Bitcoin Wiki - User contributions [en]

Talk:Paper Wallet (Single Key)

2015-02-28T17:34:56Z

Canton: /* Why rename Paper Wallets to "Paper ECDSA private keys"? */

== Running paper wallets off of live websites ==

Let's never recommend this to users. It is ALWAYS a bad idea to run HTML/JS off of a live website. It does not matter whether you disconnect from the Internet after loading up the HTML -- the code you have loaded may already have been tampered with. At the moment, virtually all HTML/JS based wallet generators allow downloading from github with easy checksumming, so let's always recommend downloading the ZIP file and running entirely offline after verifying signatures.

[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:51, 20 January 2014 (GMT)
::Nearly all, (and certainly all new,) web-based services which generate keys on behalf of the user should be removed. The fact they remain currently, simply indicates that no one person can make the entire bitcoin.it wiki completely internally consistent at all times. [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

== Self Promotion ==

As bitcoinpaperwallet.com guy, I admit to it! :) But I also think there should be some good guidelines considering the most recent edits to this page:

1) When listing services, let's alphabetize them, or put them in chronological order (oldest and most venerable to newest). Bitaddress.org shouldn't get pushed to the end of the list just because pointbiz doesn't actively monitor this page.

2) When discussing general topics (like entropy) it's inappropriate to link out to a particular websites. The only time you should link to an external website is from the references section, or when the link clearly indicates you're going to be sent to an external website.

[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:51, 20 January 2014 (GMT)
: No, #1 is a bad idea. It should remain random, except when the list itself is in alphabetical order, because otherwise scammers will just build their "service" with a bunch of AA's in the beginning and game it. #2 is a bad idea because this wiki is not meant to be exhaustive in terms of topics it covers; few if any actual cryptographers actively edit these pages. If there is a high-quality off-wiki link that explains the process, thing, or idea more succinctly or provides a superior explanation than what the editor can provide, then it should definitely be linked regardless of its location. [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

== Paper wallets a bad idea - why? ==

Recently the article was changed to add a 'why' tag to the idea that 'storing Bitcoin' on a paper wallet is a generally perceived to be a bad idea. I have to agree with that tag. I actually find the opposite when reading about the best way to store one's private keys. Perhaps it should be expanded instead to a Pros / Cons section? The 'Printer Security' section would then be merged into the Cons section. [[User:TheRealSteve|TheRealSteve]] ([[User talk:TheRealSteve|talk]]) 14:26, 10 February 2015 (UTC)
:I don't know why this is so discouraged either. If anything, I think this page should be shortened and merged into the [[paper wallet]] page under a new section to prevent confusion. New users may not know what an ECDSA private key is, even if they have theirs on paper. [[User:Taras|Taras]] ([[User talk:Taras|talk]]) 14:31, 10 February 2015 (UTC)
::I added that tag, because I think it's poor form (in general) to say: "This is a bad thing to do" and not offer any explanation. People who have the knowlegde to say that, also should be able to explain it.

::Judging from the history the two were separated to differentiate between HD paper wallets (although I would call those "Paper backups" and Single key "paper wallets". One reason given is that a single key on a paper is not a wallet. I think it's debatable if a HD seed printed on paper makes that paper a wallet. For proper wallet functionality you'll need some way to sign and send a tx, so anything "paper" is not a proper wallet, IMHO. But of course nobody thinks of a wallet that can sign txs etc., if they say "paper wallet" to begin with.

::I support merging this with paper wallet and also a pro/con section. [[User:Newar|Newar]] ([[User talk:Newar|talk]]) 15:04, 10 February 2015 (UTC)

:::I support merging and having a pro/con section as well. I think this page should be renamed back to "Paper Wallet". It's fine to have a section on other forms of paper backups (e.g. HD mnemonic paper backups) but I don't like at all how HD mnemonic paper backups are now the default destination for "Paper Wallet" since this will certainly confuse anyone who has read about paper wallets in books, articles, forums, etc.
:::[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:05, 26 February 2015 (UTC)
:::: If your main problem is that people won't be able to find it as ECDSA Paper Backup then the more correct terminology should win and the less-correct terminology should have been made into a redirect. Also, people, for the love of Christ, sign your comments. [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

::I've replaced the "Paper wallets are generally considered a bad idea" with an actual explanation: "Storing bitcoins on paper wallets is not safe unless very strict security precautions are undertaken during their initial preparation. (See below.) Furthermore, paper wallets should not be reused for repeated deposits (as it reduces privacy) or for multiple withdrawals (as this may reduce the underlying cryptographic security at some point in the future.) Ideally, they should be used as "deposit once, sweep once" tools."
::[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 17:30, 28 February 2015 (UTC)

== Paper wallets vs cold storage ==

The term 'paper wallets' also seems to be used at times for objects made out of metal, plastic, etc. To avoid that mixup further, should the article instead be renamed 'Cold storage' or even 'Storage methods', listing the various methods (be that an offline computer which doesn't need more than 1 paragraph, or literal paper wallets, physical coins (e.g. Casascius), insert-your-method-here? [[User:TheRealSteve|TheRealSteve]] ([[User talk:TheRealSteve|talk]]) 14:29, 10 February 2015 (UTC)
:I think since "Paper wallet" is such an ubiquitous and well known term, it should have its own page. An overview over different "Cold storage methods" would then link to that page. Or make a category "Cold storage methods" and have a page for each, but most can be summarised in a single paragraph, so I'd lean to the overview solution. [[User:Newar|Newar]] ([[User talk:Newar|talk]]) 15:09, 10 February 2015 (UTC)
:: 'Cold Storage' is not sitting on paper. That is a term of art which specifies a very narrow subset of wallet storage and access and utilization which usually has nothing to do with paper.[[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

== Why rename Paper Wallets to "Paper ECDSA private keys"? ==

Why has "Paper Wallet" -- a well understood term in the bitcoin community -- been renamed to "Paper ECDSA private keys"?

It seems to me that if someone is searching for information about paper wallets, they should get information about those things everyone calls paper wallets.

While paper wallet may be a misnomer (they're not always made of paper, and they're not wallets in the truest sense) it's the commonly understood term for what you get when you carry around a ECDSA private key on a non-digital artifact (paper, wood, metal, etc.)

Renaming this page to "Paper ECDSA private keys" would be like going to wikipedia and renaming the entry for "Koala Bear" to "Koala Marsupial" since it's not truly a bear.

[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:01, 26 February 2015 (UTC)Canton
:I fully support reverting back to the term "Paper Wallet". I think the change to "Paper ECDSA private keys" is so ridiculously unsupported that it should be considered vandalism.
:[[User:Chinawat|Chinawat]] ([[User talk:Chinawat|talk]]) 12:40, 27 February 2015 (UTC)
::Reverted Luke-Jr's moves. No consensus for such a change. [[User:Gladoscc|Gladoscc]] ([[User talk:Gladoscc|talk]]) 12:46, 27 February 2015 (UTC)
:::The correct move was to 1) Make 'Paper Wallets' a redirect to the more-specific and more-accurate term, and 2) not spam a six-section talk page with all mostly-related topics that share a common answer, 3) build consensus for an undo rather than unilaterally undoing one of the most prolific editors this Wiki has *without it.* [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)
::Luke-Jr reverted Gladoscc's reversion. I Re-reverted Luke-Jr's moves. Still no consensus for such a change. Renamed the page to Paper Wallet (Single Key) so that the terminology is more technically correct while not obfuscating it so much that someone (for example) reading the "Mastering Bitcoin" book will still be able to figure out what the section called "Paper Wallets" in Chapter 4 is about. Or so that someone who is using blockchain.info, or Mycelium, etc. will be able to research what "Import Paper Wallet" is talking about. I added a link to HD backups as an alternative.
::[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 17:34, 28 February 2015 (UTC)

== Is there a good reason to omit bitcoinpaperwallet.com from this page? ==

LukeJr has repeatedly removed the link to [[BitcoinPaperWallet]] with the explanation "BitcoinPaperWallet was removed because it is a website for generating private keys".

By that logic, every single service for generating paper wallets (e.g. bitaddress.org) should be removed.

I'm not clear as to what the intent here is, and I'm not eager to get into a revision battle. Can someone explain why BitcoinPaperWallet shouldn't be linked?

[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:12, 26 February 2015 (UTC)Canton

:It makes sense to remove bitaddress from pages discussing wallets because is not within the scope of the article, just as BitcoinPaperWallet isn't within the scope of this article because this is an article about generating paper wallets.
--[[User:Lapp0|Lapp0]] ([[User talk:Lapp0|talk]])
:: It is correct to remove nearly all (and certainly all new) web-based address-creation websites from this wiki. The fact that it hasn't been done yet does not prove that they are appropriate to remain here; instead, it merely describes the simple state of editors that no one editor has the full-time necessary to keep the entire Wiki internally self-consistent. I'm pretty sure that ripping out all commercial content now that Bitcoin no longer needs the PR assistance to propagate knowledge of Bitcoin to the world, might be the best course of action based on the sheer, titanic number of scammers who have listed their sites in this wiki. (Edit to change 'inclination' to 'full-time necessary' since most admins I'm aware of agree that web-based wallets in general are a bad idea.) [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

Talk:Paper Wallet (Single Key)

2015-02-28T17:31:17Z

Canton: /* Paper wallets a bad idea - why? */

== Running paper wallets off of live websites ==

Let's never recommend this to users. It is ALWAYS a bad idea to run HTML/JS off of a live website. It does not matter whether you disconnect from the Internet after loading up the HTML -- the code you have loaded may already have been tampered with. At the moment, virtually all HTML/JS based wallet generators allow downloading from github with easy checksumming, so let's always recommend downloading the ZIP file and running entirely offline after verifying signatures.

[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:51, 20 January 2014 (GMT)
::Nearly all, (and certainly all new,) web-based services which generate keys on behalf of the user should be removed. The fact they remain currently, simply indicates that no one person can make the entire bitcoin.it wiki completely internally consistent at all times. [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

== Self Promotion ==

As bitcoinpaperwallet.com guy, I admit to it! :) But I also think there should be some good guidelines considering the most recent edits to this page:

1) When listing services, let's alphabetize them, or put them in chronological order (oldest and most venerable to newest). Bitaddress.org shouldn't get pushed to the end of the list just because pointbiz doesn't actively monitor this page.

2) When discussing general topics (like entropy) it's inappropriate to link out to a particular websites. The only time you should link to an external website is from the references section, or when the link clearly indicates you're going to be sent to an external website.

[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:51, 20 January 2014 (GMT)
: No, #1 is a bad idea. It should remain random, except when the list itself is in alphabetical order, because otherwise scammers will just build their "service" with a bunch of AA's in the beginning and game it. #2 is a bad idea because this wiki is not meant to be exhaustive in terms of topics it covers; few if any actual cryptographers actively edit these pages. If there is a high-quality off-wiki link that explains the process, thing, or idea more succinctly or provides a superior explanation than what the editor can provide, then it should definitely be linked regardless of its location. [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

== Paper wallets a bad idea - why? ==

Recently the article was changed to add a 'why' tag to the idea that 'storing Bitcoin' on a paper wallet is a generally perceived to be a bad idea. I have to agree with that tag. I actually find the opposite when reading about the best way to store one's private keys. Perhaps it should be expanded instead to a Pros / Cons section? The 'Printer Security' section would then be merged into the Cons section. [[User:TheRealSteve|TheRealSteve]] ([[User talk:TheRealSteve|talk]]) 14:26, 10 February 2015 (UTC)
:I don't know why this is so discouraged either. If anything, I think this page should be shortened and merged into the [[paper wallet]] page under a new section to prevent confusion. New users may not know what an ECDSA private key is, even if they have theirs on paper. [[User:Taras|Taras]] ([[User talk:Taras|talk]]) 14:31, 10 February 2015 (UTC)
::I added that tag, because I think it's poor form (in general) to say: "This is a bad thing to do" and not offer any explanation. People who have the knowlegde to say that, also should be able to explain it.

::Judging from the history the two were separated to differentiate between HD paper wallets (although I would call those "Paper backups" and Single key "paper wallets". One reason given is that a single key on a paper is not a wallet. I think it's debatable if a HD seed printed on paper makes that paper a wallet. For proper wallet functionality you'll need some way to sign and send a tx, so anything "paper" is not a proper wallet, IMHO. But of course nobody thinks of a wallet that can sign txs etc., if they say "paper wallet" to begin with.

::I support merging this with paper wallet and also a pro/con section. [[User:Newar|Newar]] ([[User talk:Newar|talk]]) 15:04, 10 February 2015 (UTC)

:::I support merging and having a pro/con section as well. I think this page should be renamed back to "Paper Wallet". It's fine to have a section on other forms of paper backups (e.g. HD mnemonic paper backups) but I don't like at all how HD mnemonic paper backups are now the default destination for "Paper Wallet" since this will certainly confuse anyone who has read about paper wallets in books, articles, forums, etc.
:::[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:05, 26 February 2015 (UTC)
:::: If your main problem is that people won't be able to find it as ECDSA Paper Backup then the more correct terminology should win and the less-correct terminology should have been made into a redirect. Also, people, for the love of Christ, sign your comments. [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

::I've replaced the "Paper wallets are generally considered a bad idea" with an actual explanation: "Storing bitcoins on paper wallets is not safe unless very strict security precautions are undertaken during their initial preparation. (See below.) Furthermore, paper wallets should not be reused for repeated deposits (as it reduces privacy) or for multiple withdrawals (as this may reduce the underlying cryptographic security at some point in the future.) Ideally, they should be used as "deposit once, sweep once" tools."
::[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 17:30, 28 February 2015 (UTC)

== Paper wallets vs cold storage ==

The term 'paper wallets' also seems to be used at times for objects made out of metal, plastic, etc. To avoid that mixup further, should the article instead be renamed 'Cold storage' or even 'Storage methods', listing the various methods (be that an offline computer which doesn't need more than 1 paragraph, or literal paper wallets, physical coins (e.g. Casascius), insert-your-method-here? [[User:TheRealSteve|TheRealSteve]] ([[User talk:TheRealSteve|talk]]) 14:29, 10 February 2015 (UTC)
:I think since "Paper wallet" is such an ubiquitous and well known term, it should have its own page. An overview over different "Cold storage methods" would then link to that page. Or make a category "Cold storage methods" and have a page for each, but most can be summarised in a single paragraph, so I'd lean to the overview solution. [[User:Newar|Newar]] ([[User talk:Newar|talk]]) 15:09, 10 February 2015 (UTC)
:: 'Cold Storage' is not sitting on paper. That is a term of art which specifies a very narrow subset of wallet storage and access and utilization which usually has nothing to do with paper.[[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

== Why rename Paper Wallets to "Paper ECDSA private keys"? ==

Why has "Paper Wallet" -- a well understood term in the bitcoin community -- been renamed to "Paper ECDSA private keys"?

It seems to me that if someone is searching for information about paper wallets, they should get information about those things everyone calls paper wallets.

While paper wallet may be a misnomer (they're not always made of paper, and they're not wallets in the truest sense) it's the commonly understood term for what you get when you carry around a ECDSA private key on a non-digital artifact (paper, wood, metal, etc.)

Renaming this page to "Paper ECDSA private keys" would be like going to wikipedia and renaming the entry for "Koala Bear" to "Koala Marsupial" since it's not truly a bear.

[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:01, 26 February 2015 (UTC)Canton
:I fully support reverting back to the term "Paper Wallet". I think the change to "Paper ECDSA private keys" is so ridiculously unsupported that it should be considered vandalism.
:[[User:Chinawat|Chinawat]] ([[User talk:Chinawat|talk]]) 12:40, 27 February 2015 (UTC)
::Reverted Luke-Jr's moves. No consensus for such a change. [[User:Gladoscc|Gladoscc]] ([[User talk:Gladoscc|talk]]) 12:46, 27 February 2015 (UTC)
:::The correct move was to 1) Make 'Paper Wallets' a redirect to the more-specific and more-accurate term, and 2) not spam a six-section talk page with all mostly-related topics that share a common answer, 3) build consensus for an undo rather than unilaterally undoing one of the most prolific editors this Wiki has *without it.* [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

== Is there a good reason to omit bitcoinpaperwallet.com from this page? ==

LukeJr has repeatedly removed the link to [[BitcoinPaperWallet]] with the explanation "BitcoinPaperWallet was removed because it is a website for generating private keys".

By that logic, every single service for generating paper wallets (e.g. bitaddress.org) should be removed.

I'm not clear as to what the intent here is, and I'm not eager to get into a revision battle. Can someone explain why BitcoinPaperWallet shouldn't be linked?

[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:12, 26 February 2015 (UTC)Canton

:It makes sense to remove bitaddress from pages discussing wallets because is not within the scope of the article, just as BitcoinPaperWallet isn't within the scope of this article because this is an article about generating paper wallets.
--[[User:Lapp0|Lapp0]] ([[User talk:Lapp0|talk]])
:: It is correct to remove nearly all (and certainly all new) web-based address-creation websites from this wiki. The fact that it hasn't been done yet does not prove that they are appropriate to remain here; instead, it merely describes the simple state of editors that no one editor has the full-time necessary to keep the entire Wiki internally self-consistent. I'm pretty sure that ripping out all commercial content now that Bitcoin no longer needs the PR assistance to propagate knowledge of Bitcoin to the world, might be the best course of action based on the sheer, titanic number of scammers who have listed their sites in this wiki. (Edit to change 'inclination' to 'full-time necessary' since most admins I'm aware of agree that web-based wallets in general are a bad idea.) [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

Talk:Paper Wallet (Single Key)

2015-02-28T17:30:54Z

Canton: /* Paper wallets a bad idea - why? */

== Running paper wallets off of live websites ==

Let's never recommend this to users. It is ALWAYS a bad idea to run HTML/JS off of a live website. It does not matter whether you disconnect from the Internet after loading up the HTML -- the code you have loaded may already have been tampered with. At the moment, virtually all HTML/JS based wallet generators allow downloading from github with easy checksumming, so let's always recommend downloading the ZIP file and running entirely offline after verifying signatures.

[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:51, 20 January 2014 (GMT)
::Nearly all, (and certainly all new,) web-based services which generate keys on behalf of the user should be removed. The fact they remain currently, simply indicates that no one person can make the entire bitcoin.it wiki completely internally consistent at all times. [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

== Self Promotion ==

As bitcoinpaperwallet.com guy, I admit to it! :) But I also think there should be some good guidelines considering the most recent edits to this page:

1) When listing services, let's alphabetize them, or put them in chronological order (oldest and most venerable to newest). Bitaddress.org shouldn't get pushed to the end of the list just because pointbiz doesn't actively monitor this page.

2) When discussing general topics (like entropy) it's inappropriate to link out to a particular websites. The only time you should link to an external website is from the references section, or when the link clearly indicates you're going to be sent to an external website.

[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:51, 20 January 2014 (GMT)
: No, #1 is a bad idea. It should remain random, except when the list itself is in alphabetical order, because otherwise scammers will just build their "service" with a bunch of AA's in the beginning and game it. #2 is a bad idea because this wiki is not meant to be exhaustive in terms of topics it covers; few if any actual cryptographers actively edit these pages. If there is a high-quality off-wiki link that explains the process, thing, or idea more succinctly or provides a superior explanation than what the editor can provide, then it should definitely be linked regardless of its location. [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

== Paper wallets a bad idea - why? ==

Recently the article was changed to add a 'why' tag to the idea that 'storing Bitcoin' on a paper wallet is a generally perceived to be a bad idea. I have to agree with that tag. I actually find the opposite when reading about the best way to store one's private keys. Perhaps it should be expanded instead to a Pros / Cons section? The 'Printer Security' section would then be merged into the Cons section. [[User:TheRealSteve|TheRealSteve]] ([[User talk:TheRealSteve|talk]]) 14:26, 10 February 2015 (UTC)
:I don't know why this is so discouraged either. If anything, I think this page should be shortened and merged into the [[paper wallet]] page under a new section to prevent confusion. New users may not know what an ECDSA private key is, even if they have theirs on paper. [[User:Taras|Taras]] ([[User talk:Taras|talk]]) 14:31, 10 February 2015 (UTC)
::I added that tag, because I think it's poor form (in general) to say: "This is a bad thing to do" and not offer any explanation. People who have the knowlegde to say that, also should be able to explain it.

::Judging from the history the two were separated to differentiate between HD paper wallets (although I would call those "Paper backups" and Single key "paper wallets". One reason given is that a single key on a paper is not a wallet. I think it's debatable if a HD seed printed on paper makes that paper a wallet. For proper wallet functionality you'll need some way to sign and send a tx, so anything "paper" is not a proper wallet, IMHO. But of course nobody thinks of a wallet that can sign txs etc., if they say "paper wallet" to begin with.

::I support merging this with paper wallet and also a pro/con section. [[User:Newar|Newar]] ([[User talk:Newar|talk]]) 15:04, 10 February 2015 (UTC)

:::I support merging and having a pro/con section as well. I think this page should be renamed back to "Paper Wallet". It's fine to have a section on other forms of paper backups (e.g. HD mnemonic paper backups) but I don't like at all how HD mnemonic paper backups are now the default destination for "Paper Wallet" since this will certainly confuse anyone who has read about paper wallets in books, articles, forums, etc.
:::[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:05, 26 February 2015 (UTC)Canton
:::: If your main problem is that people won't be able to find it as ECDSA Paper Backup then the more correct terminology should win and the less-correct terminology should have been made into a redirect. Also, people, for the love of Christ, sign your comments. [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

::I've replaced the "Paper wallets are generally considered a bad idea" with an actual explanation: "Storing bitcoins on paper wallets is not safe unless very strict security precautions are undertaken during their initial preparation. (See below.) Furthermore, paper wallets should not be reused for repeated deposits (as it reduces privacy) or for multiple withdrawals (as this may reduce the underlying cryptographic security at some point in the future.) Ideally, they should be used as "deposit once, sweep once" tools."
::[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 17:30, 28 February 2015 (UTC)Canton

== Paper wallets vs cold storage ==

The term 'paper wallets' also seems to be used at times for objects made out of metal, plastic, etc. To avoid that mixup further, should the article instead be renamed 'Cold storage' or even 'Storage methods', listing the various methods (be that an offline computer which doesn't need more than 1 paragraph, or literal paper wallets, physical coins (e.g. Casascius), insert-your-method-here? [[User:TheRealSteve|TheRealSteve]] ([[User talk:TheRealSteve|talk]]) 14:29, 10 February 2015 (UTC)
:I think since "Paper wallet" is such an ubiquitous and well known term, it should have its own page. An overview over different "Cold storage methods" would then link to that page. Or make a category "Cold storage methods" and have a page for each, but most can be summarised in a single paragraph, so I'd lean to the overview solution. [[User:Newar|Newar]] ([[User talk:Newar|talk]]) 15:09, 10 February 2015 (UTC)
:: 'Cold Storage' is not sitting on paper. That is a term of art which specifies a very narrow subset of wallet storage and access and utilization which usually has nothing to do with paper.[[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

== Why rename Paper Wallets to "Paper ECDSA private keys"? ==

Why has "Paper Wallet" -- a well understood term in the bitcoin community -- been renamed to "Paper ECDSA private keys"?

It seems to me that if someone is searching for information about paper wallets, they should get information about those things everyone calls paper wallets.

While paper wallet may be a misnomer (they're not always made of paper, and they're not wallets in the truest sense) it's the commonly understood term for what you get when you carry around a ECDSA private key on a non-digital artifact (paper, wood, metal, etc.)

Renaming this page to "Paper ECDSA private keys" would be like going to wikipedia and renaming the entry for "Koala Bear" to "Koala Marsupial" since it's not truly a bear.

[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:01, 26 February 2015 (UTC)Canton
:I fully support reverting back to the term "Paper Wallet". I think the change to "Paper ECDSA private keys" is so ridiculously unsupported that it should be considered vandalism.
:[[User:Chinawat|Chinawat]] ([[User talk:Chinawat|talk]]) 12:40, 27 February 2015 (UTC)
::Reverted Luke-Jr's moves. No consensus for such a change. [[User:Gladoscc|Gladoscc]] ([[User talk:Gladoscc|talk]]) 12:46, 27 February 2015 (UTC)
:::The correct move was to 1) Make 'Paper Wallets' a redirect to the more-specific and more-accurate term, and 2) not spam a six-section talk page with all mostly-related topics that share a common answer, 3) build consensus for an undo rather than unilaterally undoing one of the most prolific editors this Wiki has *without it.* [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

== Is there a good reason to omit bitcoinpaperwallet.com from this page? ==

LukeJr has repeatedly removed the link to [[BitcoinPaperWallet]] with the explanation "BitcoinPaperWallet was removed because it is a website for generating private keys".

By that logic, every single service for generating paper wallets (e.g. bitaddress.org) should be removed.

I'm not clear as to what the intent here is, and I'm not eager to get into a revision battle. Can someone explain why BitcoinPaperWallet shouldn't be linked?

[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:12, 26 February 2015 (UTC)Canton

:It makes sense to remove bitaddress from pages discussing wallets because is not within the scope of the article, just as BitcoinPaperWallet isn't within the scope of this article because this is an article about generating paper wallets.
--[[User:Lapp0|Lapp0]] ([[User talk:Lapp0|talk]])
:: It is correct to remove nearly all (and certainly all new) web-based address-creation websites from this wiki. The fact that it hasn't been done yet does not prove that they are appropriate to remain here; instead, it merely describes the simple state of editors that no one editor has the full-time necessary to keep the entire Wiki internally self-consistent. I'm pretty sure that ripping out all commercial content now that Bitcoin no longer needs the PR assistance to propagate knowledge of Bitcoin to the world, might be the best course of action based on the sheer, titanic number of scammers who have listed their sites in this wiki. (Edit to change 'inclination' to 'full-time necessary' since most admins I'm aware of agree that web-based wallets in general are a bad idea.) [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

Paper wallet

2015-02-28T17:26:36Z

Canton: Expanded on why paper wallets are not a good idea, why they're not truly "wallets". Linked to HD backups as an alternative. Used term "paper wallet" throughout text since this is the consensus term.

