Problematic action: Create a paper wallet on a paper wallet service website without disconnecting from the internet. Reason: It's extremely insecure for many reasons, some being 1) the website is hacked with generated private keys sent to the hacker; 2) there may be malware in the browser or in the operating system that sends the private keys to the hacker. Solution: The bottom line is to disconnect the internet before creating the paper wallet. It's not secure enough because 1) the malware can save the private keys and wait for internet connection to send them out; 2) the malware can interfere with the generation process itself and give you a private key that is already known to the hacker, which is called backdooring the random number generator; 3) the private keys may exist on the hard disk therefore may be extracted by malware or after the computer is disposed. Better solution: Download the paper wallet app from an online computer. Copy it to an offline computer via a flash drive. Run it from there. Best solution: Use a live operating system, such as a Linux live CD, to run the paper wallet app. This is not ultimately bullet-proof, especially for high-value targets, because there exist malware that can hide in the BIOS and firmware of your computer and can infect your live operating system. It should be secure enough for average Joes. Problematic action: Create a paper wallet without serious verifications. Reason: There may be incompatible issues with operating systems and browsers. Solution: Run tests on various operating systems and various browsers before putting BTC in. Make sure the generated private keys are identical. This applies to regular paper wallets and BIP38 paper wallets. Make sure the decrypted BIP38 keys are correct. Problematic action: Create a brain wallet created by bitaddress.org or other brain wallets without key stretching. Reason: It has been proven insecure. Solution: Use WarpWallet or other brain wallets with key stretching, e.g., scrypt, bcrypt, sha512crypt, pbkdf2, and so on.
Printing paper wallets:
Problematic action: Use a wireless printer. Reason: It's insecure because wireless networks are insecure. Solution: Use a wired printer. Problematic action: Use an advanced printer, which has internal storage, such as a hard drive. Reason: It is insecure because the private key of the paper wallet printed may be stored on the internal storage, therefore may be recovered if the printer is sold or scrapped. Solution: Use a dumb printer. Or keep the printer locked up and never sell or scrap it. Or smash the printer, including and especially the internal storage. Problematic action: Leave the printer open for other people to access after printing without turning it off. Reason: It's insecure because the private key printed may still be in the memory of the printer. Solution: Turn the printer off after printing. Problematic action: Leave the computer untreated after printing. Reason: It's insecure because the printer driver and/or operating system may be keeping copies of the documents you print in some sort of "spool" or print queue. Solution: Use a live operating system, such as a Linux live CD, to print. Problematic action: Use a shared printer (at work or school, for example). Reason: It's insecure because 1) the printer may have a glitch and someone else may get your printouts; 2) the printing jobs may be centrally logged. Solution: Don't. Use your own printer. Problematic action: Use a printer to print the private key or the QR code of the private key. Reason: See above. Solution 1: Don't use a printer for private key stuff. Hand-write the private key. Hand-draw the QR code if you and the helping checker are patient enough. Or ignore the QR code since hand-drawing the QR code of the private key may be too time-consuming. Double check. Then check it again, preferably on a different day. Get someone you trust to check it. Then get him/her to check it again, preferably on a different day. (Testing the private key in a wallet app can make it sure. But it comes with risks.) Solution 2: Don't use a printer for private key stuff. Use brain wallet. Write down the passphrase and the relevant information, e.g., the name of the tool used, e.g., WarpWallet, and the instructions. Store it the same way as a paper wallet. Save and store some copies of the tool, in case the future versions become incompatible. (There are pitfalls for creating man-made passphrases. It is beyond the scope of this post. In a nutshell, don't create the passphrase (solely) with your brain, and don't keep the passphrase (solely) with your brain.)
Spending from paper wallets:
Problematic action: Import a paper wallet private key into a wallet app, then spend directly from the paper wallet address. Mistake: Expect the paper wallet automatically receives/holds changes, similar to a real-life wallet, which may not be the case. Reason: Early wallet apps didn't handle the changes correctly. The changes became the transaction fees of the miners. There is a misunderstanding of how Bitcoin works. There is no account balance of any kind in Bitcoin. There is only Unspent Transaction Outputs (UTXOs). The receiving addresses of changes, which will become the new UTXOs, must be specified when BTC is spent. Otherwise, the changes will automatically become the transaction fees. This depends on the implementation of the wallet app, which should not be trusted. Mistake: Think nothing is wrong if changes are handled correctly. Reason: It's called address reuse, which is not recommended in Bitcoin because 1) it reduces anonymity of both the sender and all the consecutive receivers; 2) it reduces the security by exposing the public key, which is vulnerable to quantum computing. Addresses are hashes of public keys, which are safe from quantum computing. Mistake: Destroy the paper wallet after it's imported into an HD wallet, thinking that it has become a part of the HD wallet and it's safe to destroy because the master seed of the HD has been backed up. Reason: It is not a part of the HD wallet. If the paper wallet (the paper) is destroyed and the app is uninstalled, the BTC is gone even if the HD wallet is recovered from its master seed. The right way: Spend (transact) all BTC in a paper wallet to an address of your wallet app. It is called "sweeping", which is completely different from importing the private key. Spend BTC from there. After all the spending is finished, create a new paper wallet and transact all the remaining BTC to it. Store the new paper wallet. Keep the old one for future reference, or destroy it if you don't want the trace.
