bitcoin private key, but will not function as one directly. Instead, you will need to decrypt the BIP38 address using a program that understands how to decrypt BIP38 using the passphrase that encrypted the address. This is a handy process because you can carry a BIP38 protected address around on a piece of paper, and as long as you remember the passphrase, your bitcoins should remain safe even if the paper is stolen or lost. Again, this doesn't protect someone from using your private key if they discover it in some other way, but it will conceal your private key when you write it down to make it more difficult to discover.
Now, you may have heard in some cases that a passphrase is a private key. This may be confusing, but this is just referring to another way to keep track of this very large number. There are mathmatical formulas that can take data of any length and by passing it through the formula they create a number with the same number of bits every time. These formulas are called hashing algorithms. One such hashing algorithm is called SHA-256 which can take data of any length and produce a 256-bit number from it. You could give it a single word that's 6 letters long, or give it a text file with all the collected works of William Shakespeare in it and each one would produce a unique 256-bit number. And because of the properties of the formula, as long as you feed it the same data that you did originally it will always produce the same number as a result (called a hash). So, when someone tells you that their passphrase is their private key, they mean that they have fed their passphrase through a hashing algorithm to produce a 256-bit number from which they can use as their private key. This process is also known as a brain wallet. While this may seem clever you're essentially pitting your memory capacity against a cracker with a computer, and the odds are the computer will win. Please avoid using brain wallets if you have the choice.
If your private key is ever exposed or if it can ever be calculated using a hashing algorithm, that is all someone needs to take any bitcoins contained in that address, so take good care of it!
edit: just clarifying a couple of points
edit2: updated the name of the number between which private keys can be used, and clarifying that the math is applied to the public key which is what introduces the potential for collisions
edit3: clarifying what Base58Check differs from Base58
submitted by spectyr to Bitcoin [link] [comments]

'What is wrong with my current cold storage method' - an examination of potential weaknesses in the most common cold storage methods

Today we are going to discuss cold storage and some specific problems with cold storage. While this applies directly to the Secret Key portion of a key-pair; it also applies to the seed used to back up HD wallets and hardware wallets.
Not to say everything is all bad but there are many potential weakness out there, and some in the Bitcoin and crypto community like to know the edge cases of things.
I will also highlight some of the aspects of the Keyois Capsule which is a 'physical bitcoin'.
A physical Bitcoin is a cryptographic key pair, a physical key printed and affixed to what has always been before a coin. The first physical bitcoin coin was the Casascius coin, since then the world of physical bitcoin coins has blossomed as a fun part of the Bitcoin world.
We will focus on mediums relating to cold storage and not ones designed for more everyday use, but this applies to the seed you save to keep your everyday spending wallets safe and backed up.
We will assume you generated your keys securely and that you already have them on some medium. We will also have to ignore endpoint physical security because they can all be carried away the same. Remember your cell phone /hardware wallet/ computer client are only as good as where you put the backup seed phrase, which can be thought of as data much like the SK discussed below.
Written on a piece of paper
Printed on a piece of paper
On laminated paper
Engraved / etched/ ablated/ stamped on a piece of metal
Stored digitally on a computer
Stored digitally on CD, floppy disk, laserdisc, or mini-disc
Stored digitally on a flash drive
Backups are essential for digital data Computer code for performing operations can be corrupted in transfer or in operation. Special systems exist and procedures help data to last longer. For ideas, see this archive.gov page Remember to store in multiple locations. You can lose everything in single structure
A physical bitcoin coin
What can solve most of these problems? A combination of good backup procedures and encryption.
If you have permeant access to more than one location (people who live in big cities, without family or cars have a hard time with this) or have people you trust with your money (don't) then look into using some form of Multi-signature option.
The Keyois Capsule is a crypto piggy bank; it can be funded from the outside but you to break it open to get them out. You give me a BIP38 encrypted key pair (well the address not the public key) and I engrave it in this tamper evident and time resistant package. You still have to hold on to the pass phrase that allows you to decrypt it; that is however the same problem as all methods with BIP38 encryption. How to store this without having to trust anyone but still being assured of it's security?
  • Engraving, embossing, or stamping on a sheet of metal is one option; however the metals that are easiest to stamp are ones that melt in a house fire. They could be put in a glass jar that's filled with aerogel and buried. These is the best readily available option for most people but it really can be tedious.
  • The cryptosteel is another ready-made option
  • Have the words etched onto glass at home with off the shelf products; but be carful of this idea because the glass can shatter from impact and heat or even sudden temperature changes
  • Anodize the words yourself on a pieces of metal, there used to be a service to help use your home printer to print the words with some chemicals you can buy
  • Bake them in clay, then encase that in epoxy resin so it can't shatter. then paint the outside, in the future you can solvent the paint off and see the written seed
  • Use a combination of techniques to split the seed so that it is safe(because split and separated) and redundant (because backed up).
Characters stamped on Aluminium is probably the most cost effective way to keep a secret key or seed safe from fire and rot.
submitted by ProfBitcoin to btc [link] [comments]