[[File:FirstBitcoinBills.jpg|thumb|right|200px|Casascius holding early paper wallets]]

A paper wallet is a mechanism for storing bitcoins offline as a physical document that can be secured like cash or anything else of real-world value. It is only a wallet in the sense that it can store value. However, since a paper wallet only makes use of a single key and address pair, it should not be confused with a true hardware or software bitcoin wallet, which can facilitate the full spectrum of bitcoin transactions and multiple addresses.

In some cases, it may be preferable to produce [[Hierarchical Deterministic Wallet Backups]], which can also be printed on paper and physically secured.

Paper wallets are generally created by printing a brand new private key onto paper, usually along with a bitcoin [[address]] derived from the key, and then sending bitcoins from a wallet to that address for safekeeping.

Storing bitcoins on paper wallets is not safe unless very strict security precautions are undertaken during their initial preparation. (See below.) Furthermore, paper wallets should not be reused for repeated deposits (as it reduces privacy) or for multiple withdrawals (as this may reduce the underlying cryptographic security at some point in the future.) Ideally, they should be used as "deposit once, sweep once" tools.

__TOC__

==Use cases==

===Tips and gifts===

By creating a keypair, one can store bitcoins on a physical medium to be left as a tip or a gift.
The recipient then sweeps the private key to their own wallet.

===Physical tokens===

A trusted provider can hide the private key inside a tamper-resistant token, and issue them as a form of bitcoins.
This requires those who accept it as payment to trust that when the provider produced the tokens, they loaded them with the correct amount of bitcoins, and that they have not been tampered with since then.
To redeem the bitcoin value, the token must be destroyed to access the private key.
Often a bitcoin address is embedded on the outside visible, but there is no guarantee (without destroying the token) that this matches the private key inside, or, even if it does, that the private key is not replicated on multiple tokens or saved by the producer.

===As a wallet===

Sometimes people try to use paper wallets as a true bitcoin wallet.
However, a single paper wallet can only represent one bitcoin [[address]].
Because of this, one is forced to choose between hazardous options:
* '''Use the key only once to receive, and only once to send the full amount.''' This requires the user to know the full amount he wants to store in advance, and often leads to the next situation:
* '''Create multiple keys.''' By using more than one key, the user can receive more than once using a different address each time, including using new addresses for change. This is very complicated, and makes it easy to accidentally reuse addresses, produce the wrong change/fee combination, lose some keys, spend hours searching for the right key, etc. Not even skilled bitcoin experts are comfortable managing their own keys manually like this.
* '''Reuse the address.''' This has severe privacy and security implications. For more information, see the article on [[address reuse]].

Since there is no safe way to use these for a wallet, it is generally considered inadvisable.

==Key encoding/formatting==

[[File:BitcoinPaperWallet-sample.jpg|thumb|right|300px|Paper keypair with private key secured beneath folds]]
[[File:PaperWallets-offlineaddress-com.png|200px|thumb|right|Paper keypair]]
A paper wallet can be represented in several formats, but typically the Wallet Import Format (WIF) is used, since keys represented that way are very short (51 characters) and thus easy to re-enter when importing or "sweeping" it for withdrawal.

==Creation of a paper wallet==

===Generation of secure keys===

Care must be taken to securely generate keys since an attacker can steal stored bitcoins if it is exposed, transmitted, or generated with insufficient entropy.

Several tools exist for producing paper wallets, including [[Bitcoin Address Utility]], [[BitcoinPaperWallet]], [[vanitygen]], and [[Cwallet]].

===Web-based key generators===

Some websites feature free open-source client-side keypair generators written in JavaScript.
Keypairs generated by JavaScript or using websites are generally considered inherently weak and insecure, and unless the code of the website is audited every time it is used, it may leak the keys to the server.
Even with careful code auditing, browser plugins or other websites may compromise the environment.

===Recommendations===
* Keys should be produced on a computer not connected to the Internet.
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your key. Also consider that antivirus software cannot completely rule out the possibility of malware. However, booting from a [https://en.wikipedia.org/wiki/Live_CD live disc] prevents most malware from running.
* The private keys should never be saved to a computer hard drive or sent via email or other network connections. You should also never scan/type your key into your computer, except at the moment you are redeeming it.
* If possible, the private key should be kept hidden, for example by using BIP38 encryption, and/or by folding the paper to hide the private key so that a photograph or photocopy of it will not reveal or replicate the private key.
* A web-based generator should not be used.
* A generator should use an appropriate source of random numbers (entropy). This means that the generated keys aren't predictable. If the addresses come from a predictable or partially-predictable patterns like pseudorandom numbers <ref>[https://en.wikipedia.org/wiki/Pseudorandomness#Cryptography Pseudorandomness] '' is not enough for strong cryptography''</ref>, someone else who can predict the pattern can steal the balance. Randomness should NEVER be human generated, as the human brain is incapable of secure entropy.
* Remember that unlike wallets, a single paper wallet is only good to receive a single payment, and must be redeemed in its entirety.

===Printer Security===

Some advanced printers have internal storage (even hard drives) that preserve copies of printouts. This is a risk if someone gets access to your printer, or if you dispose of your printer. There is also the possibility that a smart enough printer can be hacked. (Consider [http://en.wikipedia.org/wiki/Stuxnet StuxNet] which was able to rewrite the firmware of non-computer devices indirectly connected to the Internet) If this concerns you, use a "dumb" printer, and never let your printer have access to the Internet or to an Internet-connected computer.

==Redeeming Keys and Withdrawing Funds==

Paper wallets are very different from wallets such as Bitcoin Core in that it is not possible to transfer (withdraw) a ''portion'' of a key's bitcoins.
The only way to withdraw funds is to import or "sweep" the ''entire'' received amount to a new address, typically a wallet or online exchange.
Once the transfer has been confirmed, ''the key should not be reused''.<ref>[http://www.reddit.com/r/Bitcoin/comments/1c9xr7/psa_using_paper_wallets_understanding_change/ reddit.com] ''Using Paper Wallets and Understanding Change''</ref>

There are various methods for copying the private key data to other wallets.
* bitcoind supports an "importprivkey" RPC method for this purpose.
* Bitcoin-Qt's debug console can also be used in a similar way (see also [[How to import private keys in Bitcoin Core 0.7+]]).
* [[BlockChain.info]] and [[Armory]] can also import them directly into wallets.

Note that importing a private key that may be compromised can result in the entire wallet becoming insecure.
For this reason, sweeping is generally recommended over importing.

==References==
<references />

==See Also==

* [[Paper wallet]]

* [[Private key]]

* [[Securing_your_wallet#Paper_Wallets]]

* [[How to import private keys]]

* [https://blockchain.info/wallet/paper-tutorial Blockchain.info tutorial] on how to generate a paper wallet.

* [[Casascius physical bitcoins]]

[[Category:Security]]

[[es:Monedero de papel]]

Talk:Paper ECDSA private key

2015-02-28T17:07:39Z

Canton: Canton moved page Talk:Paper ECDSA private key to Talk:Paper Wallet (Single Key): Renamed to what consensus agrees is a paper wallet, e.g. in chapter 4 of "Mastering Bitcoin" published by O'Reilly

#REDIRECT [[Talk:Paper Wallet (Single Key)]]

Talk:Paper Wallet (Single Key)

2015-02-28T17:07:39Z

== Running paper wallets off of live websites ==

Let's never recommend this to users. It is ALWAYS a bad idea to run HTML/JS off of a live website. It does not matter whether you disconnect from the Internet after loading up the HTML -- the code you have loaded may already have been tampered with. At the moment, virtually all HTML/JS based wallet generators allow downloading from github with easy checksumming, so let's always recommend downloading the ZIP file and running entirely offline after verifying signatures.

[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:51, 20 January 2014 (GMT)
::Nearly all, (and certainly all new,) web-based services which generate keys on behalf of the user should be removed. The fact they remain currently, simply indicates that no one person can make the entire bitcoin.it wiki completely internally consistent at all times. [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

== Self Promotion ==

As bitcoinpaperwallet.com guy, I admit to it! :) But I also think there should be some good guidelines considering the most recent edits to this page:

1) When listing services, let's alphabetize them, or put them in chronological order (oldest and most venerable to newest). Bitaddress.org shouldn't get pushed to the end of the list just because pointbiz doesn't actively monitor this page.

2) When discussing general topics (like entropy) it's inappropriate to link out to a particular websites. The only time you should link to an external website is from the references section, or when the link clearly indicates you're going to be sent to an external website.

[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:51, 20 January 2014 (GMT)
: No, #1 is a bad idea. It should remain random, except when the list itself is in alphabetical order, because otherwise scammers will just build their "service" with a bunch of AA's in the beginning and game it. #2 is a bad idea because this wiki is not meant to be exhaustive in terms of topics it covers; few if any actual cryptographers actively edit these pages. If there is a high-quality off-wiki link that explains the process, thing, or idea more succinctly or provides a superior explanation than what the editor can provide, then it should definitely be linked regardless of its location. [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

== Paper wallets a bad idea - why? ==

Recently the article was changed to add a 'why' tag to the idea that 'storing Bitcoin' on a paper wallet is a generally perceived to be a bad idea. I have to agree with that tag. I actually find the opposite when reading about the best way to store one's private keys. Perhaps it should be expanded instead to a Pros / Cons section? The 'Printer Security' section would then be merged into the Cons section. [[User:TheRealSteve|TheRealSteve]] ([[User talk:TheRealSteve|talk]]) 14:26, 10 February 2015 (UTC)
:I don't know why this is so discouraged either. If anything, I think this page should be shortened and merged into the [[paper wallet]] page under a new section to prevent confusion. New users may not know what an ECDSA private key is, even if they have theirs on paper. [[User:Taras|Taras]] ([[User talk:Taras|talk]]) 14:31, 10 February 2015 (UTC)
::I added that tag, because I think it's poor form (in general) to say: "This is a bad thing to do" and not offer any explanation. People who have the knowlegde to say that, also should be able to explain it.

::Judging from the history the two were separated to differentiate between HD paper wallets (although I would call those "Paper backups" and Single key "paper wallets". One reason given is that a single key on a paper is not a wallet. I think it's debatable if a HD seed printed on paper makes that paper a wallet. For proper wallet functionality you'll need some way to sign and send a tx, so anything "paper" is not a proper wallet, IMHO. But of course nobody thinks of a wallet that can sign txs etc., if they say "paper wallet" to begin with.

::I support merging this with paper wallet and also a pro/con section. [[User:Newar|Newar]] ([[User talk:Newar|talk]]) 15:04, 10 February 2015 (UTC)

:::I support merging and having a pro/con section as well. I think this page should be renamed back to "Paper Wallet". It's fine to have a section on other forms of paper backups (e.g. HD mnemonic paper backups) but I don't like at all how HD mnemonic paper backups are now the default destination for "Paper Wallet" since this will certainly confuse anyone who has read about paper wallets in books, articles, forums, etc.
:::[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:05, 26 February 2015 (UTC)Canton
:::: If your main problem is that people won't be able to find it as ECDSA Paper Backup then the more correct terminology should win and the less-correct terminology should have been made into a redirect. Also, people, for the love of Christ, sign your comments. [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)
== Paper wallets vs cold storage ==

The term 'paper wallets' also seems to be used at times for objects made out of metal, plastic, etc. To avoid that mixup further, should the article instead be renamed 'Cold storage' or even 'Storage methods', listing the various methods (be that an offline computer which doesn't need more than 1 paragraph, or literal paper wallets, physical coins (e.g. Casascius), insert-your-method-here? [[User:TheRealSteve|TheRealSteve]] ([[User talk:TheRealSteve|talk]]) 14:29, 10 February 2015 (UTC)
:I think since "Paper wallet" is such an ubiquitous and well known term, it should have its own page. An overview over different "Cold storage methods" would then link to that page. Or make a category "Cold storage methods" and have a page for each, but most can be summarised in a single paragraph, so I'd lean to the overview solution. [[User:Newar|Newar]] ([[User talk:Newar|talk]]) 15:09, 10 February 2015 (UTC)
:: 'Cold Storage' is not sitting on paper. That is a term of art which specifies a very narrow subset of wallet storage and access and utilization which usually has nothing to do with paper.[[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

== Why rename Paper Wallets to "Paper ECDSA private keys"? ==

Why has "Paper Wallet" -- a well understood term in the bitcoin community -- been renamed to "Paper ECDSA private keys"?

It seems to me that if someone is searching for information about paper wallets, they should get information about those things everyone calls paper wallets.

While paper wallet may be a misnomer (they're not always made of paper, and they're not wallets in the truest sense) it's the commonly understood term for what you get when you carry around a ECDSA private key on a non-digital artifact (paper, wood, metal, etc.)

Renaming this page to "Paper ECDSA private keys" would be like going to wikipedia and renaming the entry for "Koala Bear" to "Koala Marsupial" since it's not truly a bear.

[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:01, 26 February 2015 (UTC)Canton
:I fully support reverting back to the term "Paper Wallet". I think the change to "Paper ECDSA private keys" is so ridiculously unsupported that it should be considered vandalism.
:[[User:Chinawat|Chinawat]] ([[User talk:Chinawat|talk]]) 12:40, 27 February 2015 (UTC)
::Reverted Luke-Jr's moves. No consensus for such a change. [[User:Gladoscc|Gladoscc]] ([[User talk:Gladoscc|talk]]) 12:46, 27 February 2015 (UTC)
:::The correct move was to 1) Make 'Paper Wallets' a redirect to the more-specific and more-accurate term, and 2) not spam a six-section talk page with all mostly-related topics that share a common answer, 3) build consensus for an undo rather than unilaterally undoing one of the most prolific editors this Wiki has *without it.* [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

== Is there a good reason to omit bitcoinpaperwallet.com from this page? ==

LukeJr has repeatedly removed the link to [[BitcoinPaperWallet]] with the explanation "BitcoinPaperWallet was removed because it is a website for generating private keys".

By that logic, every single service for generating paper wallets (e.g. bitaddress.org) should be removed.

I'm not clear as to what the intent here is, and I'm not eager to get into a revision battle. Can someone explain why BitcoinPaperWallet shouldn't be linked?

[[User:Canton|Canton]] ([[User talk:Canton|talk]]) 22:12, 26 February 2015 (UTC)Canton

:It makes sense to remove bitaddress from pages discussing wallets because is not within the scope of the article, just as BitcoinPaperWallet isn't within the scope of this article because this is an article about generating paper wallets.
--[[User:Lapp0|Lapp0]] ([[User talk:Lapp0|talk]])
:: It is correct to remove nearly all (and certainly all new) web-based address-creation websites from this wiki. The fact that it hasn't been done yet does not prove that they are appropriate to remain here; instead, it merely describes the simple state of editors that no one editor has the full-time necessary to keep the entire Wiki internally self-consistent. I'm pretty sure that ripping out all commercial content now that Bitcoin no longer needs the PR assistance to propagate knowledge of Bitcoin to the world, might be the best course of action based on the sheer, titanic number of scammers who have listed their sites in this wiki. (Edit to change 'inclination' to 'full-time necessary' since most admins I'm aware of agree that web-based wallets in general are a bad idea.) [[User:Midnightmagic|Midnightmagic]] ([[User talk:Midnightmagic|talk]]) 07:07, 28 February 2015 (UTC)

Paper ECDSA private key

2015-02-28T17:07:39Z

Canton: Canton moved page Paper ECDSA private key to Paper Wallet (Single Key): Renamed to what consensus agrees is a paper wallet, e.g. in chapter 4 of "Mastering Bitcoin" published by O'Reilly

#REDIRECT [[Paper Wallet (Single Key)]]

Paper wallet

2015-02-28T17:07:38Z

Canton: Canton moved page Paper ECDSA private key to Paper Wallet (Single Key): Renamed to what consensus agrees is a paper wallet, e.g. in chapter 4 of "Mastering Bitcoin" published by O'Reilly

[[File:FirstBitcoinBills.jpg|thumb|right|200px|Casascius holding early paper ECDSA private keys]]
A '''paper ECDSA private key''' (often incorrectly referred to as a "[[paper wallet]]") is a mechanism for storing bitcoins offline as a physical document that can be secured like cash or anything else of real-world value.
They are generally created by printing a brand new ECDSA private key onto paper, usually along with a bitcoin [[address]] derived from the key, and then sending bitcoins from a wallet to that address for safekeeping.
Storing bitcoins this way is [[Paper_ECDSA_private_key#As_a_wallet|generally considered a bad idea]].

__TOC__

==Use cases==

===Tips and gifts===

By creating a keypair, one can store bitcoins on a physical medium to be left as a tip or a gift.
The recipient then sweeps the private key to their own wallet.

===Physical tokens===

A trusted provider can hide the private key inside a tamper-resistant token, and issue them as a form of bitcoins.
This requires those who accept it as payment to trust that when the provider produced the tokens, they loaded them with the correct amount of bitcoins, and that they have not been tampered with since then.
To redeem the bitcoin value, the token must be destroyed to access the private key.
Often a bitcoin address is embedded on the outside visible, but there is no guarantee (without destroying the token) that this matches the private key inside, or, even if it does, that the private key is not replicated on multiple tokens or saved by the producer.

===As a wallet===

Sometimes people try to use ECDSA private keys as a wallet.
However, a single ECDSA keypair can only produce one bitcoin [[address]].
Because of this, one is forced to choose between hazardous options:
* '''Use the key only once to receive, and only once to send the full amount.''' This requires the user to know the full amount he wants to store in advance, and often leads to the next situation:
* '''Create multiple keys.''' By using more than one key, the user can receive more than once using a different address each time, including using new addresses for change. This is very complicated, and makes it easy to accidentally reuse addresses, produce the wrong change/fee combination, lose some keys, spend hours searching for the right key, etc. Not even skilled bitcoin experts are comfortable managing their own keys manually like this.
* '''Reuse the address.''' This has severe privacy and security implications. For more information, see the article on [[address reuse]].

Since there is no safe way to use these for a wallet, it is generally considered inadvisable.

==Key encoding/formatting==

[[File:BitcoinPaperWallet-sample.jpg|thumb|right|300px|Paper keypair with private key secured beneath folds]]
[[File:PaperWallets-offlineaddress-com.png|200px|thumb|right|Paper keypair]]
An [[ECDSA]] [[private key]] can be represented in several formats, but typically the Wallet Import Format (WIF) is used, since keys represented that way are very short (51 characters) and thus easy to re-enter when importing or "sweeping" it for withdrawal.

==Creation of a paper wallet==

===Generation of secure keys===

Care must be taken to securely generate keys since an attacker can steal stored bitcoins if it is exposed, transmitted, or generated with insufficient entropy.

Several tools exist for producing keypairs, including [[Bitcoin Address Utility]], [[vanitygen]], and [[Cwallet]].

===Web-based key generators===

Some websites feature free open-source client-side keypair generators written in JavaScript.
Keypairs generated by JavaScript or using websites are generally considered inherently weak and insecure, and unless the code of the website is audited every time it is used, it may leak the keys to the server.
Even with careful code auditing, browser plugins or other websites may compromise the environment.

===Recommendations===
* Keys should be produced on a computer not connected to the Internet.
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your key. Also consider that antivirus software cannot completely rule out the possibility of malware. However, booting from a [https://en.wikipedia.org/wiki/Live_CD live disc] prevents most malware from running.
* The private keys should never be saved to a computer hard drive or sent via email or other network connections. You should also never scan/type your key into your computer, except at the moment you are redeeming it.
* If possible, the private key should be kept hidden, for example by using BIP38 encryption, and/or by folding the paper to hide the private key so that a photograph or photocopy of it will not reveal or replicate the private key.
* A web-based generator should not be used.
* A generator should use an appropriate source of random numbers (entropy). This means that the generated keys aren't predictable. If the addresses come from a predictable or partially-predictable patterns like pseudorandom numbers <ref>[https://en.wikipedia.org/wiki/Pseudorandomness#Cryptography Pseudorandomness] '' is not enough for strong cryptography''</ref>, someone else who can predict the pattern can steal the balance. Randomness should NEVER be human generated, as the human brain is incapable of secure entropy.
* Remember that unlike wallets, a single ECDSA private key is only good to receive a single payment, and must be redeemed in its entirety.

===Printer Security===

Some advanced printers have internal storage (even hard drives) that preserve copies of printouts. This is a risk if someone gets access to your printer, or if you dispose of your printer. There is also the possibility that a smart enough printer can be hacked. (Consider [http://en.wikipedia.org/wiki/Stuxnet StuxNet] which was able to rewrite the firmware of non-computer devices indirectly connected to the Internet) If this concerns you, use a "dumb" printer, and never let your printer have access to the Internet or to an Internet-connected computer.

==Redeeming Keys and Withdrawing Funds==

ECDSA private keys are very different from wallets such as Bitcoin Core in that it is not possible to transfer (withdraw) a ''portion'' of a key's bitcoins.
The only way to withdraw funds is to import or "sweep" the ''entire'' received amount to a new address, typically a wallet or online exchange.
Once the transfer has been confirmed, ''the key should not be reused''.<ref>[http://www.reddit.com/r/Bitcoin/comments/1c9xr7/psa_using_paper_wallets_understanding_change/ reddit.com] ''Using Paper Wallets and Understanding Change''</ref>

There are various methods for copying the private key data to other wallets.
* bitcoind supports an "importprivkey" RPC method for this purpose.
* Bitcoin-Qt's debug console can also be used in a similar way (see also [[How to import private keys in Bitcoin Core 0.7+]]).
* [[BlockChain.info]] and [[Armory]] can also import them directly into wallets.

Note that importing a private key that may be compromised can result in the entire wallet becoming insecure.
For this reason, sweeping is generally recommended over importing.

==References==
<references />

==See Also==

* [[Paper wallet]]

* [[Private key]]

* [[Securing_your_wallet#Paper_Wallets]]

* [[How to import private keys]]

* [https://blockchain.info/wallet/paper-tutorial Blockchain.info tutorial] on how to generate a paper wallet.

* [[Casascius physical bitcoins]]

[[Category:Security]]

[[es:Monedero de papel]]

Talk:Paper Wallet (Single Key)

2015-02-26T22:12:10Z

Canton: /* Is there a good reason to omit bitcoinpaperwallet.com from this page? */ new section

Talk:Paper Wallet (Single Key)

2015-02-26T22:05:28Z

Canton: /* Paper wallets a bad idea - why? */

Talk:Paper Wallet (Single Key)

2015-02-26T22:01:13Z

Canton: /* Why rename Paper Wallets to "Paper ECDSA private keys"? */

Talk:Paper Wallet (Single Key)

2015-02-26T22:00:37Z

Canton: /* Why rename Paper Wallets to "Paper ECDSA private keys"? */ new section

Paper wallet

2015-02-26T15:30:49Z

Canton: Made it clear that this is a page about what is commonly known as a Paper Wallet. Added in link to BitcoinPaperWallet which was removed without explanation.

[[File:FirstBitcoinBills.jpg|thumb|right|200px|Casascius holding early paper wallets]]
A paper wallet is a mechanism for storing bitcoins offline as a physical document that can be secured like cash or anything else of real-world value.
They are generally created by printing a brand new public address and private key onto paper, and then sending bitcoins from a wallet to the printed key's public address for safekeeping.

__TOC__

==Producing safe paper wallets==

[[File:BitcoinPaperWallet-sample.jpg|thumb|right|300px|Paper keypair with private key secured beneath folds]]
[[File:PaperWallets-offlineaddress-com.png|200px|thumb|right|Paper keypair]]
The [[ECDSA]] [[private key]] can be represented in several formats, but typically the Wallet Import Format (WIF) is used, since keys represented that way are very short (51 characters) and thus easy to re-enter when importing or "sweeping" it for withdrawal.

Several tools exist for producing paper keypairs, including [[Bitcoin Address Utility]], [[BitcoinPaperWallet]], [[vanitygen]], and [[Cwallet]].

Care must be taken to securely generate keys since an attacker can steal stored bitcoins if it is exposed, transmitted, or generated with insufficient entropy.

Some websites feature a free open-source client-side paper keypair generators written in JavaScript.
Using these is generally considered a bad idea and inherently insecure.

'''Recommendations:'''
* Keys should be produced on a computer not connected to the Internet.
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your key. Also consider that antivirus software cannot completely rule out the possibility of malware. However, booting from a [https://en.wikipedia.org/wiki/Live_CD live disc] prevents most malware from running.
* The private keys should never be saved to a computer hard drive. You should also never scan your key into your computer or type them or save them in e-mail, except at the moment you are redeeming it.
* If possible, the private key should be kept hidden, for example by using BIP38 encryption, or by folding the paper to hide the private key so that a photograph or photocopy of it will not reveal or replicate the private key.
* A web-based generator should not be used.
* A generator should use an appropriate source of random numbers (entropy). This means that the generated keys aren't predictable. If the addresses come from a predictable or partially-predictable patterns like pseudorandom numbers <ref>[https://en.wikipedia.org/wiki/Pseudorandomness#Cryptography Pseudorandomness] '' is not enough for strong cryptography''</ref>, someone else who can predict the pattern can steal the balance. Ideally, randomness should NOT be human generated.
* Remember that unlike wallets, a single paper wallet is only good to receive a single payment, and must be redeemed in its entirety.

===Printer Security===

Some advanced printers have internal storage (even hard drives) that preserve copies of printouts. This is a risk if someone gets access to your printer, or if you dispose of your printer. There is also the possibility that a smart enough printer can be hacked. (Consider [http://en.wikipedia.org/wiki/Stuxnet StuxNet] which was able to rewrite the firmware of non-computer devices indirectly connected to the Internet) If this concerns you, use a "dumb" printer, and never let your printer have access to the Internet or to an Internet-connected computer.

==Redeeming Keys and Withdrawing Funds==

Paper wallets are very different from wallets such as Bitcoin Core in that it is not possible to transfer (withdraw) a ''portion'' of a key's bitcoins.
The only way to withdraw funds is to import or "sweep" the ''entire'' received amount to a new address, typically a wallet or online exchange.
Once the transfer has been confirmed, ''the key should not be reused''.<ref>[http://www.reddit.com/r/Bitcoin/comments/1c9xr7/psa_using_paper_wallets_understanding_change/ reddit.com] ''Using Paper Wallets and Understanding Change''</ref>

There are various methods for copying the private key data to other wallets.
* bitcoind supports an "importprivkey" RPC method for this purpose.
* Bitcoin-Qt's debug console can also be used in a similar way (see also [[how to import private keys v7+]]).
* [[BlockChain.info]] and [[Armory]] can also import them directly into wallets.

