Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 975B182 for ; Sat, 30 Sep 2017 11:10:52 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-wm0-f44.google.com (mail-wm0-f44.google.com [74.125.82.44]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 22FEFD3 for ; Sat, 30 Sep 2017 11:10:51 +0000 (UTC) Received: by mail-wm0-f44.google.com with SMTP id r74so846568wme.1 for ; Sat, 30 Sep 2017 04:10:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=iT+dnuEOcM4av1aCUTUak9J1fPnokp1UsZvUd6F7UFs=; b=MewCW0iAGT4Ncyxhsar5Uh1/4NuOb7VeMfpIdhDgNJHwYNpihhIx3lZV+dBjQkInTt bvf6vDmv9E7us9/iCN5kDrC4rv0GNOWpeKD9N5QONbFZHqPEqdGEdSuOT0DKVXAGp1V1 +RUjLFDLO0HksG+XUFG23hO9jlN7PTN0j4hdBN0tmfRx35ejK8sNoBHEGccUodoJdruc dEUWifp+weU2xwsJo0IaUreN1yNW30tLi8fMb3/ahgvc27A6/iNWTGgMVfDx/a338Ouu f+jhWcTupVZtl/qn5GlHueNVl5BxtWfNdaVhC2lLdkIc+sdD/8jg8Y21Ebd8l3wM9rI4 16Dg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=iT+dnuEOcM4av1aCUTUak9J1fPnokp1UsZvUd6F7UFs=; b=Rc+MspFhmRDT351scef882/jS/OpZTS8YEnNUZ82WDeU7XpAPJqLYYcR5jouLDAFMY uHZC0qIFEs1DqvVnsZeWC8VnVsptOoixlg5am2nKiihPiNH8ZsQV2mQCT3/RKWXkMKCF YAQtgPX4c92SujXCRc7H7GwBcn8+CB2GJi9P+jKz3f3Ps5jKBjz6iVMmgeQKVXqX2RFe mE/0L6oPfAMMgZ90NIFjcfPPo8kgyzK9VOjX+zgEgHVQ7PLOlYJQZQ3hTb8NOu/CCBff Z3XJ6OpUuteF6uliw0ts0kXspVYbCSYzhXXzDRRBW8+rngs7r6rCentVwG/YR2cTUEjB uuAQ== X-Gm-Message-State: AHPjjUj4nUXgJdgr28zfESRJ9xH+a3Bdg+YdP1vf8fd2/q5d32CrfizE hTPj/ec4J9f0tZd11qCEDKU= X-Google-Smtp-Source: AOwi7QDwUd/Znih0EXIHy1u0fv3c4S3cl11EFgXOqr9ciJBcEUnPQZwh1e4Wsbmgirz20iMEdg6R0Q== X-Received: by 10.80.190.77 with SMTP id b13mr7293870edi.184.1506769849765; Sat, 30 Sep 2017 04:10:49 -0700 (PDT) Received: from ?IPv6:2a01:cb1d:5c:1600:9d6d:71b2:cb71:cb17? ([2a01:cb1d:5c:1600:9d6d:71b2:cb71:cb17]) by smtp.googlemail.com with ESMTPSA id k8sm5956545ede.91.2017.09.30.04.10.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 30 Sep 2017 04:10:48 -0700 (PDT) To: Jonas Schnelli , Bitcoin Protocol Discussion , Dan Libby References: <96328209-9249-44BC-957A-4EF8DE014E2D@jonasschnelli.ch> From: Aymeric Vitte Message-ID: Date: Sat, 30 Sep 2017 13:10:45 +0200 User-Agent: Mozilla/5.0 (Windows NT 6.3; rv:52.0) Gecko/20100101 Thunderbird/52.3.0 MIME-Version: 1.0 In-Reply-To: <96328209-9249-44BC-957A-4EF8DE014E2D@jonasschnelli.ch> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit Content-Language: fr X-Spam-Status: No, score=0.4 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,RCVD_IN_SORBS_SPAM autolearn=disabled version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] Paper Wallet support in bitcoin-core X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Sep 2017 11:10:52 -0000 I am not sure that this discussion is really off topic for this list, this is a real issue, would everybody even here say that they feel very comfortable with their keys? That if something happen to them there is no pb for the family or trusted parties to retrieve the keys? That this process is secured in case the trusted parties are finally untrusted? etc I don't think so, if experts are not comfortable then how can we expect non experts people to manage this? (except going to a wallet sw asking them all the info, even online, crazy but they just don't know) Comments below Le 30/09/2017 à 06:49, Jonas Schnelli via bitcoin-dev a écrit : > And I would also extend those concerns to BIP39 plaintext paper backups. Personnaly I don't see also the advantage of proposals such as BIP39 versus backing up a seed > IMO, private keys should be generated and used (signing) on a trusted, minimal and offline hardware/os. This is the intent of https://github.com/Ayms/bitcoin-wallets and https://github.com/Ayms/zcash-wallets But even myself can get confused, where did I put the backup seed? But remember you did not backup the seed but the first derivation step and you mixed it secretely, so nobody can reconstitute it except you, well... what did I do exactly? What version is my real wallet? What is the encryption key? How did I do last time to add the key in qt? etc > They should never leave the device over the channel used for the signing I/O. Users should have no way to view or export the private keys (expect for the seed backup). Backups should be encrypted (whoever finds the paper backup should need a second factor to decrypt) and the restore process should be footgun-safe (especially the lost-passphrase deadlock). Is there really nothing existing yet to address all of this? -- Zcash wallets made simple: https://github.com/Ayms/zcash-wallets Bitcoin wallets made simple: https://github.com/Ayms/bitcoin-wallets Get the torrent dynamic blocklist: http://peersm.com/getblocklist Check the 10 M passwords list: http://peersm.com/findmyass Anti-spies and private torrents, dynamic blocklist: http://torrent-live.org Peersm : http://www.peersm.com torrent-live: https://github.com/Ayms/torrent-live node-Tor : https://www.github.com/Ayms/node-Tor GitHub : https://www.github.com/Ayms