Destroying paper wallets:
Problematic action: Destroy a paper wallet after it is used. Reason: You may need to prove you had control of that address some day, e.g., for taxation purpose. In the case of a chain split, you may have a balance on the other chain. Solution: Don't ever destroy a paper wallet. Keep it on file. Mark it with the relevant information, e.g., "Used in April 2017". Unless you don't want to be tied to the address.
Pitfalls not specific to but more likely happen to paper wallets:
Problematic action: Google a famous wallet app, click the first link or the sponsored link, download/install it, and use it, without serious research. Reason: It's insecure because the wallet app may be a scam. Solution: Do thorough research prior to deciding which wallet app to use. Find the official site prior to downloading/installing it. Additions and corrections are welcome. Edit: multiple editing for additions, corrections, and clarifications. Disclaimer: Although I set off to make this article in order to use paper wallet safely, I ended up not using it. Some of the solutions are collected from the internet. Some are my untested ideas. Use the article at your risk.
I'm the developer of bitaddress.org. I like to share my thoughts on the recent Fee Event. I have come to believe Bitcoin is more about people and our values than about code. Bitcoin's vision in the whitepaper is explicitly about P2P cash. It wasn't labeled an interbank settlement system. The original client was an all-in-one Windows application for your desktop PC. You could mine with your CPU. Send and receive payments with a wallet. Relay transactions and store the full blockchain. We've drifted from the original optimistic and idealistic vision of Satoshi. The Genesis block made a statement about the banks and monetary policy by quoting a prominent newspaper headline in the financial center of the world, London. Satoshi's answer was cryptographic art through mimicking commodity money realized with networked code. We should bring our focus back to making that work. The first critics said Bitcoin wouldn't scale. Satoshi continued responding that Moore's law is powerful and text is cheap to store. As more people joined the network there has always been need to optimize the code. Specialize the software repositories and binaries. Respond to the adapting changes in OS landscape. From retail users on smartphones to power users at data centers. The protocol developers (or reference implementors), today known as Core/Classic developers, have always been able to respond and adapt. The community was smaller and the establishment in society wasn't paying attention. There were less parties interested in the possible, next step, direction of Bitcoin. Other independently managed development teams have built special mining and wallet protocols. This is healthy for Bitcoin. Various groups of developers have specialized parts of the Bitcoin code system. These groups typically need to be communicated with and coordinated with to safely roll out an upgrade to the protocol. These groups are paying attention to the Fee Event. As things have become specialized some things have moved in a positive direction for example how SPV wallets put monetary sovereignty in your pocket. Other things like mining pool centralization and custom hardware and data center scale efficiencies that are due to various pressures in the incentive system of mining have taken us further from the original vision in Satoshi's whitepaper and original client. We don't have the solution for that problem today but rest assured that people are thinking about it. One day, an altcoin might get mining, incentive-wise, to a place where CPU/GPU have some inherent advantage when coupled with the use of other hardware on a typical PC. Bitcoin has longer term decentralization challenges. But today we are faced with a simple short term challenge with a common sense solution. On the 29th of February 2016, the network became unreliable. Today, there is a short term solution running in production for miners and full nodes called Bitcoin Classic 0.11.2. Smartphone wallet and web wallet users will not be affected and transactions will start getting confirmed in the normal 10 to 30 minutes. The tiny change it makes is upgrading the block size limit to 2MB with some additional safety code in place. Once 75% of miners have signaled they have upgraded a 28 day grace period begins and we will have a heck of a get out the word campaign to do! All exchanges, mining pools, large private miners are paying attention. Not everyone who is running a full node is paying attention! When/If Bitcoin Classic activates they will receive a notice in their Bitcoin client that something is not right because blocks are not being found at the regular speed they've slowed down. This will be a message that you may need to upgrade. This has happened before and was effective in getting the long tail of users of full nodes to check the well known discussion sites for news of an event. 2MB means, to me, going from an estimated 10 million user community to a 20 million user community. Even more when medium term SegWit benefits are rolled out. Bitcoin Classic 0.12 is coming out soon so you will have a best of both worlds. All the good stuff of 0.12 from the Core repository. With the Classic finishing touches. When/if Classic activates the Core repo would necessarily need to pull the change set from Classic and begin again to work on the same protocol version. At this point either the development release teams merge or they compete for priorities of feature-sets and the market of miners, full nodes and wallets signal readiness for any upcoming protocol upgrade. The latter might be a robust development governance model for the future of Bitcoin. Join me in upgrading to Bitcoin Classic.
