BitcoinPaperWallet: Difference between revisions

From Bitcoin Wiki
Jump to navigation Jump to search
NotATether (talk | contribs)
Reflect ongoing developments of bitcoinpaperwallet.com credibility. See https://bitcointalk.org/index.php?topic=5322560.msg56522876#msg56522876 for details.
NotATether (talk | contribs)
Add new evidence implying that offline usage is unsafe. Details available at
 
(One intermediate revision by the same user not shown)
Line 8: Line 8:
At the end of April 2018, Canton Becker, the owner of BitcoinPaperWallet.com at the time, announced via a signed PGP message that he had sold the website to an unknown owner,<ref>[https://bitcointalk.org/index.php?topic=169836.msg46727114#msg46727114 The official BitcoinPaperWallet.com thread -- updates and news.]</ref> later revealed to be Sarkis Sarkissian.<ref>[https://news.bitcoin.com/crypto-users-claim-popular-bitcoin-paper-wallet-generator-is-compromised-millions-allegedly-stolen/ Crypto Users Claim Popular Bitcoin Paper Wallet Generator Is Compromised, Millions Allegedly Stolen - news.bitcoin.com]</ref> Since then, there have been multiple accusations of BitcoinPaperWallet.com generating used private keys<ref>[https://bitcointalk.org/index.php?topic=5247201.msg54398322#msg54398322 Why has my newly created Bitcoin address already been used? - Bitcointalk.org]</ref> and private keys created from it being stolen.<ref>[https://bitcoin.stackexchange.com/questions/85038/what-did-i-do-wrong-that-caused-me-to-lose-bitcoin What did I do wrong that caused me to lose bitcoin? - Bitcoin Stack Exchange]</ref><ref>[https://www.reddit.com/r/Bitcoin/comments/cs68ri/my_paper_wallet_generated_on/ My paper wallet generated on bitcoinpaperwallet.com was hacked! - Reddit]</ref> Sarkissian has denied these allegations.
At the end of April 2018, Canton Becker, the owner of BitcoinPaperWallet.com at the time, announced via a signed PGP message that he had sold the website to an unknown owner,<ref>[https://bitcointalk.org/index.php?topic=169836.msg46727114#msg46727114 The official BitcoinPaperWallet.com thread -- updates and news.]</ref> later revealed to be Sarkis Sarkissian.<ref>[https://news.bitcoin.com/crypto-users-claim-popular-bitcoin-paper-wallet-generator-is-compromised-millions-allegedly-stolen/ Crypto Users Claim Popular Bitcoin Paper Wallet Generator Is Compromised, Millions Allegedly Stolen - news.bitcoin.com]</ref> Since then, there have been multiple accusations of BitcoinPaperWallet.com generating used private keys<ref>[https://bitcointalk.org/index.php?topic=5247201.msg54398322#msg54398322 Why has my newly created Bitcoin address already been used? - Bitcointalk.org]</ref> and private keys created from it being stolen.<ref>[https://bitcoin.stackexchange.com/questions/85038/what-did-i-do-wrong-that-caused-me-to-lose-bitcoin What did I do wrong that caused me to lose bitcoin? - Bitcoin Stack Exchange]</ref><ref>[https://www.reddit.com/r/Bitcoin/comments/cs68ri/my_paper_wallet_generated_on/ My paper wallet generated on bitcoinpaperwallet.com was hacked! - Reddit]</ref> Sarkissian has denied these allegations.


It is reported that the website's backend has a backdoor that sends the private keys generated across the Internet to its servers.<ref>[https://www.coindesk.com/bitcoinpaperwallet-back-door-missing-funds-research BitcoinPaperWallet ‘Back Door’ Responsible for Millions in Missing Funds, Research Suggests]</ref>
== Backdoor ==
 
The new version of BitcoinPaperWallet.com includes a backdoor hidden inside the site's JavaScript code in a function called ''sha256_test''. This function attempts to disguise itself as a unit test, however, it has been discovered that this function actually contains 60 pre-generated public/private keypairs encoded in base64 which are returned to the user. <ref>https://bitcointalk.org/index.php?topic=5322560.msg56568297#msg56568297</ref>. Therefore, '''it is no longer safe to download the webpage source and run it offline, as the private keys have already been exposed to the internet.'''
 
<span style="color:red">The conclusion is that using keys generated from this website will cause any money sent to them to get stolen. The information in the sections below is therefore for historical reference only.</span>


== Secure usage ==
== Secure usage ==

Latest revision as of 09:23, 15 March 2021

Warning: one or more users have reported that this website or utility has been compromised. Using private keys or seed phrases from compromised websites and utilities will cause you to lose your money. Exercise caution while using compromised websites and tools and do not download any data from them.

BitcoinPaperWallet.com was an open-source paper wallet generator based on the BitAddress generator. Its source code is available on Github for the version as recent as April 2018, when the website was sold to a new owner[1]. It runs on any modern web browser and relies on JavaScript for all cryptographic functionality.

Change of ownership

At the end of April 2018, Canton Becker, the owner of BitcoinPaperWallet.com at the time, announced via a signed PGP message that he had sold the website to an unknown owner,[2] later revealed to be Sarkis Sarkissian.[3] Since then, there have been multiple accusations of BitcoinPaperWallet.com generating used private keys[4] and private keys created from it being stolen.[5][6] Sarkissian has denied these allegations.

Backdoor

The new version of BitcoinPaperWallet.com includes a backdoor hidden inside the site's JavaScript code in a function called sha256_test. This function attempts to disguise itself as a unit test, however, it has been discovered that this function actually contains 60 pre-generated public/private keypairs encoded in base64 which are returned to the user. [7]. Therefore, it is no longer safe to download the webpage source and run it offline, as the private keys have already been exposed to the internet.

The conclusion is that using keys generated from this website will cause any money sent to them to get stolen. The information in the sections below is therefore for historical reference only.

Secure usage

  • A safe way to use this generator is to download the generator from GitHub so that it can be run as a "local" webpage using a secure offline computer. No Internet connection is required to generate new paper wallets and Bitcoin addresses.
  • For the highest level of security, install the BitcoinPaperWallet generator onto an absolutely clean (virus-free, no unnecessary applications installed) "Live CD" or bootable USB thumbdrive.

Differences from BitAddress

While BitAddress is capable of generating "brain wallets", pool-generated vanity wallets, and bulk wallets, BitcoinPaperWallet has been simplified such that its only function is to produce paper wallets. Additionally:

  • Paper wallets printed using BitcoinPaperWallet feature a tri-fold design that is sealed shut so as to hide the wallet's private key and QR code from view.
  • The reverse side of the design includes instructions for general use as well as a ledger for writing down deposits or other notes.
  • The overall design includes a number of features to discourage casual tampering efforts that might otherwise reveal the private key without notice.
  • The generator includes an option for printing a paper wallet by pasting in a self-generated private key or vanity address, bypassing the random address generator altogether.

Similarities to BitAddress

BitcoinPaperWallet is a GitHub "fork" of BitAddress and uses verifiably identical cryptographic functions and methods. Similarly:

  • The generator works entirely from within a web browser.
  • No Internet connection is required for the generator to work.
  • The full source code can be examined via "view source" in web browser.
  • Cryptographic work, random number generation, and random data seeding ("gathering entropy") is accomplished using JavaScript.
  • The generator can be run offline by downloading a ZIP archive of the HTML from GitHub.

Designs

The BitcoinPaperWallet design is available in 12 different languages. Designs for special occasions are also available, for example these designs for the Christmas holiday or for giving money in red envelopes (e.g. for Chinese New Year.)

References