Simple Guide to Creating a Bitcoin Paper Wallet/Cold Storage.

in #bitcoin8 years ago (edited)

Hello, Steem-Os, back again with another laymen's lesson Bitcoin, this time guiding you through the process of creating your own paper wallet.

First off, you might be wondering what the hell IS a paper wallet, anyway, and why do I need one? This is a great question. As Donald Trump has recently--and quite emphatically--proclaimed:

"NO COMPUTER IS SAFE. NO COMPUTER IS SAFE."

And as that famous Morgan Freeman meme proclaims, He's right, you know.

While many mobile apps and desktop wallets back up your coins by providing you with a 12 or 13-word seed password by which you can recover your coins in case anything happens to your computer or mobile device, other online wallets aren't so safe. Online crypto exchanges really aren't safe, all things considered. See, for example, Mt. Gox and Bitfinex. Also see the IRS putting pressure on American based online exchange, Coinbase, currently.

The reason for making a paper wallet(s) is simple: security. It is much easier to keep a piece of paper safe than coins floating in some online exchange's control (plus the "bitcoin dollar bills" look pretty fucking cool!).

Let's get to it.

Step 1:

Go to bitaddress.org and save the page to your desktop as a .htm file so you can access it offline. Where you will need to click for this depends on your browser.

Step 2:

No computer is safe! Disconnect from ALL internet connections. In my case, I both clicked disconnect on my wi-fi icon, and also manually disconnected the cable from my router. You can also manually disable all connections from your PC's control panel.

(** NOTE: It was brought to my attention by a commentor (see comments below) that if one's computer is already compromised, the computer bug/virus/malware might potentially log data while offline, and then resend it once reconnected. To be EXTRA SAFE, users may wish to first copy the.htm file to a computer or device they know for sure is clean, and then create the wallet. Use your own discretion to decide which method is best for you.)

Step 3:

Go to the .htm file you saved on your desktop, and open bitaddress.org NOT CONNECTED TO THE INTERNET.
Drag your mouse around in random patterns until the percentage reader reads 100%. This is generating a random address and private key for you. The page will then automatically redirect.

Step 4:

You will now see QR codes for your public address and private key. In the green menu above these codes, select "paper wallet." A new screen will show up.

Step 5:

On this new screen change "addresses to generate" and "addresses per page" to 1. Check the "BIP38 ENCRYPT" box and make a password. This way, even if someone somehow stumbles upon your private key, they will still have to know the password to access the wallet. Make it a good one. Now, hit "generate."

Step 6:

Voila! There's your purty Bitcoin money! Now print out at least 2 copies (if you lose this private key you've lost your money) and hide them in a safe place. To put bitcoins on this address, simply scan the QR code or use the public address and send funds via any other wallet.

( ** NOTE 2: If you are going to spend funds from your paper wallet, it is a best practice to spend all of it only once. The reason being, once you send bitcoins from your wallet, the private key has then been potentially exposed, as you have entered your encryption password and also the key in the fields necessary to send. Also someone commented that sometimes the send address may change after sending. I don't see how this point is true, but am looking into it. As above, use your own discretion.)

You can check to make sure these funds have arrived by searching your paper wallet's address on blockchain.info when you reconnect to the intenet, BUT BEFORE YOU RECONNECT!!!!

Step 7!:

Clear all of your browser's cookies, web history, and cache! Then, RESTART your computer, and finally AFTER restarting, reconnect.

~*~

Enjoy your newfound security and cold, hard cash!

~KafkA

IMG_6356.jpg


Graham Smith is a Voluntaryist activist, creator, and peaceful parent residing in Niigata City, Japan. Graham runs the "Voluntary Japan" online initiative with a presence here on Steem, as well as Facebook and Twitter. Hit me up so I can stop talking about myself in the third person!

Sort:  

thanks for that usefull tutorial, mate! ;)

Hi. It is useful post for me. Folow you. Resteem and bookmark this post.