Core supporters are willing now to join this sub and debate us. Let's find a renewed zeal to thoughtfully explain our arguments and dispel any FUD they received in the other sub. Let's remember what winning is... one chain to rule them all. All the electricity pointed at SHA256 PoW must back one chain. If there is any fork the minority must be swiftly killed off via 51% maneuvers. A morally proper and responsible Nakamoto maneuver means Bitcoin rule changes need 80% hash power such that 25% can be used to 51% the minority chain (20%). The remaining 55% will keep the longest chain moving forward. I purposely wrote the above paragraph agnostic of a particular Nakamoto ruleset. As Bitcoiners we must let the hashrate speak and accept its wisdom. Many exchanges have made their position clear that one chain is the simplest path for them. And that if Bitcoin Unlimited prematurely forks (such that the core chain keeps progressing) they will be forced to relegate it to an altcoin (even if temporarily). That's a losing proposition for Bitcoin Unlimited. Patience should be with us Bitcoin Unlimited supporters. The higher the transaction fee goes the more core supporters will awake to our message. I'm a big blocker and developer of bitaddress.org. I've been to a couple Satoshi Roundtables and discussed these issues with well known thoughtful core and blockstream folks. All who sincerely believe a code enforced limit is necessary to protect Bitcoins long-term viability. As well that a hard fork is a betrayal of Bitcoins value proposition of long-term store-of-value because Bitcoin being extremely difficult to hard fork is part of why they value Bitcoin. At this moment the average Bitcoin power user and full node operators still believe in the Core roadmap, SegWit/LN. Now that those guys are here talking to us. Let's help them understand that people won't lock up money to use LN. Payment channels exist today and we don't see two party channel use in the market. Let's have all those many discussions theymos wouldn't let us have. It's our time now as Bitcoiners. We need to talk about malleability, zero conf (Subchains), larger CONOP (node cost) and the big blocker belief that price increase will fuel a healthy subsidy for decades to come. That the 10 minute average block interval sets a limit to the physical limits for transaction throughput. As well miners will carefully ensuring in their own self interest to pay their costs and make sure their blocks get buried 100 deep in the chain they will set a reasonable but ever growing cap on the block size that maintains fee pressure. Slowly but surely pricing out Androids and Raspberry Pis from being a full node.
Released List of Satoshi Roundtable Attendees Gathering this Weekend
Satoshi Roundtable II This weekend a group of blockchain and bitcoin industry leaders gather again for the Satoshi Roundtable (satoshiroundtable.org) retreat. Participants in the second Satoshi Roundtable include developers, CEOs, investors, adopters and influencers from the blockchain and bitcoin world. The retreat is limited to approximately 75 attendees and designed to encourage organic, participant-driven discussion free of the distractions of a conference. Sessions include several topics of overall blockchain interest and a roundtable discussion on bitcoin capacity. Please provide any suggestions you have for areas of discussion/ focus. Partial list of confirmed participants: Gabriel Abed, CEO, Bitt Charles Allen, CEO, BTCS Gavin Andresen, MIT / Bitcoin Foundation Adam Back, President, Blockstream David Bailey, CEO, yBitcoins Mike Belshe, CEO, BitGo Patrick Byrne, CEO, Overstock / T0 Michael Cao, CEO, zoomhash Dave Carlson, CEO, Mega Big Power Daniel Castagnoli, CCO Exodus Sam Cole, CEO, KNC Miner Matt Corallo, Core Developer Luke Dashjr, Core Developer Anthony Di Iorio, CDO-Toronto Stock Exchange, Founder-Ethereum/Decentral/Kryptokit Joe Disorbo, CEO, Webgistix Jason Dorsett, Early Adopter Evan Duffield, FoundeLead Scientist, Dash Andrew “Flip” Filipowski, Partne Co-Founder, Tally Capital Thomas France, Founder, Ledger Jeff Garzik, Founder, Bloq Yifo Guo, Tech Develope Early Adopter David Johnston, Chairman, Factom Samy Kamkar, Super Hacker Alyse Killeen, Partner, Venture Capital Investor Jason King, Founder, Unsung Mike Komaransky, Cumberland Mining Peter Kroll, Founder, bitaddress.org Bobby Lee, CEO, BTC China, Vice-Chairman of the Board, Bitcoin Foundation Charlie Lee, Director of Engineering, Coinbase/Founder of Litecoin Eric Lombrozo, Founder, Ciphrex Corp / Developer Marshall Long, CTO, Final Hash Matt Luongo, CEO, Fold Jake Mazulewicz, Ph.D. JMA Associates (guest speaker) Human performance researcher Halsey Minor, CEO, Uphold / Founder of CNet Alex Morcos, Hudson Trading/ Core Developer Neha Narula, MIT, Director of DCI – Digital Currency Initiative Dawn Newton, Co-Founder, COO, Netki Justin Newton, Founder CEO, Netki Stephen Pair, Co-FoundeCEO, BitPay Inc. Michael Perklin, President, C4 – CryptoCurrency Certification Consortium / Board Member, Bitcoin Foundation Alex Petrov, CIO, BitFury Phil Potter, CFA, Bitfinex Francis Pouliot, Director, Bitcoin Embassy, Board Member, Bitcoin Foundation JP Richardson, Chief Technical Officer, Exodus Jamie Robinson, QuickBt Jez San, Angel Investor Marco Santori, Partner, Pillsbury Scott Scalf, EVP/Head of Tech Team, Alpha Point Craig Sellars, CTO, Tether Ryan Shea, Co-Founder, One Name Greg Simon, CEO & Co-Founder Ribbit! Me / President, Bitcoin Association Paul Snow, CEO Factom, Texas Bitcoin Conference Riccardo Spagni, Monero Nick Spanos, Founder, Bitcoin Center NYC Elizabeth Stark, Co-Founder & CEO, Lightning Marco Streng, CEO, Genesis Mining Nick Sullivan, CEO, ChangeTip Paul Sztorc, Truthcoin Michael Terpin, CEO, Transform Group Peter Todd, Core Developer Joseph Vaughn Perling, New Liberty Dollar Roger Ver, CEO, Memory Dealers / Bitcoin.com Aaron Voisine, CEO, Breadwallet Zooko Wilcox, CEO, Z Cash Shawn Wilkinson, Founder, Storj Micah Winkelspecht, CEO, Gem Also, representatives from Blockchain, Bain Capital Ventures, Mycelium, Fidelity Investments and others.
