📅 Original date posted:2017-09-30
📝 Original message:> Hi,
>
> I'm writing to suggest and discuss the addition of paper wallet
> functionality in bitcoin-core software, starting with a single new RPC
> call: genExternalAddress [type].
>
AFAIK, client implementations such as your proposal are off-topic for this ML.
Better use bitcoin-core-dev (ML or IRC) or Github (bitcoin/bitcoin) for such proposals.
> On 09/29/2017 02:03 PM, Luke Dashjr wrote:
> Paper wallets are a safety hazard, insecure, and generally not advisable.
>
I have to agree with Luke.
And I would also extend those concerns to BIP39 plaintext paper backups.
IMO, private keys should be generated and used (signing) on a trusted, minimal and offline hardware/os. They should never leave the device over the channel used for the signing I/O. Users should have no way to view or export the private keys (expect for the seed backup). Backups should be encrypted (whoever finds the paper backup should need a second factor to decrypt) and the restore process should be footgun-safe (especially the lost-passphrase deadlock).
/jonas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20170929/4a7078c9/attachment.sig>;
Jonas Schnelli [ARCHIVE] /
npub1nf…3dtxs
2023-06-07 18:06:41
in reply to nevent1q…cdc9
Author Public Key
npub1nfrrurat393mqymf3s26pujyn5vujlem3pzcukr5p9d4qpklngxq43dtxsPublished at
2023-06-07 18:06:41Event JSON
{
"id": "9552ef19c1d7f84ece89aa2037455f3a4c3744cd758649cddfc8d3a2655d1076",
"pubkey": "9a463e0fab8963b013698c15a0f2449d19c97f3b88458e5874095b5006df9a0c",
"created_at": 1686161201,
"kind": 1,
"tags": [
[
"e",
"adbe104cdeb184e2b9ee2e7441c0306f637c427dfa72914e557b36050055e79e",
"",
"root"
],
[
"e",
"9d8a64dafde9c3f47f14b8979ef278dec08195299d561fdd8346534c535564d4",
"",
"reply"
],
[
"p",
"bee276d1ae3341411bf36280d4da29fe701581dff23dcd2a5d7ac65535f7d8f9"
]
],
"content": "📅 Original date posted:2017-09-30\n📝 Original message:\u003e Hi,\n\u003e \n\u003e I'm writing to suggest and discuss the addition of paper wallet\n\u003e functionality in bitcoin-core software, starting with a single new RPC\n\u003e call: genExternalAddress [type].\n\u003e \n\nAFAIK, client implementations such as your proposal are off-topic for this ML.\nBetter use bitcoin-core-dev (ML or IRC) or Github (bitcoin/bitcoin) for such proposals.\n\n\n\u003e On 09/29/2017 02:03 PM, Luke Dashjr wrote:\n\u003e Paper wallets are a safety hazard, insecure, and generally not advisable.\n\u003e \n\nI have to agree with Luke.\nAnd I would also extend those concerns to BIP39 plaintext paper backups.\n\nIMO, private keys should be generated and used (signing) on a trusted, minimal and offline hardware/os. They should never leave the device over the channel used for the signing I/O. Users should have no way to view or export the private keys (expect for the seed backup). Backups should be encrypted (whoever finds the paper backup should need a second factor to decrypt) and the restore process should be footgun-safe (especially the lost-passphrase deadlock).\n\n\n/jonas\n-------------- next part --------------\nA non-text attachment was scrubbed...\nName: signature.asc\nType: application/pgp-signature\nSize: 833 bytes\nDesc: Message signed with OpenPGP\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20170929/4a7078c9/attachment.sig\u003e",
"sig": "386907618a14b71e4bd2ff39d85b58d2849a08d078a81ffccc5ce0522267067791de5af667d95ef6f4d8480135cec09e97322189277a4fe006ba65c87728d924"
}