Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Service Announcements
Re: Criticize my tamper-proof paper wallet design... and steal 0.1 BTC if you can.
by
jcw
on 08/05/2013, 08:25:07 UTC
First of all, this is my favorite paper wallet I've seen by far. It has had a lot of thought put into it, and it shows. They look so good I am considering buying a color laser printer so that I can print these in color!

A couple of questions:

  • The tamper-proofing is nice, but I intend to store these securely and so it is not as important to me as being able to trust the wallet generation code itself. Are there any plans to get a third party to post a hash of a vetted version of the offline wallet generator (and/or of the upcoming official Live CD)?
  • I am currently using the technique of booting a Ubuntu Live CD from a non-internet connected computer which has the offline version of the paper wallet generator available on a USB thumb drive. Once opening this in Firefox, I print to a B&W laser printer (connected via USB). Once finished, I remove the Live CD and reboot into my normal OS, and reconnect the network cable. Would the official Live CD provide more security than this?

A few suggestions for the back:

  • Typo in third point "until you are ready import"
  • The last warning on the back of the wallet could be misinterpreted to mean you can't partially spend the funds you have on the wallet (i.e. so how do I ever use this to buy something less than the value on the wallet?). Since you mention How to Deposit as its own step, perhaps you should also have an entire step on How to Withdraw?

    Current:
    When withdrawing your funds from this wallet you should remove the ENTIRE BALANCE.
    If you attempt to spend only some of the funds you will likely lose the remaining bitcoins forever.

    Suggested (feel free to condense):
    To withdraw your funds from this wallet:
    1. Prepare a software wallet to receive the funds. This could be a bitcoin client on your computer or phone, an exchange, or an online wallet.
    2. Transfer the ENTIRE BALANCE to the software wallet. See http://bitcoinpaperwallet.com for instructions on how to perform this transfer. Note that it is important to transfer the entire balance in order to avoid losing control over the remaining bitcoins.
    3. Wait for the transaction to be confirmed. This typically occurs in under 10 minutes. Once confirmed, the funds are free to be spent as desired.
    4. Do not reuse the paper wallet - there is now a software wallet that has knowledge of its private key.

The reason I'm suggesting referring the user to the website for instructions on how to perform the transfer is because there doesn't seem to be a good way to do this just yet. There are several manual ways, some more complicated than others, but unfortunately there doesn't seem to be a feature common to most/all wallet software to sweep funds from another wallet, so the idea is that the current "recommended" ways of doing this could be maintained on the website, rather than out-of-date methods being printed on the wallet itself.