Portefeuille Papier

De Bitcoin Wiki
Aller à : navigation, rechercher
Casascius tenant les premiers portefeuilles papier

Dans un sens plus global, un "portefeuille papier" est un document contenant toutes les informations nécessaires pour générer n'importe quel nombre de clé privée Bitcoin, formant un portefeuille de clés. Mais, les gens utilisent souvent ce terme pour n'importe quelles façons de stocker ses bitcoins de manière hors-ligne sur un document physique. Cette seconde définitions inclus les codes récupérable ou des "clés papier". Une clé papier est une clé unique écrite sur un morceau de papier qui est utilisé plusieurs fois comme un portefeuille ( Ceci est d'ailleurs fortement déconseiller ). Un code récupérable est une simple clé dont le but est d'être remplis et utiliser qu'une fois : C'est souvent utiliser pour des cadeaux ou dans le but de créer des billes ou pièces Bitcoin physique.

Stocker ses bitcoins sur un portefeuille papier n'est pas sécuriser SI vous ne suivez pas toutes les mesures de sécurité à prendre pendant la création ( voir ci-dessous ).

Cas d'utilisation

Pourboire et cadeaux

En créant une pair de clés, une peut stocker les bitcoins sur un support physique qui peut être donner comme pourboire ou cadeau. Le destinataire charge la clé privée sur son portefeuille personnel.

Jetons physiques

Un fournisseur de confiance peut cacher la clé privée dans un token inviolable, et leur délivrer comme une forme de bitcoins. Cela exige ceux qui l'acceptent comme moyen de paiement de croire que lorsque le fournisseur a produit les jetons, ils les chargés avec la bonne quantité de bitcoins, et qu'ils ont pas été altéré depuis. Pour racheter la valeur de Bitcoin, le jeton doit être détruit pour accéder à la clé privée. Souvent, une adresse Bitcoin est intégré sur le visible à l'extérieur, mais il n'y a aucune garantie (sans détruire le jeton) que cela correspond à la clé privée à l'intérieur, ou, même si elle le fait, que la clé privée ne sont pas répliquées sur plusieurs jetons ou sauvé par le producteur.

Un fournisseur de confiance peut cacher la clé privée dans un jeton inviolable, et le délivrer comme une forme de bitcoins. Cela exige de ceux qui acceptent ces jetons comme moyen de paiement de faire confiance à la personne ou l'entité qui les as produits, si ils les ont bien chargés avec le montant correct de bitcoins, et qu'ils n'ont pas été déplacer depuis. Pour récupérer les bitcoins, le jeton doit être au préalable "détruit" pour pouvoir accéder à la clé privée. Souvent, une adresse Bitcoin ( Une clé public ) est affiché sur l'extérieur du jeton de manière visible pour prouver qu'il y a bien des bitcoins sur celui-ci. Mais il n'y a aucune garantie que cette adresse public Bitcoin qui est sur le jeton correspond à la clé privée qu'il y a dans celui-ci tant que l'on ne l'a pas "détruit" pour récupérer la clé privée, et que, même si c'est bien la bonne adresse public, il y a aucun moyen de vérifier si la clé privée n'a pas été copier sur plusieurs autres jetons ou sauvegarder par le créateur des jetons.

Portefeuille

Proper paper wallets are often a very secure way of storing bitcoins, since they are not typically exposed to malware. They can also be easily stored securely in safes and safe deposit boxes. However, it may be more difficult to securely "backup" paper wallets, and due to the current sub-optimal software support, it may be easier to make a mistake that causes loss of bitcoins.

Sometimes people try to use single keys as true bitcoin wallets. However address reuse is very bad for privacy and security. Because of this, one is forced to choose between hazardous options:

  • Use the key only once to receive, and only once to send the full amount. This requires the user to know the full amount he wants to store in advance, and often leads to the next situation:
  • Create multiple keys. By using more than one key, the user can receive more than once using a different address each time, including using new addresses for change. This is very complicated, and makes it easy to accidentally reuse addresses, produce the wrong change/fee combination, lose some keys, spend hours searching for the right key, etc. Not even skilled bitcoin experts are comfortable managing their own keys manually like this.

Therefore, it is highly recommended that you use proper paper wallets which allow you to generate an infinite number of addresses from a single seed.

Encoding/formatting

Paper keypair with private key secured beneath folds
Paper keypair

Proper, multi-key paper wallets usually take the form of a multi-word HD wallet seed mnemonic. The list of several words corresponds to some binary data that is used to generate all of the addresses. Words are used to make it easier to avoid and correct errors. Trying to memorize an entire seed mnemonic is very difficult and is generally not recommended.

