Author: Dan Libby 2017-09-29 19:34:57
Published on: 2017-09-29T19:34:57+00:00
Andrew Johnson raised concerns that exposing Paper Wallet generation through QT could encourage users to generate paper wallets from online machines, rendering them lukewarm instead of cold as the keys weren't generated in an air-gapped environment. He suggested that Bitcoin-core be installed on a dedicated offline machine for key generation purposes. While discussing the issue with a non-technical user, he realized that recommending BitAddress code required auditing, which might be impossible for a non-technical user. Therefore, he proposed a simple script that uses Bitcoin-core to generate addresses. However, it won't work with present-day RPCs tied to internal wallets. Johnson also recommended that any UI in QT should include a modal dialog informing users that the address is not secure unless created on an offline machine and printed on a non-networked printer. The prompt must be accepted and dismissed before the wallet provides the requested keys.
Updated on: 2023-06-12T21:24:32.264202+00:00