Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 320341BB for ; Sat, 30 Sep 2017 07:36:51 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 2A1CF1AE for ; Sat, 30 Sep 2017 07:36:50 +0000 (UTC) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id 4731B20AF1 for ; Sat, 30 Sep 2017 03:36:49 -0400 (EDT) Received: from frontend2 ([10.202.2.161]) by compute1.internal (MEProxy); Sat, 30 Sep 2017 03:36:49 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sprovoost.nl; h= content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc :x-sasl-enc; s=fm1; bh=2PDYl+lWwVIphLl36Nk1dyUleiFrV2ANoWA+WLYme 4s=; b=TSQAAnxTkGA9bZBylv34+83tL+NYpdgNnKehE7kMlB2eqerR87q5C3Vc6 mrClpTaoldT07IopnBHFOiF8cU8W0ABOifFgjh1kpsmWUKajIh+m/sYHtIRKuZOG zANkkiZjleqHkf1CuWIFeYjlkrWVAHoka7bamhmr3DmNu90Reqia/9hE2Vpkm3lr 0mHQNyIaV1ZtOf7RrK1vLsxuxgxDge/QTlx8LYahA90oueInm4y/J9/Hv+t73E5i A9tyqR7J4S0ekpCIOvPoMayIBrU1/SGTpds8Yx/EJJVGYMOEFshjv+vj94MHrdJ8 YVGJckpyY6uQN+nzSxPZs/Er9Wnkg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc:x-sasl-enc; s=fm1; bh=2PDYl+lWwVIphLl36N k1dyUleiFrV2ANoWA+WLYme4s=; b=aI6wz+igAftODw/ihAarpLSLSdAruQtHWr dIyYm3qn6lGZymvHNiWEqg6IMQvJARr6K3PC+LDR/5Z/GivgQhZpBuIlcqpVU5d6 THCsSUfL69lIFP3YDnDB3S1a2iVwGnGVgxY9ZsmAW526e7vgJxGUdLas4muKmMlc YzCL0vDZKKPfU/lianc2d/b9yKwqLeef3sXEtLuuSfPsH0iqCr9T+a3kNT6GpZw5 2/R5JwPjOhdAEESukzR5BpzrAneW1IGu2tvPikhn3NtWQoi8SOc3ZHAG1TK22uKp hHc6RdMLuKIMfMiPig4lsHCs/CF7RMQzTDjtjvWzI73HN0VqemPA== X-ME-Sender: X-Sasl-enc: LwJrPL6RZJUVaIstPZfX6YZ5fsAGTAUqrC+vnpWFDO4Q 1506757008 Received: from [192.168.178.108] (54693d0f.cm-12-2a.dynamic.ziggo.nl [84.105.61.15]) by mail.messagingengine.com (Postfix) with ESMTPA id 9A51924870 for ; Sat, 30 Sep 2017 03:36:48 -0400 (EDT) From: Sjors Provoost Content-Type: multipart/signed; boundary="Apple-Mail=_9B0A8807-6B00-4238-B816-D655B629BDB3"; protocol="application/pgp-signature"; micalg=pgp-sha512 Mime-Version: 1.0 (Mac OS X Mail 11.0 \(3445.1.6\)) Date: Sat, 30 Sep 2017 09:36:46 +0200 References: <96328209-9249-44BC-957A-4EF8DE014E2D@jonasschnelli.ch> To: Bitcoin Protocol Discussion In-Reply-To: <96328209-9249-44BC-957A-4EF8DE014E2D@jonasschnelli.ch> Message-Id: <2B95B25F-F47C-4867-A1A6-144200F7B2D4@sprovoost.nl> X-Mailer: Apple Mail (2.3445.1.6) X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,RCVD_IN_DNSWL_LOW autolearn=disabled version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Sat, 30 Sep 2017 10:42:15 +0000 Subject: Re: [bitcoin-dev] Paper Wallet support in bitcoin-core X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Sep 2017 07:36:51 -0000 --Apple-Mail=_9B0A8807-6B00-4238-B816-D655B629BDB3 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii > Op 30 sep. 2017, om 06:49 heeft Jonas Schnelli via bitcoin-dev = het volgende geschreven: >=20 >> On 09/29/2017 02:03 PM, Luke Dashjr wrote: >> Paper wallets are a safety hazard, insecure, and generally not = advisable. >>=20 >=20 > I have to agree with Luke. > And I would also extend those concerns to BIP39 plaintext paper = backups. >=20 > IMO, private keys should be generated and used (signing) on a trusted, = minimal and offline hardware/os. They should never leave the device over = the channel used for the signing I/O. Users should have no way to view = or export the private keys (expect for the seed backup). Backups should = be encrypted (whoever finds the paper backup should need a second factor = to decrypt) and the restore process should be footgun-safe (especially = the lost-passphrase deadlock). I believe BIP39 does an excellent job at reducing the amount of bitcoin = permanently lost. Stolen funds can at least in theory be retrieved at = some future date. There's a trade-off between having a backup process = that is secure and one that people actually use. I don't know the right = answer, and tend to agree it's better left to individual wallets to = decide. Sjors --Apple-Mail=_9B0A8807-6B00-4238-B816-D655B629BDB3 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE7ZvfetalXiMuhFJCV/+b28wwEAkFAlnPSY4ACgkQV/+b28ww EAk6Vw//UhJ7jV9Hmop3SW8xJFTDTax8ohZQbmts3sjvset3gQ0kcttqkZMyGYqE 78OyIqUqVBQu23ZrUy4w7ep1FhDk8I1UcTZTokfjpeOXLN8Bc8z4LzYeio5mym81 kccJEqBaRPnw1v1O42GbE6w9J7qMGuLehndrxNNpbh9m0R2oj81ZMquyG6cP2VBH fmQm8fK2AosjZkhOi6snGJPZkdellaWRR6XNgU3GQshFa9q6XDPN6vdZrHKQt5PA 64SqyxVpmVnKotNjpgMzSn4FZW/TC5eX0YdwvDGNufwC8LsEfsY6OKVwciCKJdSQ 95C0ylSoK6YMEPCsX1fM6zmIYLa1QR5iQF6b39M75NJVmUoooPsNjSAxH5/qSsIM cmZxY7IZuBau7Rwbc2CSHp8UTs+TGRw+7/cQV7E2s95HyXgZvOEpo+T2SfvFRzb8 WcRtMuMmPIPaBj3AEgJ2UiQm/kCjh75YBasvW0VF01c6ByNhqPutWXRkYvn+KwLR KEnOgFv6Y7q8M6Xzayy65jshBncvOvG96ycLfHt448lbVWnod6mzCB/nhDt9ziXX xMi5oRX2yQT8A3QU4BPQtiqg/BSGbsjgqDwftC+tSjHGsgnJxLnhSOVcXydyVnxZ DdfRrCD6E27IzGHHA2sxEb1gPOg9S9jMYHdXi9apifBRrnMre2I= =mkk+ -----END PGP SIGNATURE----- --Apple-Mail=_9B0A8807-6B00-4238-B816-D655B629BDB3--