1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
|
Return-Path: <sjors@sprovoost.nl>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 320341BB
for <bitcoin-dev@lists.linuxfoundation.org>;
Sat, 30 Sep 2017 07:36:51 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com
[66.111.4.25])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 2A1CF1AE
for <bitcoin-dev@lists.linuxfoundation.org>;
Sat, 30 Sep 2017 07:36:50 +0000 (UTC)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41])
by mailout.nyi.internal (Postfix) with ESMTP id 4731B20AF1
for <bitcoin-dev@lists.linuxfoundation.org>;
Sat, 30 Sep 2017 03:36:49 -0400 (EDT)
Received: from frontend2 ([10.202.2.161])
by compute1.internal (MEProxy); Sat, 30 Sep 2017 03:36:49 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sprovoost.nl; h=
content-type:date:from:in-reply-to:message-id:mime-version
:references:subject:to:x-me-sender:x-me-sender:x-sasl-enc
:x-sasl-enc; s=fm1; bh=2PDYl+lWwVIphLl36Nk1dyUleiFrV2ANoWA+WLYme
4s=; b=TSQAAnxTkGA9bZBylv34+83tL+NYpdgNnKehE7kMlB2eqerR87q5C3Vc6
mrClpTaoldT07IopnBHFOiF8cU8W0ABOifFgjh1kpsmWUKajIh+m/sYHtIRKuZOG
zANkkiZjleqHkf1CuWIFeYjlkrWVAHoka7bamhmr3DmNu90Reqia/9hE2Vpkm3lr
0mHQNyIaV1ZtOf7RrK1vLsxuxgxDge/QTlx8LYahA90oueInm4y/J9/Hv+t73E5i
A9tyqR7J4S0ekpCIOvPoMayIBrU1/SGTpds8Yx/EJJVGYMOEFshjv+vj94MHrdJ8
YVGJckpyY6uQN+nzSxPZs/Er9Wnkg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=content-type:date:from:in-reply-to
:message-id:mime-version:references:subject:to:x-me-sender
:x-me-sender:x-sasl-enc:x-sasl-enc; s=fm1; bh=2PDYl+lWwVIphLl36N
k1dyUleiFrV2ANoWA+WLYme4s=; b=aI6wz+igAftODw/ihAarpLSLSdAruQtHWr
dIyYm3qn6lGZymvHNiWEqg6IMQvJARr6K3PC+LDR/5Z/GivgQhZpBuIlcqpVU5d6
THCsSUfL69lIFP3YDnDB3S1a2iVwGnGVgxY9ZsmAW526e7vgJxGUdLas4muKmMlc
YzCL0vDZKKPfU/lianc2d/b9yKwqLeef3sXEtLuuSfPsH0iqCr9T+a3kNT6GpZw5
2/R5JwPjOhdAEESukzR5BpzrAneW1IGu2tvPikhn3NtWQoi8SOc3ZHAG1TK22uKp
hHc6RdMLuKIMfMiPig4lsHCs/CF7RMQzTDjtjvWzI73HN0VqemPA==
X-ME-Sender: <xms:kUnPWTqTM9KHPFwAfKUi5pm1yAIjLwJE7qUw3qRR8bRPVXmN3gjHCg>
X-Sasl-enc: LwJrPL6RZJUVaIstPZfX6YZ5fsAGTAUqrC+vnpWFDO4Q 1506757008
Received: from [192.168.178.108] (54693d0f.cm-12-2a.dynamic.ziggo.nl
[84.105.61.15])
by mail.messagingengine.com (Postfix) with ESMTPA id 9A51924870
for <bitcoin-dev@lists.linuxfoundation.org>;
Sat, 30 Sep 2017 03:36:48 -0400 (EDT)
From: Sjors Provoost <sjors@sprovoost.nl>
Content-Type: multipart/signed;
boundary="Apple-Mail=_9B0A8807-6B00-4238-B816-D655B629BDB3";
protocol="application/pgp-signature"; micalg=pgp-sha512
Mime-Version: 1.0 (Mac OS X Mail 11.0 \(3445.1.6\))
Date: Sat, 30 Sep 2017 09:36:46 +0200
References: <e43c6e06-0bdc-360e-eb5c-a3726e4f0fc8@osc.co.cr>
<96328209-9249-44BC-957A-4EF8DE014E2D@jonasschnelli.ch>
To: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
In-Reply-To: <96328209-9249-44BC-957A-4EF8DE014E2D@jonasschnelli.ch>
Message-Id: <2B95B25F-F47C-4867-A1A6-144200F7B2D4@sprovoost.nl>
X-Mailer: Apple Mail (2.3445.1.6)
X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
DKIM_VALID_AU,RCVD_IN_DNSWL_LOW autolearn=disabled version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Sat, 30 Sep 2017 10:42:15 +0000
Subject: Re: [bitcoin-dev] Paper Wallet support in bitcoin-core
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Sep 2017 07:36:51 -0000
--Apple-Mail=_9B0A8807-6B00-4238-B816-D655B629BDB3
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
> Op 30 sep. 2017, om 06:49 heeft Jonas Schnelli via bitcoin-dev =
<bitcoin-dev@lists.linuxfoundation.org> het volgende geschreven:
>=20
>> On 09/29/2017 02:03 PM, Luke Dashjr wrote:
>> Paper wallets are a safety hazard, insecure, and generally not =
advisable.
