Saturday, 28 December 2013

Safe Wallet



What is it?

Buy a Safe Paper Wallet Kit

cropped-BITCOIN-NOTE-cmyk_20-colors.jpg
A “paper wallet” is a printed bitcoin wallet.
You can use it to store your bitcoin in “cold storage”.
Offline bitcoin storage is safer than wallets on your computer or phone. If you have more than a few bitcoin, you want to keep most of them offline. Just like you don’t carry your entire bank balance in cash, you shouldn’t store your entire bitcoin balance online.
It is best to spread your bitcoin among several wallets, just in case one is lost or damaged.
SafePaperWallet is paper wallet with several great features:
  • It is pre-printed with a beautiful design on sturdy, acid free paper that will stand the test of time.  
SPW - 02



  • You print the keys onto the sheet, while disconnected from the Internet, using the supplied software
SPW Wallet Printer page
OPW-3steps SPW - 14



  • Each paper wallet has a backup stub, with a complete copy of the keys. Keep one at home, one in a safe deposit box. Then instantly “send” your bitcoin to both, anytime.
OPW layout

SPW - 12



  • The sheet of wallets, featuring four wallets per US Letter page, has micro-perforations (72 per inch) to help you cleanly separate the paper wallets and stack them.

  • Each wallet kit comes with several security stickers, that you can use to cover the keys. This protects them from cameras, liquids and scratches.
SPW - 14
SPW - 10

Our paper wallets are designed to make the whole process easy, even if you need to store several of them. You print your own keys, overlaid on top of the sheet of wallets. We provide the software, paper, security stickets and detailed instructions
Give them as gifts, store them in a safe at home, a safe deposit box, keep the backup stubs together or at another location. Within minutes, you have a secure, beautiful and functional cold-storage solution for bitcoin:

SPW - 13
Safe Paper Wallet is built on the open source Open Paper Wallet, with support and collaboration from the bitcoin community.

Your bitcoin is worth a lot and may be worth a lot more in the future. It’s worth protecting with the best paper wallets.

Software


SafePaperWallet v3 Release Candidate


The new OpenPaperWallet v3, released by SafePaperWallet offers many features:
  • A step-by-step wizard
  • Multiple background design options. Print custom backgrounds.
  • Encrypted private keys (BIP0038) and in-browser decryption/sweeping
  • Deterministic Aliases
  • Litecoin wallets
  • PDF printing for accurate reproduction
  • Key export for address book synchronization
  • Paper Wallet recovery, decryption and fund sweeping
It’s an 11MB zip (because of the graphics), but still all running in one HTML page. Unzip and open the HTML file in your local browser. Do not use for real paper wallets – this is a beta
Encryption takes minutes. Literally minutes, give it time.

SafePaperWallet v2.0 Stable

This version is best for printing onto the SafePaperWallet pre-printed paper, as it offers alignment options to help center the QR codes.

Software License

All SafePaperWallet software and graphic designs are open source and available under applicable licenses as displayed in the included source code.

Software Validation

Before using the software you should make sure that it has not been modified by third party byvalidating the software signature after downloading. You should also review the code, if you have the necessary programming skills. All the code is available as a software repository.