'What's wrong with my current cold storage method?' - an examination of potential weaknesses in the most common cold storage methods

Today we are going to discuss cold storage and some specific problems with cold storage. While this applies directly to the Secret Key portion of a key-pair; it also applies to the seed used to back up HD wallets and hardware wallets.
The best way to keep you seed/secret key safe is to have multiple copies in multiple locations perhaps with multiple formats and even better if the keys are split. However not everyone has access to multiple locations, or access to land long term, or more than one place to store their things. This is an examination of faults with individual methods; and not a comprehensive plan, obviously.
Not to say everything is all bad but there are many potential weakness out there, and some in the Bitcoin and crypto community like to know the edge cases of things.
I will also highlight some of the aspects of the Keyois Capsule which is a 'physical bitcoin'.
A physical Bitcoin is a cryptographic key pair, a physical key printed and affixed to what has always been before a coin. The first physical bitcoin coin was the Casascius coin, since then the world of physical bitcoin coins has blossomed as a fun part of the Bitcoin world.
We will focus on mediums relating to cold storage and not ones designed for more everyday use, but this applies to the seed you save to keep your everyday spending wallets safe and backed up.
We will assume you generated your keys securely and that you already have them on some medium. We will also have to ignore endpoint physical security because they can all be carried away the same. Remember your cell phone /hardware wallet/ computer client are only as good as where you put the backup seed phrase, which can be thought of as data much like the SK discussed below.
Written on a piece of paper
Printed on a piece of paper
On laminated paper
Engraved / etched/ ablated/ stamped on a piece of metal
Stored digitally on a computer
Stored digitally on CD, floppy disk, laserdisc, or mini-disc
Stored digitally on a flash drive
Backups are essential for digital data Computer code for performing operations can be corrupted in transfer or in operation. Special systems exist and procedures help data to last longer. For ideas, see this archive.gov page Remember to store in multiple locations. You can lose everything in single structure
A physical bitcoin coin
**What can solve most of these problems? A combination of good backup procedures and encryption. **
If you have permeant access to more than one location (people who live in big cities, without family or cars have a hard time with this) or have people you trust with your money (don't) then look into using some form of Multi-signature option.
The Keyois Capsule is a crypto piggy bank; it can be funded from the outside but you to break it open to get them out. You give me a BIP38 encrypted key pair (well the address not the public key) and I engrave it in this tamper evident and time resistant package. You still have to hold on to the pass phrase that allows you to decrypt it; that is however the same problem as all methods with BIP38 encryption. How to store this without having to trust anyone but still being assured of it's security?
  • Engraving, embossing, or stamping on a sheet of metal is one option; however the metals that are easiest to stamp are ones that melt in a house fire. They could be put in a glass jar that's filled with aerogel and buried. These is the best readily available option for most people but it really can be tedious. - This puts you back at anyone who can see it can steal it so dip in plastic dip, wrap in duct tape, bake in clay, encase in concrete, whatever just don't leave unencrypted keys visible!
  • The cryptosteel is another ready-made option
  • Have the words etched onto glass at home with off the shelf products; but be carful of this idea because the glass can shatter from impact and heat or even sudden temperature changes
  • Anodize the words yourself on a pieces of metal, there used to be a service to help use your home printer to print the words with some chemicals you can buy
  • Bake them in clay, then encase that in epoxy resin so it can't shatter. then paint the outside, in the future you can solvent the paint off and see the written seed
  • Use a combination of techniques to split the seed so that it is safe(because split and separated) and redundant (because backed up).
The most cost effective way for a 'normal' person (without their own land, without more than one location, and who cannot trust anyone else with their funds) to keep their backup seed/ secret key safe from damage from the elements would probably to buy a stamping kit and hammer and some stainless steel sheet or bar, Aluminium can be okay if you have the right alloy but better safe than sorry.
submitted by ProfBitcoin to Bitcoin [link] [comments]

