Published on: 2017-09-30T23:51:12+00:00
The Bitcoin-dev mailing list has been discussing concerns about the security of the Bitcoin Core wallet, specifically regarding key generation and storage. The proposal suggests creating a simple offline module to serve as a "wallet" and allow users to conduct transactions offline before sending them to the network. However, this process is complicated and unfinished, requiring users to be somewhat online. The use of paper wallets is deemed insecure due to address reuse and unclear spending procedures. Printer buffers also pose a problem. To improve security, it is suggested that certain RPCs be removed from bitcoin-core. Trust is highlighted as an important factor, with increasing demand for hardware wallets due to a lack of trust in current operating systems and CPUs. While there are no existing solutions to address all the issues, improving security is a priority.Currently, the Bitcoin Core wallet shares the same process and memory space with the full node, making it less than ideal. There is limited support for offline signing, except for the rawtx API. The proposed RPC call would generate a key/address that is not stored in the internal wallet, allowing users to store it offline or use it as they wish. However, concerns are raised about paper wallets being insecure and the need to trust additional software outside of Bitcoin Core. The removal of certain RPCs from Bitcoin Core is being considered. Private keys should be generated and used on trusted offline hardware/os, with encrypted backups and a footgun-safe restore process. While there are currently no existing solutions, efforts should be made to address these concerns.The author raises concerns about the security of private keys and the difficulty of managing them. They suggest generating and using keys on trusted offline hardware/os. Backups should be encrypted and the restore process should be footgun-safe. The author also questions the effectiveness of proposals like BIP39 and suggests exploring existing solutions. GitHub pages showcasing simple wallets for Bitcoin and Zcash, as well as a dynamic blocklist for torrents and anti-spies, are provided as references.An individual proposes extending the Glacier Protocol and using BIP45 Multisig HD Wallets instead of multisig addresses. They emphasize generating and using private keys on trusted offline hardware/os. Paper wallets are considered unsafe and insecure. Backups should be encrypted and the restore process should be footgun-safe. The individual suggests using bitcoin-core-dev or GitHub for submissions.Luke Dashjr and Jonas Schnelli agree that paper wallets are unsafe and insecure. Schnelli believes private keys should be generated and used offline on trusted hardware and OS, with encrypted backups and a secure restore process. There is uncertainty about the trade-off between security and usability. It is suggested that individual wallets should decide.In the discussion, it is agreed that client implementations should be directed to the bitcoin-core-dev mailing list or GitHub. Concerns are raised about BIP39 plaintext paper backups. Private keys should be generated and used offline on trusted hardware and OS. The proposed RPC call would generate a key/address not stored in the internal wallet. Trust is a crucial factor, and users should be able to view or export private keys. Backups should be encrypted and footgun-safe.The proposal suggests adding paper wallet functionality to bitcoin-core software through a new RPC call. However, concerns are raised about the security of paper wallets and the need to generate them in an air-gapped environment. The author recommends using bitcoin-core on a dedicated offline machine for key generation. They also suggest including a modal dialog in the QT UI to inform users about the lack of security when generating paper wallets online. The proposed API is simple to implement and provides enough functionality for developers and advanced users. Further steps could include generating an external HD wallet seed and GUI functionality in bitcoin-qt for easy paper wallet generation.Dan Libby proposes adding paper wallet functionality to bitcoin-core software. He suggests a new RPC call to generate Bitcoin addresses and private keys for receiving payments. This eliminates the need for third-party software and provides a more secure option. The proposed API is simple to implement and can be used by developers or advanced users. Further steps could include generating an external HD wallet seed and GUI functionality in bitcoin-qt for easy paper wallet generation.Andrew Johnson raises concerns about generating paper wallets from online machines, suggesting that bitcoin-core should be installed on a dedicated offline machine for key generation. He recommends informing users through a modal dialog in the QT UI about the lack of security when generating paper wallets online. The prompt must be accepted before providing the requested keys.The proposal suggests adding paper wallet functionality to bitcoin-core software through a new RPC call. This would eliminate the need for third-party tools and provide a more secure option. To address concerns about generating paper wallets from online machines, it is suggested that any UI in QT include a modal dialog informing users about the lack of security. The proposed API is simple to implement and provides enough functionality for developers and advanced users. Further steps could include an RPC call to generate an external HD wallet seed and GUI functionality in bitcoin-qt for easy paper wallet generation.
Updated on: 2023-08-01T21:59:12.195304+00:00