Note that importing a private key that may be compromised can result in the entire wallet being insecure.
For this reason, sweeping is generally recommended over importing.

==References==
<references />

==See Also==

* [[Private key]]

* [[Securing_your_wallet#Paper_Wallets]]

* [[How to import private keys]]

* [https://blockchain.info/wallet/paper-tutorial Blockchain.info tutorial] on how to generate a paper wallet.

* [[Casascius physical bitcoins]]

[[Category:Security]]

[[es:Monedero de papel]]

Talk:Paper Wallet (Single Key)

2015-02-26T15:25:31Z

Canton: Canton moved page Talk:Paper ECDSA private keys to Talk:Paper Wallet: Moving to "paper wallet" because this page describes what is commonly known as a paper wallet.

Paper wallet

2015-02-26T15:25:30Z

Canton: Canton moved page Paper ECDSA private keys to Paper Wallet: Moving to "paper wallet" because this page describes what is commonly known as a paper wallet.

[[File:FirstBitcoinBills.jpg|thumb|right|200px|Casascius holding early paper ECDSA private keys]]
A '''paper ECDSA private key''' is a mechanism for storing bitcoins offline as a physical document that can be secured like cash or anything else of real-world value.
They are generally created by printing a brand new public address and private key onto paper, and then sending bitcoins from a wallet to the printed key's public address for safekeeping.
Storing bitcoins this way is generally considered a bad idea.{{why}}

__TOC__

==Producing safe paper keys==

[[File:BitcoinPaperWallet-sample.jpg|thumb|right|300px|Paper keypair with private key secured beneath folds]]
[[File:PaperWallets-offlineaddress-com.png|200px|thumb|right|Paper keypair]]
An [[ECDSA]] [[private key]] can be represented in several formats, but typically the Wallet Import Format (WIF) is used, since keys represented that way are very short (51 characters) and thus easy to re-enter when importing or "sweeping" it for withdrawal.

Several tools exist for producing paper keypairs, including [[Bitcoin Address Utility]], [[vanitygen]], and [[Cwallet]].

Care must be taken to securely generate keys since an attacker can steal stored bitcoins if it is exposed, transmitted, or generated with insufficient entropy.

Some websites feature a free open-source client-side paper keypair generators written in JavaScript.
Using these is generally considered a bad idea and inherently insecure.

'''Recommendations:'''
* Keys should be produced on a computer not connected to the Internet.
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your key. Also consider that antivirus software cannot completely rule out the possibility of malware. However, booting from a [https://en.wikipedia.org/wiki/Live_CD live disc] prevents most malware from running.
* The private keys should never be saved to a computer hard drive. You should also never scan your key into your computer or type them or save them in e-mail, except at the moment you are redeeming it.
* If possible, the private key should be kept hidden, for example by using BIP38 encryption, or by folding the paper to hide the private key so that a photograph or photocopy of it will not reveal or replicate the private key.
* A web-based generator should not be used.
* A generator should use an appropriate source of random numbers (entropy). This means that the generated keys aren't predictable. If the addresses come from a predictable or partially-predictable patterns like pseudorandom numbers <ref>[https://en.wikipedia.org/wiki/Pseudorandomness#Cryptography Pseudorandomness] '' is not enough for strong cryptography''</ref>, someone else who can predict the pattern can steal the balance. Ideally, randomness should NOT be human generated.
* Remember that unlike wallets, a single ECDSA private key is only good to receive a single payment, and must be redeemed in its entirety.

===Printer Security===

Some advanced printers have internal storage (even hard drives) that preserve copies of printouts. This is a risk if someone gets access to your printer, or if you dispose of your printer. There is also the possibility that a smart enough printer can be hacked. (Consider [http://en.wikipedia.org/wiki/Stuxnet StuxNet] which was able to rewrite the firmware of non-computer devices indirectly connected to the Internet) If this concerns you, use a "dumb" printer, and never let your printer have access to the Internet or to an Internet-connected computer.

==Redeeming Keys and Withdrawing Funds==

ECDSA private keys are very different from wallets such as Bitcoin Core in that it is not possible to transfer (withdraw) a ''portion'' of a key's bitcoins.
The only way to withdraw funds is to import or "sweep" the ''entire'' received amount to a new address, typically a wallet or online exchange.
Once the transfer has been confirmed, ''the key should not be reused''.<ref>[http://www.reddit.com/r/Bitcoin/comments/1c9xr7/psa_using_paper_wallets_understanding_change/ reddit.com] ''Using Paper Wallets and Understanding Change''</ref>

There are various methods for copying the private key data to other wallets.
* bitcoind supports an "importprivkey" RPC method for this purpose.
* Bitcoin-Qt's debug console can also be used in a similar way (see also [[how to import private keys v7+]]).
* [[BlockChain.info]] and [[Armory]] can also import them directly into wallets.

Note that importing a private key that may be compromised can result in the entire wallet being insecure.
For this reason, sweeping is generally recommended over importing.

==References==
<references />

==See Also==

* [[Private key]]

* [[Securing_your_wallet#Paper_Wallets]]

* [[How to import private keys]]

* [https://blockchain.info/wallet/paper-tutorial Blockchain.info tutorial] on how to generate a paper wallet.

* [[Casascius physical bitcoins]]

[[Category:Security]]

[[es:Monedero de papel]]

Hierarchical Deterministic Wallet Backups

2015-02-26T15:24:44Z

Canton: Canton moved page Paper wallet to Hierarchical Deterministic Wallet Backups: A HD wallet seed is not the same thing as a "paper wallet". Added a note to the real "paper wallet" page that "paper wallet" is a bit of a misnomer.

'''Paper wallets''' are wallets that are contained entirely on paper.
This is preferably in the form of a mnemonic [[Deterministic wallet | HD wallet]] seed.
They are generally used with the goal of storing bitcoins offline in non-digital format to prevent unauthorized access.
Using securely generated paper wallets properly will nullify the chances of your bitcoins being stolen by hackers or computer viruses.

They should not be confused with [[paper ECDSA private keys]], which are a bad practice.{{why}}

== Basics ==

The private seed is used to prove your right to spend the bitcoins transferred to the paper wallet, and as such should be kept hidden and secret.
If the private seed on a paper wallet is exposed (for example in a photograph) then the wallet may be used by anyone who sees it.
To guard against accidental revelation, the private key displayed on the paper wallet may be encrypted or split into several different parts (for example using [https://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing Shamir's secret sharing scheme]).
At the very least, the private key should be well hidden e.g. by folding the wallet in half and sealing it shut.

You can use the public seed to generate as many addresses as you need to receive bitcoins, and they will be inaccessible until the private seed is loaded.

== Software for using paper wallets ==

Currently, at least [[Armory]] and [[Electrum]] support generating mnemonic codes for their wallets, which can be written down or printed to make a paper wallet.

== Tips for making paper wallets ==

For the most security, it is advisable to generate your wallet from a [https://en.wikipedia.org/wiki/Live_CD live disc], to ensure that the private seed is not compromised by spyware.
To generate a safer paper wallet in this way, first "clean-boot" your computer with a bootable CD (such as a Linux Live CD) while disconnected from the Internet.
Download a verified version of your preferred wallet software or generator software, and disconnect the computer from the internet.
Print your paper wallets or store them on external media (do not save them on the computer), and then shut down the computer.
You may need to load an appropriate printer driver in order to print while booted from the live CD.

* Disconnecting from the Internet guarantees that that the paper wallet generator is truly self-contained and isn't transmitting your keys online.

* Verifying the integrity of the code (and the trustworthiness of the author) is important to make sure a hacker hasn't modified the download so that it generates predictable seeds instead of truly random ones.

* Using a very basic printer is advisable since high-end office printers may have WiFi or internal storage that keeps a cache of printed documents.

* Remember, spyware and viruses often attempt to monitor your computer activities so that their authors can steal from you. They are interested in passwords to online accounts, and anything of value. Bitcoin wallets are something of value that have already been targeted by malware. If your computer is infected with spyware or viruses - even if there are no symptoms, or your antivirus isn't reporting anything - then anything you type, view, or save on your computer, could potentially be stolen by someone remotely controlling your computer. Your private seed can then be intercepted while you enter it, so only enter a Bitcoin private seed into your computer when you are certain it is secure (such as a fresh boot of a LiveCD).

Hierarchical Deterministic Wallet Backups

2015-02-02T17:35:06Z

Canton: Recovered lots of details from the former paper wallet page (which was deleted?)

A paper wallet is a mechanism for storing bitcoins offline as a physical document that can be secured like cash or anything else of real-world value. Paper wallets are generally created by printing a brand new public address and private key onto paper, and then sending bitcoins from a "live" wallet to the printed wallet's public address for safekeeping. If good security practices are followed, paper wallets are one of the safest means for storing Bitcoins.

Similarly, a mnemonic [[Deterministic wallet | HD wallet]] seed may be written down on paper as a means of deriving keys from a single starting point. This allows a user to easily back up and restore a wallet without needing any other information.

Paper wallets are generally used with the goal of storing bitcoins offline in non-digital format to prevent unauthorized access. Using securely generated paper wallets properly will nullify the chances of your bitcoins being stolen by hackers or computer viruses.

They should not be confused with [[paper ECDSA private keys]], which are a bad practice.{{why}}

== Basics ==

The private key is used to prove your right to spend the bitcoins transferred to the paper wallet, and as such should be kept hidden and secret.
If the private key on a paper wallet is exposed (for example in a photograph) then the wallet may be used by anyone who sees it.
To guard against accidental revelation, the private key displayed on the paper wallet may be encrypted or split into several different parts ("Shamir's secret sharing scheme").
At the very least, the private key should be well hidden e.g. by folding the wallet in half and sealing it shut.

== Software for generating individual and bulk paper wallets ==

[[File:Paper Wallets.jpeg|thumb|Paper wallets from bitcoinpaperwallet.com. Public key is visible, private key is hidden beneath folds and sealed with tamper-evident tape.]]

Several tools exist for producing paper wallets, including [[BitAddress|BitAddress.org]] and [[BitcoinPaperWallet|BitcoinPaperWallet.com]].

Care must be taken to securely generate paper wallets since an attacker can steal the present and future balance of a paper wallet if the private key is exposed, transmitted, or generated with insufficient entropy.

Some services distribute free open-source client-side paper wallet generators written in JavaScript, which can be used offline. Using these generators is relatively safe when the source code hash can be checked against the author's signature. It's advisable to use those services from a live bootable CD, to ensure that private keys are not compromised by spyware.

== Software for generating deterministic wallets ==

Currently, at least [[Armory]] and [[Electrum]] support generating mnemonic codes for their wallets, which can be written down or printed to make a paper wallet.

== Recommendations ==

* Paper wallets should be produced on a computer not connected to the Internet.
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your paper wallet. Also consider that antivirus software cannot completely rule out the possibility of malware. However, booting from a live disc prevents malware from running.
* The private keys of paper wallets should never be saved to a computer hard drive. You should also never scan your paper wallet into your computer or type the private keys or save them in e-mail, except at the moment you are redeeming the balance.
* If possible, the private key of a paper wallet should be kept hidden, for example by using BIP38 encryption, or by folding the paper to hide the private key so that a photograph or photocopy of the wallet will not reveal or replicate the private key.
* A web-based paper wallet generator should be written such that that all of the generation happens on your computer, not the web server. Ideally, the HTML/JavaScript for the web generator should be downloaded to your computer, verified, and then run "locally" from an offline computer. Running a paper wallet generator directly from a live website is not recommended unless you can verify that the code has not been tampered with by computing the hash and comparing it with a signed hash by the author.
* A paper wallet generator should use an appropriate source of random numbers (entropy). This means that the generated addresses aren't predictable. If the addresses come from a predictable or partially-predictable patterns like pseudorandom numbers [1], someone else who can predict the pattern can steal the balance. Ideally, randomness should to be human provided (i.e. using dice rolling or random mouse movements or key strokes.) When using a web-based generator it's important to ensure that both the web browser and the JavaScript code are taking advantage of the strongest cryptographic routines available.[2]

== Software for generating deterministic wallets ==

Currently, at least [[Armory]] and [[Electrum]] support generating mnemonic codes for their wallets, which can be written down or printed to make a paper wallet.

== Tips for making paper wallets ==

For the most security, it is advisable to generate your wallet from a [https://en.wikipedia.org/wiki/Live_CD live disc], to ensure that the private seed is not compromised by spyware.
To generate a safer paper wallet in this way, first "clean-boot" your computer with a bootable CD (such as a Linux Live CD) while disconnected from the Internet.
Download a verified version of your preferred wallet software, and disconnect the computer from the internet.
Print your paper wallets or store them on external media (do not save them on the computer), and then shut down the computer.
You may need to load an appropriate printer driver in order to print while booted from the live CD.

* Disconnecting from the Internet guarantees that that the paper wallet generator is truly self-contained and isn't transmitting your keys online.

* Verifying the integrity of the code (and the trustworthiness of the author) is important to make sure a hacker hasn't modified the download so that it generates predictable seeds instead of truly random ones.

* Remember, spyware and viruses often attempt to monitor your computer activities so that their authors can steal from you. They are interested in passwords to online accounts, and anything of value. Bitcoin wallets are something of value that have already been targeted by malware. If your computer is infected with spyware or viruses - even if there are no symptoms, or your antivirus isn't reporting anything - then anything you type, view, or save on your computer, could potentially be stolen by someone remotely controlling your computer. Your private seed can then be intercepted while you enter it, so only enter a Bitcoin private seed into your computer when you are certain it is secure (such as a fresh boot of a LiveCD).

=== Operating System Cache Security ===

The problem with printing out secure documents—even if your computer is 100% virus/trojan free—is that your printer driver and/or operating system may be keeping copies of the documents you print in a "spool" or print queue. If a hacker or virus gets into your computer and knows to look for these cache files, then they can get your private keys and sweep your paper wallets. Precautions to mitigate this type of attack include:

* Enabling encryption of your entire filesystem so that cache files cannot be 'undeleted'.
* Setting up a symbolic link from your OS spool directory (e.g. /private/var/spool/cups/cache/ on OS X) to a removable media volume (e.g. a SD card) and disconnecting it when not in use.
* Using a live-boot CD instead of a regular hard drive OS install. This way when you reboot your computer, all cache files are deleted from memory and no jobs are ever written to disk.

=== Printer Security ===

Using a very basic printer is advisable since high-end office printers may have WiFi or internal storage that keeps a cache of printed documents.

This is a risk if someone gets access to your printer, or if you dispose of your printer. There is also the possibility that a smart enough printer can be hacked. (Consider StuxNet which was able to rewrite the firmware of non-computer devices indirectly connected to the Internet) If this concerns you, use a "dumb" printer, and never let your printer have access to the Internet or to an Internet-connected computer.

=== Redeeming Keys and Withdrawing Funds ===

Paper wallets are very different from "live" wallets such as the Bitcoin-QT client in that it is not possible to transfer (withdraw) a portion of a paper wallet's bitcoin balance. The only way to withdraw funds from a paper wallet is to import or "sweep" the entire balance of the paper wallet to a new address, typically a live wallet or online exchange. Once the transfer has been confirmed, the paper wallet should no longer be used.[4]

There are various methods for copying the private key data from a paper wallet to other wallets. bitcoind supports an "importprivkey" RPC method for this purpose. Bitcoin-Qt's debug console can also be used in a similar way (see also how to import private keys v7+). BlockChain.info and Armory can also import them directly into wallets.

File:Paper Wallets.jpeg

2015-02-02T17:27:34Z

Canton: Two folded paper wallets from bitcoinpaperwallet.com

== Summary ==
Two folded paper wallets from bitcoinpaperwallet.com
== Licensing ==
{{self|Cc-zero}}

Paper wallet

2014-08-12T18:37:32Z

Canton: /* Removed safepaperwallet from list (defunct link, wiki page no longer accessible.) */

A '''paper wallet''' is a mechanism for storing bitcoins offline as a physical document that can be secured like cash or anything else of real-world value. Paper wallets are generally created by printing a brand new public address and private key onto paper, and then sending bitcoins from a "live" wallet to the printed wallet's public address for safekeeping. If good security practices are followed, paper wallets are one of the safest ways to store Bitcoins.

__TOC__

==Producing safe paper wallets==

[[File:BitcoinPaperWallet-sample.jpg|thumb|right|300px|Paper wallet with private key secured beneath folds [[BitcoinPaperWallet|BitcoinPaperWallet.com]] ]]
[[File:PaperWallets-offlineaddress-com.png|200px|thumb|right|Paper wallets from [[OfflineAddress|OfflineAddress.com]] ]]
A Bitcoin [[private key]] can be represented in several formats. For paper wallets typically used format is Wallet Import Format (WIF), since keys represented that way are very short (51 characters) and thus easy to re-enter when importing or "sweeping" the wallet for withdrawal.

Several tools exist for producing paper wallets, including [[BitAddress|BitAddress.org]], [[Bitcoin Address Utility]], [[BitcoinPaperWallet|BitcoinPaperWallet.com]], [[OfflineAddress|OfflineAddress.com]], [[vanitygen]], and [[Cwallet]].

Care must be taken to securely generate paper wallets since an attacker can steal the present ''and future'' balance of a paper wallet if the private key is exposed, transmitted, or generated with insufficient entropy.

Some services feature a free open-source client-side paper wallet generators written in JavaScript, which can be used offline. Using these generators is relatively safe when the source code hash can be checked against the author's signature. It's advisable to use those services from a [https://en.wikipedia.org/wiki/Live_CD live bootable CD], to ensure that private keys are not compromised by spyware.

'''Recommendations:'''
* Paper wallets should be produced on a computer not connected to the Internet.
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your paper wallet. Also consider that antivirus software cannot completely rule out the possibility of malware. However, booting from a [https://en.wikipedia.org/wiki/Live_CD live disc] prevents malware from running.
* The private keys of paper wallets should never be saved to a computer hard drive. You should also never scan your paper wallet into your computer or type the private keys or save them in e-mail, except at the moment you are redeeming the balance.
* If possible, the private key of a paper wallet should be kept hidden, for example by using BIP38 encryption, or by folding the paper to hide the private key so that a photograph or photocopy of the wallet will not reveal or replicate the private key.
* A web-based paper wallet generator should be written such that that all of the generation happens on your computer, not the web server. Ideally, the HTML/JavaScript for the web generator should be downloaded to your computer, verified, and then run "locally" from an offline computer. Running a paper wallet generator directly from a live website is not recommended unless you can verify that the code has not been tampered with by computing the hash and comparing it with a signed hash by the author.
* A paper wallet generator should use an appropriate source of random numbers (entropy). This means that the generated addresses aren't predictable. If the addresses come from a predictable or partially-predictable patterns like pseudorandom numbers <ref>[https://en.wikipedia.org/wiki/Pseudorandomness#Cryptography Pseudorandomness] '' is not enough for strong cryptography''</ref>, someone else who can predict the pattern can steal the balance. Ideally, randomness should to be human provided (i.e. using dice rolling or random mouse movements or key strokes.) When using a web-based generator it's important to ensure that both the web browser and the JavaScript code are taking advantage of the strongest cryptographic routines available.<ref>[http://www.w3.org/TR/WebCryptoAPI/ w3.org] ''WebCryptoAPI''</ref>

===Operating System Cache Security===

The problem with printing out secure documents—even if your computer is 100% virus/trojan free—is that your printer driver and/or operating system may be keeping copies of the documents you print in a "spool" or print queue. If a hacker or virus gets into your computer and knows to look for these cache files, then they can get your private keys and sweep your paper wallets. Precautions to mitigate this type of attack include:

* Enabling encryption of your entire filesystem so that cache files cannot be 'undeleted'.

* Setting up a symbolic link from your OS spool directory (e.g. /private/var/spool/cups/cache/ on OS X) to a removable media volume (e.g. a SD card) and disconnecting it when not in use.

* Using a live-boot CD instead of a regular hard drive OS install. This way when you reboot your computer, all cache files are deleted from memory and no jobs are ever written to disk.<ref>[https://bitcoinpaperwallet.com/#security BitcoinPaperWallet.com] ''Security Tips''</ref>

===Printer Security===

Some advanced printers have internal storage (even hard drives) that preserve copies of printouts. This is a risk if someone gets access to your printer, or if you dispose of your printer. There is also the possibility that a smart enough printer can be hacked. (Consider [http://en.wikipedia.org/wiki/Stuxnet StuxNet] which was able to rewrite the firmware of non-computer devices indirectly connected to the Internet) If this concerns you, use a "dumb" printer, and never let your printer have access to the Internet or to an Internet-connected computer.

==Redeeming Keys and Withdrawing Funds==

Paper wallets are very different from "live" wallets such as the Bitcoin-QT client in that it is not possible to transfer (withdraw) a ''portion'' of a paper wallet's bitcoin balance. The only way to withdraw funds from a paper wallet is to import or "sweep" the ''entire'' balance of the paper wallet to a new address, typically a live wallet or online exchange. Once the transfer has been confirmed, ''the paper wallet should no longer be used''.<ref>[http://www.reddit.com/r/Bitcoin/comments/1c9xr7/psa_using_paper_wallets_understanding_change/ reddit.com] ''Using Paper Wallets and Understanding Change''</ref>

There are various methods for copying the private key data from a paper wallet to other wallets.
bitcoind supports an "importprivkey" RPC method for this purpose.
Bitcoin-Qt's debug console can also be used in a similar way (see also [[how to import private keys v7+]]).
[[BlockChain.info]] and [[Armory]] can also import them directly into wallets.
[[MtGox|Mt. Gox]] provides the ability to Add Funds using a private key:
the exchange will then create a "sweep" transaction that spends any amount for that paper wallet address so that the amount is added to your account with them; it will also sweep to your account any bitcoins received to that address in the future as well.

==References==
<references />

==See Also==

* [[Private key]]

* [[Securing_your_wallet#Paper_Wallets]]

* [[How to import private keys]]

* [https://blockchain.info/wallet/paper-tutorial Blockchain.info tutorial] on how to generate a paper wallet.

[[Category:Security]]

[[es:Monedero de papel]]

Open-source useful tools

2014-01-22T15:38:23Z

Canton: Added my site

<big>Closed-source softwares are not allowed in this page. Please check you can access the sources before using a program listed here, if not, warn a moderator.

Anyway, in general, '''never''' use closed-source tools when bitcoins are involved, for obvious reasons.
</big>

== Client forks ==
[https://github.com/piotrnar/bitcoin/commits/importexporttx piotrnar's fork]

:Import/export transactions

== Scripts ==
[https://bitcointalk.org/index.php?topic=34028.0 Pywallet]
:Wallet managing: import/export/delete addresses and transactions, recover *coins sent to Bitcoin addresses
:Sign/verify messages and files with Bitcoin addresses
:Recover previously deleted key

[https://github.com/gavinandresen/bitcointools Bitcointools]

[https://bitcointalk.org/index.php?topic=25091.0 bitcoin-wallet-recover]
:Recover wallets from reformatted drives

== Online ==

[http://blockexplorer.com/ Blockexplorer.com] ([[Block Explorer|info]])
:List of blocks and transactions
[http://bitcoincharts.com/bitcoin/ Bitcoin Charts] ([[Bitcoin Charts|info]])
:List of unconfirmed transaction
[http://www.bitcoinmonitor.com/ Bitcoin Monitor] ([[Bitcoin Monitor|info]])
:Visualize the activities on the Bitcoin network
[https://www.bitaddress.org BitAddress] ([[BitAddress|info]])
:Generate an address and private key for an offline wallet. ("Paper wallet") Generate bulk addresses. Verify keys.
[https://bitcoinpaperwallet.com BitcoinPaperWallet.com] ([[BitcoinPaperWallet|info]])
:Generate an address and private key for an offline wallet ("Paper wallet"). Implements a unique two-sided tamper-evident folding design.

How to set up a secure offline savings wallet

2014-01-22T15:35:16Z

Canton: /* Notes */ Replaced reference to specific paper wallet services with link to main paper wallet page

== Why set up an offline savings wallet? ==

Modern operating systems are getting more and more complex. The flip side of all this complexity is that they generally have a large [http://en.wikipedia.org/wiki/Attack_surface attack surface] and constantly leak information without the user’s knowledge or consent. No matter how many precautions you take, your [[wallet]]s will never be 100% safe on a computer that is connected to the internet.

Because bitcoins are stored directly on your computer and because they are real money, the motivation for sophisticated and targeted attacks against your system is higher than in the pre-bitcoin era, when only large organizations normally had to worry about such attacks.

This guide will instruct you on how to create an offline wallet, a wallet that never even touches the internet in its plaintext form. Another term for this is [[cold storage]]. This security measure is also referred to as being an air gap. For all practical purposes, this wallet is safe from all online threats, such as viruses and hackers. It is however still exposed to offline threats, such as [http://en.wikipedia.org/wiki/Hardware_keylogger hardware keyloggers], extortion, or people looking over your shoulder. A best practice is to keep the majority of your bitcoins in the offline wallet and only to use the online wallet for everyday expenses/earnings.

The below procedure may seem tedious, but remember that security almost always comes at the cost of convenience. When you deposit money at a bank, you let them worry about security. Bitcoins, however, are stored on '''your''' computer and that means '''you''' are fully responsible for securing them. The bitcoin ecosystem is still very young and unfortunately no user friendly tools for creating highly secure wallets have been developed yet (though some members of the Bitcoin community are [http://forum.bitcoin.org/?topic=7357.0 working hard at this]).

