Difference between revisions of "BitcoinPaperWallet"

From Bitcoin Wiki
Jump to: navigation, search
(Designs)
(Add new evidence implying that offline usage is unsafe. Details available at)
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
[https://bitcoinpaperwallet.com BitcoinPaperWallet.com] is an open-source paper wallet generator based on the [[BitAddress]] generator. It runs on any modern web browser and relies on JavaScript for all cryptographic functionality.
+
{{compromised}}
 +
[https://bitcoinpaperwallet.com BitcoinPaperWallet.com] was an open-source paper wallet generator based on the [[BitAddress]] generator. Its source code is available on Github for the version as recent as April 2018, when the website was sold to a new owner<ref>[https://bitcointalk.org/index.php?topic=169836.msg46727114#msg46727114 The official BitcoinPaperWallet.com thread -- updates and news.] ''“At the end of April 2018, I sold the bitcoinpaperwallet.com website, service, and
 +
associated domain names to a new owner.  This also includes related projects such as
 +
litecoinpaperwallet.com and ethereumpaperwallet.com.”''</ref>. It runs on any modern web browser and relies on JavaScript for all cryptographic functionality.
 +
 
 +
== Change of ownership ==
 +
 
 +
At the end of April 2018, Canton Becker, the owner of BitcoinPaperWallet.com at the time, announced via a signed PGP message that he had sold the website to an unknown owner,<ref>[https://bitcointalk.org/index.php?topic=169836.msg46727114#msg46727114 The official BitcoinPaperWallet.com thread -- updates and news.]</ref> later revealed to be Sarkis Sarkissian.<ref>[https://news.bitcoin.com/crypto-users-claim-popular-bitcoin-paper-wallet-generator-is-compromised-millions-allegedly-stolen/ Crypto Users Claim Popular Bitcoin Paper Wallet Generator Is Compromised, Millions Allegedly Stolen - news.bitcoin.com]</ref> Since then, there have been multiple accusations of BitcoinPaperWallet.com generating used private keys<ref>[https://bitcointalk.org/index.php?topic=5247201.msg54398322#msg54398322 Why has my newly created Bitcoin address already been used? - Bitcointalk.org]</ref> and private keys created from it being stolen.<ref>[https://bitcoin.stackexchange.com/questions/85038/what-did-i-do-wrong-that-caused-me-to-lose-bitcoin What did I do wrong that caused me to lose bitcoin? - Bitcoin Stack Exchange]</ref><ref>[https://www.reddit.com/r/Bitcoin/comments/cs68ri/my_paper_wallet_generated_on/ My paper wallet generated on bitcoinpaperwallet.com was hacked! - Reddit]</ref> Sarkissian has denied these allegations.
 +
 
 +
== Backdoor ==
 +
 
 +
The new version of BitcoinPaperWallet.com includes a backdoor hidden inside the site's JavaScript code in a function called ''sha256_test''. This function attempts to disguise itself as a unit test, however, it has been discovered that this function actually contains 60 pre-generated public/private keypairs encoded in base64 which are returned to the user. <ref>https://bitcointalk.org/index.php?topic=5322560.msg56568297#msg56568297</ref>. Therefore, '''it is no longer safe to download the webpage source and run it offline, as the private keys have already been exposed to the internet.'''
 +
 
 +
<span style="color:red">The conclusion is that using keys generated from this website will cause any money sent to them to get stolen. The information in the sections below is therefore for historical reference only.</span>
  
 
== Secure usage ==
 
== Secure usage ==
  
* The easiest way to use this generator is [https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-wallet.html directly from the website] -- however this is also the least secure method.
+
* A safe way to use this generator is to download the [https://github.com/cantonbecker/bitcoinpaperwallet generator from GitHub] so that it can be run as a "local" webpage using a secure offline computer. No Internet connection is required to generate new paper wallets and Bitcoin addresses.
* A more secure process is to download the [https://github.com/cantonbecker/bitcoinpaperwallet generator from GitHub] so that it can be run as a "local" webpage using a secure offline computer. No Internet connection is required to generate new paper wallets and Bitcoin addresses.
+
* For the highest level of security, install the BitcoinPaperWallet generator onto an absolutely clean (virus-free, no unnecessary applications installed) "Live CD" or bootable USB thumbdrive.
* For the highest level of security, install the BitcoinPaperWallet generator onto an absolutely clean (virus-free, no unnecessary applications installed) "Live CD" or bootable USB thumbdrive. Ubuntu LiveCDs with the BitcoinPaperWallet generator pre-installed are available from [https://bitcoinpaperwallet.com https://bitcoinpaperwallet.com].
 