Software Options

You can use the software in the following ways, in order of increased security:
BAD – Test Only - Run the wallet printer HTML page, while connected to the Internet (eg. now). Should only be used to demo or experiment with printers. The printed keys are not secure as they have traversed the Internet and been exposed to your “everyday” operating system. Trojans with key-loggers, print-loggers and screen-loggers can capture them at any time. QR codes are actively scanned by screen-loggers. Assume the keys are compromised and do not send bitcoin to them.
POOR - Disconnected: Download the wallet printer HTML page (right-click, Save Link As), disconnect from the Internet and run it while offline, by opening it in a browser.Boot from your original OS CD in Safe Mode or Recovery Mode. Print directly via USB cable to your printer, while offline, and power everything off when finished. See the detailed instructions.
GOOD  – Download and Boot USB - Download the  bootable offline printing OS as an ISO image and create a bootable USB stick. Disconnect from the Internet and boot into the clean OS from the USB stick. Print directly over USB cable to your printer, while offline, and power everything off when finished. See the detailed instructions.
BETTER  - Download and Boot CD: Download the bootable offline printing OS as an ISO image and burn a bootable CD. Boot your computer off the CD. Print while offline, from within the restricted OS.  Follow the detailed instructions.
BEST - Boot from physical CD:  A physical and verified CD is most secure, delivered to you as part of the kit when you buy a Safe Paper Wallet Master Kit with a CD option. Select “CD, in the Software Media option.
Read the detailed instructions which also come with your Safe Paper Wallet kit.

Security FAQ


Security Principles

The principles of security for Safe Paper Wallet are:
  • You print your own keys, we never see them.
  • You print the keys offline, then they stay offline.
  • You use the cleanest operating system you can to generate and print keys.
  • You keep the printed wallets physically secured, keys covered, locked up. 
  • You keep the stubs safe, keys covered, locked up elsewhere.
  • Add funds whenever, but withdraw only once, transferring all the bitcoin off. 

 Security FAQ

Q: Why should I trust your keys?
A: You should NOT trust any keys that you did not generate yourself. That is why we derive our software from the community vetted bitaddress.org. You can compare the code, it is all open source, and see what changes we have made. We have NOT changed any of the core security and key-generation code

Q: Should I print keys directly from the web-page?
A: No, that is very insecure. You should always go offline before printing keys. Copy the wallet-printer code onto a USB stick, or use the bootable ISO.

Q: Do you have a copy of the keys?
A: Absolutely not. If you follow the instructions correctly, the only location your keys will ever exist is on the paper itself. That’s why we recommend printing while offline

Q: How can I trust you haven’t planted a backdoor in the software?
A: You should verify the code by comparing it to the bitaddress.org code which it is based on. You should not trust us without verifying.

Q: How do I know who you are?
A: We offer detailed information on who we are, this is not a shadowy organization

Q: Can the key-generation code be subverted to create insecure keys
A: Yes it can, easily and without obvious signs. That’s why you should verify it independently by comparing it to a trusted source, such as bitaddress.org. You should never trust key-generation software that does not publish open source (we do).

Q: What operating systems are supported?
A: The wallet printing software is an HTML page, works on most browsers (Chrome, Firefox, IE, Safari) and all common operating systems (Windows, Mac, Linux).


About Us

Safe Paper Wallet is a RootEleven project.
My name is Andreas M. Antonopoulos and I am the founder of RootEleven.com, and the Safe Paper Wallet project.
Andreas_Casual_Headshot

Bio

I am a technology entrepreneur, with deep expertise in security, cryptography and cloud systems. I have been coding since age 10, have built several successful companies in technology and have more than 20 years of professional experience as an engineer, coder, consultant, sysadmin, manager, teacher and entrepreneur. I hold degrees in Computer Science, Data Communications and Distributed Systems from UCL, where I also taught undergraduate courses and conducted research 15 years ago.  I have published hundreds of articles, which you can easily find online. I am also a regular host on Let’s Talk Bitcoin!, a prolific public speaker and pundit who evangelizes bitcoin with passion.