>>=20
>=20
> I have to agree with Luke.
> And I would also extend those concerns to BIP39 plaintext paper =
backups.
>=20
> IMO, private keys should be generated and used (signing) on a trusted, =
minimal and offline hardware/os. They should never leave the device over =
the channel used for the signing I/O. Users should have no way to view =
or export the private keys (expect for the seed backup). Backups should =
be encrypted (whoever finds the paper backup should need a second factor =
to decrypt) and the restore process should be footgun-safe (especially =
the lost-passphrase deadlock).
I believe BIP39 does an excellent job at reducing the amount of bitcoin =
permanently lost. Stolen funds can at least in theory be retrieved at =
some future date. There's a trade-off between having a backup process =
that is secure and one that people actually use. I don't know the right =
answer, and tend to agree it's better left to individual wallets to =
decide.
Sjors
--Apple-Mail=_9B0A8807-6B00-4238-B816-D655B629BDB3
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=signature.asc
Content-Type: application/pgp-signature;
name=signature.asc
Content-Description: Message signed with OpenPGP
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE7ZvfetalXiMuhFJCV/+b28wwEAkFAlnPSY4ACgkQV/+b28ww
EAk6Vw//UhJ7jV9Hmop3SW8xJFTDTax8ohZQbmts3sjvset3gQ0kcttqkZMyGYqE
78OyIqUqVBQu23ZrUy4w7ep1FhDk8I1UcTZTokfjpeOXLN8Bc8z4LzYeio5mym81
kccJEqBaRPnw1v1O42GbE6w9J7qMGuLehndrxNNpbh9m0R2oj81ZMquyG6cP2VBH
fmQm8fK2AosjZkhOi6snGJPZkdellaWRR6XNgU3GQshFa9q6XDPN6vdZrHKQt5PA
64SqyxVpmVnKotNjpgMzSn4FZW/TC5eX0YdwvDGNufwC8LsEfsY6OKVwciCKJdSQ
95C0ylSoK6YMEPCsX1fM6zmIYLa1QR5iQF6b39M75NJVmUoooPsNjSAxH5/qSsIM
cmZxY7IZuBau7Rwbc2CSHp8UTs+TGRw+7/cQV7E2s95HyXgZvOEpo+T2SfvFRzb8
WcRtMuMmPIPaBj3AEgJ2UiQm/kCjh75YBasvW0VF01c6ByNhqPutWXRkYvn+KwLR
KEnOgFv6Y7q8M6Xzayy65jshBncvOvG96ycLfHt448lbVWnod6mzCB/nhDt9ziXX
xMi5oRX2yQT8A3QU4BPQtiqg/BSGbsjgqDwftC+tSjHGsgnJxLnhSOVcXydyVnxZ
DdfRrCD6E27IzGHHA2sxEb1gPOg9S9jMYHdXi9apifBRrnMre2I=
=mkk+
-----END PGP SIGNATURE-----
--Apple-Mail=_9B0A8807-6B00-4238-B816-D655B629BDB3--
|