PSA to new users due to reddit gold announcement: This is how Bitcoin works [Guide]
Due to the new Reddit Gold announcement it is possible that more and more users will stumble upon this subreddit and start using Bitcoin. I wrote this guide because I believe that an informed userbase is key to Bitcoin's success! Rough summary TL;DR:
User Bob creates a transaction by declaring: "I give Alice 10 BTC". (But in Bitcoin protocol language).
This transaction is digitally signed with the private key each address has and can't be forged.
The miners make sure the transaction is valid and record it in a public ledger that is distributed over the whole network.
Alice check this ledger to get her balance.
Bob can't cheat the system because everyone in the network can consult and check this ledger and would immediately refuse a transaction with double spent funds or funds he hasn't got in the first place.
You can start using Bitcoin in a matter of seconds and, although it is a very simple process, it is strongly recommended that you learn about how it works and what is happening to your coins when you make a simple transaction. With Bitcoin it is you who has control over the money and you need to take care of it responsibly. The following text is a very simple guide that will introduce you to the nature of the Bitcoin network and explain what happens during a Bitcoin transaction in a very simple way. The Story of Alice and Bob Once upon a time... there was a reddit user called Bob who wanted to send his friend Alice some bitcoins. He knows that Alice needs 10 BTC and so he decided to send them to her. Bob has got a Bitcoin Wallet with some bitcoins and before clicking the send button he wonders where his bitcoins are actually stored. "Is every Bitcoin a file on my computer? Or a serial number maybe?" Bob quickly notices that this would be very inefficient. What would happen if someone was spying on his connection and intercepted this files? And what would happen if the connection dropped? No. The way Bitcoin works is simple and elegant. When Bob sends Alice 10 Bitcoin, what he is actually doing is digitally signing a declaration of payment. In human language this would look something like this: "I, Bob, send the amount of 10 BTC to Alice". Of course, Bob is also worried that someone might actually forge such a declaration in his name. He also knows that bitcoins are impossible to forge. So how exactly are they protected? These declarations are protected by a mechanism known as Digital Signature. It is an implementation of mathematics and very strong cryptography that guarantees that only the owner can produce a valid signature. Else, the signature would be invalid and the transaction would be rejected by everybody. Digital Signatures You probably already know that in order to receive and send bitcoins you need a Bitcoin adress. Just like with email. And just like with email you need "your password" to be able to send and receive bitcoins. Bitcoin Adresses are generated using mathematics and they can be generated in a decentralized manner. You don't need to login anywhere nor do you need to be online. You just need a program capable of generating such an address. A Bitcoin address, just like your email account, is made up of two different things:
A public part - Give this to anybody so they can send you bitcoins.
A private key - This is what most users don't know. Each Bitcoin address has got it's own very unique key. Most Bitcoin programs don't tell you about this and they keep the keys hidden from the user, basically because it is very important that ONLY you have access to this key and showing them around is not a good idea.
This is the key used to digitally sign a transaction and to guarantee that only the owner of the key can emit a valid transaction and thus spend those bitcoins. Back to Alice and Bob Once Bob's bitcoin wallet has signed this transaction, he sends it across the Bitcoin P2P network. All people who use Bitcoin and are running a Bitcoin client, are connected to each other in order to receive and send these "declarations". Bob's transaction gets relayed from node to node. These nodes verify that the signature is valid and pass it on until, in a fraction of a second, Alice gets notified by her Bitcoin program that she got bitcoins from Bob! "Nice!" Alice thinks. But at the same time she's worried about something else. Alice knows how the Bitcoin network works and ponders whether it was possible for Bob to make up that amount. She knows for sure that it was Bob who sent the money because the digital signature matches. But what would have stopped Bob from writing down any arbitrary amount? What if Bob would have said "I give 1 Bazillion Bitcoins to Alice?". Whie Alice keeps thinking about it, she is unaware that the transaction that was sent to her is still hopping around the network and has a very important role to play... Meet Miner Steve As the transaction keeps hopping from node to node in the Bitcoin network, it will also reach this person who is playing a very peculiar game: a sort of racing game. Steve and many other people who "play" this same sort of game are called miners. Steve's objective is to collect all transactions and publish them in a sort of ledger. In order to guarantee Bitcoin's decentralized and open nature, this must be done in a very specific way. Miner Steve and other miners are running a program on their computer that helps them solve extremely difficult mathematical problems. Steve knows that only the miner who finds the solution to such a problem is authorized to publish the next block of this ledger that contains all the collected transactions. All miners are competing with each other because they want to be the first to solve the problem, publish the transactions and get a Bitcoin reward for it. (Actually more than a game it's a job). In order for Bob to have 10 BTC in the first place, he must have gotten them previously from someone else. Steve checks the part of the ledger that has already been published previously by other miners and makes sure that the transaction is there, recorded somewhere. This tells him that Bob had 10 BTC in the first place and is thus authorized to spend them. Then he just hopes that, with a little bit of luck, his computer program is the first one to find the solution. Guess what? Today's Steve's lucky day! He finds the solution and immediately publishes all the transactions he has collected. The rest of the network verifies that the solution is correct and watches dumbfolded as Steve gets the reward. But there's no time to lose because new transactions never stop arriving and new blocks of this ledger always await to be published. The blockchain This ledger is known as the Blockchain. It is called a chain, because all published blocks depend on the previous. They are protected by a cryptographic function known as hash. What