Thank you. I'm very glad to hear that.

Hi , I'm here from his blog (@artem-sokoloff) , Resteemed Voted and Following. Wish I had bitcoins :D , thanks for the tutorial , what actually interested me was Voluntary Japan initiative , I will dig into that tomorrow.

Are we ready for the fiat digital currency ? :D Sure would be nice to not inflate or devalue.

Btw I have no wallet , other than the one from Steem , so check my second post please :_) , let me rest peacefully tonight and have tomorrow more focused on work , rather than STEEMING all day :D
https://steemit.com/story/@j3dy/answer-to-life-challenge30-day2-train-and-think-or-steemit-review

This is an interesting post! i read about paper wallets but i didn't know how to make one, thanks a lot for sharing
Voted & Resteemed

Excellent! Thank you so much, and I am really glad to hear that this was helpful to you!

Although you can deposit funds into a paper wallet several times,
you should withdraw all funds only once, spending everything. This
is because in the process of unlocking and spending funds, you ex‐
pose the private key, and because some wallets might generate a
change address if you spend less than the whole amount. One way
to do this is to withdraw the entire balance stored in the paper wal‐
let and send any remaining funds to a new paper wallet.

This is good to know. I guess it is true that once you use the private key to spend from the address it is potentially compromised. It is not my understanding that this key can change, though, not allowing one to spend from said address. The key is set in the blockchain. Am I missing something here?

Your private key is never transmitted to the network for any reason. The next question is how the network can validate that a transaction is "yours". This is possible because Bitcoin uses Public Key Cryptography (also know as asymetric cryptopgraphy).

Your addresses consist of a pair of keys which are mathematically linked. It is easy to determine the public key from the private key but impossible to determine the private key from the public key. It is more accurate to say it is computationally infeasible to determine the private key from the public key unless there is some cryptographic flaw.

Your public key is included in the transaction (along with destination and amount). The entire transaction is then signed with your private key. The signature is unique based on your private key and the contents of the transaction. Someone can't re-use a signature because it is only valid for a unique transaction.

When the network detects a transaction it will verify it by comparing the signature and public key to the transaction. While an attacker knows the public key he would need to know the private key to generate a valid signature.

Sorry, I thought you were someone else, so my first reply didn't make sense. If the private key is never exposed to the network, why in your original comment did you say that

you should withdraw all funds only once, spending everything. This
is because in the process of unlocking and spending funds, you ex‐
pose the private key

?

We have been describing creating and spending a paper wallet as if it were a top secret Area 51 procedure. It is wise to be secure around money. One needs to use the Private Key for a cryptographic signature in order to sweep the paper wallet of bitcoin. Someone could be looking over your shoulder. If you imported the Private Key to an online wallet, a hacker might grab it. If you sweep the account on a bitcoin wallet client, there is the danger that a hacker is recording your keystrokes, moves faster and sweeps your account before you do.

The mere fact the Private Key exists means it can ultimately be compromised.

how do the private keys work with say a Trezor?

Good question and I don't know. That is out of my current realm of knowledge. I will look into it.

I think that there might be a security flaw with this method. If the computer which you disconnect from the internet is already compromised it may 'log' the data while it is offline and then send the data once it comes back online. I'm not super techy, but I imagine that someone who is would be able to compromise a computer to function in this way. If so, you could perform the same method but copy the htm file over to a device which has never been on the internet (a dumb computer) and I imagine be pretty safe.

If you are sure that I am wrong then fair play, but if not I'd reconsider your security and alter your post to advise others accordingly. I wouldn't want you or anybody else losing any money.

This is an interesting point. Clearing the cache, browser and cookies wouldn't take care of these potential logs? Hmmm. Okay, looks like I will revise my post with a note about using another device to be extra safe.

Good Info!

Thank you for this post! How do you later spend the bitcoins that you deposit on the paper wallet?