== How to deposit funds ==

# Set up a [http://www.wuala.com/en/bitcoin Wuala] account, or other cloud backup service of your choice.
# Create a strong and unique password offline (manually). This password should be at least 20 characters long; it should contain numbers, upper and lower case letters, and symbols. It should be as random as possible, ie it should look something like this: Zr%8qL03&cvwS9@05AatdP71. Never use this password elsewhere.
# '''Do not forget this password'''. Recite it several times a day. It is easy to overestimate your ability to remember a password several months in the future. To be on the safe side, write it down and store the piece of paper in a safety deposit box.
# Download [http://www.bitcoin.org/ Bitcoin Linux binary] and save it on a USB drive.
# Shut down your computer, and boot [http://www.ubuntu.com/ Ubuntu] (or Linux distribution of you choice) from a [http://www.ubuntu.com/download/ubuntu/download liveCD]. This will not affect your current operating system.
# '''Disconnect machine from the internet'''. Unplug any network cables and disable wireless. Verify that wireless is disabled in the icon on the upper right corner (Ubuntu). Double check that machine is disconnected by opening the web browser.
# Run bitcoin while disconnected to the internet. The client will show 0 connections and 0 blocks, but it will still generate a wallet.dat file and a bitcoin address.
# Encrypt your wallet using the strong and unique password from step 2 above. (Bitcoin Client > Settings > Encrypt wallet)
# Copy wallet.dat (found in hidden folder .bitcoin in your home directory) to USB drive.
# Save bitcoin address to a text file and copy it to USB drive.
# Shut down system and turn off computer. Before switching your computer on again, remove all power sources for about 1 minute. Physically remove battery from laptop.
# Backup encrypted wallet.dat file in several places:
#*Send it to your 5 best friends by email attachment and ask them to save it for you.
#*Save it on your Wuala account created in step 1.
#*Save it on several USB drives and CDs and store them in different geographic locations.
#Send bitcoins to the address saved on the USB drive. Double check in the [[Bitcoin Block Explorer|block explorer]] that they have been sent.

==How to retrieve funds ==

#Boot from Ubuntu liveCD, as in step 5 above.
#Insert USB drive.
#Run bitcoin client and close it again.
#Replace wallet.dat in ~/.bitcoin directory with wallet.dat from USB drive.
#Connect to the internet.
#Restart bitcoin client.
#Wait for blocks to download (optional).
#Send bitcoins.

==Notes==

*This procedure is only secure if you perform steps 1-13 in this '''exact order'''.

*If you're a non-technical user that can't perform the steps above, use an [[Paper wallet|in-browser paper wallet generator]] to create paper wallets (read below for more caveats and info).

*Perform one or two trial runs of the above procedure with a few bitcents, and make sure that you know how to successfully retrieve them, before making a bulk transfer.

*Every time you retrieve bitcoins from your savings wallet, create a fresh savings wallet by repeating the above procedure, and send all your remaining savings balance there.

*There is more than one way to do it. Similar procedures have been suggested on the forums [http://forum.bitcoin.org/index.php?topic=17240.0 here] and [http://forum.bitcoin.org/?topic=5194.0 here].

*Beware that even savings wallets have limited lifetimes. New, backwards incompatible versions of bitcoin might come out in future, [http://en.wikipedia.org/wiki/Advanced_Encryption_Standard AES] might be broken, [http://en.wikipedia.org/wiki/Bit_rot bit rot] might destroy your wallets, etc. Pay attention to updates in the Bitcoin world and update to fresh savings wallets every couple of years, or as needed.

* See [[How to import private keys]] for an alternative way of retrieve your coins.

==Alternatives ==

[[Paper wallet|'''Paper wallets''']] can also be used to create offline bitcoin savings accounts. While paper wallets are much easier to generate, they are not generally encrypted which means you cannot guard against accidental loss by distributing copies to online services and friends. Instead, paper wallets must be kept safe like jewels or cash. Looking forward, support for [[BIP 0038|BIP-38]] encryption is growing fast and it is expected that paper wallet generators will soon include options for generating ''encrypted paper wallets'' that can be duplicated and widely distributed for safekeeping.

==See Also==

* [[Cold storage]]
* [http://codinginmysleep.com/bitcoin-cold-storage-in-plain-english Bitcoin Cold Storage In Plain English] by David Perry

[[Category:Instructional]]
[[Category:Security]]

How to set up a secure offline savings wallet

2014-01-22T15:32:45Z

Canton: /* Notes */ Added bitcoinpaperwallet.com

== Why set up an offline savings wallet? ==

Modern operating systems are getting more and more complex. The flip side of all this complexity is that they generally have a large [http://en.wikipedia.org/wiki/Attack_surface attack surface] and constantly leak information without the user’s knowledge or consent. No matter how many precautions you take, your [[wallet]]s will never be 100% safe on a computer that is connected to the internet.

Because bitcoins are stored directly on your computer and because they are real money, the motivation for sophisticated and targeted attacks against your system is higher than in the pre-bitcoin era, when only large organizations normally had to worry about such attacks.

This guide will instruct you on how to create an offline wallet, a wallet that never even touches the internet in its plaintext form. Another term for this is [[cold storage]]. This security measure is also referred to as being an air gap. For all practical purposes, this wallet is safe from all online threats, such as viruses and hackers. It is however still exposed to offline threats, such as [http://en.wikipedia.org/wiki/Hardware_keylogger hardware keyloggers], extortion, or people looking over your shoulder. A best practice is to keep the majority of your bitcoins in the offline wallet and only to use the online wallet for everyday expenses/earnings.

The below procedure may seem tedious, but remember that security almost always comes at the cost of convenience. When you deposit money at a bank, you let them worry about security. Bitcoins, however, are stored on '''your''' computer and that means '''you''' are fully responsible for securing them. The bitcoin ecosystem is still very young and unfortunately no user friendly tools for creating highly secure wallets have been developed yet (though some members of the Bitcoin community are [http://forum.bitcoin.org/?topic=7357.0 working hard at this]).

== How to deposit funds ==

# Set up a [http://www.wuala.com/en/bitcoin Wuala] account, or other cloud backup service of your choice.
# Create a strong and unique password offline (manually). This password should be at least 20 characters long; it should contain numbers, upper and lower case letters, and symbols. It should be as random as possible, ie it should look something like this: Zr%8qL03&cvwS9@05AatdP71. Never use this password elsewhere.
# '''Do not forget this password'''. Recite it several times a day. It is easy to overestimate your ability to remember a password several months in the future. To be on the safe side, write it down and store the piece of paper in a safety deposit box.
# Download [http://www.bitcoin.org/ Bitcoin Linux binary] and save it on a USB drive.
# Shut down your computer, and boot [http://www.ubuntu.com/ Ubuntu] (or Linux distribution of you choice) from a [http://www.ubuntu.com/download/ubuntu/download liveCD]. This will not affect your current operating system.
# '''Disconnect machine from the internet'''. Unplug any network cables and disable wireless. Verify that wireless is disabled in the icon on the upper right corner (Ubuntu). Double check that machine is disconnected by opening the web browser.
# Run bitcoin while disconnected to the internet. The client will show 0 connections and 0 blocks, but it will still generate a wallet.dat file and a bitcoin address.
# Encrypt your wallet using the strong and unique password from step 2 above. (Bitcoin Client > Settings > Encrypt wallet)
# Copy wallet.dat (found in hidden folder .bitcoin in your home directory) to USB drive.
# Save bitcoin address to a text file and copy it to USB drive.
# Shut down system and turn off computer. Before switching your computer on again, remove all power sources for about 1 minute. Physically remove battery from laptop.
# Backup encrypted wallet.dat file in several places:
#*Send it to your 5 best friends by email attachment and ask them to save it for you.
#*Save it on your Wuala account created in step 1.
#*Save it on several USB drives and CDs and store them in different geographic locations.
#Send bitcoins to the address saved on the USB drive. Double check in the [[Bitcoin Block Explorer|block explorer]] that they have been sent.

==How to retrieve funds ==

#Boot from Ubuntu liveCD, as in step 5 above.
#Insert USB drive.
#Run bitcoin client and close it again.
#Replace wallet.dat in ~/.bitcoin directory with wallet.dat from USB drive.
#Connect to the internet.
#Restart bitcoin client.
#Wait for blocks to download (optional).
#Send bitcoins.

==Notes==

*This procedure is only secure if you perform steps 1-13 in this '''exact order'''.

*If you're a non-technical user that can't perform the steps above, try using services like [[BitAddress]], [[BitcoinPaperWallet]], or [[OfflineAddress]] to generate paper wallets (read below for more caveats and info).

*Perform one or two trial runs of the above procedure with a few bitcents, and make sure that you know how to successfully retrieve them, before making a bulk transfer.

*Every time you retrieve bitcoins from your savings wallet, create a fresh savings wallet by repeating the above procedure, and send all your remaining savings balance there.

*There is more than one way to do it. Similar procedures have been suggested on the forums [http://forum.bitcoin.org/index.php?topic=17240.0 here] and [http://forum.bitcoin.org/?topic=5194.0 here].

*Beware that even savings wallets have limited lifetimes. New, backwards incompatible versions of bitcoin might come out in future, [http://en.wikipedia.org/wiki/Advanced_Encryption_Standard AES] might be broken, [http://en.wikipedia.org/wiki/Bit_rot bit rot] might destroy your wallets, etc. Pay attention to updates in the Bitcoin world and update to fresh savings wallets every couple of years, or as needed.

* See [[How to import private keys]] for an alternative way of retrieve your coins.

==Alternatives ==

[[Paper wallet|'''Paper wallets''']] can also be used to create offline bitcoin savings accounts. While paper wallets are much easier to generate, they are not generally encrypted which means you cannot guard against accidental loss by distributing copies to online services and friends. Instead, paper wallets must be kept safe like jewels or cash. Looking forward, support for [[BIP 0038|BIP-38]] encryption is growing fast and it is expected that paper wallet generators will soon include options for generating ''encrypted paper wallets'' that can be duplicated and widely distributed for safekeeping.

==See Also==

* [[Cold storage]]
* [http://codinginmysleep.com/bitcoin-cold-storage-in-plain-english Bitcoin Cold Storage In Plain English] by David Perry

[[Category:Instructional]]
[[Category:Security]]

Securing your wallet

2014-01-22T15:29:24Z

Canton: /* Paper Wallets */ Removed references to specific services. Expanded on security practices and general explanation. Added mention of recent developments such as BIP38.

==Introduction==

Wallet security can be broken down into two independent goals:
# Protecting your wallet against loss.
# Protecting your wallet against theft.

In the case that your current wallet hasn't been protected adequately (e.g. put online with a weaker password):
# Making a new secure wallet, using appropriate long-term protection.

''For a brief overview see also: [[Wallet Security Dos and Don'ts|Wallet Security Dos and Don'ts]]''

==Paper Wallets==
[[Paper wallet]]s can be used to store bitcoins offline in non-digital format. Using securely generated paper wallets significantly decreases the chances of your bitcoins being stolen by hackers or computer viruses.

Fundamentally, a paper wallet is merely a physical record of a [[private key]] (most commonly written as a sequence of fifty-one alphanumeric characters beginning with a '5') and its corresponding [[public key]]. The private key is used to prove your right to spend the bitcoins transferred to the paper wallet, and as such should be kept hidden and secret. If the private key on a paper wallet is exposed (for example in a photograph) then the wallet may be "swept" by anyone who sees the key. To guard against accidental revelation, the private key displayed on the paper wallet may be encrypted using a password ("BIP38") or split into several different parts ("Shamir's secret sharing scheme"). At the very least, the private key should be well hidden e.g. by folding the wallet in half and sealing it shut.

You can send bitcoins to the public address on your paper wallet as often as you like, and they will be inaccessible until the private key is imported into a "live" wallet. You can use a service such as blockchain.info to verify the balance of your paper wallet, which is a matter of public record. As of version 0.6.0, the bitcoin QT software has a command line feature called "importprivkey" that can load private keys. Online exchanges and wallets such as [[MtGox]], CoinBase and Blockchain.info have features for importing (or "sweeping") paper wallet private keys as well.

=== Software for generating paper wallets ===

Some [[Paper wallet|paper wallet generators]] have been written entirely in HTML/JavaScript to make it fairly easy to generate paper wallets on virtually any operating system. Although these generators use a web browser, they are generally capable of running offline since address generation happens entirely within the web browser. It's advisable to use those services from [https://en.wikipedia.org/wiki/Live_CD live disc], to ensure that private keys are not compromised by spyware.

To generate a safer paper wallet, first save the paper wallet generating code to a newly-formatted USB stick and verify the integrity (SHA1 hash or PGP signature) of the code. Then "clean-boot" your computer with a bootable CD (such as a Linux Live CD) while disconnected from the Internet. Insert the USB stick and open the wallet generator's HTML file using a web browser. Print your paper wallets or store them on external media (do not save them on the computer), and then shut down the computer. You may need to load an appropriate printer driver in order to print while booted from the live CD.

=== Tips for making paper wallets ===

* Disconnecting from the Internet guarantees that that the paper wallet generator is truly self-contained and isn't transmitting your keys online.

* Verifying the integrity of the code (and the trustworthiness of the author) is important to make sure a hacker hasn't modified the HTML so that it generates predictable addresses instead of truly random keys.

* Using a very basic printer is advisable since high-end office printers may have WiFi or internal storage that keeps a cache of printed documents.

* Remember, spyware and viruses often attempt to monitor your computer activities so that their authors can steal from you. They are interested in passwords to online accounts, and anything of value. Bitcoin wallets and private keys are something of value that have already been targeted by malware. If your computer is infected with spyware or viruses - even if there are no symptoms, or your antivirus isn't reporting anything - then anything you type, view, or save on your computer, could potentially be stolen by someone remotely controlling your computer. Your private key can then be intercepted while you enter it, so only enter a Bitcoin private key into your computer when your intent is to redeem its value ''immediately''.

== Hardware wallets ==
[[Hardware wallet]]s are a major effort to provide a good combination of enhanced security and usability.

So far only [http://www.pi-wallet.com/ Pi Wallet] is operational.

==Importance of security updates==

No software is perfect, and from time to time there may be security vulnerabilities found in your Bitcoin client as well.
Be sure you keep your client updated with the latest bug fixes, especially when a new vulnerability is discovered.
We maintain a [[CVEs|list a known vulnerabilities]] on this wiki - you can watch that page to get updates.
Note that you ''don't'' need to be running the latest major client version: some clients, including the popular Bitcoin-Qt, have older versions available with bugfix-only updates.

==Securing the Bitcoin-QT or bitcoind wallet==

Bitcoin transactions send Bitcoins to a specific public key. A Bitcoin address is an encoded hash of a public key. In order to use received Bitcoins, you need to have the private key matching the public key you received with. This is sort of like a super long password associated with an account (the account is the public key). Your Bitcoin wallet contains all of the private keys necessary for spending your received transactions. If you delete your wallet without a backup, then you no longer have the authorization information necessary to claim your coins, and the coins associated with those keys are lost forever.

The wallet contains a pool of queued keys. By default there are 100 keys in the [[key pool]]. The size of the pool is configurable using the "-keypool" command line argument. When you need an address for whatever reason (send, “new address”, generation, etc.), the key is not actually generated freshly, but taken from this pool. A brand new address is generated to fill the pool back to 100. So when a backup is first created, it has all of your old keys plus 100 unused keys. After sending a transaction, it has 99 unused keys. After a total of 100 new-key actions, you will start using keys that are not in your backup. Since the backup does not have the private keys necessary for authorizing spends of these coins, restoring from the old backup will cause you to lose Bitcoins.

Creating a new address generates a new pair of public and private keys, which are added to your wallet. Each keypair is mostly random numbers, so they cannot be known prior to generation. If you backup your wallet and then create more than 100 new addresses, the keypair associated with the newest addresses will not be in the old wallet because the new keypairs are only known after creating them. Any coins received at these addresses will be lost if you restore from the backup.

The situation is made somewhat more confusing because the receiving addresses shown in the UI are not the only keys in your wallet. Each Bitcoin generation is given a new public key, and, more importantly, each sent transaction also sends some number of Bitcoins back to yourself at a new key. When sending Bitcoins to anyone, you generate a new keypair for yourself and simultaneously send Bitcoins to your new public key and the actual recipient's public key. This is an anonymity feature – it makes tracking Bitcoin transactions much more difficult.

So if you create a backup, do more than 100 things that cause a new key to be used, and then restore from the backup, some Bitcoins will be lost. Bitcoin has not deleted any keys (keys are never deleted) – it has created a new key that is not in your old backup and then sent Bitcoins to it.

== Making a new wallet ==

If a wallet or an encrypted wallet's password has been compromised, it is wise to create a new wallet and transfer the full balance of bitcoins to addresses contained only in the newly created wallet. Examples of ways a wallet may be compromised are through password re-use, minimal strength passwords, computer hack or virus attack.

There are a number of ways to create a new wallet with Bitcoin-QT or bitcoind but this is a process that has been tested with bitcoind 0.6.3. We use the copy command to minimize the chance of any data loss but you are warned to make backups of any wallet.dat that holds a balance for you.

:1. Shut down the Bitcoin program.
:2. Find and make a backup of the "compromised" wallet.dat file and rename it, perhaps adding a short description:
:::wallet.dat -> wallet-compromised.dat
:Depending on your OS, the wallet file will be located at:
:::Windows: %APPDATA%\Bitcoin\
:::Linux: ~/.bitcoin/
:::Mac: ~/Library/Application Support/Bitcoin/
:3. Start the Bitcoin program and it will create a new wallet.dat. You may then encrypt the wallet as desired and make a new backup.
:4. Once you've made a new wallet, you can obtain one or more addresses and copy them into a text editor. After obtaining the new address(es), shut down the Bitcoin program, make a backup of the new wallet.dat file and copy it to a new file named wallet-new.dat.
:5. Copy the wallet-compromised.dat file back to wallet.dat, start the Bitcoin program and transfer your balance to the new address(es) you put in your text editor. Once the balance is back to 0 for your compromised wallet, you may want to wait a couple minutes or for a confirmation or check block explorer to be sure the transactions have been broadcasted. Then you may shut down the Bitcoin program.
:6. Rename wallet.dat to wallet-compromised.dat.
:7. Rename wallet-new.dat to wallet.dat.

You should now have a new wallet with all the bitcoins from the old wallet.

==Making a secure workspace==

If you are using your computer to handle bitcoins, a wallet, Bitcoin-related passwords, or Bitcoin private keys, you must take care that the system is free of malware, viruses, keyloggers, remote access tools, and other tools that may be used to make remote copies of any of the above. In the case that your computer is compromised, the precautions taken below may provide additional protection.

===Debian-based Linux===

The first step is to make a [http://www.howtogeek.com/howto/ubuntu/add-a-user-on-ubuntu-server/ new user]. In order for that new user to have an encrypted home directory, you'll first need the encryption utility. Run:

<code>sudo apt-get install ecryptfs-utils</code>

Now you're ready to create a new user

<code>sudo adduser --encrypt-home new_user_name</code>

You'll need to come up with a [[#Choosing_A_Strong_Password|secure]] new password for that user.

When you get to the prompt 'Enter the new value, or press ENTER for the default', just keep hitting ENTER.

Then switch user to the new user. To get to the new user you can use the switch user icon for your system, which on Ubuntu is in the 'System/Quit' screen, or if there is no switch icon on your system you can log out and log back in as the new user.

Since the home folder of this user is encrypted, if you're not logged in as that user, data that is saved there can't be browsed, even by a root user. If something goes wrong with your system, and you need to decrypt the new user's files, you'll need its decryption key.

<code>ecryptfs-unwrap-passphrase</code>

It will ask you for your user's password and give you the decryption key. '''WRITE DOWN OR SAVE THE CODE IT RETURNS''' because you will need it if you ever have to pull your data off while the OS is not working. (You can run it again later if you need to, but run it now so that you can get your data if your Linux install gets botched.)

The encrypted folder data is not encrypted while it's in memory, and so if it's ever sent to the swap partition it can be stolen from there unless that too is encrypted - be aware that this will mean you cannot use Hibernate anymore, as the bootloader won't be able to restore the hibernation data.

<code>ecryptfs-setup-swap</code>

Then click on a folder in the new user to display the file browser, then keep going up folders until you see the new user home directory, then right click to bring up the Properties dialog, then click on the Permissions tab, then in the Others section, set the folder access to None.

For secure browsing, open Firefox, and then go into the Edit menu and click Preferences. Starting from the left, click on the General tab, and in the 'Startup/When Firefox starts' pop up menu, choose 'Show a Blank Page'. Then click on the Content tab, and deselect 'Load images automatically' and deselect 'Enable JavaScript'. Then click on the Privacy tab, and in the 'History/Firefox will' pop up menu, choose 'Never remember history'. Then click on the Security tab, and in the Passwords section, deselect 'Remember passwords for sites' and deselect 'Use a master password'. Then click on the Advanced tab, then click on the Update tab, and then in the 'Automatically check for updates to' section, deselect 'Add-ons' and 'Search Engines'.

When JavaScript is disabled, the [http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.23/bitcoin-0.3.23-linux.tar.gz/download Linux download page] will not download automatically, so you'll have to click on the 'direct link' part of the "Problems with the download? Please use this 'direct link' or try another mirror." line.

===Mac===
This solution '''does not scale'''; the amount of needed space can grow beyond the image size.

===Windows===

Due to the frequency with which Windows computers are compromised, it is advised to encrypt your wallet or to keep your wallet on an encrypted disk image created by third-party software, such as [http://www.truecrypt.org/ TrueCrypt] (open source) or [http://www.jetico.com/encryption-bestcrypt/ Jetico BestCrypt] (commercial). This also applies to the storage of passwords, private keys and other data that can be used to access any of your Bitcoin balances.

Assuming that you have installed the Windows Bitcoin client and run it at least once, the process is described below.

To mount the Bitcoin data directory on an encrypted drive
<ol start=1 type=1>
<li>Use the third-party disk image encryption program of your choice to create and mount an encrypted disk image of at least 5GB in size. This procedure stores the entire block chain database with the wallet.dat file so the required size of the encrypted disk image required may grow in the future.</li>
<li>Locate the Bitcoin data directory, and copy the directory with all contents to the encrypted drive.
For help finding this directory, see [[Securing_your_wallet#Locating_Bitcoin_s_data_directory|Locating Bitcoin's Data Directory]].</li>
<li>Create a Windows shortcut that starts Bitcoin with the <code>-datadir</code> parameter and specifies the encrypted drive and directory.
For example, if you installed Bitcoin in the default directory, mounted your Bitcoin encrypted drive as <code>E:\</code>, and stored your Bitcoin data directory on it as <code>Bitcoin</code>, you would type the following command as the shortcut Target:
<blockquote><code>C:\Program Files\Bitcoin\bitcoin.exe -datadir=E:\Bitcoin</code></blockquote></li>
<li>Open Bitcoin's settings and configure it NOT to start automatically when you start Windows.
This is to allow you to mount the Bitcoin encrypted disk image before starting Bitcoin.</li>
<li>Shut down Bitcoin, and then restart it from the new shortcut.</li>
</ol>

After doing this, any time you want to use Bitcoin, you must first mount the Bitcoin encrypted disk image using the same drive designation, and then run Bitcoin from the shortcut that you created, so that it can find its data and your wallet.

=== General Solutions ===

Your wallet.dat file is not encrypted by the Bitcoin program by default but the most current release of the Bitcoin client provides a method to encrypt with a passphrase the private keys stored in the wallet. Anyone who can access an unencrypted wallet can easily steal all of your coins. Use one of these encryption programs if there is any chance someone might gain access to your wallet.
* [http://www.7-zip.org/ 7-zip] - Supports strongly-encrypted archives.
* [http://www.axantum.com/axcrypt/ AxCrypt by Axantum]
* [http://lrzip.kolivas.org lrzip] - Compression software for Linux and OSX that supports very high grade password protected encryption
* [http://www.truecrypt.org/ TrueCrypt] - Volume-based on-the-fly encryption (for advanced users)

There is also a list of [[OpenSourceEncryptionSoftware|open source encryption software.]]

Decrypting and encrypting the wallet.dat every time you start or quit the Bitcoin client can be ''tedious'' (and outright error-prone). If you want to keep your wallet encrypted (except while you're actually running the Bitcoin client), it's better to relegate the automation to a [http://lorelei.kaverit.org/bitcoin.sh small shell script] that handles the en/decryption and starting up Bitcoin client for you (Linux and OSX).

There is also a method to print out and encrypt your wallet.dat as a special, scannable code. See details here: [[WalletPaperbackup]]

==== Password Strength ====
Brute-force password cracking has come a long way. A password including capitals, numbers, and special characters with a length of 8 characters can be trivially solved now (using appropriate hardware). The recommended length is '''at least''' 12 characters long. You can also use a multi-word password and there are techniques to increase the strength of your passwords without sacrificing usability. [http://www.baekdal.com/tips/password-security-usability The Usability of Passwords]

However, simply using dictionary words is also insecure as it opens you up to a dictionary attack. If you use dictionary words, be sure to include random symbols and numbers in the mix as well.

If you use keyfiles in addition to a password, it is unlikely that your encrypted file can ever be cracked using brute-force methods, even when even a 12 character password might be too short.

Assume that any encrypted files you store online (eg. Gmail, Dropbox) will be stored somewhere forever and can never be erased.

===== Choosing A Strong Password =====
Make sure you pick at least one character in each group: 

Lowercase: abcdefghijklmnopqrstuvwxyz
Uppercase: ABCDEFGHIJKLMNOPQRSTUVWXYZ
Number: 1234567890
Symbol: `~!@#$%^&*()-_=+\|[{]};:'",<.>/? (space)

<9 char = unsuitable for use
09 char = insecure
10 char = low security
11 char = medium security
12 char = good security (good enough for your wallet)
13 char = very good, enough for anything.

You might want to read [http://security.stackexchange.com/questions/662/what-is-your-way-to-create-good-passwords-that-can-actually-be-remembered What is your way to create good passwords that can actually be remembered?] and [http://security.stackexchange.com/questions/6095/xkcd-936-short-complex-password-or-long-dictionary-passphrase XKCD #936: Short complex password, or long dictionary passphrase?]

== Backing up your wallet ==
See [[Backingup_your_wallet|Backing up your wallet]].

==Erasing Plain-text Wallets==

In most operating systems, including Windows, Linux, and Mac OS X, simply deleting a wallet.dat file will ''not'' generally destroy it. It is likely that advanced tools can still be used to recover the wallet.dat file, even after it has been deleted.

The Linux '''shred''' command can be used to overwrite the wallet file with random data prior to deleting; this particular copy of the file will then be practically impossible to recover. Using shred (and similar tools on Windows) however does not guarantee that still other copies don't exist somewhere hidden on your HD. That will depend on your system configuration and what packages you have installed. Some system restore and backup tools, for instance, create periodic snapshots of your filesystem, duplicating your wallet.dat.