if someone decided to maliciously edit a previous block and assign themselves thousands and thousands of bitcoins? Fortunately this is impossible. If one were to change one single digit, character or bit from the blockchain, all following blocks would be invalidated. Also, notice that not even Miner Steve can maliciously edit Bob's transaction because the digital signature would not match if he tampered with it. The openness, transparency and decentralized nature of the Bitcoin system together with the use of these protection mechanisms create a solid, strong and reliable Bitcoin network, where absolutely no one can cheat. Back to Alice As soon as Miner Steve published the next block of the blockchain, it was redistributed over the whole network until it reached Alice. Once it got to Alice, her Bitcoin Wallet Program checked it to see if there were any transactions that involved her and, as it was the case, made sure to inform Alice that her transaction was confirmed and is now a permanent part of the Bitcoin network. Transactions that are included in the blockchain receive a confirmation. Notice how Alice doesn't need to be online in order to receive bitcoins. She could be offline for hours, days or years and still receive bitcoins with no problem. As soon as she gets online, her program will download the latest blocks of the blockchain and inform her of any incoming transactions. Actually, the only thing Alice will ever need is her private key. She can even keep the private key printed on a piece of paper (paper wallet) and receive bitcoins at the same time. Once she wants to spend them, she would import the private key to a Bitcoin Wallet Program and the program would then read the blockchain to inform her about her balance. Also, since she's got her private key she will be able to digitally sign a valid transaction and spend them. Take a look at http://www.bitaddress.org . This is an online Bitcoin Adress generator that lets you see the private key. About Bitcoin Security As you can see, Bitcoin is extremely secure and absolutely no one who does not know the private key to a public address will be able to spend bitcoins without authorization. You are the sole owner of your bitcoins and it is thus your responsibility to keep the private key to those coins safe. Many bitcoin wallets will encrypt these keys using a password you provide. This is extremely recommended. Also make sure that your computer is free from keyloggers, trojans and malware. If you hold large amounts of coins you might want to consider creating a paper wallet, as no virus in the world can get in your drawer and printed documents. Where does Miner Steve get the reward from? He gets it from the voluntary fees that are included in each Bitcoin transaction. That's why he wants to collect and publish as much transactions as possible because he gets the fees associated with them. Also, every time he publishes a block he's allowed to write his name in the new block and assign himself 25 newly minted bitcoins. This is how new bitcoins get into circulation and injected into the economy in a decentralized manner. This reward will gradually decrease until there are 21 million bitcoins in circulation, which is the maximum amount that will ever be available. Are 21 million bitcoins enough? Yes, because they are divisible up to eight decimals. This amount of divisibility guarantees that there will never be a lack of bitcoins. Why does it take so long for my Bitcoin Wallet to synchronize? The first time you run a full Bitcoin Wallet, it'll need to download the Blockchain in order to read it and keep you updated on the Balance of your addresses. If you don't like this or can't wait, you should use a light client. These are Bitcoin Wallets that connect to a server to read the blockchain and don't need to download anything. This is it! Don't redistribute it until I've got feedback and corrected any mistakes. The whole text is Creative Commons BY - SA Donations appreciated: 18pYzN97CxB8qfUwoBbAFYvD3rGs9rjbH3
This is my handout for paranoid people who want a way to store bitcoin safely. It requires a little work, but this is the method I use because it should be resistant to risks associated with:
Bad random number generators
Malicious or flawed software
If you want a method that is less secure but easier, skip to the bottom of this post. The Secure Method
Download bitaddress.org. (Try going to the website and pressing "ctrl+s")
Put the bitaddress.org file on a computer with an operating system that has not interacted with the internet much or at all. The computer should not be hooked up to the internet when you do this. You could put the bitaddress file on a USB stick, and then turn off your computer, unplug the internet, and boot it up using a boot-from-CD copy of linux (Ubuntu or Mint for example). This prevents any mal-ware you may have accumulated from running and capturing your keystrokes. I use an old android smart phone that I have done a factory reset on. It has no sim-card and does not have the password to my home wifi. Also the phone wifi is turned off. If you are using a fresh operating system, and do not have a connection to the internet, then your private key will probably not escape the computer.
Roll a die 62 times and write down the sequence of numbers. This gives you 2160 possible outcomes, which is the maximum that Bitcoin supports.
Run bitaddress.org from your offline computer. Input the sequence of numbers from the die rolls into the "Brain Wallet" tab. By providing your own source of randomness, you do not have to worry that the random number generator used by your computer is too weak. I'm looking at you, NSA ಠ_ಠ
Brain Wallet tab creates a private key and address.
Write down the address and private key by hand or print them on a dumb printer. (Dumb printer means not the one at your office with the hard drive. Maybe not the 4 in 1 printer that scans and faxes and makes waffles.) If you hand copy them you may want to hand copy more than one format. (WIF and HEX). If you are crazy and are storing your life savings in Bitcoin, and you hand copy the private key, do a double-check by typing the private key back into the tool on the "Wallet Details" tab and confirm that it recreates the same public address.
Load your paper wallet by sending your bitcoin to the public address. You can do this as many times as you like.
You can view the current balance of your paper wallet by typing the public address into the search box at blockchain.info
If you are using an old cell phone or tablet do a factory reset when you are finished so that the memory of the private keys is destroyed. If you are using a computer with a boot-from-CD copy of linux, I think you can just power down the computer and the private keys will be gone. (Maybe someone can confirm for me that the private keys would not be able to be cached by bitaddress?)
