Difference between revisions of "Paper wallet"

From Organic Design
m (About BIP-39 and BIP-32)
(See also: Bitcoin Swiss Army Knife in a verifiably secure self-contained Live CD/USB)
Line 49: Line 49:
*[[Hash]] ''- explaining hashing and how it relates to crypto-addresses''
*[[Hash]] ''- explaining hashing and how it relates to crypto-addresses''
*[https://en.bitcoin.it/wiki/Seed_phrase Seed phrase at Bitcoin wiki]
*[https://en.bitcoin.it/wiki/Seed_phrase Seed phrase at Bitcoin wiki]
*[https://bitkey.io/ BitKey.io] ''- Bitcoin Swiss Army Knife in a verifiably secure self-contained Live CD/USB''

Revision as of 20:26, 13 July 2019

Storing Crypto-currency in a paper wallet is one of the simplest ways to hold your savings securely, but you should follow some important steps to be sure that you can truly be confident in its security. A paper wallet is a way of keeping your assets safe by having the only way to access them written on a piece of paper so that they're safe against hackers, theft or mechanical failure.

The procedure described here is a way of using the popular Exodus multi-asset wallet software as a secure paper wallet consisting of a single twelve word phrase which can secure a wide variety of different crypto-currencies. Since the twelve word phrase we create allows access to the savings within it, we want to be very certain that it has not been seen by any hackers or malware, so it should be created and written down while the computer is offline, and further more should be created from within an operating system that has never been online before. To do this we'll be using a Linux operating system booted live from a USB stick.

One small complication is that Exodus does not natively give access to the twelve word backup phrase until after some funds have been sent to the wallet. They've done it like this to make their backup procedure much more friendly and easy to follow safely for beginners, but it's no good for creating a secure paper wallet. Fortunately there's a simple way around this - any source of twelve word phrase will do, as long as they conform to the BIP-39 protocol. We'll be using the Coinomi standalone BIP-39 seed generator for this.

Another protocol called BIP-32 standardises the way that lists of addresses and private keys across a vast variety of different types of crypto-assets can be generated from this initial seed. This would mean that any wallets supporting BIP-32 would derive exactly the same addresses for their assets when importing the same BIP-39 phrase. This would make the creation of paper wallets much easier, because any standalone tool (such as the Coinomi one we're using here) that also supports BIP-32 to reveal the addresses would be all that's needed. Unfortunately, this is not quite universally implemented yet, so it's safest to use your chosen wallet (in our case Exodus) to determine your paper wallet addresses.

What you'll need

The procedure

  • Disconnect your computer from the network and reboot into the live Linux OS on the USB stick.
  • Insert the other USB stick and run both Exodus and the BIP-39 seed generator, and also open a text editor.
  • In the seed generator page, select 12 for the number of words and click "Generate", then write down the resulting twelve words and also select them and CTRL+C them ready to paste.
  • The words you wrote down is your paper wallet, write a second copy and store them safely.
  • In Exodus click "restore from 12 word phrase", it will then restart and allow you to paste the twelve words in that you copied in the previous step.
  • Wait for the recovery to complete which may take about five minutes (even though we're offline, it still takes a while since it keeps trying to connect).
  • Select "wallet", go to all the asset types you care about and paste their receive addresses into the text editor you opened (noting down what asset type each address is).
  • Optional: Open the developer menu (CTRL+SHIFT+D) and select "Export Safe Report Data". The Safe Report is a read-only backup you can use to check on your savings safely in Exodus.
  • Save the text in the text editor to a file on the USB stick, and copy the Safe Report from the exports folder on the desktop to the USB stick as well.
  • Remove the bootable USB, reboot into your normal OS and reconnect the net.
  • That's it! You can now send assets to the addresses you noted down, and they will be accessible in Exodus by restoring from your paper wallet's twelve word phrase.

Accessing the assets

To check the balances of the coins in a safe read-only way you can run Exodus and import the safe-report zip file you exported, note that this will over-right any existing data in Exodus. The safe report allows you to easily keep track of the balances of all the assets in your paper wallet, and even to obtain public addresses of other assets in the same wallet you may wish to send coins to that you didn't initially make a note of.

To spend the coins, you'll need to run Exodus and recover from the twelve word phrase - but note that you would have then compromised the security of your paper wallet, so once you do this it would be best to create another paper wallet and send the remaining funds to it.

About BIP-39 and BIP-32

The BIP-39 and BIP-32 protocols are used by many wallets such as Electrum, Coinomi or Exodus so that all the addresses they use along with their private keys are generated from single seed phrase.

A simplified explanation of how seed phrases work is that the wallet software has a list of words taken from a dictionary, with each word assigned to a number. The seed phrase can be converted to a number which is used as the seed integer to a deterministic wallet that generates all the key pairs used in the wallet. The English-language wordlist for the BIP39 standard has 2048 words, so if the phrase contained only 12 random words, the number of possible combinations would be 204812 which is 2132 meaning the phrase would have 132 bits of security. However, some of the data in a BIP-39 phrase is used for check-summing, so the actual security aspect of the seed phrase is only 128 bits. This is approximately the same strength as all Bitcoin private keys, so most experts consider it to be sufficiently secure.

The seed can generate any number of addresses for assets across most different types of cryptos. The seed phrase is the root of a potentially infinite tree of assets types and addresses for each asset. When a wallet imports the phrase, it scans this tree for all addresses. For each asset, each address starting with the first are checked for coins and added to the wallet, then the next address checked until an empty address is found. BIP-39 defines the way the phrase is made, and BIP-32 defines the way to make a tree of addresses from a single seed.

Coinomi have released an open source standalone BIP-39 seed generator that allows you to generate BIP-39 phrases and to see the addresses associated with the phrases. Just save the tool (by right-clicking the "raw" button and selecting "save link as") and the run it in you browser. Select the number of words (usually 12 for most wallets) and then you can select different coins and check their addresses from the bottom of the page. The image to the right shows the relevant fields in the Coinomi tool page that appear after you click the "generate button", first is the backup phrase, second is the number of words which is usually 12, third is the type of coin you want to see the addresses for, and last is the first address in the list. You can change the coin setting to get the addresses of different coins without the phrase changing. Alternatively you could enter an existing phrase to see more different addresses associated with it.

Eventually this means will mean that a single phrase can act as a backup for many different addresses and cryptos, and since many different wallets support the protocol, the same backup phrase can be imported into any of them. But currently wallets that support BIP-39 do not implement it exactly the same way, many use a different "path" so that the same seed leads to a different set of addresses in different wallets. Also some that use the same seed end up with different addresses for just some assets.

For example if you create a seed and look at the addresses in the BIP-39 tool and compare those same addresses to the ones in Exodus after importing the same seed, you can see that most of the Exodus receive addresses such as for Bitcoin, Litecoin and Dash all match the first address in the Coinomi tool list for the same coin. But if you look at the Ethereum address, you'll find it doesn't match, the Exodus receive address for Ethereum is no where to be found in the address list on the Coinomi tool.

This is the reason that in my procedure above, I have chosen a specific wallet (Exodus) and obtain the addresses from the wallet directly, not from the BIP-39 tool. However, if you used the tools addresses and restored your wallet and found that some assets were missing, you could still recover those assets by entering the 12 word phrase into the BIP-39 tool and getting the private key for that address, and then importing just that key into a wallet that supports that asset.

See also