In Mac OS, the equivalent of '''shred''' is '''srm''' (introduced in Leopard). Using the Finder to remove files, clicking "Secure Empty Trash" in the Finder menu will shred the contents of the trash can. As with any OS this doesn't guarantee that there are not other copies elsewhere on your system.

For Windows, the built-in command ''cipher /W'' will shred all previously-deleted files. [http://www.cylog.org/utilities/cybershredder.jsp CyberShredder] can securely deleted individual files.

==Online and Mobile Wallets==

Thus far, this article has been discussing the security of a wallet file for Bitcoin-QT or bitcoind that is under your sole control. Additional wallets applications and services have become available that offer other features and more convenience but not without introducing additional risk. When storing bitcoins with an [[eWallet]] such as Instawallet or Easywallet, you are essentially storing your private keys or wallet with that provider.

Online wallets have a number of pros and cons to consider. For example, you can access your wallet on any computer in the world, but depending on the service, your bitcoins may be lost if the service is compromised.

Mobile wallet applications are available for Android devices that allow you to send bitcoins by QR code or NFC, but this opens up the possibility of loss if mobile device is compromised. It may be possible to encrypt and backup the wallet or private keys on a mobile device but it is not advisable to store a large amount of bitcoins there without doing your own research and testing.

==See Also==

* [[Data directory]]
* [[How to import private keys]]
* [http://startbitcoin.com/how-to-create-a-secure-bitcoin-wallet/ Secure Bitcoin Wallet Tutorial]
* [[How to set up a secure offline savings wallet]]
* [http://arimaa.com/bitcoin/ Bitcoin Gateway - A Peer-to-peer Bitcoin Vault and Payment Network]
* [http://blog.cyplo.net/2012/04/01/bitcoin-wallet-recovery-photorec/ Find lost wallet eg. after disk format, using Photorec]

[[Category:Security]]

[[de:Sichere deine Geldbörse]]
[[ru:Bitcoin и безопасность]]
[[es:Cómo asegurar su monedero]]
[[zh-cn:保护你的钱包]]

BitcoinPaperWallet

2014-01-22T14:40:51Z

Canton: /* Designs */

[https://bitcoinpaperwallet.com BitcoinPaperWallet.com] is an open-source paper wallet generator based on the [[BitAddress]] generator. It runs on any modern web browser and relies on JavaScript for all cryptographic functionality.

== Secure usage ==

* The easiest way to use this generator is [https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-wallet.html directly from the website] -- however this is also the least secure method.
* A more secure process is to download the [https://github.com/cantonbecker/bitcoinpaperwallet generator from GitHub] so that it can be run as a "local" webpage using a secure offline computer. No Internet connection is required to generate new paper wallets and Bitcoin addresses.
* For the highest level of security, install the BitcoinPaperWallet generator onto an absolutely clean (virus-free, no unnecessary applications installed) "Live CD" or bootable USB thumbdrive. Ubuntu LiveCDs with the BitcoinPaperWallet generator pre-installed are available from [https://bitcoinpaperwallet.com https://bitcoinpaperwallet.com].

== Differences from BitAddress ==

While BitAddress is capable of generating "brain wallets", pool-generated vanity wallets, and bulk wallets, BitcoinPaperWallet has been simplified such that its only function is to produce paper wallets. Additionally:

* Paper wallets printed using BitcoinPaperWallet feature a tri-fold design that is sealed shut so as to hide the wallet's private key and QR code from view.
* The reverse side of the design includes instructions for general use as well as a ledger for writing down deposits or other notes.
* The overall design includes a number of features to discourage casual tampering efforts that might otherwise reveal the private key without notice.
* The generator includes an option for printing a paper wallet by pasting in a self-generated private key or vanity address, bypassing the random address generator altogether.

[[Image:BitcoinPaperWallet-sample.jpg]]

== Similarities to BitAddress ==

BitcoinPaperWallet is a GitHub "fork" of BidAddress and uses verifiably identical cryptographic functions and methods. Similarly:

* The generator works entirely from within a web browser.
* Addresses are never transmitted over the Internet, and no Internet connection is required for the generator to work.
* The full source code can be examined via "view source" in web browser.
* Cryptographic work, random number generation, and random data seeding ("gathering entropy") is accomplished using JavaScript.
* The generator can be run offline by [https://github.com/cantonbecker/bitcoinpaperwallet downloading a ZIP archive] of the HTML from GitHub.

== Designs ==

The BitcoinPaperWallet design is available in 12 different languages. Designs for special occasions are also available, for example these designs for the Christmas holiday or for giving money in red envelopes (e.g. for Chinese New Year.)

[[Image:Bitcoinpaperwallet-xmas-sample.jpg]]

[[Image:Bitcoinpaperwallet-chinese-new-year.jpeg‎‎]]

File:Bitcoinpaperwallet-xmas-sample.jpg

2014-01-22T14:38:56Z

Canton: Example of paper wallet from bitcoinpaperwallet.com using alternative holiday design.

== Summary ==
Example of paper wallet from bitcoinpaperwallet.com using alternative holiday design.
== Licensing ==
{{self|GFDL|cc-by-sa-all|migration=redundant}}

BitcoinPaperWallet

2014-01-22T14:37:07Z

Canton: /* Similarities to BitAddress */

[https://bitcoinpaperwallet.com BitcoinPaperWallet.com] is an open-source paper wallet generator based on the [[BitAddress]] generator. It runs on any modern web browser and relies on JavaScript for all cryptographic functionality.

== Secure usage ==

* The easiest way to use this generator is [https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-wallet.html directly from the website] -- however this is also the least secure method.
* A more secure process is to download the [https://github.com/cantonbecker/bitcoinpaperwallet generator from GitHub] so that it can be run as a "local" webpage using a secure offline computer. No Internet connection is required to generate new paper wallets and Bitcoin addresses.
* For the highest level of security, install the BitcoinPaperWallet generator onto an absolutely clean (virus-free, no unnecessary applications installed) "Live CD" or bootable USB thumbdrive. Ubuntu LiveCDs with the BitcoinPaperWallet generator pre-installed are available from [https://bitcoinpaperwallet.com https://bitcoinpaperwallet.com].

== Differences from BitAddress ==

While BitAddress is capable of generating "brain wallets", pool-generated vanity wallets, and bulk wallets, BitcoinPaperWallet has been simplified such that its only function is to produce paper wallets. Additionally:

* Paper wallets printed using BitcoinPaperWallet feature a tri-fold design that is sealed shut so as to hide the wallet's private key and QR code from view.
* The reverse side of the design includes instructions for general use as well as a ledger for writing down deposits or other notes.
* The overall design includes a number of features to discourage casual tampering efforts that might otherwise reveal the private key without notice.
* The generator includes an option for printing a paper wallet by pasting in a self-generated private key or vanity address, bypassing the random address generator altogether.

[[Image:BitcoinPaperWallet-sample.jpg]]

== Similarities to BitAddress ==

BitcoinPaperWallet is a GitHub "fork" of BidAddress and uses verifiably identical cryptographic functions and methods. Similarly:

* The generator works entirely from within a web browser.
* Addresses are never transmitted over the Internet, and no Internet connection is required for the generator to work.
* The full source code can be examined via "view source" in web browser.
* Cryptographic work, random number generation, and random data seeding ("gathering entropy") is accomplished using JavaScript.
* The generator can be run offline by [https://github.com/cantonbecker/bitcoinpaperwallet downloading a ZIP archive] of the HTML from GitHub.

== Designs ==

The BitcoinPaperWallet design is available in 12 different languages. Designs for special occasions are also available, for example this design for giving money in red envelopes (e.g. for Chinese New Year.)

[[Image:Bitcoinpaperwallet-chinese-new-year.jpeg‎‎]]

BitcoinPaperWallet

2014-01-22T14:33:50Z

Canton: /* Differences from BitAddress */

[https://bitcoinpaperwallet.com BitcoinPaperWallet.com] is an open-source paper wallet generator based on the [[BitAddress]] generator. It runs on any modern web browser and relies on JavaScript for all cryptographic functionality.

== Secure usage ==

* The easiest way to use this generator is [https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-wallet.html directly from the website] -- however this is also the least secure method.
* A more secure process is to download the [https://github.com/cantonbecker/bitcoinpaperwallet generator from GitHub] so that it can be run as a "local" webpage using a secure offline computer. No Internet connection is required to generate new paper wallets and Bitcoin addresses.
* For the highest level of security, install the BitcoinPaperWallet generator onto an absolutely clean (virus-free, no unnecessary applications installed) "Live CD" or bootable USB thumbdrive. Ubuntu LiveCDs with the BitcoinPaperWallet generator pre-installed are available from [https://bitcoinpaperwallet.com https://bitcoinpaperwallet.com].

== Differences from BitAddress ==

While BitAddress is capable of generating "brain wallets", pool-generated vanity wallets, and bulk wallets, BitcoinPaperWallet has been simplified such that its only function is to produce paper wallets. Additionally:

* Paper wallets printed using BitcoinPaperWallet feature a tri-fold design that is sealed shut so as to hide the wallet's private key and QR code from view.
* The reverse side of the design includes instructions for general use as well as a ledger for writing down deposits or other notes.
* The overall design includes a number of features to discourage casual tampering efforts that might otherwise reveal the private key without notice.
* The generator includes an option for printing a paper wallet by pasting in a self-generated private key or vanity address, bypassing the random address generator altogether.

[[Image:BitcoinPaperWallet-sample.jpg]]

== Similarities to BitAddress ==

BitcoinPaperWallet is a GitHub "fork" of BidAddress and uses identical cryptography functions and methods. Similarly:

* The generator works entirely from within a web browser.
* Addresses are never transmitted over the Internet
* The full source code can be examined via "view source" in web browser.
* Cryptographic work is done using the the browser's built-in JavaScript crypto API along with open-source JavaScript libraries
* The generator can be run offline by [https://github.com/cantonbecker/bitcoinpaperwallet downloading a ZIP archive] of the HTML from GitHub.

== Designs ==

The BitcoinPaperWallet design is available in 12 different languages. Designs for special occasions are also available, for example this design for giving money in red envelopes (e.g. for Chinese New Year.)

[[Image:Bitcoinpaperwallet-chinese-new-year.jpeg‎‎]]

BitcoinPaperWallet

2014-01-22T14:32:17Z

Canton: /* Secure usage */

[https://bitcoinpaperwallet.com BitcoinPaperWallet.com] is an open-source paper wallet generator based on the [[BitAddress]] generator. It runs on any modern web browser and relies on JavaScript for all cryptographic functionality.

== Secure usage ==

* The easiest way to use this generator is [https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-wallet.html directly from the website] -- however this is also the least secure method.
* A more secure process is to download the [https://github.com/cantonbecker/bitcoinpaperwallet generator from GitHub] so that it can be run as a "local" webpage using a secure offline computer. No Internet connection is required to generate new paper wallets and Bitcoin addresses.
* For the highest level of security, install the BitcoinPaperWallet generator onto an absolutely clean (virus-free, no unnecessary applications installed) "Live CD" or bootable USB thumbdrive. Ubuntu LiveCDs with the BitcoinPaperWallet generator pre-installed are available from [https://bitcoinpaperwallet.com https://bitcoinpaperwallet.com].

== Differences from BitAddress ==

While BitAddress is capable of generating "brain wallets", pool-generated vanity wallets, and bulk wallets, BitcoinPaperWallet has been simplified such that its only function is to produce paper wallets. Additionally:

* Paper wallets printed using BitcoinPaperWallet feature a tri-fold design that is sealed shut so as to hide the wallet's private key and QR code from view.
* The reverse side of the design includes instructions for general use as well as a ledger for writing down deposits or other notes.
* The overall design includes a number of features to discourage casual tampering efforts that might otherwise reveal the private key without notice.
* The generator includes an option for printing a paper wallet by pasting in a self-generated private key or vanity address, bypassing the random address generator altogether

[[Image:BitcoinPaperWallet-sample.jpg]]

== Similarities to BitAddress ==

BitcoinPaperWallet is a GitHub "fork" of BidAddress and uses identical cryptography functions and methods. Similarly:

* The generator works entirely from within a web browser.
* Addresses are never transmitted over the Internet
* The full source code can be examined via "view source" in web browser.
* Cryptographic work is done using the the browser's built-in JavaScript crypto API along with open-source JavaScript libraries
* The generator can be run offline by [https://github.com/cantonbecker/bitcoinpaperwallet downloading a ZIP archive] of the HTML from GitHub.

== Designs ==

The BitcoinPaperWallet design is available in 12 different languages. Designs for special occasions are also available, for example this design for giving money in red envelopes (e.g. for Chinese New Year.)

[[Image:Bitcoinpaperwallet-chinese-new-year.jpeg‎‎]]

BitcoinPaperWallet

2014-01-22T13:24:02Z

Canton:

[https://bitcoinpaperwallet.com BitcoinPaperWallet.com] is an open-source paper wallet generator based on the [[BitAddress]] generator. It runs on any modern web browser and relies on JavaScript for all cryptographic functionality.

== Secure usage ==

* The easiest way to use this generator is directly from the website at [https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-wallet.html] -- however this is also the least secure method.
* A more secure process is to download the generator from GitHub at [https://github.com/cantonbecker/bitcoinpaperwallet] so that it can be run as a "local" webpage using a secure offline computer. No Internet connection is required to generate new paper wallets and Bitcoin addresses.
* For the highest level of security, install the BitcoinPaperWallet generator onto an absolutely clean (virus-free, no extra applications) "Live CD" or bootable USB thumbdrive. Ubuntu LiveCDs with the BitcoinPaperWallet generator pre-installed are available from [https://bitcoinpaperwallet.com].

== Differences from BitAddress ==

While BitAddress is capable of generating "brain wallets", pool-generated vanity wallets, and bulk wallets, BitcoinPaperWallet has been simplified such that its only function is to produce paper wallets. Additionally:

* Paper wallets printed using BitcoinPaperWallet feature a tri-fold design that is sealed shut so as to hide the wallet's private key and QR code from view.
* The reverse side of the design includes instructions for general use as well as a ledger for writing down deposits or other notes.
* The overall design includes a number of features to discourage casual tampering efforts that might otherwise reveal the private key without notice.
* The generator includes an option for printing a paper wallet by pasting in a self-generated private key or vanity address, bypassing the random address generator altogether

[[Image:BitcoinPaperWallet-sample.jpg]]

== Similarities to BitAddress ==

BitcoinPaperWallet is a GitHub "fork" of BidAddress and uses identical cryptography functions and methods. Similarly:

* The generator works entirely from within a web browser.
* Addresses are never transmitted over the Internet
* The full source code can be examined via "view source" in web browser.
* Cryptographic work is done using the the browser's built-in JavaScript crypto API along with open-source JavaScript libraries
* The generator can be run offline by [https://github.com/cantonbecker/bitcoinpaperwallet downloading a ZIP archive] of the HTML from GitHub.

== Designs ==

The BitcoinPaperWallet design is available in 12 different languages. Designs for special occasions are also available, for example this design for giving money in red envelopes (e.g. for Chinese New Year.)

[[Image:Bitcoinpaperwallet-chinese-new-year.jpeg‎‎]]

File:Bitcoinpaperwallet-chinese-new-year.jpeg

2014-01-22T13:11:11Z

Canton: Variation of the bitcoinpaperwallet.com design

== Summary ==
Variation of the bitcoinpaperwallet.com design
== Licensing ==
{{self|GFDL|cc-by-sa-all|migration=redundant}}

Talk:Paper Wallet (Single Key)

2014-01-20T22:51:15Z

Canton: Oops sigs.

Talk:Paper Wallet (Single Key)

2014-01-20T16:27:20Z

Canton: Started a talk page since the last set of edits included an inappropriate amount of promotional links to offlineaddress.com

Paper wallet

2014-01-20T16:19:33Z

Canton: Alphabetized paper wallet resources and images (preempt self-promotion edit war.) Removed links from general terms to offlineaddress.com and removed recommendation to use live websites. *SEE DISCUSSION*

A '''paper wallet''' is a mechanism for storing bitcoins offline as a physical document that can be secured like cash or anything else of real-world value. Paper wallets are generally created by printing a brand new public address and private key onto paper, and then sending bitcoins from a "live" wallet to the printed wallet's public address for safekeeping. If good security practices are followed, paper wallets are one of the safest ways to to store Bitcoins.

__TOC__

==Producing safe paper wallets==

[[File:BitcoinPaperWallet-sample.jpg|thumb|right|300px|Paper wallet with private key secured beneath folds [[BitcoinPaperWallet|BitcoinPaperWallet.com]] ]]
[[File:PaperWallets-offlineaddress-com.png|200px|thumb|right|Paper wallets from [[OfflineAddress|OfflineAddress.com]] ]]
A Bitcoin [[private key]] can be represented in several formats. For paper wallets typically used format is Wallet Import Format (WIF), since keys represented that way are very short (51 characters) and thus easy to re-enter when importing or "sweeping" the wallet for withdrawal.

Several tools exist for producing paper wallets, including [[BitAddress|BitAddress.org]], [[Bitcoin Address Utility]], [[BitcoinPaperWallet|BitcoinPaperWallet.com]], [[OfflineAddress|OfflineAddress.com]], [[SafePaperWallet|SafePaperWallet.com]], and [[vanitygen]].

Care must be taken to securely generate paper wallets since an attacker can steal the present ''and future'' balance of a paper wallet if the private key is exposed, transmitted, or generated with insufficient entropy.

Some services feature a free open-source client-side paper wallet generators written in JavaScript, which can be used offline. Using these generators is relatively safe when the source code hash can be checked against the author's signature. It's advisable to use those services from a [https://en.wikipedia.org/wiki/Live_CD live bootable CD], to ensure that private keys are not compromised by spyware.

'''Recommendations:'''
* Paper wallets should be produced on a computer not connected to the Internet.
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your paper wallet. Also consider that antivirus software cannot completely rule out the possibility of malware. However, booting from a [https://en.wikipedia.org/wiki/Live_CD live disc] prevents malware from running.
* The private keys of paper wallets should never be saved to a computer hard drive. You should also never scan your paper wallet into your computer or type the private keys or save them in e-mail, except at the moment you are redeeming the balance.
* If possible, the private key of a paper wallet should be kept hidden, for example by using BIP38 encryption, or by folding the paper to hide the private key so that a photograph or photocopy of the wallet will not reveal or replicate the private key.
* A web-based paper wallet generator should be written such that that all of the generation happens on your computer, not the web server. Ideally, the HTML/JavaScript for the web generator should be downloaded to your computer, verified, and then run "locally" from an offline computer. Running a paper wallet generator directly from a live website is not recommended unless you can verify that the code has not been tampered with by computing the hash and comparing it with a signed hash by the author.
* A paper wallet generator should use an appropriate source of random numbers (entropy). This means that the generated addresses aren't predictable. If the addresses come from a predictable or partially-predictable patterns like pseudorandom numbers <ref>[https://en.wikipedia.org/wiki/Pseudorandomness#Cryptography Pseudorandomness] '' is not enough for strong cryptography''</ref>, someone else who can predict the pattern can steal the balance. Ideally, randomness should to be human provided (i.e. using dice rolling or random mouse movements or key strokes.) When using a web-based generator it's important to ensure that both the web browser and the JavaScript code are taking advantage of the strongest cryptographic routines available.<ref>[http://www.w3.org/TR/WebCryptoAPI/ w3.org] ''WebCryptoAPI''</ref>

===Operating System Cache Security===

The problem with printing out secure documents—even if your computer is 100% virus/trojan free—is that your printer driver and/or operating system may be keeping copies of the documents you print in a "spool" or print queue. If a hacker or virus gets into your computer and knows to look for these cache files, then they can get your private keys and sweep your paper wallets. Precautions to mitigate this type of attack include:

* Enabling encryption of your entire filesystem so that cache files cannot be 'undeleted'.

* Setting up a symbolic link from your OS spool directory (e.g. /private/var/spool/cups/cache/ on OS X) to a removable media volume (e.g. a SD card) and disconnecting it when not in use.

* Using a live-boot CD instead of a regular hard drive OS install. This way when you reboot your computer, all cache files are deleted from memory and no jobs are ever written to disk.<ref>[https://bitcoinpaperwallet.com/#security BitcoinPaperWallet.com] ''Security Tips''</ref>

===Printer Security===

Some advanced printers have internal storage (even hard drives) that preserve copies of printouts. This is a risk if someone gets access to your printer, or if you dispose of your printer. There is also the possibility that a smart enough printer can be hacked. (Consider [http://en.wikipedia.org/wiki/Stuxnet StuxNet] which was able to rewrite the firmware of non-computer devices indirectly connected to the Internet) If this concerns you, use a "dumb" printer, and never let your printer have access to the Internet or to an Internet-connected computer.

==Redeeming Keys and Withdrawing Funds==

Paper wallets are very different from "live" wallets such as the Bitcoin-QT client in that it is not possible to transfer (withdraw) a ''portion'' of a paper wallet's bitcoin balance. The only way to withdraw funds from a paper wallet is to import or "sweep" the ''entire'' balance of the paper wallet to a new address, typically a live wallet or online exchange. Once the transfer has been confirmed, ''the paper wallet should no longer be used''.<ref>[http://www.reddit.com/r/Bitcoin/comments/1c9xr7/psa_using_paper_wallets_understanding_change/ reddit.com] ''Using Paper Wallets and Understanding Change''</ref>

There are various methods for copying the private key data from a paper wallet to other wallets.
bitcoind supports an "importprivkey" RPC method for this purpose.
Bitcoin-Qt's debug console can also be used in a similar way (see also [[how to import private keys v7+]]).
[[BlockChain.info]] and [[Armory]] can also import them directly into wallets.
[[MtGox|Mt. Gox]] provides the ability to Add Funds using a private key:
the exchange will then create a "sweep" transaction that spends any amount for that paper wallet address so that the amount is added to your account with them; it will also sweep to your account any bitcoins received to that address in the future as well.

==References==
<references />

==See Also==

* [[Private key]]

* [[Securing_your_wallet#Paper_Wallets]]

* [[How to import private keys]]

* [https://blockchain.info/wallet/paper-tutorial Blockchain.info tutorial] on how to generate a paper wallet.

[[Category:Security]]

[[es:Monedero de papel]]

How to set up a secure offline savings wallet

2013-10-10T16:17:32Z

Canton: Added new section "alternatives" to reference paper wallets and pros/cons.

== Why set up an offline savings wallet? ==

Modern operating systems are getting more and more complex. The flip side of all this complexity is that they generally have a large [http://en.wikipedia.org/wiki/Attack_surface attack surface] and constantly leak information without the user’s knowledge or consent. No matter how many precautions you take, your [[wallet]]s will never be 100% safe on a computer that is connected to the internet.

Because bitcoins are stored directly on your computer and because they are real money, the motivation for sophisticated and targeted attacks against your system is higher than in the pre-bitcoin era, when only large organizations normally had to worry about such attacks.

This guide will instruct you on how to create an offline wallet, a wallet that never even touches the internet in its plaintext form. Another term for this is [[cold storage]]. This security measure is also referred to as being an air gap. For all practical purposes, this wallet is safe from all online threats, such as viruses and hackers. It is however still exposed to offline threats, such as [http://en.wikipedia.org/wiki/Hardware_keylogger hardware keyloggers], extortion, or people looking over your shoulder. A best practice is to keep the majority of your bitcoins in the offline wallet and only to use the online wallet for everyday expenses/earnings.

The below procedure may seem tedious, but remember that security almost always comes at the cost of convenience. When you deposit money at a bank, you let them worry about security. Bitcoins, however, are stored on '''your''' computer and that means '''you''' are fully responsible for securing them. The bitcoin ecosystem is still very young and unfortunately no user friendly tools for creating highly secure wallets have been developed yet (though some members of the Bitcoin community are [http://forum.bitcoin.org/?topic=7357.0 working hard at this]).

== How to deposit funds ==

# Set up a [http://www.wuala.com/en/bitcoin Wuala] account, or other cloud backup service of your choice.
# Create a strong and unique password offline (manually). This password should be at least 20 characters long; it should contain numbers, upper and lower case letters, and symbols. It should be as random as possible, ie it should look something like this: Zr%8qL03&cvwS9@05AatdP71. Never use this password elsewhere.
# '''Do not forget this password'''. Recite it several times a day. It is easy to overestimate your ability to remember a password several months in the future. To be on the safe side, write it down and store the piece of paper in a safety deposit box.
# Download [http://www.bitcoin.org/ Bitcoin Linux binary] and save it on a USB drive.
# Shut down your computer, and boot [http://www.ubuntu.com/ Ubuntu] (or Linux distribution of you choice) from a [http://www.ubuntu.com/download/ubuntu/download liveCD]. This will not affect your current operating system.
# '''Disconnect machine from the internet'''. Unplug any network cables and disable wireless. Verify that wireless is disabled in the icon on the upper right corner (Ubuntu). Double check that machine is disconnected by opening the web browser.
# Run bitcoin while disconnected to the internet. The client will show 0 connections and 0 blocks, but it will still generate a wallet.dat file and a bitcoin address.
# Encrypt your wallet using the strong and unique password from step 2 above. (Bitcoin Client > Settings > Encrypt wallet)
# Copy wallet.dat (found in hidden folder .bitcoin in your home directory) to USB drive.
# Save bitcoin address to a text file and copy it to USB drive.
# Shut down system and turn off computer. Before switching your computer on again, remove all power sources for about 1 minute. Physically remove battery from laptop.
# Backup encrypted wallet.dat file in several places:
#*Send it to your 5 best friends by email attachment and ask them to save it for you.
#*Save it on your Wuala account created in step 1.
#*Save it on several USB drives and CDs and store them in different geographic locations.
#Send bitcoins to the address saved on the USB drive. Double check in the [[Bitcoin Block Explorer|block explorer]] that they have been sent.

==How to retrieve funds ==

#Boot from Ubuntu liveCD, as in step 5 above.
#Insert USB drive.
#Run bitcoin client and close it again.
#Replace wallet.dat in ~/.bitcoin directory with wallet.dat from USB drive.
#Connect to the internet.
#Restart bitcoin client.
#Wait for blocks to download (optional).
#Send bitcoins.