A single key (for use in insecure single-key paper wallets or redeemable codes) can be represented in several formats, but typically the Wallet Import Format (WIF) is used, since keys represented that way are very short (51 characters) and thus easy to re-enter when importing or "sweeping" it for withdrawal.

Creation of a paper wallet

Generation of secure keys

The private seed is used to prove your right to spend the bitcoins transferred to the paper wallet, and as such should be kept hidden and secret. If the private seed on a paper wallet is exposed (for example in a photograph) then the wallet may be used by anyone who sees it. To guard against accidental revelation, the private key displayed on the paper wallet may be encrypted or split into several different parts (for example using Shamir's secret sharing scheme). At the very least, the private key should be well hidden e.g. by folding the wallet in half and sealing it shut.

Currently, at least Armory and Electrum support generating mnemonic codes for their wallets, which can be written down or printed to make a multi-key paper wallet.

Several tools exist for producing single keys, including Bitcoin Address Utility, vanitygen, and Cwallet. Again, using single keys for anything except one-time transfers of bitcoins is strongly discouraged.

Web-based key generators

Some websites feature free open-source client-side keypair/wallet generators written in JavaScript. Keypairs/wallets generated by JavaScript or using websites are inherently weak and insecure, and unless the code of the website is audited every time it is used, it may leak the generated keys back to the server—especially if un-audited Javascript is downloaded and run locally. Even with careful code auditing, browser plugins or other websites may compromise the environment.

Recommendations

  • Disconnecting from the Internet guarantees that that the paper wallet generator is truly self-contained and isn't transmitting your keys online.
  • Verifying the integrity of the code (and the trustworthiness of the author) is important to make sure a hacker hasn't modified the download so that it generates predictable seeds instead of truly random ones.
  • Remember, spyware and viruses often attempt to monitor your computer activities so that their authors can steal from you. They are interested in passwords to online accounts, and anything of value. Bitcoin wallets are something of value that have already been targeted by malware. If your computer is infected with spyware or viruses - even if there are no symptoms, or your antivirus isn't reporting anything - then anything you type, view, or save on your computer, could potentially be stolen by someone remotely controlling your computer. Your private seed can then be intercepted while you enter it, so only enter a Bitcoin private seed into your computer when you are certain it is secure (such as a fresh boot of a LiveCD).
  • The wallet should never be saved to a computer hard drive or sent via email or other network connections. You should also never scan/type your key into your computer, except at the moment you are using it.
  • If possible, the wallet should be kept hidden, for example by using BIP38 encryption (single keys only), and/or by folding the paper to hide the private key so that a photograph or photocopy of it will not reveal or replicate the private key.
  • A web-based generator should not be used.
  • A generator should use an appropriate source of random numbers (entropy). This means that the generated keys aren't predictable. If the addresses come from a predictable or partially-predictable patterns like pseudorandom numbers [1], someone else who can predict the pattern can steal the balance. Randomness should NEVER be human generated, as the human brain is incapable of secure entropy.
  • Remember that unlike wallets (paper or otherwise), a single paper key is only good to receive a single payment, and must be redeemed in its entirety.

Printer Security

Some advanced printers have internal storage (even hard drives) that preserve copies of printouts. This is a risk if someone gets access to your printer, or if you dispose of your printer. There is also the possibility that a smart enough printer can be hacked. (Consider StuxNet which was able to rewrite the firmware of non-computer devices indirectly connected to the Internet) If this concerns you, use a "dumb" printer, and never let your printer have access to the Internet or to an Internet-connected computer.

Redeeming Keys and Withdrawing Funds

This section applies only to single-key paper "wallets".

Paper keys, when used as wallets, are very different from wallets such as Bitcoin Core in that there is only one address in a paper key rather than a hundred or more online keys that are managed with full software assistance from Bitcoin Core.

There are various methods for copying the private key data to other wallets.

  • bitcoind supports an "importprivkey" RPC method for this purpose.
  • Bitcoin-Qt's debug console can also be used in a similar way (see also How to import private keys in Bitcoin Core 0.7+).
  • BlockChain.info and Armory can also import them directly into wallets.
  • Mycelium is a Android mobile wallet with an easy to use "cold storage" spending function. It is also available via Android and iTunes playstore. The iTunes version may not yet support cold storage spending.

Note that importing a private key that may be compromised can result in the entire wallet becoming insecure. For this reason, sweeping (or sending the entire amount to a fresh address) is generally recommended over plain importing.

References

  1. Pseudorandomness is not enough for strong cryptography

Voir également