To spend your paper wallet, you will need to either create an offline transaction, or import the private key into a hot wallet. Creating an offline transaction is dangerous if you don't know what you are doing. Importing to a client side wallet like Bitcoin-Qt, Electrum, MultiBit or Armory is a good idea. You can also import to an online wallet such as Blockchain.info or Coinbase.
Trusting bitaddress.org The only thing you need bitaddress.org to do is to honestly convert the brainwallet passphrase into the corresponding private key and address. You can verify that it is doing this honestly by running several test passphrases through the copy of bitaddress that you plan on using, and several other brainwallet generators. For example, you could use the online version of bitaddress, and brainwallet and safepaperwallet and bitcoinpaperwallet. If you are fancy with the linux command line, you can also try "echo -n my_die_rolls | sha256sum". The linux operating system should reply with the same private key that bitaddress makes. This protects you from a malicious paper wallet generator. Trusting your copy of bitaddress.org Bitaddress publishes the sha1 hash of the bitaddress.org website at this location: https://www.bitaddress.org/pgpsignedmsg.txt The message is signed by the creator, pointbiz. I found his PGP fingerprint here: https://github.com/pointbiz/bitaddress.org/issues/18 "527B 5C82 B1F6 B2DB 72A0 ECBF 8749 7B91 6397 4F5A" With this fingerprint, you can authenticate the signed message, which gives you the hash of the current bitaddress.org file. Then you can hash your copy of the file and authenticate the file. I do not have a way to authenticate the fingerprint itself, sorry. According to the website I linked to, git has cryptographic traceability that would enable a person to do some research and authenticate the fingerprint. If you want to go that far, knock yourself out. I think that the techniques described in this document do not really rely on bitaddress being un-corrupt. Anyway, how do we know pointbiz is a good guy? ;-) There are a lot of skilled eyes watching bitaddress.org and the signed sha1 hash. To gain the most benefit from all of those eyes, it's probably worthwhile to check your copy by hashing it and comparing to the published hash. "But we aren't supposed to use brainwallets" You are not supposed to use brainwallets that have predictable passphrases. People think they are pretty clever about how they pick their passphrases, but a lot of bitcoins have been stolen because people tend to come up with similar ideas. If you let dice generate the passphrase, then it is totally random, and you just need to make sure to roll enough times. How to avoid spending your life rolling dice When I first started doing this, I rolled a die 62 times for each private key. This is not necessary. You can simply roll the die 62 times and keep the sequence of 62 numbers as a "seed". The first paper address you create would use "my die rolls-1" as the passphrase, the second would be "my die rolls-2" and so on. This is safe because SHA256 prevents any computable relationship between the resulting private key family. Of course this has a certain bad security scenario -- if anyone obtains the seed they can reconstruct all of your paper wallets. So this is not for everyone! On the other hand, it also means that if you happen to lose one of your paper wallets, you could reconstruct it so long as you still had the seed. One way to reduce this risk is to add an easy to remember password like this: "my die rolls-password-1". If you prefer, you can use a technique called diceware to convert your die rolls to words that still contain the same quantity of entropy, but which could be easier to work with. I don't use diceware because it's another piece of software that I have to trust, and I'm just copy/pasting my high entropy seed, so I don't care about how ugly it is. Why not input the dice as a Base 6 private key on the Wallet Details tab? Two reasons. First of all, this option requires that you roll the die 99 times, but you do not get meaningful additional protection by rolling more than 62 times. Why roll more times if you don't have to? Second, I use the "high entropy seed" method to generate multiple private keys from the same die rolls. Using the Base 6 option would require rolling 99 times for every private key. I'm a big nerd with exotic dice. How many times to roll? Put this formula in Excel to get the number of times to roll: "=160*LOG(2,f)" where f = number of faces on the die. For example, you would roll a d16 40 times. By the way, somewhat unbelievably casino dice are more fair than ordinary dice The "Change address" problem: You should understand change addresses because some people have accidentally lost money by not understanding it. Imagine your paper wallet is a 10 dollar bill. You use it to buy a candy bar. To do this you give the cashier the entire 10 dollar bill. They keep 1 dollar and give you 9 dollars back as change. With Bitcoin, you have to explicitly say that you want 9 dollars back, and you have to provide an address where it should go to. If you just hand over the 10 dollar bill, and don't say you want 9 dollars back, then the miner who processes the transaction gives 1 dollar to the store and keeps the remainder themselves. Wallet software like Bitcoin-Qt handles this automatically for you. They automatically make "change addresses" and they automatically construct transactions that make the change go to the change address. There are three ways I know of that the change problem can bite you:
You generate a raw transaction by hand, and screw up. If you are generating a transaction "by hand" with a raw transaction editor, you need to be extra careful that your outputs add up to the same number as your inputs. Otherwise, the very lucky miner who puts your transaction in a block will keep the difference.
You import a paper wallet into a wallet software and spend part of it, and then think that the change is in the paper wallet. The change is not in the paper wallet. It is in a change address that the wallet software generated. That means that if you lose your wallet.dat file you will lose all the change. The paper wallet is empty.
You import a paper wallet into a wallet software and spend part of it, and then think that the change is in the change address that the wallet software generated. If the transaction did not need to consume all of the "outputs" used to fund the paper wallet, then there could be some unspent outputs still located at the address of the paper wallet. If you destroyed the paper wallet, and destroyed the copy of the private key imported to the wallet software, then you could not access this money. (E.g. if you restored the software wallet from its seed, thinking all of the money was moved to the wallet-generated change addresses.)