Ethics

My reputation, ethics, integrity and my word are the foundation of all my business activities and reflected in those activities publicly. I have been active in many civic organizations and associations that promote free speech, peace, non-violence, equality, human/civil rights, continuously since my teenage years. I also speak and write publicly about issues of trust, identity, civil liberties, Internet liberties and security. In fact, I can’t shut up about those issues. :-)
As a certified information security professional, I have been trusted with more than access to trusted systems: I have architected, designed and deployed trusted systems, networks and data centers. I have worked for and in banks, stock exchanges and government data centers on systems handling billions of dollars, data on millions of people or both. I have also conducted or managed a team on dozens of professional, authorized penetration tests for banks and other organizations. To do that I have been trusted, vetted, reviewed, filed and background checked. For more than 15 years I have followed the simple code of ethics of a security pro: 
  • Mind your own business and keep people’s data private. 
  • Don’t access without permission – data, money, systems or anything else.
  • Leave a system more secured than when you started
  • Empower every human with the best security tools available and the knowledge to use them.
Increasingly, I could not work with public or private organizations that are directly or indirectly in the business of violence, war, usury, fraud, exploitation, surveillance or oppression of human beings or human expression. Yes, that limited my choices especially in security, a lot. Thank Satoshi I have something fun and ethical to work on again.

Bitcoin

I am dedicated to bitcoin projects full time. My company RootEleven funds, designs, codes, deploys and operates several bitcoin projects. The company is registered in California, where I live in San Francisco and consists of devops engineers, designers, business experts, security experts and operations specialists. We apply lean-startup, agile test-driven development and open source credo to bitcoin businesses. We are funded, active and hiring almost constantly.

Public Info

You can find more information about me on the following sites:

Corporate

RootEleven corporate contact:
Tel: +1 888-998-2918
email: info@rooteleven.com
RootEleven
340 S Lemon Ave #8221
Los Angeles,CA 91789

10 BTC Reward Offered for Fix of Bitcoin Wallet Bug on Macs

 (@danielcawrey) | Published on November 28, 2013 at 14:30 GMT | LitecoinNews,Technology
Share1
The core developers behind bitcoin and litecoin are offering a reward of 10 BTC, plus 200.2 LTC to anyone who can solve the bug currently plaguing wallets on Mac-based systems.
The issue is linked to the database on wallet software known as the LevelDB key store. This database is used to store information related to the block chain, a ledger for virtual currencies and a standard component of natively installed Bitcoin-Qt wallets.
Hosted wallets, which are generally web-based or mobile-based and work on multiple platforms, are more user-friendly and do not suffer from this issue.
Bitcoin and litecoin developer Warren Togami recently told ZDNet:
“Bounties of this type are rarely offered. In this case, it is happening due to the sense that the issue is critical enough to slow down adoption of bitcoin.”
With the valuation of bitcoin ever-rising, a bitcoin and litecoin bounty will raise the stakes, according to Ankur Nandwani, a developer who has built an open bitcoin microtransaction platform called BitMonet.
“It is interesting that with the rapid rise in [bitcoin and litecoin] price, the bounty is now worth $15k. I think the combination of this bug and the volatility in bitcoin price can have negative impact on bitcoin adoption,” he said.
In detail, LevelDB is a key/value system developed by Google. It is not a relational database; rather, it has been designed as a string-keys-to-string-values database. The problem at hand is the periodic corruption of this database on Mac OS X.
It seems corruption occurs after the Bitcoin-Qt client is shut down and restarted. Reports indicate that corruption occurs in the Mac OS X 10.8.x and 10.9 versions, commonly known as ‘Mountain Lion’ and ‘Mavericks’.
In the grand scheme of things, this is not a problem that could thwart the growing rise of these separate, but seemingly intertwined, virtual currencies. However, this could prove to be an issue for many individual users. Nandwani commented:
“While the database is being rebuilt, the user is blocked from even making a transaction. So, you could think of this being a denial-of-service attack.”
A cog in the the machine of these distributed monetary systems could pose a threat that should not be dismissed.
Namecoin, a competitor to bitcoin and litecoin, had a substantial security flaw that allowed people to perform a hostile takeover of its .bit domains.
There is a proposed solution to the problem, with test builds available. The problem appears to have to do with a particular process that runs, and if data is synced to disk before the operation, it addresses the issue.
The complete details of the Mac OS X bitcoin and litecoin wallet bounty are posted at the Bitcoin Talk forum.