Question about BIP38 paper wallet on bitaddress.org

So I was doing a little testing and came across something that didn't make sense to me. Using the site bitaddress.org, I generated a wallet, and used BIP38 encryption (passphrase "tst").
This was the output:
Bitcoin Address: 1h8fWLfTNpbKntbuhQ3SFftyFUvSJLfGe
Encrypted Private Key (Password required): 6PnTnZwKw3CuEVfv8Bj8XHmgfSn8Yn79Hjsz9vyXP4pG43qskZoDtmzGAa
So then I tried decrypting the private key with my password to make sure it worked fine (go to "Wallet Details")
Enter the encrypted private key, and password "tst", and you get the following:
Bitcoin Address: 1NCMHZnththpyqnWst8AfUYezCvN3dKaf2
Why does the bitcoin address not match the one presented in the beginning??
do you have to decrypt your private key every time to know your public address?
Thanks, hopefully someone understands my concern.
submitted by bteth to btc [link] [comments]

Is there a way to bip 38 encrypt a multisig key pair?

I've been trying to figure this out for a while. All the major tools I've used will not let me bip 38 the multisig private keys (a private key that starts with a 3 is not accepted by any tools I've used)
Does anyone know of a tool I could use to do this, or have any advice on encrypting the private keys with something better than true crypt.
Thank You
submitted by GooseGuy to Bitcoin [link] [comments]

Is this way to sign a message from a paper wallet safe enough?

Hello guys,
what I did (without using the signature so far, just testing if it works):
Now my question is: is that safe enough, is there any way the signature could be somehow faulty or somehow reveal the private key? I'm not quite sure if ubuntu somehow saves anything on the usb drive which could be stolen afterwards if I used the usb drive on a computer with internet connection. I may be a bit paranoid, but I guess it's better to be safe than sorry.
If there's a better or safer way to do this I would appreciate any tips!
Thanks!
submitted by WalterRyan to Bitcoin [link] [comments]

How To Make A Secure BIP 38 Encrypted Bitcoin Paper Wallet ... What is BIP38 ? What is BIP38 ?

BIP38 Encryption/Decryption Tool; BIP38 Encryption/Decryption Tool This tool is used to encrypt and decrypt your private keys. It allows you to encrypt your private keys with an additional passphrase which you may then store as backup. bip38. A JavaScript component that adheres to the BIP38 standard to secure your crypto currency private keys. Fully compliant with Node.js and the browser (via Browserify). Why? BIP38 is a standard process to encrypt Bitcoin and crypto currency private keys that is impervious to brute force attacks thus protecting the user. Package Info Note: BIP38 encrypted keys starts with ‘6P.’ How To Decrypt Private Keys with BIP38? Decrypting BIP38 keys is even easier. For this, you need to use a simple BIP38 tool to decrypt bitcoin private keys and here is the step by step procedure to that: Step #1. Go to bitcoinpaperwallet.com and click on ‘Validate or Decrypt’ section. Step #2. Bitcoin is a distributed, worldwide, decentralized digital money. Bitcoins are issued and managed without any central authority whatsoever: there is no government, company, or bank in charge of Bitcoin. You might be interested in Bitcoin if you like cryptography, distributed peer-to-peer systems, or economics. BIP38 is basically a standard way to encrypt a Bitcoin private key with a password. So if someone finds your encrypted key he can’t decipher it without knowing the password. BIP stands for Bitcoin Improvment Protocol – meaning if you have an idea to make Bitcoin better you can draft it up and if it’s accepted by the community they will ...

[index] [27980] [26018] [11850] [44432] [3280] [33227] [52971] [31682] [11386] [53372]

How To Make A Secure BIP 38 Encrypted Bitcoin Paper Wallet ...

This is a how to video on creating bitcoin paper wallets. While there are other more secure ways of creating paper wallets for bitcoin, the method that I sho... BIP38 is a way to encrypt your Bitcoin private key with a password. For the complete text guide visit: http://bit.ly/2DBvzfK Join our 7-day Bitcoin crash cou... BIP38 is a way to encrypt your Bitcoin private key with a password. For the complete tutorial visit http://99bitcoins.com.

https://forex-portugal.sniperforex.pw