==Notes==

*This procedure is only secure if you perform steps 1-13 in this '''exact order'''.

*Perform one or two trial runs of the above procedure with a few bitcents, and make sure that you know how to successfully retrieve them, before making a bulk transfer.

*Every time you retrieve bitcoins from your savings wallet, create a fresh savings wallet by repeating the above procedure, and send all your remaining savings balance there.

*There is more than one way to do it. Similar procedures have been suggested on the forums [http://forum.bitcoin.org/index.php?topic=17240.0 here] and [http://forum.bitcoin.org/?topic=5194.0 here].

*Beware that even savings wallets have limited lifetimes. New, backwards incompatible versions of bitcoin might come out in future, [http://en.wikipedia.org/wiki/Advanced_Encryption_Standard AES] might be broken, [http://en.wikipedia.org/wiki/Bit_rot bit rot] might destroy your wallets, etc. Update to fresh savings wallets every couple of years, or as needed.

* See [[How to import private keys]] for an alternative way of retrieve your coins.

==Alternatives ==

[[Paper wallet|'''Paper wallets''']] can also be used to create offline bitcoin savings accounts. While paper wallets are much easier to generate, they are not generally encrypted which means you cannot guard against accidental loss by distributing copies to online services and friends. Instead, paper wallets must be kept safe like jewels or cash. Looking forward, support for [[BIP 0038|BIP-38]] encryption is growing fast and it is expected that paper wallet generators will soon include options for generating ''encrypted paper wallets'' that can be duplicated and widely distributed for safekeeping.

==See Also==

* [[Cold storage]]
* [http://codinginmysleep.com/bitcoin-cold-storage-in-plain-english Bitcoin Cold Storage In Plain English] by David Perry

[[Category:Instructional]]
[[Category:Security]]

Securing your wallet

2013-10-10T15:48:43Z

Canton: /* Paper Wallets */ Added bitcoinpaperwallet.com alongside bitaddress.org. Clarified language on online/offline safety. Improved instructions for running generators offline. Added CoinBase as option for importing/sweeping.

==Introduction==

Wallet security can be broken down into two independent goals:
# Protecting your wallet against loss.
# Protecting your wallet against theft.

In the case that your current wallet hasn't been protected adequately (e.g. put online with a weaker password):
# Making a new secure wallet, using appropriate long-term protection.

''For a brief overview see also: [[Wallet Security Dos and Don'ts (Windows)|Wallet Security Dos and Don'ts]]''

==Paper Wallets==
[[Paper wallet]]s are a fairly simple way to store your bitcoins independent of a computer. When generated securely and stored on paper, or other offline storage media, a paper wallet decreases the chances of your bitcoins being stolen by hackers, or computer viruses.

With each entry on a paper wallet, you are securing a sequence of secret numbers that is used to prove your right to spend the bitcoins assigned to one of your addresses. This secret number, called a [[private key]], is most commonly written as a sequence of fifty-one alphanumeric characters, beginning with a '5'.

One way you can create a paper wallet is by visiting the [[BitAddress|BitAddress.org]] or [[BitcoinPaperWallet|BitcoinPaperWallet.com]] websites. These websites feature a free client-side paper wallet generator written in JavaScript. The HTML for either of these generators can be downloaded from GitHub and used on an offline computer. Using either of these generators online by directly connecting to their websites is relatively safe for storing smaller amounts of bitcoin, but extra precautions should be taken to ensure that keys are not compromised by spyware that may be monitoring browser activity. Blockchain.info offers a [https://blockchain.info/wallet/paper-tutorial tutorial on how to generate a paper wallet] with an online component so you can check your balance easily.

To generate a safer paper wallet, first save the paper wallet generating code to a newly-formatted USB stick. Then "clean-boot" your computer with a bootable CD (such as a Linux Live CD) ''while disconnected from the Internet''. Disconnecting from the Internet guarantees that that the paper wallet generator is truly self-contained and isn't communicating with an online service. Then insert the USB stick and open the wallet generator's HTML file from the web browser. Print your paper wallets or store them on external media (do not save them on the computer), and then shut down the computer. You may need to load an appropriate printer driver in order to print while booted from the live CD.

A paper wallet includes at least one public bitcoin address and its corresponding private key. You can send bitcoins to the public address and they will be inaccessible until the private key is imported into a wallet. As of version 0.6.0, the bitcoin QT software has a command line feature called "importprivkey" that can load private keys. Online exchanges and wallets such as [[MtGox]], CoinBase and Blockchain.info have features for importing (or "sweeping") private keys as well.

Remember, spyware and viruses often attempt to monitor your computer activities so that their authors can steal from you. They are interested in passwords to online accounts, and anything of value. Bitcoin wallets and private keys are something of value that have already been targeted by malware. Paper wallets isolate you from much of this risk.

If your computer is infected with spyware or viruses - even if there are no symptoms, or your antivirus isn't reporting anything - then anything you type, view, or save on your computer, could potentially be stolen by someone remotely controlling your computer. Your private key can then be intercepted while you enter it, so only enter a Bitcoin private key into your computer when your intent is to redeem its value ''immediately''.

== Hardware wallets ==
They are not operational yet, but [[Hardware wallet]]s are a major effort to provide a good combination of enhanced security and usability.

==Importance of security updates==

No software is perfect, and from time to time there may be security vulnerabilities found in your Bitcoin client as well.
Be sure you keep your client updated with the latest bug fixes, especially when a new vulnerability is discovered.
We maintain a [[CVEs|list a known vulnerabilities]] on this wiki - you can watch that page to get updates.
Note that you ''don't'' need to be running the latest major client version: some clients, including the popular Bitcoin-Qt, have older versions available with bugfix-only updates.

==Securing the Bitcoin-QT or bitcoind wallet==

Bitcoin transactions send Bitcoins to a specific public key. A Bitcoin address is an encoded hash of a public key. In order to use received Bitcoins, you need to have the private key matching the public key you received with. This is sort of like a super long password associated with an account (the account is the public key). Your Bitcoin wallet contains all of the private keys necessary for spending your received transactions. If you delete your wallet without a backup, then you no longer have the authorization information necessary to claim your coins, and the coins associated with those keys are lost forever.

The wallet contains a pool of queued keys. By default there are 100 keys in the [[key pool]]. The size of the pool is configurable using the "-keypool" command line argument. When you need an address for whatever reason (send, “new address”, generation, etc.), the key is not actually generated freshly, but taken from this pool. A brand new address is generated to fill the pool back to 100. So when a backup is first created, it has all of your old keys plus 100 unused keys. After sending a transaction, it has 99 unused keys. After a total of 100 new-key actions, you will start using keys that are not in your backup. Since the backup does not have the private keys necessary for authorizing spends of these coins, restoring from the old backup will cause you to lose Bitcoins.

Creating a new address generates a new pair of public and private keys, which are added to your wallet. Each keypair is mostly random numbers, so they cannot be known prior to generation. If you backup your wallet and then create more than 100 new addresses, the keypair associated with the newest addresses will not be in the old wallet because the new keypairs are only known after creating them. Any coins received at these addresses will be lost if you restore from the backup.

The situation is made somewhat more confusing because the receiving addresses shown in the UI are not the only keys in your wallet. Each Bitcoin generation is given a new public key, and, more importantly, each sent transaction also sends some number of Bitcoins back to yourself at a new key. When sending Bitcoins to anyone, you generate a new keypair for yourself and simultaneously send Bitcoins to your new public key and the actual recipient's public key. This is an anonymity feature – it makes tracking Bitcoin transactions much more difficult.

So if you create a backup, do more than 100 things that cause a new key to be used, and then restore from the backup, some Bitcoins will be lost. Bitcoin has not deleted any keys (keys are never deleted) – it has created a new key that is not in your old backup and then sent Bitcoins to it.

== Making a new wallet ==

If a wallet or an encrypted wallet's password has been compromised, it is wise to create a new wallet and transfer the full balance of bitcoins to addresses contained only in the newly created wallet. Examples of ways a wallet may be compromised are through password re-use, minimal strength passwords, computer hack or virus attack.

There are a number of ways to create a new wallet with Bitcoin-QT or bitcoind but this is a process that has been tested with bitcoind 0.6.3. We use the copy command to minimize the chance of any data loss but you are warned to make backups of any wallet.dat that holds a balance for you.

:1. Shut down the Bitcoin program.
:2. Find and make a backup of the "compromised" wallet.dat file and rename it, perhaps adding a short description:
:::wallet.dat -> wallet-compromised.dat
:Depending on your OS, the wallet file will be located at:
:::Windows: %APPDATA%\Bitcoin\
:::Linux: ~/.bitcoin/
:::Mac: ~/Library/Application Support/Bitcoin/
:3. Start the Bitcoin program and it will create a new wallet.dat. You may then encrypt the wallet as desired and make a new backup.
:4. Once you've made a new wallet, you can obtain one or more addresses and copy them into a text editor. After obtaining the new address(es), shut down the Bitcoin program, make a backup of the new wallet.dat file and copy it to a new file named wallet-new.dat.
:5. Copy the wallet-compromised.dat file back to wallet.dat, start the Bitcoin program and transfer your balance to the new address(es) you put in your text editor. Once the balance is back to 0 for your compromised wallet, you may want to wait a couple minutes or for a confirmation or check block explorer to be sure the transactions have been broadcasted. Then you may shut down the Bitcoin program.
:6. Rename wallet.dat to wallet-compromised.dat.
:7. Rename wallet-new.dat to wallet.dat.

You should now have a new wallet with all the bitcoins from the old wallet.

==Making a secure workspace==

If you are using your computer to handle bitcoins, a wallet, Bitcoin-related passwords, or Bitcoin private keys, you must take care that the system is free of malware, viruses, keyloggers, remote access tools, and other tools that may be used to make remote copies of any of the above. In the case that your computer is compromised, the precautions taken below may provide additional protection.

===Debian-based Linux===

The first step is to make a [http://www.howtogeek.com/howto/ubuntu/add-a-user-on-ubuntu-server/ new user]. In order for that new user to have an encrypted home directory, you'll first need the encryption utility. Run:

<code>sudo apt-get install ecryptfs-utils</code>

Now you're ready to create a new user

<code>sudo adduser --encrypt-home new_user_name</code>

You'll need to come up with a [[#Choosing_A_Strong_Password|secure]] new password for that user.

When you get to the prompt 'Enter the new value, or press ENTER for the default', just keep hitting ENTER.

Then switch user to the new user. To get to the new user you can use the switch user icon for your system, which on Ubuntu is in the 'System/Quit' screen, or if there is no switch icon on your system you can log out and log back in as the new user.

Since the home folder of this user is encrypted, if you're not logged in as that user, data that is saved there can't be browsed, even by a root user. If something goes wrong with your system, and you need to decrypt the new user's files, you'll need its decryption key.

<code>ecryptfs-unwrap-passphrase</code>

It will ask you for your user's password and give you the decryption key. '''WRITE DOWN OR SAVE THE CODE IT RETURNS''' because you will need it if you ever have to pull your data off while the OS is not working. (You can run it again later if you need to, but run it now so that you can get your data if your Linux install gets botched.)

The encrypted folder data is not encrypted while it's in memory, and so if it's ever sent to the swap partition it can be stolen from there unless that too is encrypted - be aware that this will mean you cannot use Hibernate anymore, as the bootloader won't be able to restore the hibernation data.

<code>ecryptfs-setup-swap</code>

Then click on a folder in the new user to display the file browser, then keep going up folders until you see the new user home directory, then right click to bring up the Properties dialog, then click on the Permissions tab, then in the Others section, set the folder access to None.

For secure browsing, open Firefox, and then go into the Edit menu and click Preferences. Starting from the left, click on the General tab, and in the 'Startup/When Firefox starts' pop up menu, choose 'Show a Blank Page'. Then click on the Content tab, and deselect 'Load images automatically' and deselect 'Enable JavaScript'. Then click on the Privacy tab, and in the 'History/Firefox will' pop up menu, choose 'Never remember history'. Then click on the Security tab, and in the Passwords section, deselect 'Remember passwords for sites' and deselect 'Use a master password'. Then click on the Advanced tab, then click on the Update tab, and then in the 'Automatically check for updates to' section, deselect 'Add-ons' and 'Search Engines'.

When JavaScript is disabled, the [http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.23/bitcoin-0.3.23-linux.tar.gz/download Linux download page] will not download automatically, so you'll have to click on the 'direct link' part of the "Problems with the download? Please use this 'direct link' or try another mirror." line.

===Mac===
This solution '''does not scale'''; the amount of needed space can grow beyond the image size.

=====Backup all data=====
Follow these instructions to backup all the bitcoin data (wallet and block chains) to an encrypted disk image.
# Open Disk Utility
# Click New Image and choose a big enough size, 128-bit or 256-bit (faster or more secure) encryption and single partition.
# Save it somewhere you won't lose it (like your Wuala, Dropbox, Strongspace or whatever)
# Choose a safe and strong password
# Move everything from ~/Library/Application Support/Bitcoin/ to the image
# Symlink it back so the app would be able to use it
:::ln -s /Volumes/Bitcoin ~/Library/Application Support/Bitcoin

Don't forget to mount your image before using Bitcoin and unmount it after quitting.

=====Backup just wallet.dat=====
Follow these instructions to backup just the wallet.dat file. This results in a smaller disk image, but it's more complicated to do.
# Open Disk Utility
# Click New Image and choose a big enough size, 128-bit or 256-bit (faster or more secure) encryption and single partition.
# Save it somewhere you won't lose it (like your Wuala, Dropbox, Strongspace or whatever)
# Choose a safe and strong password
# Move your wallet.dat file to the image
# Symlink it back so the app would be able to use it
:::ln -s /Volumes/Bitcoin/wallet.dat ~/Library/Application Support/Bitcoin/wallet.dat

[[File:MountWalletAndLauchnBitcoin_OSX_Automator.png|thumbnail|150px|Mount Wallet and launch Bitcoin]]
Don't forget to mount your image before using Bitcoin and unmount after quitting it.

'''Note''': If you start the Bitcoin application without having the image mounted, the application will overwrite your symlink with a new wallet. If that happens, don't panic. Just delete the new wallet.dat, mount the image, and recreate the symlink like above.

'''Automation''': You can create a small application using [http://en.wikipedia.org/wiki/Automator_%28software%29 Automator] (included in OS X) to automatically mount the wallet and then launch Bitcoin App. See the Screenshot on how to do this.

If one ''doesn't'' want to use encrypted Disk images, then a '''small shell script''' can be used instead that takes care of decrypting the wallet, launching bitcoin client, and encrypting it after the client exits. This script works on both OSX and Linux: [http://lorelei.kaverit.org/bitcoin.sh bitcoin-launch-script]

===Windows===

Due to the frequency with which Windows computers are compromised, it is advised to encrypt your wallet or to keep your wallet on an encrypted disk image created by third-party software, such as [http://www.truecrypt.org/ TrueCrypt] (open source) or [http://www.jetico.com/encryption-bestcrypt/ Jetico BestCrypt] (commercial). This also applies to the storage of passwords, private keys and other data that can be used to access any of your Bitcoin balances.

Assuming that you have installed the Windows Bitcoin client and run it at least once, the process is described below.

To mount the Bitcoin data directory on an encrypted drive
<ol start=1 type=1>
<li>Use the third-party disk image encryption program of your choice to create and mount an encrypted disk image of at least 5GB in size. This procedure stores the entire block chain database with the wallet.dat file so the required size of the encrypted disk image required may grow in the future.</li>
<li>Locate the Bitcoin data directory, and copy the directory with all contents to the encrypted drive.
For help finding this directory, see [[Securing_your_wallet#Locating_Bitcoin_s_data_directory|Locating Bitcoin's Data Directory]].</li>
<li>Create a Windows shortcut that starts Bitcoin with the <code>-datadir</code> parameter and specifies the encrypted drive and directory.
For example, if you installed Bitcoin in the default directory, mounted your Bitcoin encrypted drive as <code>E:\</code>, and stored your Bitcoin data directory on it as <code>Bitcoin</code>, you would type the following command as the shortcut Target:
<blockquote><code>C:\Program Files\Bitcoin\bitcoin.exe -datadir=E:\Bitcoin</code></blockquote></li>
<li>Open Bitcoin's settings and configure it NOT to start automatically when you start Windows.
This is to allow you to mount the Bitcoin encrypted disk image before starting Bitcoin.</li>
<li>Shut down Bitcoin, and then restart it from the new shortcut.</li>
</ol>

After doing this, any time you want to use Bitcoin, you must first mount the Bitcoin encrypted disk image using the same drive designation, and then run Bitcoin from the shortcut that you created, so that it can find its data and your wallet.

== Locating Bitcoin's data directory ==

The [[data directory]] is the location where Bitcoin's data files are stored, including the wallet data file.

=== Windows ===

Go to Start -> Run (or press WinKey+R) and run this:

explorer %APPDATA%\Bitcoin

Bitcoin's data folder will open. For most users, this is one of the following locations:

C:\Documents and Settings\YourUserName\Application data\Bitcoin (Windows XP)

C:\Users\YourUserName\Appdata\Roaming\Bitcoin (Windows Vista and 7)

If you have trouble browsing to these folders, note that "AppData" and "Application data" are hidden by default.

=== Linux ===

By default Bitcoin will put its data here:

~/.bitcoin/

You need to do a "ls -a" to see directories that start with a dot.

If that's not it, you can do a search like this:

find / -name wallet.dat -print 2>/dev/null

To change the directory Bitcoin stores its data in:
Run in terminal or script: ./bitcoin-qt -datadir=./[Directory_Name]

=== Mac ===

By default Bitcoin will put its data here:

~/Library/Application Support/Bitcoin/

==Backup==

'''Note''': Using Dropbox to back up your Bitcoin data is not recommended as doing so introduces the following [https://en.wikipedia.org/wiki/Dropbox_(service)#Reception security concerns]:
# Dropbox stores your encryption key (meaning that a disgruntled Dropbox employee or an attacker who gained access to the system could decrypt your Dropbox data and steal your bitcoins)
# the Dropbox client only needs a password for the first login. After it authenticates once, the server assigns it a token which it uses to show that, at one time, its user knew the password rather than sending the actual password (meaning that if you ever use the Dropbox client on another PC, that PC's users can access your Dropbox - even if you change your password - and can steal your bitcoins or get a virus that will steal your bitcoins).

For these reasons, an alternative that always uses password authentication such as [http://www.wuala.com/en/bitcoin Wuala] should be used. Wuala's servers do not store your encryption key and the program authenticates with the password each time it is started.

Whether you use Dropbox as your backup or not, it is advised to use what Steve Gibson calls "pre-Internet encryption" which means to use some form of encryption on your files before you back them up, in case an attacker gains access to that backup. Make sure to pick a password that is memorable but secure.

The only file you need to back up is "wallet.dat" which can be done one of two ways. To make a copy of the wallet.dat file, ensure that Bitcoin is closed and copy this file somewhere else. The other way is to use the [[api|backupwallet]] JSON-RPC command to back up without shutting down Bitcoin.

Once a copy has been made, encrypt it, and put it in two or more safe locations. Consider the risk due to theft, fire, or natural disaster in proportion to the value of bitcoins stored in the wallet.

=== General Solutions ===

Your wallet.dat file is not encrypted by the Bitcoin program by default but the most current release of the Bitcoin client provides a method to encrypt with a passphrase the private keys stored in the wallet. Anyone who can access an unencrypted wallet can easily steal all of your coins. Use one of these encryption programs if there is any chance someone might gain access to your wallet.
* [http://www.7-zip.org/ 7-zip] - Supports strongly-encrypted archives.
* [http://www.axantum.com/axcrypt/ AxCrypt by Axantum]
* [http://lrzip.kolivas.org lrzip] - Compression software for Linux and OSX that supports very high grade password protected encryption
* [http://www.truecrypt.org/ TrueCrypt] - Volume-based on-the-fly encryption (for advanced users)

There is also a list of [[OpenSourceEncryptionSoftware|open source encryption software.]]

Decrypting and encrypting the wallet.dat every time you start or quit the Bitcoin client can be ''tedious'' (and outright error-prone). If you want to keep your wallet encrypted (except while you're actually running the Bitcoin client), it's better to relegate the automation to a [http://lorelei.kaverit.org/bitcoin.sh small shell script] that handles the en/decryption and starting up Bitcoin client for you (Linux and OSX).

There is also a method to print out and encrypt your wallet.dat as a special, scannable code. See details here: [[WalletPaperbackup]]

==== Password Strength ====
Brute-force password cracking has come a long way. A password including capitals, numbers, and special characters with a length of 8 characters can be trivially solved now (using appropriate hardware). The recommended length is '''at least''' 12 characters long. You can also use a multi-word password and there are techniques to increase the strength of your passwords without sacrificing usability. [http://www.baekdal.com/tips/password-security-usability The Usability of Passwords]

However, simply using dictionary words is also insecure as it opens you up to a dictionary attack. If you use dictionary words, be sure to include random symbols and numbers in the mix as well.

If you use keyfiles in addition to a password, it is unlikely that your encrypted file can ever be cracked using brute-force methods, even when even a 12 character password might be too short.

Assume that any encrypted files you store online (eg. Gmail, Dropbox) will be stored somewhere forever and can never be erased.

===== Choosing A Strong Password =====
Make sure you pick at least one character in each group: 

Lowercase: abcdefghijklmnopqrstuvwxyz
Uppercase: ABCDEFGHIJKLMNOPQRSTUVWXYZ
Number: 1234567890
Symbol: `~!@#$%^&*()-_=+\|[{]};:'",<.>/? (space)

<9 char = unsuitable for use
09 char = insecure
10 char = low security
11 char = medium security
12 char = good security (good enough for your wallet)
13 char = very good, enough for anything.

You might want to read [http://security.stackexchange.com/questions/662/what-is-your-way-to-create-good-passwords-that-can-actually-be-remembered What is your way to create good passwords that can actually be remembered?] and [http://security.stackexchange.com/questions/6095/xkcd-936-short-complex-password-or-long-dictionary-passphrase XKCD #936: Short complex password, or long dictionary passphrase?]

==== Email-based Archival and Remote Backup ====
One of the simplest methods for storing an appropriately '''encrypted''' archive of your wallet.dat file is to send the archive as an email attachment to your own e-mail address. Services like Gmail use very comprehensive distributed networks that make the loss of data very unlikely. One can even obfuscate the name of the files within the archive, and name the archive something less inviting, such as: 'personal notes' or 'car insurance'.

Another solution is to use a file storage service like [http://www.wuala.com/bitcoin Wuala] ( encrypted, [http://www.bitcoin.org/smf/index.php?topic=5817.0 instructions]), [http://www.dropbox.com Dropbox] (after encrypting the wallet first) and [http://en.wikipedia.org/wiki/Comparison_of_online_backup_services others], including the more secure [http://www.spideroak.com SpiderOak].

=== Automated Backups using Cron, Bash and GNU/Linux ===

Linux users can setup backups using cron by telling it to run a backup script at set intervals of time. Run 'crontab -e' and add this line near the bottom:

01 * * * * /usr/local/bin/backupwallet.sh

This cron line will run the /usr/local/bin/backupwallet.sh script at the 01 minute of every hour. Remember to add a newline after the last line of the crontab file, or else the last line won't run. You may also wish to ignore the script's output by appending " > /dev/null 2>&1" to the line (this will also prevent emails from being sent).

Create /usr/local/bin/backupwallet.sh:

#!/bin/bash
# /usr/local/bin/backupwallet.sh
#
# Performs backup of bitcoin wallet.
#
# Written by: https://en.bitcoin.it/wiki/Securing_your_wallet

#
# Standard Options
#
TS=$(date "+%Y%m%d-%H%M")
WALLET=/tmp/wallet-${TS}
WALLET_E=/tmp/wallet-${TS}.crypt
BITCOIN=bitcoind # /path/to/bitcoind
GPG=gpg # /path/to/gpg
GPG_USER=username # Username of gpg recipient. User should have gpg setup.
RM=rm
RM_OPTS='--force'
USE_SHRED=0 # Flip to 1 to use `shred` instead of `rm`.
SHRED=shred
SHRED_OPTS='--force --iterations=9 --zero --remove'

#
# Storage Options
# Only 1 set of options should be un-commented (the last one will be used).
# Update CP_DEST paths as neccessary.
#
# CP - Storage on a local machine. Could be Dropbox/Wuala folder.
#CP=cp
#CP_DEST='/var/data/backups/' # '~/Dropbox/', etc.
#
# SSH - Storage on a remote machine.
CP=scp
CP_DEST='remoteuser@example.com:~/wallets/'
#
# S3 - Storage on Amazon's S3. Be sure s3cmd is installed and properly setup.
# You may need "s3cmd put --force" if you use a sub-directory in CP_DEST.
#CP=s3cmd put
#CP_DEST='s3://bucket'

do_clean() {
# Remove temporary wallets.
if [ 1 -eq $USE_SHRED ]; then
$SHRED $SHRED_OPTS $WALLET $WALLET_E
else
$RM $RM_OPTS $WALLET $WALLET_E
fi
}

do_fail() {
do_clean
echo failed!
exit 1
}

# Perform the backup.
echo -n Making backup...
$BITCOIN backupwallet $WALLET
[ ! -s "$WALLET" ] && do_fail # If the backup does not exist or is empty, fail.
echo done.
echo -n Encrypting backup...
$GPG -r $GPG_USER --output $WALLET_E --encrypt $WALLET
[ 0 -ne $? ] && do_fail # If gpg returns a non-zero result, fail.
echo done.
echo -n Copying to backup location...
$CP $WALLET_E "$CP_DEST"
[ 0 -ne $? ] && do_fail # If the $CP command returns a non-zero result, fail.
echo done.
do_clean

exit 0

The shell script:

* Calls bitcoind backupwallet to create a time/date-stamped wallet.
* GPG encrypts the wallet with your public key.
* Copies the result using one of several storage options (cp, scp, and s3cmd).
* Uses the rm or shred command to remove the temporary wallet files.