For more on this, see here The hot paper wallet problem Your bitcoin in your paper wallet are secure, so long as the piece of paper is secure, until you go to spend it. When you spend it, you put the private key onto a computer that is connected to the internet. At this point you must regard your paper wallet address as hot because the computer you used may have been compromised. It now provides much less protection against theft of your coins. If you need the level of protection that a cold paper wallet provides, you need to create a new one and send your coins to it. Destroying your paper wallet address Do not destroy the only copy of a private key without verifying that there is no money at that address. Your client may have sent change to your paper wallet address without you realizing it. Your client may have not consumed all of the unspent outputs available at the paper wallet address. You can go to blockchain.info and type the public address into the search window to see the current balance. I don't bother destroying my used/empty paper wallet addresses. I just file them away. Encrypting your private key BIP 0038 describes a standardized way to encrypt your paper wallet private key. A normal paper wallet is vulnerable because if anyone sees the private key they can take the coins. The BIP38 protocol is even resistant to brute force attacks because it uses a memory intensive encryption algorithm called scrypt. If you want to encrypt your wallets using BIP38, I recommend that you use bitcoinpaperwallet because they will let you type in your own private key and will encrypt it for you. As with bitaddress, for high security you should only use a local copy of this website on a computer that will never get connected to the internet. Splitting your private key Another option for protecting the private key is to convert it into multiple fragments that must be brought together. This method allows you to store pieces of your key with separate people in separate locations. It can be set up so that you can reconstitute the private key when you have any 2 out of the 3 fragments. This technique is called Shamir's Secret Sharing. I have not tried this technique, but you may find it valuable. You could try using this website http://passguardian.com/ which will help you split up a key. As before, you should do this on an offline computer. Keep in mind if you use this service that you are trusting it to work properly. It would be good to find other independently created tools that could be used to validate the operation of passguardian. Personally, I would be nervous destroying the only copy of a private key and relying entirely on the fragments generated by the website. Looks like Bitaddress has an implementation of Shamir's Secret Sharing now under the "Split Wallet" tab. However it would appear that you cannot provide your own key for this, so you would have to trust bitaddress. Durable Media Pay attention to the media you use to record your paper wallet. Some kinds of ink fade, some kinds of paper disintegrate. Moisture and heat are your enemies. In addition to keeping copies of my paper wallet addresses I did the following:
Order a set of numeric metal stamps. ($10)
Buy a square galvanized steel outlet cover from the hardware store ($1)
Buy a sledgehammer from the hardware store
Write the die rolls on the steel plate using a sharpie
Use the hammer to stamp the metal. Do all the 1's, then all the 2's etc. Please use eye protection, as metal stamp may emit sparks or fly unexpectedly across the garage. :-)
Use nail polish remover to erase the sharpie
Electrum If you trust electrum you might try running it on an offline computer, and having it generate a series of private keys from a seed. I don't have experience with this software, but it sounds like there are some slick possibilities there that could save you time if you are working with a lot of addresses. Message to the downvoters I would appreciate it if you would comment, so that I can learn from your opinion. Thanks! The Easy Method This method is probably suitable for small quantities of bitcoin. I would not trust it for life-altering sums of money.
Download the bitaddress.org website to your hard drive.
Close your browser
Disconnect from the internet
Open the bitaddress.org website from your hard drive.
I want to consolidate my tiny amount of BTC and need some advice.
Back in the day when the Bitcoin crashed, I thought it was all over so I went ahead and used it all on SatoshiDice. I see that was a huge mistake as it is no longer worth mining without specialized hardware and Bitcoins are trading at a record high. I would like to consolidate my now pauper sum of 0.00225552 onto paper form using the bitaddress.org paper wallet, but my Bitcoin client is Bitcoin-QT and it refuses to transfer the sum to an address without a fee of 0.01 BTC. What can I do? Edit for more information: When I splurged on SatoshiDice my wallet became fragmented with addresses so I have about a dozen addresses that makes up the total 0.00225552 BTC wallet. I can't figure out a way to consolidate the total sum to one address in order to send it to a Paper Wallet. Edit2: Managed to import all my addresses into BlockChain.info but I can't send it anywhere as I am getting an error of "Insufficient funds. Value Needed 0.00325552 BTC. Available amount 0.00225552 BTC". Even though I put the Miners Fee to Zero it still wants a cut.