  
 
== Differences from BitAddress ==
 
== Differences from BitAddress ==
Line 20: Line 32:
 
== Similarities to BitAddress ==
 
== Similarities to BitAddress ==
  
BitcoinPaperWallet is a GitHub "fork" of BidAddress and uses verifiably identical cryptographic functions and methods. Similarly:
+
BitcoinPaperWallet is a GitHub "fork" of BitAddress and uses verifiably identical cryptographic functions and methods. Similarly:
  
 
* The generator works entirely from within a web browser.
 
* The generator works entirely from within a web browser.
* Addresses are never transmitted over the Internet, and no Internet connection is required for the generator to work.
+
* No Internet connection is required for the generator to work.
 
* The full source code can be examined via "view source" in web browser.
 
* The full source code can be examined via "view source" in web browser.
 
* Cryptographic work, random number generation, and random data seeding ("gathering entropy") is accomplished using JavaScript.
 
* Cryptographic work, random number generation, and random data seeding ("gathering entropy") is accomplished using JavaScript.
Line 35: Line 47:
  
 
[[Image:Bitcoinpaperwallet-chinese-new-year.jpeg‎‎]]
 
[[Image:Bitcoinpaperwallet-chinese-new-year.jpeg‎‎]]
 +
 +
==References==
 +
<references />

Latest revision as of 09:23, 15 March 2021

Warning: one or more users have reported that this website or utility has been compromised. Using private keys or seed phrases from compromised websites and utilities will cause you to lose your money. Exercise caution while using compromised websites and tools and do not download any data from them.

BitcoinPaperWallet.com was an open-source paper wallet generator based on the BitAddress generator. Its source code is available on Github for the version as recent as April 2018, when the website was sold to a new owner[1]. It runs on any modern web browser and relies on JavaScript for all cryptographic functionality.

Change of ownership

At the end of April 2018, Canton Becker, the owner of BitcoinPaperWallet.com at the time, announced via a signed PGP message that he had sold the website to an unknown owner,[2] later revealed to be Sarkis Sarkissian.[3] Since then, there have been multiple accusations of BitcoinPaperWallet.com generating used private keys[4] and private keys created from it being stolen.[5][6] Sarkissian has denied these allegations.

Backdoor

The new version of BitcoinPaperWallet.com includes a backdoor hidden inside the site's JavaScript code in a function called sha256_test. This function attempts to disguise itself as a unit test, however, it has been discovered that this function actually contains 60 pre-generated public/private keypairs encoded in base64 which are returned to the user. [7]. Therefore, it is no longer safe to download the webpage source and run it offline, as the private keys have already been exposed to the internet.

The conclusion is that using keys generated from this website will cause any money sent to them to get stolen. The information in the sections below is therefore for historical reference only.

Secure usage

  • A safe way to use this generator is to download the generator from GitHub so that it can be run as a "local" webpage using a secure offline computer. No Internet connection is required to generate new paper wallets and Bitcoin addresses.
  • For the highest level of security, install the BitcoinPaperWallet generator onto an absolutely clean (virus-free, no unnecessary applications installed) "Live CD" or bootable USB thumbdrive.

Differences from BitAddress

While BitAddress is capable of generating "brain wallets", pool-generated vanity wallets, and bulk wallets, BitcoinPaperWallet has been simplified such that its only function is to produce paper wallets. Additionally:

  • Paper wallets printed using BitcoinPaperWallet feature a tri-fold design that is sealed shut so as to hide the wallet's private key and QR code from view.
  • The reverse side of the design includes instructions for general use as well as a ledger for writing down deposits or other notes.
  • The overall design includes a number of features to discourage casual tampering efforts that might otherwise reveal the private key without notice.
  • The generator includes an option for printing a paper wallet by pasting in a self-generated private key or vanity address, bypassing the random address generator altogether.

BitcoinPaperWallet-sample.jpg

Similarities to BitAddress

BitcoinPaperWallet is a GitHub "fork" of BitAddress and uses verifiably identical cryptographic functions and methods. Similarly:

  • The generator works entirely from within a web browser.
  • No Internet connection is required for the generator to work.
  • The full source code can be examined via "view source" in web browser.
  • Cryptographic work, random number generation, and random data seeding ("gathering entropy") is accomplished using JavaScript.
  • The generator can be run offline by downloading a ZIP archive of the HTML from GitHub.

Designs

The BitcoinPaperWallet design is available in 12 different languages. Designs for special occasions are also available, for example these designs for the Christmas holiday or for giving money in red envelopes (e.g. for Chinese New Year.)

Bitcoinpaperwallet-xmas-sample.jpg

Bitcoinpaperwallet-chinese-new-year.jpeg

References