Be sure to modify the script options to fit your setup. After you save, make sure the file can be executed properly by the cron user. Common permissions for files in /usr/local/bin/ can be applied using (verify with your distribution!):

cd /usr/local/bin/ && chown root:root backupwallet.sh && chmod 755 backupwallet.sh

[[Category:Technical]]

==Restore==

Assuming your backup is recent enough that you haven't used up all of your key pool... restoring a wallet to a new (or old) location and rescanning the block chain should leave you with all your coins. Just follow these steps:
* Shut down the Bitcoin program.
* Copy your backed-up wallet.dat into your bitcoin data directory.
* If you are copying in a backed-up wallet.dat that was last used on a Bitcoin version prior to 0.3.21 into an existing profile, delete files ''blk*.dat'' to make the client re-download the block chain. You may also need to do this if your transactions don't all show up after you restart Bitcoin.

==Erasing Plain-text Wallets==

In most operating systems, including Windows, Linux, and Mac OS X, simply deleting a wallet.dat file will ''not'' generally destroy it. It is likely that advanced tools can still be used to recover the wallet.dat file, even after it has been deleted.

The Linux '''shred''' command can be used to overwrite the wallet file with random data prior to deleting; this particular copy of the file will then be practically impossible to recover. Using shred (and similar tools on Windows) however does not guarantee that still other copies don't exist somewhere hidden on your HD. That will depend on your system configuration and what packages you have installed. Some system restore and backup tools, for instance, create periodic snapshots of your filesystem, duplicating your wallet.dat.

In Mac OS, the equivalent of '''shred''' is '''srm''' (introduced in Leopard). Using the Finder to remove files, clicking "Secure Empty Trash" in the Finder menu will shred the contents of the trash can. As with any OS this doesn't guarantee that there are not other copies elsewhere on your system.

For Windows, the built-in command ''cipher /W'' will shred all previously-deleted files. [http://www.cylog.org/utilities/cybershredder.jsp CyberShredder] can securely deleted individual files.

==Online and Mobile Wallets==

Thus far, this article has been discussing the security of a wallet file for Bitcoin-QT or bitcoind that is under your sole control. Additional wallets applications and services have become available that offer other features and more convenience but not without introducing additional risk. When storing bitcoins with an [[eWallet]] such as Instawallet or Easywallet, you are essentially storing your private keys or wallet with that provider.

Online wallets have a number of pros and cons to consider. For example, you can access your wallet on any computer in the world, but depending on the service, your bitcoins may be lost if the service is compromised.

Mobile wallet applications are available for Android devices that allow you to send bitcoins by QR code or NFC, but this opens up the possibility of loss if mobile device is compromised. It may be possible to encrypt and backup the wallet or private keys on a mobile device but it is not advisable to store a large amount of bitcoins there without doing your own research and testing.

==See Also==

* [[Data directory]]
* [[How to import private keys]]
* [http://startbitcoin.com/how-to-create-a-secure-bitcoin-wallet/ Secure Bitcoin Wallet Tutorial]
* [[How to set up a secure offline savings wallet]]
* [http://arimaa.com/bitcoin/ Bitcoin Gateway - A Peer-to-peer Bitcoin Vault and Payment Network]
* [http://blog.cyplo.net/2012/04/01/bitcoin-wallet-recovery-photorec/ Find lost wallet eg. after disk format, using Photorec]

[[Category:Security]]

[[de:Sichere deine Geldbörse]]
[[ru:Bitcoin и безопасность]]
[[es:Cómo asegurar su monedero]]
[[zh-cn:保护你的钱包]]

Paper wallet

2013-10-10T15:22:26Z

Canton: /* See Also */ Added youtube demonstration video

A '''paper wallet''' is a mechanism for storing bitcoins offline as a physical document that can be secured like cash or anything else of real-world value. Paper wallets are generally created by printing a brand new public address and private key onto paper, and then sending bitcoins from a "live" wallet to the printed wallet's public address for safekeeping. If good security practices are followed, paper wallets are one of the safest ways to to store a virtually unlimited number of Bitcoins.

__TOC__

==Producing safe paper wallets==

[[File:BitcoinPaperWallet-sample.jpg|frame|right|400px|Wallet with private key secured beneath folds (BitcoinPaperWallet.com)]]
A Bitcoin [[private key]] can be represented in several formats, but Wallet Import Format (WIF) is typically used for paper wallets since these keys are very short (51 characters) and thus easy to re-enter when importing or "sweeping" the wallet for withdrawal.

Several tools exist for producing paper wallets, including [[BitAddress.org]], [[BitcoinPaperWallet|BitcoinPaperWallet.com]], [[vanitygen]], [https://safepaperwallet.com Safe Paper Wallet], and [[Bitcoin Address Utility]]. Care must be taken to securely generate paper wallets since an attacker can steal the present ''and future'' balance of a paper wallet if the private key is exposed, transmitted, or generated with insufficient entropy.

'''Recommendations:'''
* Paper wallets should be produced on a computer not connected to the Internet.
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your paper wallet. Also consider that antivirus software cannot completely rule out the possibility of malware. However, using bootable CD's prevents the vast majority of malware from being able to run. If you can generate a paper wallet with a bootable CD such as an Ubuntu LiveCD, the likelihood of malware being able to compromise your keys is very low.
* The private keys of paper wallets should never be saved to a computer hard drive. You should also never scan your paper wallet into your computer or type the private keys or save them in e-mail, except at the moment you are redeeming the balance.
* If possible, the private key of a paper wallet should be kept hidden, for example by folding the paper to hide the private key so that a photograph or photocopy of the wallet will not reveal or replicate the private key.
* A web-based paper wallet generator should be written so that all of the generation happens on your computer, not the web server. After you load the paper wallet generating website in your web browser, you should disconnect from the Internet, and observe that the paper wallet generator continues to function. Afterward, you should close your browser before reconnecting to the Internet.
* A paper wallet generator should use an appropriate source of random numbers (entropy). This means that the generated addresses aren't predictable. If the addresses come from a predictable or partially-predictable pattern, someone else who can predict the pattern addresses can steal the balance. Generally, this rules out any "web-based" generator unless you can be sure that both your browser and the JavaScript code are taking advantage of the strongest cryptographic routines available.[http://www.w3.org/TR/WebCryptoAPI/]

===Operating System Cache Security===

The problem with printing out secure documents—even if your computer is 100% virus/trojan free—is that your printer driver and/or operating system may be keeping copies of the documents you print in a "spool" or print queue. If a hacker or virus gets into your computer and knows to look for these cache files, then they can get your private keys and sweep your paper wallets. Precautions to mitigate this type of attack include:

* Enabling encryption of your entire filesystem so that cache files cannot be 'undeleted'.

* Setting up a symbolic link from your OS spool directory (e.g. /private/var/spool/cups/cache/ on OS X) to a removable media volume (e.g. a SD card) and disconnecting it when not in use.

* Using a live-boot CD instead of a regular hard drive OS install. This way when you reboot your computer, all cache files are deleted from memory and no jobs are ever written to disk.<ref>[https://bitcoinpaperwallet.com/#security BitcoinPaperWallet.com] ''Security Tips''</ref>

===Printer Security===

Some advanced printers have internal storage (even hard drives) that preserve copies of printouts. This is a risk if someone gets access to your printer, or if you dispose of your printer. There is also the possibility that a smart enough printer can be hacked. (Consider [http://en.wikipedia.org/wiki/Stuxnet StuxNet] which was able to rewrite the firmware of non-computer devices indirectly connected to the Internet) If this concerns you, use a "dumb" printer, and never let your printer have access to the Internet or to an Internet-connected computer.

==Redeeming Keys and Withdrawing Funds==

Paper wallets are very different from "live" wallets such as the Bitcoin-QT client in that it is not possible to transfer (withdraw) a ''portion'' of a paper wallet's bitcoin balance. The only way to withdraw funds from a paper wallet is to import or "sweep" the ''entire'' balance of the paper wallet to a new address, typically a live wallet or online exchange. Once the transfer has been confirmed, ''the paper wallet should no longer be used''.<ref>[http://www.reddit.com/r/Bitcoin/comments/1c9xr7/psa_using_paper_wallets_understanding_change/ reddit.com] ''Using Paper Wallets and Understanding Change''</ref>

There are various methods for copying the private key data from a paper wallet to other wallets.
bitcoind supports an "importprivkey" RPC method for this purpose.
Bitcoin-Qt's debug console can also be used in a similar way (see also [[how to import private keys v7+]]).
[[BlockChain.info]] and [[Armory]] can also import them directly into wallets.
[[MtGox|Mt. Gox]] provides the ability to Add Funds using a private key:
the exchange will then create a "sweep" transaction that spends any amount for that paper wallet address so that the amount is added to your account with them; it will also sweep to your account any bitcoins received to that address in the future as well.

==References==
<references />

==See Also==

* [[Private key]]

* [[Securing_your_wallet#Paper_Wallets]]

* [[How to import private keys]]

* [http://localbitcoins.blogspot.fi/2012/11/start-your-own-money-press.html Guide to paper wallets]

* [https://www.youtube.com/watch?v=a47rrYBWjWQ YouTube video demonstration of generating a paper wallet]

[[Category:Security]]

[[es:Monedero de papel]]

Paper wallet

2013-10-10T15:19:24Z

Canton: /* Operating System Cache Security */

A '''paper wallet''' is a mechanism for storing bitcoins offline as a physical document that can be secured like cash or anything else of real-world value. Paper wallets are generally created by printing a brand new public address and private key onto paper, and then sending bitcoins from a "live" wallet to the printed wallet's public address for safekeeping. If good security practices are followed, paper wallets are one of the safest ways to to store a virtually unlimited number of Bitcoins.

__TOC__

==Producing safe paper wallets==

[[File:BitcoinPaperWallet-sample.jpg|frame|right|400px|Wallet with private key secured beneath folds (BitcoinPaperWallet.com)]]
A Bitcoin [[private key]] can be represented in several formats, but Wallet Import Format (WIF) is typically used for paper wallets since these keys are very short (51 characters) and thus easy to re-enter when importing or "sweeping" the wallet for withdrawal.

Several tools exist for producing paper wallets, including [[BitAddress.org]], [[BitcoinPaperWallet|BitcoinPaperWallet.com]], [[vanitygen]], [https://safepaperwallet.com Safe Paper Wallet], and [[Bitcoin Address Utility]]. Care must be taken to securely generate paper wallets since an attacker can steal the present ''and future'' balance of a paper wallet if the private key is exposed, transmitted, or generated with insufficient entropy.

'''Recommendations:'''
* Paper wallets should be produced on a computer not connected to the Internet.
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your paper wallet. Also consider that antivirus software cannot completely rule out the possibility of malware. However, using bootable CD's prevents the vast majority of malware from being able to run. If you can generate a paper wallet with a bootable CD such as an Ubuntu LiveCD, the likelihood of malware being able to compromise your keys is very low.
* The private keys of paper wallets should never be saved to a computer hard drive. You should also never scan your paper wallet into your computer or type the private keys or save them in e-mail, except at the moment you are redeeming the balance.
* If possible, the private key of a paper wallet should be kept hidden, for example by folding the paper to hide the private key so that a photograph or photocopy of the wallet will not reveal or replicate the private key.
* A web-based paper wallet generator should be written so that all of the generation happens on your computer, not the web server. After you load the paper wallet generating website in your web browser, you should disconnect from the Internet, and observe that the paper wallet generator continues to function. Afterward, you should close your browser before reconnecting to the Internet.
* A paper wallet generator should use an appropriate source of random numbers (entropy). This means that the generated addresses aren't predictable. If the addresses come from a predictable or partially-predictable pattern, someone else who can predict the pattern addresses can steal the balance. Generally, this rules out any "web-based" generator unless you can be sure that both your browser and the JavaScript code are taking advantage of the strongest cryptographic routines available.[http://www.w3.org/TR/WebCryptoAPI/]

===Operating System Cache Security===

The problem with printing out secure documents—even if your computer is 100% virus/trojan free—is that your printer driver and/or operating system may be keeping copies of the documents you print in a "spool" or print queue. If a hacker or virus gets into your computer and knows to look for these cache files, then they can get your private keys and sweep your paper wallets. Precautions to mitigate this type of attack include:

* Enabling encryption of your entire filesystem so that cache files cannot be 'undeleted'.

* Setting up a symbolic link from your OS spool directory (e.g. /private/var/spool/cups/cache/ on OS X) to a removable media volume (e.g. a SD card) and disconnecting it when not in use.

* Using a live-boot CD instead of a regular hard drive OS install. This way when you reboot your computer, all cache files are deleted from memory and no jobs are ever written to disk.<ref>[https://bitcoinpaperwallet.com/#security BitcoinPaperWallet.com] ''Security Tips''</ref>

===Printer Security===

Some advanced printers have internal storage (even hard drives) that preserve copies of printouts. This is a risk if someone gets access to your printer, or if you dispose of your printer. There is also the possibility that a smart enough printer can be hacked. (Consider [http://en.wikipedia.org/wiki/Stuxnet StuxNet] which was able to rewrite the firmware of non-computer devices indirectly connected to the Internet) If this concerns you, use a "dumb" printer, and never let your printer have access to the Internet or to an Internet-connected computer.

==Redeeming Keys and Withdrawing Funds==

Paper wallets are very different from "live" wallets such as the Bitcoin-QT client in that it is not possible to transfer (withdraw) a ''portion'' of a paper wallet's bitcoin balance. The only way to withdraw funds from a paper wallet is to import or "sweep" the ''entire'' balance of the paper wallet to a new address, typically a live wallet or online exchange. Once the transfer has been confirmed, ''the paper wallet should no longer be used''.<ref>[http://www.reddit.com/r/Bitcoin/comments/1c9xr7/psa_using_paper_wallets_understanding_change/ reddit.com] ''Using Paper Wallets and Understanding Change''</ref>

There are various methods for copying the private key data from a paper wallet to other wallets.
bitcoind supports an "importprivkey" RPC method for this purpose.
Bitcoin-Qt's debug console can also be used in a similar way (see also [[how to import private keys v7+]]).
[[BlockChain.info]] and [[Armory]] can also import them directly into wallets.
[[MtGox|Mt. Gox]] provides the ability to Add Funds using a private key:
the exchange will then create a "sweep" transaction that spends any amount for that paper wallet address so that the amount is added to your account with them; it will also sweep to your account any bitcoins received to that address in the future as well.

==References==
<references />

==See Also==

* [[Private key]]

* [[Securing_your_wallet#Paper_Wallets]]

* [[How to import private keys]]

* [http://localbitcoins.blogspot.fi/2012/11/start-your-own-money-press.html Guide to paper wallets]

[[Category:Security]]

[[es:Monedero de papel]]

Paper wallet

2013-10-10T15:18:32Z

Canton: /* Producing safe paper wallets */ Replaced mention of LinuxCoin (defunct) with Ubuntu LiveCD. Added Safe Paper Wallet as a resource. Clarified language on how attackers can steal balances.

A '''paper wallet''' is a mechanism for storing bitcoins offline as a physical document that can be secured like cash or anything else of real-world value. Paper wallets are generally created by printing a brand new public address and private key onto paper, and then sending bitcoins from a "live" wallet to the printed wallet's public address for safekeeping. If good security practices are followed, paper wallets are one of the safest ways to to store a virtually unlimited number of Bitcoins.

__TOC__

==Producing safe paper wallets==

[[File:BitcoinPaperWallet-sample.jpg|frame|right|400px|Wallet with private key secured beneath folds (BitcoinPaperWallet.com)]]
A Bitcoin [[private key]] can be represented in several formats, but Wallet Import Format (WIF) is typically used for paper wallets since these keys are very short (51 characters) and thus easy to re-enter when importing or "sweeping" the wallet for withdrawal.

Several tools exist for producing paper wallets, including [[BitAddress.org]], [[BitcoinPaperWallet|BitcoinPaperWallet.com]], [[vanitygen]], [https://safepaperwallet.com Safe Paper Wallet], and [[Bitcoin Address Utility]]. Care must be taken to securely generate paper wallets since an attacker can steal the present ''and future'' balance of a paper wallet if the private key is exposed, transmitted, or generated with insufficient entropy.

'''Recommendations:'''
* Paper wallets should be produced on a computer not connected to the Internet.
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your paper wallet. Also consider that antivirus software cannot completely rule out the possibility of malware. However, using bootable CD's prevents the vast majority of malware from being able to run. If you can generate a paper wallet with a bootable CD such as an Ubuntu LiveCD, the likelihood of malware being able to compromise your keys is very low.
* The private keys of paper wallets should never be saved to a computer hard drive. You should also never scan your paper wallet into your computer or type the private keys or save them in e-mail, except at the moment you are redeeming the balance.
* If possible, the private key of a paper wallet should be kept hidden, for example by folding the paper to hide the private key so that a photograph or photocopy of the wallet will not reveal or replicate the private key.
* A web-based paper wallet generator should be written so that all of the generation happens on your computer, not the web server. After you load the paper wallet generating website in your web browser, you should disconnect from the Internet, and observe that the paper wallet generator continues to function. Afterward, you should close your browser before reconnecting to the Internet.
* A paper wallet generator should use an appropriate source of random numbers (entropy). This means that the generated addresses aren't predictable. If the addresses come from a predictable or partially-predictable pattern, someone else who can predict the pattern addresses can steal the balance. Generally, this rules out any "web-based" generator unless you can be sure that both your browser and the JavaScript code are taking advantage of the strongest cryptographic routines available.[http://www.w3.org/TR/WebCryptoAPI/]

===Operating System Cache Security===

The problem with printing out secure documents—even if your computer is 100% virus/trojan free—is that your printer driver and/or operating system may be keeping copies of the documents you print in a "spool" or print queue. If a hacker or virus gets into your computer and knows to look for these cache files, then they can get your private keys and sweep your paper wallets. Methods to mitigate this attack include:

* Enabling encryption of your entire filesystem so that cache files cannot be 'undeleted'.

* Setting up a symbolic link from your OS spool directory (e.g. /private/var/spool/cups/cache/ on OS X) to a removable media volume (e.g. a SD card) and disconnecting it when not in use.

* Using a live-boot CD instead of a regular hard drive OS install. This way when you reboot your computer, all cache files are deleted from memory and no jobs are ever written to disk.<ref>[https://bitcoinpaperwallet.com/#security BitcoinPaperWallet.com] ''Security Tips''</ref>

===Printer Security===

Some advanced printers have internal storage (even hard drives) that preserve copies of printouts. This is a risk if someone gets access to your printer, or if you dispose of your printer. There is also the possibility that a smart enough printer can be hacked. (Consider [http://en.wikipedia.org/wiki/Stuxnet StuxNet] which was able to rewrite the firmware of non-computer devices indirectly connected to the Internet) If this concerns you, use a "dumb" printer, and never let your printer have access to the Internet or to an Internet-connected computer.

==Redeeming Keys and Withdrawing Funds==

Paper wallets are very different from "live" wallets such as the Bitcoin-QT client in that it is not possible to transfer (withdraw) a ''portion'' of a paper wallet's bitcoin balance. The only way to withdraw funds from a paper wallet is to import or "sweep" the ''entire'' balance of the paper wallet to a new address, typically a live wallet or online exchange. Once the transfer has been confirmed, ''the paper wallet should no longer be used''.<ref>[http://www.reddit.com/r/Bitcoin/comments/1c9xr7/psa_using_paper_wallets_understanding_change/ reddit.com] ''Using Paper Wallets and Understanding Change''</ref>

There are various methods for copying the private key data from a paper wallet to other wallets.
bitcoind supports an "importprivkey" RPC method for this purpose.
Bitcoin-Qt's debug console can also be used in a similar way (see also [[how to import private keys v7+]]).
[[BlockChain.info]] and [[Armory]] can also import them directly into wallets.
[[MtGox|Mt. Gox]] provides the ability to Add Funds using a private key:
the exchange will then create a "sweep" transaction that spends any amount for that paper wallet address so that the amount is added to your account with them; it will also sweep to your account any bitcoins received to that address in the future as well.

==References==
<references />

==See Also==

* [[Private key]]

* [[Securing_your_wallet#Paper_Wallets]]

* [[How to import private keys]]

* [http://localbitcoins.blogspot.fi/2012/11/start-your-own-money-press.html Guide to paper wallets]

[[Category:Security]]

[[es:Monedero de papel]]

Paper wallet

2013-10-10T15:09:07Z

Canton: /* Producing safe paper wallets */

A '''paper wallet''' is a mechanism for storing bitcoins offline as a physical document that can be secured like cash or anything else of real-world value. Paper wallets are generally created by printing a brand new public address and private key onto paper, and then sending bitcoins from a "live" wallet to the printed wallet's public address for safekeeping. If good security practices are followed, paper wallets are one of the safest ways to to store a virtually unlimited number of Bitcoins.

__TOC__

==Producing safe paper wallets==

[[File:BitcoinPaperWallet-sample.jpg|frame|right|400px|Wallet with private key secured beneath folds (BitcoinPaperWallet.com)]]
A Bitcoin [[private key]] can be represented in several formats, but Wallet Import Format (WIF) is typically used for paper wallets since these keys are very short (51 characters) and thus easy to re-enter when importing or "sweeping" the wallet for withdrawal.

Several tools exist for producing paper wallets, including [[BitAddress.org]], [[BitcoinPaperWallet|BitcoinPaperWallet.com]], [[vanitygen]], [[LinuxCoin]], and [[Bitcoin Address Utility]]. Paper wallets must be securely generated in order to be safe, because any leak of the private key may enable an attacker to steal any present and future balance of the address.

'''Recommendations:'''
* Paper wallets should be produced on a computer not connected to the Internet.
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your paper wallet. Also consider that antivirus software cannot completely rule out the possibility of malware. However, using bootable CD's prevents the vast majority of malware from being able to run. If you can generate a paper wallet with a bootable CD such as [[LinuxCoin]], the likelihood of malware being able to compromise your keys is very low.
* The private keys of paper wallets should never be saved to a computer hard drive. You should also never scan your paper wallet into your computer or type the private keys or save them in e-mail, except at the moment you are redeeming the balance.
* If possible, the private key of a paper wallet should be kept hidden, for example by folding the paper to hide the private key so that a photograph or photocopy of the wallet will not reveal or replicate the private key.
* A web-based paper wallet generator should be written so that all of the generation happens on your computer, not the web server. After you load the paper wallet generating website in your web browser, you should disconnect from the Internet, and observe that the paper wallet generator continues to function. Afterward, you should close your browser before reconnecting to the Internet.
* A paper wallet generator should use an appropriate source of random numbers (entropy). This means that the generated addresses aren't predictable. If the addresses come from a predictable or partially-predictable pattern, someone else who can predict the pattern addresses can steal the balance. Generally, this rules out any "web-based" generator unless you can be sure that both your browser and the JavaScript code are taking advantage of the strongest cryptographic routines available.[http://www.w3.org/TR/WebCryptoAPI/]

===Operating System Cache Security===

The problem with printing out secure documents—even if your computer is 100% virus/trojan free—is that your printer driver and/or operating system may be keeping copies of the documents you print in a "spool" or print queue. If a hacker or virus gets into your computer and knows to look for these cache files, then they can get your private keys and sweep your paper wallets. Methods to mitigate this attack include:

* Enabling encryption of your entire filesystem so that cache files cannot be 'undeleted'.

* Setting up a symbolic link from your OS spool directory (e.g. /private/var/spool/cups/cache/ on OS X) to a removable media volume (e.g. a SD card) and disconnecting it when not in use.

* Using a live-boot CD instead of a regular hard drive OS install. This way when you reboot your computer, all cache files are deleted from memory and no jobs are ever written to disk.<ref>[https://bitcoinpaperwallet.com/#security BitcoinPaperWallet.com] ''Security Tips''</ref>

===Printer Security===

Some advanced printers have internal storage (even hard drives) that preserve copies of printouts. This is a risk if someone gets access to your printer, or if you dispose of your printer. There is also the possibility that a smart enough printer can be hacked. (Consider [http://en.wikipedia.org/wiki/Stuxnet StuxNet] which was able to rewrite the firmware of non-computer devices indirectly connected to the Internet) If this concerns you, use a "dumb" printer, and never let your printer have access to the Internet or to an Internet-connected computer.

==Redeeming Keys and Withdrawing Funds==

Paper wallets are very different from "live" wallets such as the Bitcoin-QT client in that it is not possible to transfer (withdraw) a ''portion'' of a paper wallet's bitcoin balance. The only way to withdraw funds from a paper wallet is to import or "sweep" the ''entire'' balance of the paper wallet to a new address, typically a live wallet or online exchange. Once the transfer has been confirmed, ''the paper wallet should no longer be used''.<ref>[http://www.reddit.com/r/Bitcoin/comments/1c9xr7/psa_using_paper_wallets_understanding_change/ reddit.com] ''Using Paper Wallets and Understanding Change''</ref>

There are various methods for copying the private key data from a paper wallet to other wallets.
bitcoind supports an "importprivkey" RPC method for this purpose.
Bitcoin-Qt's debug console can also be used in a similar way (see also [[how to import private keys v7+]]).
[[BlockChain.info]] and [[Armory]] can also import them directly into wallets.
[[MtGox|Mt. Gox]] provides the ability to Add Funds using a private key:
the exchange will then create a "sweep" transaction that spends any amount for that paper wallet address so that the amount is added to your account with them; it will also sweep to your account any bitcoins received to that address in the future as well.

==References==
<references />

==See Also==

* [[Private key]]

* [[Securing_your_wallet#Paper_Wallets]]

* [[How to import private keys]]

* [http://localbitcoins.blogspot.fi/2012/11/start-your-own-money-press.html Guide to paper wallets]

[[Category:Security]]

[[es:Monedero de papel]]

Paper wallet

2013-10-10T15:07:21Z

Canton: Clarified and tidied up introduction. Added section on operating system print cache security. Clarified section on 'redeeming keys' with more info on 'withdrawing funds'. Added references section.

A '''paper wallet''' is a mechanism for storing bitcoins offline as a physical document that can be secured like cash or anything else of real-world value. Paper wallets are generally created by printing a brand new public address and private key onto paper, and then sending bitcoins from a "live" wallet to the printed wallet's public address for safekeeping. If good security practices are followed, paper wallets are one of the safest ways to to store a virtually unlimited number of Bitcoins.