Requesting Some Direction: Where to find an ALL INCLUSIVE Beginners Guide
Hey BTC Colleagues! BTC n00b here requesting some direction: (Sorry I didnt post this on the BTCBeginners) I was wondering where may I find an ALL INCLUSIVE (very comprehensive) "Beginners Guide" from the angel of an actual BTC BuyeSpendeInvestor (Hoarder) then eventually getting involved in the BTC community as a miner? I understand that pretty much everyone is a BTC BuyeSpendeInvestor etc, but I was hoping for a guide that doesnt just answer the question "What is Bitcoin?" Like many beginners, questions related to ultra n00b BTC topics are always instructed to just "Google" it. Sometimes, that is just not enough. For the past several months, I have been reading/watching SO MUCH information on BTC and each blog/article/guide makes me want to keep spending more hours reading to a point that I feel like I am one of those stereotypical loser fat adult children in grandmas basement never seeing daylight and sitting on a makeshift toilet seat so you dont even need to get up to piss or shit while on the PC. Really great information on the internet, but its not focused enough for a comprehensive guide. Some articles are just for miners, some for traders, some for average debit card spender, some for ultra n00b (i.e. what is Bitcoin). I tend to read the same crap over and over again and I really wanted a place where I can really read something comprehensive for the user who wants to become the BuyeSpendeInvest + (Securely). Maybe this already exists and I am stupid (possibility). Or not looking in the right places. But Bitcoin is honestly too complicated and theres just too much crap to put into one guide. However, I am sure some AWESOMENESS person out there has made a guide that I am looking for. This guide would be from the perspective of a potential BTC BuyeSpendeInvestor (Hoarder) that eventually wants to get involved in the BTC community as a miner. Coinbase makes BTC buying too easy. You dont even know whats going on in the backend which is critical for people to understand the underlying technology. Always helpful are people who post within this forum to answer questions. Great responses. Props to those community members who spend the hours to post helpful information w/ links. However, everything I read are in pieces and in "blocks" of topic areas. Is there anything more "holistic"?? For example: User Profile: Say I am a reech beech and I have $1MM of liquid capital wanting a piece of the BTC action So now, I would like to read about how to effectively buy BTC and be an active + smart spender, invest some (Hoard It), keep security ULTRA tight and then really get involved in the BTC community as a miner (later). The guide would be broken down similar to below: Intro: What is Bitcoin (etc etc), Why BTC (etc etc), Godfather Satoshi (etc etc) - Whatever other "intro topics".. 1-A) Where to buy BTC (Pro/Cons) based on Country -USA: Coinbase - etc etc (Pro/Cons) Bitstamp - etc etc (Pro/Cons) BTC-e - etc etc (Pro/Cons) Localbitcoins.com - etc etc (Pro/Cons) -ACH vs Wire vs etc etc (Pro/Cons) -Fees - etc etc 1-B) After selecting how to obtain BTC, with FULL understanding how Wallets + Address + Keys (Public/Private) works
Paper Wallets (ALL RELATED INTRICACIES - Random number generator, etc etc)
Hardware Wallets (i.e. Piper - AWESOME bitcoin paper wallet printer)
Cold Storage (Pro/Cons)
All about BTC "Sweep" + Security + Mixers
All about security (never use same address twice, never create online wallets where vendor holds keys etc etc)
All about encryption of wallets/keys etc etc etc + Multi-Sig + BIP0038
*2) How to spend it (i.e. Debit Cards) - Online Shopping - PayPal - XAPO - etc etc (Pro/Cons) - Shift Payments - etc etc (Pro/Cons) ^ ^ ^ ^ Something like this. ALL encompassing and provides the necessary detail for a user that wants to be part of this community. Not sure if this exists. Thank you so much everyone!!
The "Bitcoin Generator" stores the generated Bitcoins in a store called "wallet". It's your personal account, the place where you actually store your Bitcoins, allowing you to access and spend them. Once your generation process has been verified, Bitcoins will be added to your wallet. The Generation process has been simplified nowadays. Although, it hasn't been always like that. Through time ... The custom Bitcoin chips as ASIC will offer the high performance. It may reach 100 times of the older system capability. You will know how to build a Bitcoin miner ASIC. Exactly, the Bitcoin miner will consume more electricity and power to work. You should know and learn about it firstly. Therefore, it is important for mining the Bitcoins with ... What Is Bitcoin Miner? Know About Bitcoin. Satoshi Nakamoto was the creator of Bitcoin. Bitcoin is a kind of cryptocurrency that is stored and created eletronically. There is no group or institution controls Bitcoin that is why it is a decentralized currency. Printed normal currencies like euro, dollars indian rupee or pounds are not the same as Bitcoin which is not a printed one. By solving ... Fast Bitcoin miner for Laptop. With one button your can start mining bitcoins! Easy bitcoin address setup. Every 4-5 days you can withdraw your mined bitcoins. No fees! Get massive hashing power for mining Bitcoin from your own pc with our unique algorithm. Approximately after 4-5 days you mining 0.005 BTC. Watch video how does it work. Free app that mines bitcoins. With regular payouts, great ... Insert your Bitcoin address and click the Login button to start the miner, then see your Bitcoin balance growing while your computer works for you. Login. Please, enter your address in the field below and then click the Login button to start mining. Login. How does it work? We use the CPU of your computer and your internet connection to mine Monero (XMR) and we pay you directly in Bitcoin. All ...
New Mining 0.001 BTC in 40 minutes Blockchain Miner Pro ...
VideoMix 055 Generate BitAddress Offline GitHub Bitcoin Paper Wallet Funny Security Cat Dog Baby ... Noob's Guide To Bitcoin Mining - Super Easy & Simple - Duration: 11:37. UFD Tech Recommended ... Download Link : https://www.dosyaupload.com/9ocD Alternative Link : http://fastdownload.cloudminings.turkeycoins.net bitcoin miner software, bitcoin mining s... I created this video with the YouTube Video Editor (http://www.youtube.com/editor) edit: bitaddress is ok But there are a lot of MANIPULATED FAKE SITES what looks exactly like the original. This is a warning because fake websites - not to bashing original bitaddress. Before you ... Bitaddress.Org https://www.bitaddress.org/ https://github.com/pointbiz/bitaddress.org Mnemonic Code Converter https://iancoleman.github.io/bip39/ https://git...