__TOC__

==Producing safe paper wallets==

[[File:BitcoinPaperWallet-sample.jpg|frame|right|400px|Wallet with private key secured beneath folds (BitcoinPaperWallet.com)]]
A Bitcoin [[private key]] can be represented in several formats, but Wallet Import Format (WIF) is typically used for paper wallets since these keys are very short (51 characters) and thus easy to re-enter when importing or "sweeping" the wallet for withdrawal.

Several tools exist for producing paper wallets, including [[BitAddress.org]], [[BitcoinPaperWallet|BitcoinPaperWallet.com]], [[vanitygen]], [[LinuxCoin]], and [[Bitcoin Address Utility]]. Paper wallets must be securely generated in order to be safe, because any leak of the private key may enable an attacker to steal any present and future balance of the address. Consider the following:
* Paper wallets should be produced on a computer not connected to the Internet.
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your paper wallet. Also consider that antivirus software cannot completely rule out the possibility of malware. However, using bootable CD's prevents the vast majority of malware from being able to run. If you can generate a paper wallet with a bootable CD such as [[LinuxCoin]], the likelihood of malware being able to compromise your keys is very low.
* The private keys of paper wallets should never be saved to a computer hard drive. You should also never scan your paper wallet into your computer or type the private keys or save them in e-mail, except at the moment you are redeeming the balance.
* If possible, the private key of a paper wallet should be kept hidden, for example by folding the paper to hide the private key so that a photograph or photocopy of the wallet will not reveal or replicate the private key.
* A web-based paper wallet generator should be written so that all of the generation happens on your computer, not the web server. After you load the paper wallet generating website in your web browser, you should disconnect from the Internet, and observe that the paper wallet generator continues to function. Afterward, you should close your browser before reconnecting to the Internet.
* A paper wallet generator should use an appropriate source of random numbers (entropy). This means that the generated addresses aren't predictable. If the addresses come from a predictable or partially-predictable pattern, someone else who can predict the pattern addresses can steal the balance. Generally, this rules out any "web-based" generator unless you can be sure that both your browser and the JavaScript code are taking advantage of the strongest cryptographic routines available.[http://www.w3.org/TR/WebCryptoAPI/]

===Operating System Cache Security===

The problem with printing out secure documents—even if your computer is 100% virus/trojan free—is that your printer driver and/or operating system may be keeping copies of the documents you print in a "spool" or print queue. If a hacker or virus gets into your computer and knows to look for these cache files, then they can get your private keys and sweep your paper wallets. Methods to mitigate this attack include:

* Enabling encryption of your entire filesystem so that cache files cannot be 'undeleted'.

* Setting up a symbolic link from your OS spool directory (e.g. /private/var/spool/cups/cache/ on OS X) to a removable media volume (e.g. a SD card) and disconnecting it when not in use.

* Using a live-boot CD instead of a regular hard drive OS install. This way when you reboot your computer, all cache files are deleted from memory and no jobs are ever written to disk.<ref>[https://bitcoinpaperwallet.com/#security BitcoinPaperWallet.com] ''Security Tips''</ref>

===Printer Security===

Some advanced printers have internal storage (even hard drives) that preserve copies of printouts. This is a risk if someone gets access to your printer, or if you dispose of your printer. There is also the possibility that a smart enough printer can be hacked. (Consider [http://en.wikipedia.org/wiki/Stuxnet StuxNet] which was able to rewrite the firmware of non-computer devices indirectly connected to the Internet) If this concerns you, use a "dumb" printer, and never let your printer have access to the Internet or to an Internet-connected computer.

==Redeeming Keys and Withdrawing Funds==

Paper wallets are very different from "live" wallets such as the Bitcoin-QT client in that it is not possible to transfer (withdraw) a ''portion'' of a paper wallet's bitcoin balance. The only way to withdraw funds from a paper wallet is to import or "sweep" the ''entire'' balance of the paper wallet to a new address, typically a live wallet or online exchange. Once the transfer has been confirmed, ''the paper wallet should no longer be used''.<ref>[http://www.reddit.com/r/Bitcoin/comments/1c9xr7/psa_using_paper_wallets_understanding_change/ reddit.com] ''Using Paper Wallets and Understanding Change''</ref>

There are various methods for copying the private key data from a paper wallet to other wallets.
bitcoind supports an "importprivkey" RPC method for this purpose.
Bitcoin-Qt's debug console can also be used in a similar way (see also [[how to import private keys v7+]]).
[[BlockChain.info]] and [[Armory]] can also import them directly into wallets.
[[MtGox|Mt. Gox]] provides the ability to Add Funds using a private key:
the exchange will then create a "sweep" transaction that spends any amount for that paper wallet address so that the amount is added to your account with them; it will also sweep to your account any bitcoins received to that address in the future as well.

==References==
<references />

==See Also==

* [[Private key]]

* [[Securing_your_wallet#Paper_Wallets]]

* [[How to import private keys]]

* [http://localbitcoins.blogspot.fi/2012/11/start-your-own-money-press.html Guide to paper wallets]

[[Category:Security]]

[[es:Monedero de papel]]

Paper wallet

2013-10-10T13:17:07Z

Canton: /* Producing safe paper wallets */ Caption

A '''paper wallet''' is a way to store Bitcoins that involves printing the Bitcoin addresses and private keys directly on a piece of paper. When done properly, paper wallets are one of the safest ways possible to store Bitcoins.

__TOC__

A Bitcoin [[private key]] can be represented in several formats, but is typically a string of numbers and letters no more than about 51 characters in length. This is easy to print on paper, and if kept secret, can securely hold an unlimited quantity of Bitcoins.

==Producing safe paper wallets==

[[File:BitcoinPaperWallet-sample.jpg|frame|right|400px|Wallet with private key secured beneath folds (BitcoinPaperWallet.com)]]
Several tools exist for producing paper wallets, including [[BitAddress.org]], [[BitcoinPaperWallet]], [[vanitygen]], [[LinuxCoin]], and [[Bitcoin Address Utility]]. Paper wallets must be securely generated in order to be safe, because any leak of the private key may enable an attacker to steal any present and future balance of the address. Consider the following:
* Paper wallets should be produced on a computer not connected to the Internet.
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your paper wallet. Also consider that antivirus software cannot completely rule out the possibility of malware. However, using bootable CD's prevents the vast majority of malware from being able to run. If you can generate a paper wallet with a bootable CD such as [[LinuxCoin]], the likelihood of malware being able to compromise your keys is very low.
* The private keys of paper wallets should never be saved to a computer hard drive. You should also never scan your paper wallet into your computer or type the private keys or save them in e-mail, except at the moment you are redeeming the balance.
* If possible, the private key of a paper wallet should be kept hidden, for example by folding the paper to hide the private key so that a photograph or photocopy of the wallet will not reveal or replicate the private key.
* A web-based paper wallet generator should be written so that all of the generation happens on your computer, not the web server. After you load the paper wallet generating website in your web browser, you should disconnect from the internet, and observe that the paper wallet generator continues to function. Afterward, you should close your browser before reconnecting to the Internet.
* A paper wallet generator should use an appropriate source of random numbers (entropy). This means that the generated addresses aren't predictable. If the addresses come from a predictable or partially-predictable pattern, someone else who can predict the pattern addresses can steal the balance. Generally, this rules out any "web-based" generator unless you can be sure that both your browser and the JavaScript code are taking advantage of the strongest cryptographic routines available.[http://www.w3.org/TR/WebCryptoAPI/]

===Printer Security===

Some printers will store the output using storage in which the data can be recovered from the printer's memory or from a hard drive (if the printer has one) and stores its print jobs there. Most larger commercial printers have hard drives but whether or not documents are stored on them will vary based on manufacturer and model. Similarly, some operating system and print drivers will save a cache of printed documents.

==Redeeming Keys==

There are various methods for copying the private key data from a paper wallet to other wallets.
bitcoind supports an "importprivkey" RPC method for this purpose.
Bitcoin-Qt's debug console can also be used in a similar way (see also [[how to import private keys v7+]]).
[[BlockChain.info]] and [[Armory]] can also import them directly into wallets.
[[MtGox|Mt. Gox]] provides the ability to Add Funds using a private key:
the exchange will then create a "sweep" transaction that spends any amount for that paper wallet address so that the amount is added to your account with them; it will also sweep to your account any bitcoins received to that address in the future as well.

==See Also==

* [[Private key]]

* [[Securing_your_wallet#Paper_Wallets]]

* [[How to import private keys]]

* [http://localbitcoins.blogspot.fi/2012/11/start-your-own-money-press.html Guide to paper wallets]

[[Category:Security]]

[[es:Monedero de papel]]

Paper wallet

2013-10-09T21:12:36Z

Canton: /* Producing safe paper wallets */ Simplified language

A '''paper wallet''' is a way to store Bitcoins that involves printing the Bitcoin addresses and private keys directly on a piece of paper. When done properly, paper wallets are one of the safest ways possible to store Bitcoins.

__TOC__

A Bitcoin [[private key]] can be represented in several formats, but is typically a string of numbers and letters no more than about 51 characters in length. This is easy to print on paper, and if kept secret, can securely hold an unlimited quantity of Bitcoins.

==Producing safe paper wallets==

[[File:BitcoinPaperWallet-sample.jpg|frame|right|400px|BitcoinPaperWallet style wallet with private key hidden beneath folds]]
Several tools exist for producing paper wallets, including [[BitAddress.org]], [[BitcoinPaperWallet]], [[vanitygen]], [[LinuxCoin]], and [[Bitcoin Address Utility]]. Paper wallets must be securely generated in order to be safe, because any leak of the private key may enable an attacker to steal any present and future balance of the address. Consider the following:
* Paper wallets should be produced on a computer not connected to the Internet.
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your paper wallet. Also consider that antivirus software cannot completely rule out the possibility of malware. However, using bootable CD's prevents the vast majority of malware from being able to run. If you can generate a paper wallet with a bootable CD such as [[LinuxCoin]], the likelihood of malware being able to compromise your keys is very low.
* The private keys of paper wallets should never be saved to a computer hard drive. You should also never scan your paper wallet into your computer or type the private keys or save them in e-mail, except at the moment you are redeeming the balance.
* If possible, the private key of a paper wallet should be kept hidden, for example by folding the paper to hide the private key so that a photograph or photocopy of the wallet will not reveal or replicate the private key.
* A web-based paper wallet generator should be written so that all of the generation happens on your computer, not the web server. After you load the paper wallet generating website in your web browser, you should disconnect from the internet, and observe that the paper wallet generator continues to function. Afterward, you should close your browser before reconnecting to the Internet.
* A paper wallet generator should use an appropriate source of random numbers (entropy). This means that the generated addresses aren't predictable. If the addresses come from a predictable or partially-predictable pattern, someone else who can predict the pattern addresses can steal the balance. Generally, this rules out any "web-based" generator unless you can be sure that both your browser and the JavaScript code are taking advantage of the strongest cryptographic routines available.[http://www.w3.org/TR/WebCryptoAPI/]

===Printer Security===

Some printers will store the output using storage in which the data can be recovered from the printer's memory or from a hard drive (if the printer has one) and stores its print jobs there. Most larger commercial printers have hard drives but whether or not documents are stored on them will vary based on manufacturer and model. Similarly, some operating system and print drivers will save a cache of printed documents.

==Redeeming Keys==

There are various methods for copying the private key data from a paper wallet to other wallets.
bitcoind supports an "importprivkey" RPC method for this purpose.
Bitcoin-Qt's debug console can also be used in a similar way (see also [[how to import private keys v7+]]).
[[BlockChain.info]] and [[Armory]] can also import them directly into wallets.
[[MtGox|Mt. Gox]] provides the ability to Add Funds using a private key:
the exchange will then create a "sweep" transaction that spends any amount for that paper wallet address so that the amount is added to your account with them; it will also sweep to your account any bitcoins received to that address in the future as well.

==See Also==

* [[Private key]]

* [[Securing_your_wallet#Paper_Wallets]]

* [[How to import private keys]]

* [http://localbitcoins.blogspot.fi/2012/11/start-your-own-money-press.html Guide to paper wallets]

[[Category:Security]]

[[es:Monedero de papel]]

Paper wallet

2013-10-09T21:09:49Z

Canton: /* Producing safe paper wallets */ Added illustration (sample wallet)

A '''paper wallet''' is a way to store Bitcoins that involves printing the Bitcoin addresses and private keys directly on a piece of paper. When done properly, paper wallets are one of the safest ways possible to store Bitcoins.

__TOC__

A Bitcoin [[private key]] can be represented in several formats, but is typically a string of numbers and letters no more than about 51 characters in length. This is easy to print on paper, and if kept secret, can securely hold an unlimited quantity of Bitcoins.

==Producing safe paper wallets==

[[File:BitcoinPaperWallet-sample.jpg|frame|right|400px|BitcoinPaperWallet style wallet with private key hidden beneath folds]]
Several tools exist for producing paper wallets, including [[BitAddress.org]], [[BitcoinPaperWallet]], [[vanitygen]], [[LinuxCoin]], and [[Bitcoin Address Utility]]. Paper wallets must be produced securely in order to be safe, because any leak of the private key constitutes the ability for an attacker to steal any present and future balance of the address. Consider the following:
* Paper wallets should be produced on a computer not connected to the Internet.
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your paper wallet. Also consider that antivirus software cannot completely rule out the possibility of malware. However, using bootable CD's prevents the vast majority of malware from being able to run. If you can generate a paper wallet with a bootable CD such as [[LinuxCoin]], the likelihood of malware being able to compromise your keys is very low.
* The private keys of paper wallets should never be saved to a computer hard drive. You should also never scan your paper wallet into your computer or type the private keys or save them in e-mail, except at the moment you are redeeming the balance.
* If possible, the private key of a paper wallet should be kept hidden, for example by folding the paper to hide the private key so that a photograph or photocopy of the wallet will not reveal or replicate the private key.
* A web-based paper wallet generator should be written so that all of the generation happens on your computer, not the web server. After you load the paper wallet generating website in your web browser, you should disconnect from the internet, and observe that the paper wallet generator continues to function. Afterward, you should close your browser before reconnecting to the Internet.
* A paper wallet generator should use an appropriate source of random numbers (entropy). This means that the generated addresses aren't predictable. If the addresses come from a predictable or partially-predictable pattern, someone else who can predict the pattern addresses can steal the balance. Generally, this rules out any "web-based" generator unless you can be sure that both your browser and the JavaScript code are taking advantage of the strongest cryptographic routines available.[http://www.w3.org/TR/WebCryptoAPI/]

===Printer Security===

Some printers will store the output using storage in which the data can be recovered from the printer's memory or from a hard drive (if the printer has one) and stores its print jobs there. Most larger commercial printers have hard drives but whether or not documents are stored on them will vary based on manufacturer and model. Similarly, some operating system and print drivers will save a cache of printed documents.

==Redeeming Keys==

There are various methods for copying the private key data from a paper wallet to other wallets.
bitcoind supports an "importprivkey" RPC method for this purpose.
Bitcoin-Qt's debug console can also be used in a similar way (see also [[how to import private keys v7+]]).
[[BlockChain.info]] and [[Armory]] can also import them directly into wallets.
[[MtGox|Mt. Gox]] provides the ability to Add Funds using a private key:
the exchange will then create a "sweep" transaction that spends any amount for that paper wallet address so that the amount is added to your account with them; it will also sweep to your account any bitcoins received to that address in the future as well.

==See Also==

* [[Private key]]

* [[Securing_your_wallet#Paper_Wallets]]

* [[How to import private keys]]

* [http://localbitcoins.blogspot.fi/2012/11/start-your-own-money-press.html Guide to paper wallets]

[[Category:Security]]

[[es:Monedero de papel]]

BitcoinPaperWallet

2013-10-09T21:01:21Z

Canton: /* Differences from BitAddress */

[https://bitcoinpaperwallet.com BitcoinPaperWallet.com] is an open-source paper wallet generator based on the [[BitAddress]] generator. It runs on any modern web browser and relies on JavaScript for all cryptographic functionality.

== Differences from BitAddress ==

While BitAddress is capable of generating "brain wallets", pool-generated vanity wallets, and bulk wallets, BitcoinPaperWallet has been simplified such that its only function is to produce paper wallets. Additionally:

* Paper wallets printed using BitcoinPaperWallet feature a tri-fold design that is sealed shut so as to hide the wallet's private key and QR code from view.
* The reverse side of the design includes instructions for general use as well as a ledger for writing down deposits or other notes.
* The overall design includes a number of features to discourage casual tampering efforts that might otherwise reveal the private key without notice.
* The generator includes an option for printing a paper wallet by pasting in a self-generated private key or vanity address, bypassing the random address generator altogether

[[Image:BitcoinPaperWallet-sample.jpg]]

== Similarities to BitAddress ==

BitcoinPaperWallet is a GitHub "fork" of BidAddress and uses identical cryptography functions and methods. Similarly:

* The generator works entirely from within a web browser.
* Addresses are never transmitted over the Internet
* The full source code can be examined via "view source" in web browser.
* Cryptographic work is done using the the browser's built-in JavaScript crypto API along with open-source JavaScript libraries
* The generator can be run offline by [https://github.com/cantonbecker/bitcoinpaperwallet downloading a ZIP archive] of the HTML from GitHub.

Paper wallet

2013-10-09T20:59:38Z

Canton: /* Producing safe paper wallets */

A '''paper wallet''' is a way to store Bitcoins that involves printing the Bitcoin addresses and private keys directly on a piece of paper. When done properly, paper wallets are one of the safest ways possible to store Bitcoins.

__TOC__

A Bitcoin [[private key]] can be represented in several formats, but is typically a string of numbers and letters no more than about 51 characters in length. This is easy to print on paper, and if kept secret, can securely hold an unlimited quantity of Bitcoins.

==Producing safe paper wallets==

Several tools exist for producing paper wallets, including [[BitAddress.org]], [[BitcoinPaperWallet]], [[vanitygen]], [[LinuxCoin]], and [[Bitcoin Address Utility]]. Paper wallets must be produced securely in order to be safe, because any leak of the private key constitutes the ability for an attacker to steal any present and future balance of the address. Consider the following:
* Paper wallets should be produced on a computer not connected to the Internet.
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your paper wallet. Also consider that antivirus software cannot completely rule out the possibility of malware. However, using bootable CD's prevents the vast majority of malware from being able to run. If you can generate a paper wallet with a bootable CD such as [[LinuxCoin]], the likelihood of malware being able to compromise your keys is very low.
* The private keys of paper wallets should never be saved to a computer hard drive. You should also never scan your paper wallet into your computer or type the private keys or save them in e-mail, except at the moment you are redeeming the balance.
* If possible, the private key of a paper wallet should be kept hidden, for example by folding the paper to hide the private key so that a photograph or photocopy of the wallet will not reveal or replicate the private key.
* A web-based paper wallet generator should be written so that all of the generation happens on your computer, not the web server. After you load the paper wallet generating website in your web browser, you should disconnect from the internet, and observe that the paper wallet generator continues to function. Afterward, you should close your browser before reconnecting to the Internet.
* A paper wallet generator should use an appropriate source of random numbers (entropy). This means that the generated addresses aren't predictable. If the addresses come from a predictable or partially-predictable pattern, someone else who can predict the pattern addresses can steal the balance. Generally, this rules out any "web-based" generator unless you can be sure that both your browser and the JavaScript code are taking advantage of the strongest cryptographic routines available.[http://www.w3.org/TR/WebCryptoAPI/]

===Printer Security===

Some printers will store the output using storage in which the data can be recovered from the printer's memory or from a hard drive (if the printer has one) and stores its print jobs there. Most larger commercial printers have hard drives but whether or not documents are stored on them will vary based on manufacturer and model. Similarly, some operating system and print drivers will save a cache of printed documents.

==Redeeming Keys==

There are various methods for copying the private key data from a paper wallet to other wallets.
bitcoind supports an "importprivkey" RPC method for this purpose.
Bitcoin-Qt's debug console can also be used in a similar way (see also [[how to import private keys v7+]]).
[[BlockChain.info]] and [[Armory]] can also import them directly into wallets.
[[MtGox|Mt. Gox]] provides the ability to Add Funds using a private key:
the exchange will then create a "sweep" transaction that spends any amount for that paper wallet address so that the amount is added to your account with them; it will also sweep to your account any bitcoins received to that address in the future as well.

==See Also==

* [[Private key]]

* [[Securing_your_wallet#Paper_Wallets]]

* [[How to import private keys]]

* [http://localbitcoins.blogspot.fi/2012/11/start-your-own-money-press.html Guide to paper wallets]

[[Category:Security]]

[[es:Monedero de papel]]

Paper wallet

2013-10-09T20:58:54Z

Canton: /* Producing safe paper wallets */ Added BitcoinPaperWallet as a generator. Updated information on printer security and javascript crypto.

A '''paper wallet''' is a way to store Bitcoins that involves printing the Bitcoin addresses and private keys directly on a piece of paper. When done properly, paper wallets are one of the safest ways possible to store Bitcoins.

__TOC__

A Bitcoin [[private key]] can be represented in several formats, but is typically a string of numbers and letters no more than about 51 characters in length. This is easy to print on paper, and if kept secret, can securely hold an unlimited quantity of Bitcoins.

==Producing safe paper wallets==

Several tools exist for producing paper wallets, including [[BitAddress.org]], [[BitcoinPaperWallet]],[[vanitygen]], [[LinuxCoin]], and [[Bitcoin Address Utility]]. Paper wallets must be produced securely in order to be safe, because any leak of the private key constitutes the ability for an attacker to steal any present and future balance of the address. Consider the following:
* Paper wallets should be produced on a computer not connected to the Internet.
* Be aware that malware often allows a remote third party to view your screen and see your keystrokes, and these can compromise the integrity of your paper wallet. Also consider that antivirus software cannot completely rule out the possibility of malware. However, using bootable CD's prevents the vast majority of malware from being able to run. If you can generate a paper wallet with a bootable CD such as [[LinuxCoin]], the likelihood of malware being able to compromise your keys is very low.
* The private keys of paper wallets should never be saved to a computer hard drive. You should also never scan your paper wallet into your computer or type the private keys or save them in e-mail, except at the moment you are redeeming the balance.
* If possible, the private key of a paper wallet should be kept hidden, for example by folding the paper to hide the private key so that a photograph or photocopy of the wallet will not reveal or replicate the private key.
* A web-based paper wallet generator should be written so that all of the generation happens on your computer, not the web server. After you load the paper wallet generating website in your web browser, you should disconnect from the internet, and observe that the paper wallet generator continues to function. Afterward, you should close your browser before reconnecting to the Internet.
* A paper wallet generator should use an appropriate source of random numbers (entropy). This means that the generated addresses aren't predictable. If the addresses come from a predictable or partially-predictable pattern, someone else who can predict the pattern addresses can steal the balance. Generally, this rules out any "web-based" generator unless you can be sure that both your browser and the JavaScript code are taking advantage of the strongest cryptographic routines available.[http://www.w3.org/TR/WebCryptoAPI/]

===Printer Security===

Some printers will store the output using storage in which the data can be recovered from the printer's memory or from a hard drive (if the printer has one) and stores its print jobs there. Most larger commercial printers have hard drives but whether or not documents are stored on them will vary based on manufacturer and model. Similarly, some operating system and print drivers will save a cache of printed documents.

==Redeeming Keys==

There are various methods for copying the private key data from a paper wallet to other wallets.
bitcoind supports an "importprivkey" RPC method for this purpose.
Bitcoin-Qt's debug console can also be used in a similar way (see also [[how to import private keys v7+]]).
[[BlockChain.info]] and [[Armory]] can also import them directly into wallets.
[[MtGox|Mt. Gox]] provides the ability to Add Funds using a private key:
the exchange will then create a "sweep" transaction that spends any amount for that paper wallet address so that the amount is added to your account with them; it will also sweep to your account any bitcoins received to that address in the future as well.

==See Also==

* [[Private key]]

* [[Securing_your_wallet#Paper_Wallets]]

* [[How to import private keys]]

* [http://localbitcoins.blogspot.fi/2012/11/start-your-own-money-press.html Guide to paper wallets]

[[Category:Security]]

[[es:Monedero de papel]]

BitcoinPaperWallet

2013-10-09T20:47:48Z

Canton: Brand new page for this project

[https://bitcoinpaperwallet.com BitcoinPaperWallet.com] is an open-source paper wallet generator based on the [[BitAddress]] generator. It runs on any modern web browser and relies on JavaScript for all cryptographic functionality.

== Differences from BitAddress ==

While BitAddress is capable of generating so-called "brain wallets", pool-generated vanity wallets, and bulk wallets, BitcoinPaperWallet has been simplified such that its only function is to produce paper wallets. Additionally:

* Paper wallets printed using BitcoinPaperWallet feature a tri-fold design that is sealed shut so as to hide the wallet's private key and QR code from view.
* The reverse side of the design includes instructions for general use as well as a ledger for writing down deposits or other notes.
* The overall design includes a number of features to discourage casual tampering efforts that might otherwise reveal the private key without notice.
* The generator includes an option for printing a paper wallet by pasting in a self-generated private key or vanity address, bypassing the random address generator altogether

[[Image:BitcoinPaperWallet-sample.jpg]]

== Similarities to BitAddress ==

BitcoinPaperWallet is a GitHub "fork" of BidAddress and uses identical cryptography functions and methods. Similarly:

* The generator works entirely from within a web browser.
* Addresses are never transmitted over the Internet
* The full source code can be examined via "view source" in web browser.
* Cryptographic work is done using the the browser's built-in JavaScript crypto API along with open-source JavaScript libraries
* The generator can be run offline by [https://github.com/cantonbecker/bitcoinpaperwallet downloading a ZIP archive] of the HTML from GitHub.

File:BitcoinPaperWallet-sample.jpg

2013-10-09T20:45:32Z

Canton: A sample of a paper wallet generated using the BitcoinPaperWallet.com design, secured with tamper-evident hologram stickers and sealed in a waterproof zip-seal bag.

== Summary ==
A sample of a paper wallet generated using the BitcoinPaperWallet.com design, secured with tamper-evident hologram stickers and sealed in a waterproof zip-seal bag.
== Licensing ==
{{self|Cc-zero}}